Tuesday, April 21, 2026
HomeiOS Developmentios - Why is Alamofire public key pinning not working?
iOS Development

ios – Why is Alamofire public key pinning not working?

Yalini
By Yalini
0
280
ios – Why is Alamofire public key pinning not working?

[ad_1]

I’m making an attempt to carry out public key pinning utilizing Alamofire and Moya.

I’m constructing my very own customized Alamofire Session and passing it to my Moya supplier.
I’ve learn the documentation of Alamofire on learn how to carry out public key pinning which is summarized by these few traces of code:

let configuration = URLSessionConfiguration.default
let trustManager = ServerTrustManager(evaluators: ["domain.example.com": PublicKeysTrustEvaluator()])
return MySession(configuration: configuration, serverTrustManager: trustManager)

My understanding is that PublicKeysTrustEvaluator() will filter by way of all certificates present in Bundle.foremost and extract the general public keys and carry out public key pinning towards the host. If at the least one succeeds, then the server belief is taken into account legitimate.

Right here is a few code from the Alamofire mission:

extension AlamofireExtension the place ExtendedType: Bundle {
    /// Returns all legitimate `cer`, `crt`, and `der` certificates within the bundle.
    public var certificates: [SecCertificate] {
        paths(forResourcesOfTypes: [".cer", ".CER", ".crt", ".CRT", ".der", ".DER"]).compactMap { path in
            guard
                let certificateData = strive? Knowledge(contentsOf: URL(fileURLWithPath: path)) as CFData,
                let certificates = SecCertificateCreateWithData(nil, certificateData) else { return nil }

            return certificates
        }
    }

    /// Returns all public keys for the legitimate certificates within the bundle.
    public var publicKeys: [SecKey] {
        certificates.af.publicKeys
    }

Why is Alamofire permitting the usage of .cer/.crt recordsdata if the operate SecCertificateCreateWithData solely expects DER codecs?

The operate paths is returning my .cer file however Bundle.foremost.af.publicKeys is empty as a result of this name SecCertificateCreateWithData at all times fails.

Ought to I convert my certificates to DER format?

In that case, how ought to I do that?

The output of this name shouldn’t be being discovered by the operate paths(forResourcesOfTypes talked about above.

openssl x509 -outform der -in certificatename.pem -out certificatename.der

[ad_2]

Previous article
Deep Studying Strategies Helped Me Obtain My Outcomes Sooner With Nice Accuracy – Shaik Mohammad Imran, PGP, AIML
Next article
Argo AI lays off 150, closes Washington D.C. operation
Yalini
Yalinihttps://kopivy.com
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Load more

Recent Comments

ABOUT US

kopivy is your news, Technology , Software Development, Artificial Intelligence, SEO website. We provide you with the latest breaking news and videos straight from the Tech industry.

POPULAR POSTS

POPULAR CATEGORY

Copyright © 2021 kopivy.com All rights reserved