├── .gitignore ├── .gitmodules ├── .jazzy.yaml ├── ATTRIBUTIONS ├── AUTHORS ├── LICENSE ├── Package.swift ├── README.md ├── TrustKit.podspec ├── TrustKit.xcodeproj ├── project.pbxproj ├── project.xcworkspace │ ├── contents.xcworkspacedata │ └── xcshareddata │ │ ├── IDEWorkspaceChecks.plist │ │ └── TrustKit.xcscmblueprint └── xcshareddata │ └── xcschemes │ ├── TrustKit OS X.xcscheme │ ├── TrustKit tvOS.xcscheme │ ├── TrustKit watchOS.xcscheme │ ├── TrustKit.xcscheme │ └── TrustKit_Static.xcscheme ├── TrustKit ├── Dependencies │ ├── README.md │ ├── RSSwizzle │ │ ├── RSSwizzle.h │ │ └── RSSwizzle.m │ └── domain_registry │ │ ├── domain_registry.h │ │ ├── private │ │ ├── init_registry_tables.c │ │ ├── registry_search.c │ │ ├── registry_types.h │ │ ├── string_util.h │ │ ├── trie_node.h │ │ ├── trie_search.c │ │ ├── trie_search.h │ │ ├── tsk_assert.c │ │ └── tsk_assert.h │ │ └── registry_tables_genfiles │ │ └── registry_tables.h ├── Framework │ └── Info.plist ├── Pinning │ ├── TSKPublicKeyAlgorithm.h │ ├── TSKSPKIHashCache.h │ ├── TSKSPKIHashCache.m │ ├── pinning_utils.h │ ├── pinning_utils.m │ ├── ssl_pin_verifier.h │ └── ssl_pin_verifier.m ├── PrivacyInfo.xcprivacy ├── Reporting │ ├── TSKBackgroundReporter.h │ ├── TSKBackgroundReporter.m │ ├── TSKPinFailureReport.h │ ├── TSKPinFailureReport.m │ ├── TSKReportsRateLimiter.h │ ├── TSKReportsRateLimiter.m │ ├── reporting_utils.h │ ├── reporting_utils.m │ ├── vendor_identifier.h │ └── vendor_identifier.m ├── Swizzling │ ├── TSKNSURLConnectionDelegateProxy.h │ ├── TSKNSURLConnectionDelegateProxy.m │ ├── TSKNSURLSessionDelegateProxy.h │ └── TSKNSURLSessionDelegateProxy.m ├── TSKLog.h ├── TSKPinningValidator.m ├── TSKPinningValidatorResult.m ├── TSKPinningValidator_Private.h ├── TSKTrustKitConfig.m ├── TrustKit-Bridging-Header.h ├── TrustKit.m ├── configuration_utils.h ├── configuration_utils.m ├── parse_configuration.h ├── parse_configuration.m └── public │ ├── TSKPinningValidator.h │ ├── TSKPinningValidatorCallback.h │ ├── TSKPinningValidatorResult.h │ ├── TSKTrustDecision.h │ ├── TSKTrustKitConfig.h │ └── TrustKit.h ├── TrustKitDemo ├── Podfile ├── Podfile.lock ├── Pods │ ├── Headers │ │ ├── Private │ │ │ └── TrustKit │ │ │ │ ├── RSSwizzle.h │ │ │ │ ├── TSKBackgroundReporter.h │ │ │ │ ├── TSKLog.h │ │ │ │ ├── TSKNSURLConnectionDelegateProxy.h │ │ │ │ ├── TSKNSURLSessionDelegateProxy.h │ │ │ │ ├── TSKPinFailureReport.h │ │ │ │ ├── TSKPinningValidator.h │ │ │ │ ├── TSKPinningValidatorCallback.h │ │ │ │ ├── TSKPinningValidatorResult.h │ │ │ │ ├── TSKPinningValidator_Private.h │ │ │ │ ├── TSKPublicKeyAlgorithm.h │ │ │ │ ├── TSKReportsRateLimiter.h │ │ │ │ ├── TSKSPKIHashCache.h │ │ │ │ ├── TSKTrustDecision.h │ │ │ │ ├── TSKTrustKitConfig.h │ │ │ │ ├── TrustKit-Bridging-Header.h │ │ │ │ ├── TrustKit.h │ │ │ │ ├── configuration_utils.h │ │ │ │ ├── domain_registry.h │ │ │ │ ├── parse_configuration.h │ │ │ │ ├── pinning_utils.h │ │ │ │ ├── registry_tables.h │ │ │ │ ├── registry_types.h │ │ │ │ ├── reporting_utils.h │ │ │ │ ├── ssl_pin_verifier.h │ │ │ │ ├── string_util.h │ │ │ │ ├── trie_node.h │ │ │ │ ├── trie_search.h │ │ │ │ ├── tsk_assert.h │ │ │ │ └── vendor_identifier.h │ │ └── Public │ │ │ └── TrustKit │ │ │ ├── TSKPinningValidator.h │ │ │ ├── TSKPinningValidatorCallback.h │ │ │ ├── TSKPinningValidatorResult.h │ │ │ ├── TSKTrustDecision.h │ │ │ ├── TSKTrustKitConfig.h │ │ │ ├── TrustKit-library-umbrella.h │ │ │ ├── TrustKit-library.modulemap │ │ │ └── TrustKit.h │ ├── Local Podspecs │ │ └── TrustKit.podspec.json │ ├── Manifest.lock │ ├── Pods.xcodeproj │ │ └── project.pbxproj │ └── Target Support Files │ │ ├── Pods-TrustKitDemo-ObjC │ │ ├── Pods-TrustKitDemo-ObjC-acknowledgements.markdown │ │ ├── Pods-TrustKitDemo-ObjC-acknowledgements.plist │ │ ├── Pods-TrustKitDemo-ObjC-dummy.m │ │ ├── Pods-TrustKitDemo-ObjC.debug.xcconfig │ │ └── Pods-TrustKitDemo-ObjC.release.xcconfig │ │ ├── Pods-TrustKitDemo-Swift │ │ ├── Pods-TrustKitDemo-Swift-Info.plist │ │ ├── Pods-TrustKitDemo-Swift-acknowledgements.markdown │ │ ├── Pods-TrustKitDemo-Swift-acknowledgements.plist │ │ ├── Pods-TrustKitDemo-Swift-dummy.m │ │ ├── Pods-TrustKitDemo-Swift-frameworks.sh │ │ ├── Pods-TrustKitDemo-Swift-umbrella.h │ │ ├── Pods-TrustKitDemo-Swift.debug.xcconfig │ │ ├── Pods-TrustKitDemo-Swift.modulemap │ │ └── Pods-TrustKitDemo-Swift.release.xcconfig │ │ ├── TrustKit-framework │ │ ├── TrustKit-framework-Info.plist │ │ ├── TrustKit-framework-dummy.m │ │ ├── TrustKit-framework-prefix.pch │ │ ├── TrustKit-framework-umbrella.h │ │ ├── TrustKit-framework.debug.xcconfig │ │ ├── TrustKit-framework.modulemap │ │ ├── TrustKit-framework.release.xcconfig │ │ └── TrustKit-framework.xcconfig │ │ └── TrustKit-library │ │ ├── TrustKit-library-dummy.m │ │ ├── TrustKit-library-prefix.pch │ │ ├── TrustKit-library-umbrella.h │ │ ├── TrustKit-library.debug.xcconfig │ │ ├── TrustKit-library.modulemap │ │ ├── TrustKit-library.release.xcconfig │ │ └── TrustKit-library.xcconfig ├── TrustKitDemo-ObjC │ ├── AppDelegate.h │ ├── AppDelegate.m │ ├── Assets.xcassets │ │ └── AppIcon.appiconset │ │ │ └── Contents.json │ ├── Base.lproj │ │ ├── LaunchScreen.storyboard │ │ └── Main.storyboard │ ├── Info.plist │ ├── ViewController.h │ ├── ViewController.m │ └── main.m ├── TrustKitDemo-Swift │ ├── AppDelegate.swift │ ├── Assets.xcassets │ │ └── AppIcon.appiconset │ │ │ └── Contents.json │ ├── DTViewController.swift │ ├── Info.plist │ ├── LaunchScreen.storyboard │ └── Main.storyboard ├── TrustKitDemo.xcodeproj │ ├── project.pbxproj │ ├── project.xcworkspace │ │ └── contents.xcworkspacedata │ └── xcshareddata │ │ └── xcschemes │ │ ├── TrustKitDemo-ObjC.xcscheme │ │ └── TrustKitDemo-Swift.xcscheme └── TrustKitDemo.xcworkspace │ ├── contents.xcworkspacedata │ └── xcshareddata │ └── IDEWorkspaceChecks.plist ├── TrustKitTests ├── Certificates │ ├── ECDSA_sec256r1 │ │ └── www.cloudflare.com.der │ ├── ECDSA_sec384r1 │ │ └── GeoTrust_Primary_CA_G2_ECC.der │ ├── RSA_2048 │ │ ├── GlobalSignDomainValidationCA-SHA256-G2.der │ │ ├── GlobalSignRootCA.der │ │ └── www.globalsign.com.der │ ├── RSA_4096 │ │ ├── GoodRootCA.der │ │ ├── www.good.com.der │ │ └── www.good.com.selfsigned.der │ └── TrustAnchor │ │ ├── anchor-ca.cert.pem │ │ ├── anchor-fake.yahoo.com.cert.pem │ │ └── anchor-intermediate.cert.pem ├── Corporation Service Company RSA OV SSL CA.der ├── Dependencies │ └── OCMock │ │ ├── Mac │ │ └── OCMock.framework │ │ │ ├── Headers │ │ │ ├── Modules │ │ │ ├── OCMock │ │ │ ├── Resources │ │ │ └── Versions │ │ │ ├── A │ │ │ ├── Headers │ │ │ │ ├── NSNotificationCenter+OCMAdditions.h │ │ │ │ ├── OCMArg.h │ │ │ │ ├── OCMConstraint.h │ │ │ │ ├── OCMFunctions.h │ │ │ │ ├── OCMLocation.h │ │ │ │ ├── OCMMacroState.h │ │ │ │ ├── OCMQuantifier.h │ │ │ │ ├── OCMRecorder.h │ │ │ │ ├── OCMStubRecorder.h │ │ │ │ ├── OCMVerifier.h │ │ │ │ ├── OCMock.h │ │ │ │ ├── OCMockMacros.h │ │ │ │ └── OCMockObject.h │ │ │ ├── Modules │ │ │ │ └── module.modulemap │ │ │ ├── OCMock │ │ │ ├── Resources │ │ │ │ └── Info.plist │ │ │ └── _CodeSignature │ │ │ │ └── CodeResources │ │ │ └── Current │ │ ├── iOS │ │ └── OCMock.framework │ │ │ ├── Headers │ │ │ ├── NSNotificationCenter+OCMAdditions.h │ │ │ ├── OCMArg.h │ │ │ ├── OCMConstraint.h │ │ │ ├── OCMFunctions.h │ │ │ ├── OCMLocation.h │ │ │ ├── OCMMacroState.h │ │ │ ├── OCMQuantifier.h │ │ │ ├── OCMRecorder.h │ │ │ ├── OCMStubRecorder.h │ │ │ ├── OCMVerifier.h │ │ │ ├── OCMock.h │ │ │ ├── OCMockMacros.h │ │ │ └── OCMockObject.h │ │ │ ├── Info.plist │ │ │ ├── Modules │ │ │ └── module.modulemap │ │ │ ├── OCMock │ │ │ └── _CodeSignature │ │ │ └── CodeResources │ │ └── tvOS │ │ └── OCMock.framework │ │ ├── Headers │ │ ├── NSNotificationCenter+OCMAdditions.h │ │ ├── OCMArg.h │ │ ├── OCMConstraint.h │ │ ├── OCMFunctions.h │ │ ├── OCMLocation.h │ │ ├── OCMMacroState.h │ │ ├── OCMQuantifier.h │ │ ├── OCMRecorder.h │ │ ├── OCMStubRecorder.h │ │ ├── OCMVerifier.h │ │ ├── OCMock.h │ │ ├── OCMockMacros.h │ │ └── OCMockObject.h │ │ ├── Info.plist │ │ ├── Modules │ │ └── module.modulemap │ │ ├── OCMock │ │ └── _CodeSignature │ │ └── CodeResources ├── Info.plist ├── TSKCertificateUtils.h ├── TSKCertificateUtils.m ├── TSKEndToEndNSURLSessionTests.m ├── TSKEndToEndSwizzlingTests.m ├── TSKLoggerTests.m ├── TSKNSURLConnectionTests.m ├── TSKNSURLSessionTests.m ├── TSKPinConfigurationTests.m ├── TSKPinningValidatorTests.m ├── TSKPublicKeyAlgorithmTests.m ├── TSKReporterTests.m ├── TSKReportsRateLimiterTests.m └── TSKSwizzlingTests.m ├── docs ├── TrustKit-BH2015.pdf ├── documentation-readme.md ├── documentation │ ├── Classes │ │ ├── TSKPinningValidator.html │ │ ├── TSKPinningValidatorResult.html │ │ └── TrustKit.html │ ├── Domain Configuration Keys.html │ ├── Enums │ │ ├── TSKTrustDecision.html │ │ └── TSKTrustEvaluationResult.html │ ├── Global Configuration Keys.html │ ├── Implementing Pinning Validation.html │ ├── Initalizing TrustKit.html │ ├── Other Constants.html │ ├── Other Type Definitions.html │ ├── Setting up a Validation Callback.html │ ├── css │ │ ├── highlight.css │ │ └── jazzy.css │ ├── docsets │ │ └── TrustKit.docset │ │ │ └── Contents │ │ │ ├── Info.plist │ │ │ └── Resources │ │ │ ├── Documents │ │ │ ├── Classes │ │ │ │ ├── TSKPinningValidator.html │ │ │ │ ├── TSKPinningValidatorResult.html │ │ │ │ └── TrustKit.html │ │ │ ├── Domain Configuration Keys.html │ │ │ ├── Enums │ │ │ │ ├── TSKTrustDecision.html │ │ │ │ └── TSKTrustEvaluationResult.html │ │ │ ├── Global Configuration Keys.html │ │ │ ├── Implementing Pinning Validation.html │ │ │ ├── Initalizing TrustKit.html │ │ │ ├── Other Constants.html │ │ │ ├── Other Type Definitions.html │ │ │ ├── Setting up a Validation Callback.html │ │ │ ├── css │ │ │ │ ├── highlight.css │ │ │ │ └── jazzy.css │ │ │ ├── img │ │ │ │ ├── carat.png │ │ │ │ ├── dash.png │ │ │ │ ├── gh.png │ │ │ │ └── spinner.gif │ │ │ ├── index.html │ │ │ ├── js │ │ │ │ ├── jazzy.js │ │ │ │ ├── jazzy.search.js │ │ │ │ ├── jquery.min.js │ │ │ │ ├── lunr.min.js │ │ │ │ └── typeahead.jquery.js │ │ │ └── search.json │ │ │ └── docSet.dsidx │ ├── img │ │ ├── carat.png │ │ ├── dash.png │ │ ├── gh.png │ │ └── spinner.gif │ ├── index.html │ ├── js │ │ ├── jazzy.js │ │ ├── jazzy.search.js │ │ ├── jquery.min.js │ │ ├── lunr.min.js │ │ └── typeahead.jquery.js │ ├── search.json │ └── undocumented.json ├── getting-started.md ├── images │ └── linking3_dynamic.png ├── index.html └── sample_report.json ├── generate_test_certificates.py └── get_pin_from_certificate.py /.gitignore: -------------------------------------------------------------------------------- 1 | # Xcode 2 | # 3 | build/ 4 | *.pbxuser 5 | !default.pbxuser 6 | *.mode1v3 7 | !default.mode1v3 8 | *.mode2v3 9 | !default.mode2v3 10 | *.perspectivev3 11 | !default.perspectivev3 12 | xcuserdata 13 | *.xccheckout 14 | *.moved-aside 15 | DerivedData 16 | *.hmap 17 | *.ipa 18 | *.xcuserstate 19 | 20 | # CocoaPods 21 | # 22 | # We recommend against adding the Pods directory to your .gitignore. However 23 | # you should judge for yourself, the pros and cons are mentioned at: 24 | # http://guides.cocoapods.org/using/using-cocoapods.html#should-i-ignore-the-pods-directory-in-source-control 25 | # 26 | # Pods/ 27 | 28 | # Appledoc 29 | html/ 30 | 31 | # Facebook Infer 32 | infer-out/ 33 | 34 | # Jekyll 35 | _site 36 | 37 | # Jazzy 38 | *.tgz 39 | 40 | # Swift Package Manager 41 | .build 42 | .swiftpm/ 43 | 44 | .DS_Store 45 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/.gitmodules -------------------------------------------------------------------------------- /.jazzy.yaml: -------------------------------------------------------------------------------- 1 | module: TrustKit 2 | author: Data Theorem 3 | author_url: https://datatheorem.github.io 4 | github_url: https://github.com/datatheorem/TrustKit 5 | 6 | clean: true 7 | hide_documentation_coverage: true 8 | theme: fullwidth 9 | 10 | objc: true 11 | umbrella_header: "TrustKit/TrustKit.h" 12 | framework_root: "./TrustKit" 13 | 14 | readme: "docs/documentation-readme.md" 15 | output: "docs/documentation" 16 | 17 | custom_categories: 18 | - name: Initalizing TrustKit 19 | children: 20 | - TrustKit 21 | 22 | - name: Implementing Pinning Validation 23 | children: 24 | - TSKPinningValidator 25 | - TSKTrustDecision 26 | 27 | - name: Setting up a Validation Callback 28 | children: 29 | - TSKPinningValidatorCallback 30 | - TSKPinningValidatorResult 31 | - TKSDomainPinningPolicy 32 | - TSKTrustEvaluationResult 33 | 34 | - name: Global Configuration Keys 35 | children: 36 | - TSKGlobalConfigurationKey 37 | - kTSKSwizzleNetworkDelegates 38 | - kTSKPinnedDomains 39 | - kTSKIgnorePinningForUserDefinedTrustAnchors 40 | 41 | - name: Domain Configuration Keys 42 | children: 43 | - TSKDomainConfigurationKey 44 | - kTSKPublicKeyHashes 45 | - kTSKEnforcePinning 46 | - kTSKIncludeSubdomains 47 | - kTSKExcludeSubdomainFromParentPolicy 48 | - kTSKReportUris 49 | - kTSKDisableDefaultReportUri 50 | - kTSKExpirationDate 51 | - kTSKAdditionalTrustAnchors 52 | -------------------------------------------------------------------------------- /ATTRIBUTIONS: -------------------------------------------------------------------------------- 1 | domain-registry-provider - https://code.google.com/p/domain-registry-provider/ 2 | ------------------------------------------------------------------------------ 3 | 4 | # Copyright 2011 Google Inc. 5 | # 6 | # Licensed under the Apache License, Version 2.0 (the "License"); 7 | # you may not use this file except in compliance with the License. 