Jinal Tandel jinal90
jinal90
/ urlSessionDelegateAndPinning
Created
May 24, 2020 21:29
Certificate comparison to confirm secure SSL handshake using URLSession delegate
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) { | |
| if let trust = challenge.protectionSpace.serverTrust, | |
| SecTrustGetCertificateCount(trust) > 0 { | |
| if let certificate = SecTrustGetCertificateAtIndex(trust, 0) { | |
| let data = SecCertificateCopyData(certificate) as Data | |
| if certificates.contains(data) { | |
| completionHandler(.useCredential, URLCredential(trust: trust)) | |
| return | |
| } |
jinal90
/ urlSessionNetworkCall
Created
May 24, 2020 21:17
Code snippet to demonstrate simple network call using URLSession in swift.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var dataTask: URLSessionDataTask? | |
| if var urlComponents = URLComponents(string: "https://www.example.com") { | |
| urlComponents.query = "paramKey=value" | |
| guard let url = urlComponents.url else { | |
| return | |
| } | |
| var defaultSession = URLSession(configuration: .default, delegate: self, delegateQueue: nil) | |
| dataTask = defaultSession.dataTask(with: url) { [weak self] data, response, error in |
jinal90
/ urlSessionDelegate
Last active
May 24, 2020 20:53
Code snippet to demonstrate URLSessionDelegate
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class MyViewController: UIViewController, URLSessionDelegate { | |
| // | |
| // MARK: - Constants | |
| // | |
| let pinnedCertificates: [Data] = { | |
| let url = Bundle.main.url(forResource: "certificate_name", withExtension: "der")! | |
| let data = try! Data(contentsOf: url) | |
| return [data] | |
| }() |
jinal90
/ AlamofireAndServerTrustPolicies
Created
May 22, 2020 21:23
Code snippet to explain a SSL pinning Alamofire and Server trust policy.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // 1. Basic configuration for creating Alamofire manager | |
| let configuration = URLSessionConfiguration.default | |
| configuration.httpAdditionalHeaders = SessionManager.defaultHTTPHeaders | |
| configuration.timeoutIntervalForRequest = 60 | |
| var serverTrustPolicies: [String: ServerTrustPolicy] = [:] | |
| // 2. Pass your certificate filename, type and directory path to load the cefrtificate | |
| guard let certificatePath = Bundle.main.path(forResource: "CertificateFileName", ofType: "der", inDirectory: "assets/certificate") else{ |
jinal90
/ SSLPinningWithRetrofit
Created
May 20, 2020 21:22
Code snippet to explain implementation of SSL pinning in Retrofit.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Retrofit retrofit = new Retrofit.Builder() | |
| .baseUrl("https://www.example.com") | |
| .client(okHttpClientWithCertificatePinner) | |
| .build(); | |
| YourServiceClass service = retrofit.create(YourServiceClass.class); | |
jinal90
/ OkhttpAndCertificatePinner
Last active
May 25, 2020 08:15
Code Snippet to implement SSL pinning using SHA256 key and CertificatePinner in OKHTTP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Create CertificatePinner object which contatins list of domains and associated SHA-256 keys. | |
| // Pin this CertificatePinner object while creating the OKHTTP client. | |
| private val client = OkHttpClient.Builder() | |
| .certificatePinner( | |
| CertificatePinner.Builder() | |
| .add("www.example.com", "sha256/7HIpactkIAq2Y49orFOOQKurWxmmSFZhBCoQYcRhJ3Y=") | |
| .build()) | |
| .build() | |
| // Implement rest service call |
jinal90
/ TrustStoreAndSslSocketFactory
Last active
May 25, 2020 07:57
Code snippet to demonstrate implementation of network calls and SSL pinning using TrustStore and SSL socket factory in Android
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // get the TrustStore that you just placed in resources | |
| val resourceStream = resources.openRawResource(R.raw.your_trust_store) | |
| // create an empty default KeyStore | |
| val keyStoreType = KeyStore.getDefaultType() | |
| val keyStore = KeyStore.getInstance(keyStoreType) | |
| // load the KeyStore from input stream of TrustStore | |
| keyStore.load(resourceStream, getTrustStorePassword()?.toCharArray()) |