SSL Pinning

[colinmcardell]

Nice work on SPTDataLoader. I'm curious what thoughts around SSL Pinning might be.

I'm likely to hack something together on a fork the moment, but I would like to contribute back something that is usable for others.

Any opinions?

[8W9aG]

We have tentatively discussed this before, and it's great its come up. I think a good way to approach this would be the following:

• Add an argument into the initialiser for SPTDataLoaderService that feeds in a collection of supported hosts and the file URL of the certificate with the public key, it would be cool if this somehow supported wildcards in the host name. I think the service should manage certificate verification as I can't imagine a use case where someone would want to only pin a certificate in the factory or view level (e.g. it seems like an app wide problem), and the service has direct access to the NSURLSession delegates.
• Use Apples security frameworks rather than OpenSSL directly.
• Conform to areAllCertificatesAllowed to disable the SSL pinning logic.

If you want to get started I think this was quite a nice implementation to begin with: http://stackoverflow.com/a/29234388

[colinmcardell]

@8W9aG I dig it.

I took a first pass at something here:
colinmcardell@4eb083b

I ended up creating an object to handle to validation process and added a setter on SPTDataLoaderService instead of modifying the initializer. I figured this would be easier that changing the initialization method signature. Also, easier on testing.

Currently the object SPTDataLoaderAuthChallengePolicy (name to be solidified, update: SPTDataLoaderServerTrustPolicy... still working on it. :) ) can be created with params for hosts + certs, then set on a service. When set, NSURLSessionDataDelegate calls for auth challenge within the service will attempt to validated the challenge against the provided host and certs.

Currently the object doesn't support wildcards for the host.

I did my reading when implementing as well as referenced a number of implementations elsewhere. The stack overflow link you referenced was a great starting point as well.

References:

• Apple - Technical Note TN2232 (https://developer.apple.com/library/ios/technotes/tn2232/_index.html)
• AFNetworking's - AFSecurityPolicy
• RNPinnedCertValidator - https://github.com/rnapier/RNPinnedCertValidator

[8W9aG]

👍 Looks like an incredibly good first pass, definitely on the right track

[colinmcardell]

Thanks and great!

I added simple support for wildcards in the hosts string through a predicate filter. Also, squashed down the work on that branch. I will make a PR and any discussion around changes can happen in the comments there.

[rastersize]

Closing this as #110 was merged. Big thanks @colinmcardell 😃