8 | # You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | 18 | 19 | RSSwizzle - https://github.com/rabovik/RSSwizzle 20 | ------------------------------------------------ 21 | 22 | Copyright (c) 2013 Yan Rabovik 23 | 24 | Permission is hereby granted, free of charge, to any person obtaining a copy 25 | of this software and associated documentation files (the "Software"), to deal 26 | in the Software without restriction, including without limitation the rights 27 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 28 | copies of the Software, and to permit persons to whom the Software is furnished 29 | to do so, subject to the following conditions: 30 | 31 | The above copyright notice and this permission notice shall be included in all 32 | copies or substantial portions of the Software. 33 | 34 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 35 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 36 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 37 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 38 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 39 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 40 | THE SOFTWARE. -------------------------------------------------------------------------------- /AUTHORS: -------------------------------------------------------------------------------- 1 | Authors 2 | ------- 3 | Alban Diquet - Data Theorem Inc. 4 | Angela Chow - Yahoo Inc. 5 | Eric Castro - Data Theorem Inc. 6 | 7 | 8 | Thanks 9 | ------ 10 | Daryl Low - Yahoo Inc. 11 | Christopher Harrell - Yahoo Inc. 12 | Plasma Chen - Yahoo Inc. 13 | 14 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Data Theorem, Inc. 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in 13 | all copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 21 | THE SOFTWARE. 22 | -------------------------------------------------------------------------------- /Package.swift: -------------------------------------------------------------------------------- 1 | // swift-tools-version:5.3 2 | import PackageDescription 3 | 4 | let package = Package( 5 | name: "TrustKit", 6 | platforms: [ 7 | .iOS(.v12), 8 | .macOS(.v10_13), 9 | .tvOS(.v12), 10 | .watchOS(.v4) 11 | ], 12 | products: [ 13 | .library( 14 | name: "TrustKit", 15 | targets: ["TrustKit"] 16 | ), 17 | .library( 18 | name: "TrustKitDynamic", 19 | type: .dynamic, 20 | targets: ["TrustKit"] 21 | ), 22 | .library( 23 | name: "TrustKitStatic", 24 | type: .static, 25 | targets: ["TrustKit"] 26 | ), 27 | ], 28 | dependencies: [ 29 | ], 30 | targets: [ 31 | .target( 32 | name: "TrustKit", 33 | dependencies: [], 34 | path: "TrustKit", 35 | resources: [.copy("PrivacyInfo.xcprivacy")], 36 | publicHeadersPath: "public", 37 | cSettings: [.define("NS_BLOCK_ASSERTIONS", to: "1", .when(configuration: .release))] 38 | ), 39 | ] 40 | ) 41 | -------------------------------------------------------------------------------- /TrustKit.podspec: -------------------------------------------------------------------------------- 1 | Pod::Spec.new do |s| 2 | s.name = "TrustKit" 3 | s.version = "3.0.7" 4 | s.summary = 'TrustKit is an open source framework that makes it easy to deploy SSL pinning in any iOS, macOS, tvOS or watchOS App.' 5 | s.homepage = "https://datatheorem.github.io/TrustKit" 6 | s.documentation_url = 'https://datatheorem.github.io/TrustKit/documentation/' 7 | s.license = { :type => 'MIT', :file => 'LICENSE' } 8 | s.authors = 'Alban Diquet', 'Angela Chow', 'Eric Castro' 9 | s.source = { :git => "https://github.com/datatheorem/TrustKit.git", :tag => "#{s.version}" } 10 | 11 | s.ios.deployment_target = '12.0' 12 | s.osx.deployment_target = '10.13' 13 | s.tvos.deployment_target = '12.0' 14 | s.watchos.deployment_target = '4.0' 15 | 16 | s.pod_target_xcconfig = { 'DEFINES_MODULE' => 'YES' } 17 | s.source_files = ['TrustKit', 'TrustKit/**/*.{h,m,c}'] 18 | s.public_header_files = 'TrustKit/public/*.h' 19 | s.resource_bundles = {"TrustKit" => "TrustKit/PrivacyInfo.xcprivacy"} 20 | s.frameworks = ['Foundation', 'Security'] 21 | s.requires_arc = true 22 | end 23 | -------------------------------------------------------------------------------- /TrustKit.xcodeproj/project.xcworkspace/contents.xcworkspacedata: -------------------------------------------------------------------------------- 1 | 2 | 4 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /TrustKit.xcodeproj/project.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | IDEDidComputeMac32BitWarning 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /TrustKit.xcodeproj/project.xcworkspace/xcshareddata/TrustKit.xcscmblueprint: -------------------------------------------------------------------------------- 1 | { 2 | "DVTSourceControlWorkspaceBlueprintPrimaryRemoteRepositoryKey" : "E302059AEA03412BDA59789695F25F6B3B3F4EE6", 3 | "DVTSourceControlWorkspaceBlueprintWorkingCopyRepositoryLocationsKey" : { 4 | 5 | }, 6 | "DVTSourceControlWorkspaceBlueprintWorkingCopyStatesKey" : { 7 | "E302059AEA03412BDA59789695F25F6B3B3F4EE6" : 0, 8 | "2B8D60F823B54095FDE698DB84D10E9A0B2DB18B" : 0 9 | }, 10 | "DVTSourceControlWorkspaceBlueprintIdentifierKey" : "FEA687C9-BCA7-46D9-BC27-A17B542FAC0A", 11 | "DVTSourceControlWorkspaceBlueprintWorkingCopyPathsKey" : { 12 | "E302059AEA03412BDA59789695F25F6B3B3F4EE6" : "TrustKit\/", 13 | "2B8D60F823B54095FDE698DB84D10E9A0B2DB18B" : "github\/PLPatchMaster" 14 | }, 15 | "DVTSourceControlWorkspaceBlueprintNameKey" : "TrustKit", 16 | "DVTSourceControlWorkspaceBlueprintVersion" : 204, 17 | "DVTSourceControlWorkspaceBlueprintRelativePathToProjectKey" : "TrustKit.xcodeproj", 18 | "DVTSourceControlWorkspaceBlueprintRemoteRepositoriesKey" : [ 19 | { 20 | "DVTSourceControlWorkspaceBlueprintRemoteRepositoryURLKey" : "https:\/\/github.com\/plausiblelabs\/PLPatchMaster.git", 21 | "DVTSourceControlWorkspaceBlueprintRemoteRepositorySystemKey" : "com.apple.dt.Xcode.sourcecontrol.Git", 22 | "DVTSourceControlWorkspaceBlueprintRemoteRepositoryIdentifierKey" : "2B8D60F823B54095FDE698DB84D10E9A0B2DB18B" 23 | }, 24 | { 25 | "DVTSourceControlWorkspaceBlueprintRemoteRepositoryURLKey" : "github.com:datatheorem\/TrustKit.git", 26 | "DVTSourceControlWorkspaceBlueprintRemoteRepositorySystemKey" : "com.apple.dt.Xcode.sourcecontrol.Git", 27 | "DVTSourceControlWorkspaceBlueprintRemoteRepositoryIdentifierKey" : "E302059AEA03412BDA59789695F25F6B3B3F4EE6" 28 | } 29 | ] 30 | } -------------------------------------------------------------------------------- /TrustKit.xcodeproj/xcshareddata/xcschemes/TrustKit watchOS.xcscheme: -------------------------------------------------------------------------------- 1 | 2 | 5 | 8 | 9 | 15 | 21 | 22 | 23 | 24 | 25 | 30 | 31 | 37 | 38 | 39 | 40 | 41 | 42 | 52 | 53 | 59 | 60 | 61 | 62 | 68 | 69 | 75 | 76 | 77 | 78 | 80 | 81 | 84 | 85 | 86 | -------------------------------------------------------------------------------- /TrustKit/Dependencies/README.md: -------------------------------------------------------------------------------- 1 | Dependencies needed for building TrustKit. 2 | 3 | * RSSwizzle: https://github.com/rabovik/RSSwizzle 4 | * domain\_registry\_provider: https://github.com/nabla-c0d3/domain-registry-provider/ 5 | -------------------------------------------------------------------------------- /TrustKit/Dependencies/domain_registry/private/init_registry_tables.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011 Google Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | #import "../domain_registry.h" 18 | 19 | #include 20 | 21 | #include "registry_types.h" 22 | #include "trie_node.h" 23 | #include "trie_search.h" 24 | 25 | /* Include the generated file that contains the actual registry tables. */ 26 | #include "../registry_tables_genfiles/registry_tables.h" 27 | 28 | void InitializeDomainRegistry(void) { 29 | SetRegistryTables(kStringTable, 30 | kNodeTable, 31 | kNumRootChildren, 32 | kLeafNodeTable, 33 | kLeafChildOffset); 34 | } 35 | -------------------------------------------------------------------------------- /TrustKit/Dependencies/domain_registry/private/registry_types.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011 Google Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | #ifndef DOMAIN_REGISTRY_PRIVATE_REGISTRY_TYPES_H_ 18 | #define DOMAIN_REGISTRY_PRIVATE_REGISTRY_TYPES_H_ 19 | 20 | typedef unsigned short REGISTRY_U16; 21 | 22 | #endif /* DOMAIN_REGISTRY_PRIVATE_REGISTRY_TYPES_H_ */ 23 | -------------------------------------------------------------------------------- /TrustKit/Dependencies/domain_registry/private/string_util.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011 Google Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | #ifndef DOMAIN_REGISTRY_PRIVATE_STRING_UTIL_H_ 18 | #define DOMAIN_REGISTRY_PRIVATE_STRING_UTIL_H_ 19 | 20 | #include 21 | #include 22 | 23 | #include "tsk_assert.h" 24 | 25 | static const char kUpperLowerDistance = 'A' - 'a'; 26 | 27 | #if _WINDOWS 28 | #define __inline__ __inline 29 | #endif 30 | 31 | static __inline__ int IsWildcardComponent(const char* component) { 32 | if (component[0] == '*') { 33 | return 1; 34 | } 35 | return 0; 36 | } 37 | 38 | static __inline__ int IsExceptionComponent(const char* component) { 39 | if (component[0] == '!') { 40 | return 1; 41 | } 42 | return 0; 43 | } 44 | 45 | static __inline__ int IsInvalidComponent(const char* component) { 46 | if (component == NULL || 47 | component[0] == 0 || 48 | IsExceptionComponent(component) || 