Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.
MIT License
Bot releases are hidden (Show)
NSUserDefaults
API. https://github.com/datatheorem/TrustKit/pull/326
Full Changelog: https://github.com/datatheorem/TrustKit/compare/3.0.3...3.0.4
Published by aj-dt about 1 year ago
Published by aj-dt over 1 year ago
Published by aj-dt over 1 year ago
Published by nabla-c0d3 over 1 year ago
SecTrustCopyPublicKey()
, SecTrustGetCertificateAtIndex()
and SecTrustEvaluate()
Published by nabla-c0d3 about 2 years ago
Published by nabla-c0d3 over 3 years ago
Published by nabla-c0d3 about 4 years ago
Published by nabla-c0d3 over 4 years ago
Published by nabla-c0d3 almost 5 years ago
Published by nabla-c0d3 almost 5 years ago
Published by nabla-c0d3 about 5 years ago
kTSKIncludeSubdomains
(#200).Published by nabla-c0d3 over 5 years ago
kTSKExcludeSubdomainFromParentPolicy
setting (#187).Published by nabla-c0d3 about 6 years ago
TSKPublicKeyAlgorithms
configuration key is now deprecated; the algorithm of the public key to pin no longer needs to be provided in the TrustKit configuration.TSKAdditionalTrustAnchors
configuration key is now deprecated because its intended functionality no longer works on iOS (#154).Published by nabla-c0d3 over 6 years ago
TSKIncludeSubdomains
applying the pinning policy to the wrong domains when parsing the TrustKit configuration (#156).Published by nabla-c0d3 almost 7 years ago
TSKSPKIHashCache
's API by requiring the identifier to not be nil
(#147).Published by nabla-c0d3 about 7 years ago
kTSKIncludeSubdomains
with domains that have a TLD with the same length.kTSKSwizzleNetworkDelegates
for connection delegates swizzling.Published by nabla-c0d3 over 7 years ago
-initWithConfig:
method for more information.pinningValidatorCallback
property of the TrustKit
class for more information.kTSKSwizzleNetworkDelegates
setting has been changed to NO
.For initializing TrustKit, switch from:
[TrustKit initializeWithConfiguration:trustKitConfig];
to:
[TrustKit initSharedInstanceWithConfiguration:trustKitConfig];
For any code using the TSKPinningValidator
class, switch from:
[TSKPinningValidator handleChallenge:challenge completionHandler:completionHandler];
to:
[TrustKit.sharedInstance.pinningValidator handleChallenge:challenge completionHandler:completionHandler];
Published by nabla-c0d3 over 7 years ago
TSKExcludeSubdomainFromParentPolicy
domain configuration key. If set to YES
, TrustKit will not pin this specific domain if TSKIncludeSubdomains
was set for this domain’s parent domain. This allows excluding specific subdomains from a pinning policy that was applied to a parent domain.CFBundleVersion
) to the release version number (CFBundleShortVersionString
) for the app-version
field within reports.OSSpinLock
to os_unfair_lock
when running on an iOS 10+ / macOS 10.12+ device.Published by nabla-c0d3 over 7 years ago
kTSKAlgorithmEcDsaSecp384r1
).kTSKExpirationDate
). This will help prevent connectivity issues in Apps which do not get updates to their pins, such as when the user disables App updates.kTSKEnforcePinning
is set to NO
).date-time
field of pinning failure reports sent by devices with non-standard time settings.