49 | IsWildcardComponent(component)) { 50 | return 1; 51 | } 52 | return 0; 53 | } 54 | 55 | static __inline__ void ReplaceChar(char* value, char old, char newval) { 56 | while ((value = strchr(value, old)) != NULL) { 57 | *value = newval; 58 | ++value; 59 | } 60 | } 61 | 62 | static __inline__ void ToLowerASCII(char* buf, const char* end) { 63 | for (; buf < end; ++buf) { 64 | char c = *buf; 65 | if (c >= 'A' && c <= 'Z') { 66 | *buf = c - kUpperLowerDistance; 67 | } 68 | } 69 | } 70 | 71 | static __inline__ int HostnamePartCmp(const char *a, const char *b) { 72 | /* 73 | * Optimization: do not invoke strcmp() unless the first characters 74 | * in each string match. Since we are performing a binary search, we 75 | * expect most invocations to strcmp to not have matching arguments, 76 | * and thus not invoke strcmp. This reduces overall runtime by 5-10% 77 | * on a Linux laptop running a -O2 optimized build. 78 | */ 79 | int ret = *(unsigned char *)a - *(unsigned char *)b; 80 | /* 81 | * NOTE: we could invoke strcmp on a+1,b+1 if we are 82 | * certain that neither a nor b are the empty string. For now we 83 | * take the more conservative approach. 84 | */ 85 | if (ret == 0) return strcmp(a, b); 86 | return ret; 87 | } 88 | 89 | #endif /* DOMAIN_REGISTRY_PRIVATE_STRING_UTIL_H_ */ 90 | -------------------------------------------------------------------------------- /TrustKit/Dependencies/domain_registry/private/trie_node.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011 Google Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | #ifndef DOMAIN_REGISTRY_PRIVATE_TRIE_NODE_H_ 18 | #define DOMAIN_REGISTRY_PRIVATE_TRIE_NODE_H_ 19 | 20 | #pragma pack(push) 21 | #pragma pack(1) 22 | 23 | /* 24 | * TrieNode represents a single node in a Trie. It uses 6 bytes of 25 | * storage. 26 | */ 27 | struct TrieNode { 28 | /* 29 | * Index in the string table for the hostname-part associated with 30 | * this node. 31 | */ 32 | unsigned int string_table_offset : 21; 33 | 34 | /* 35 | * Offset of the first child of this node in the node table. All 36 | * children are stored adjacent to each other, sorted 37 | * lexicographically by their hostname parts. 38 | */ 39 | unsigned int first_child_offset : 14; 40 | 41 | /* 42 | * Number of children of this node. 43 | */ 44 | unsigned int num_children : 12; 45 | 46 | /* 47 | * Whether this node is a "terminal" node. A terminal node is one 48 | * that represents the end of a sequence of nodes in the trie. For 49 | * instance if the sequences "com.foo.bar" and "com.foo" are added 50 | * to the trie, "bar" and "foo" are terminal nodes, since they are 51 | * both at the end of their sequences. 52 | */ 53 | unsigned int is_terminal : 1; 54 | }; 55 | 56 | #pragma pack(pop) 57 | 58 | #endif /* DOMAIN_REGISTRY_PRIVATE_TRIE_NODE_H_ */ 59 | -------------------------------------------------------------------------------- /TrustKit/Dependencies/domain_registry/private/trie_search.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011 Google Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | * 16 | * Functions to search the registry tables. These should not 17 | * need to be invoked directly. 18 | */ 19 | 20 | #ifndef DOMAIN_REGISTRY_PRIVATE_TRIE_SEARCH_H_ 21 | #define DOMAIN_REGISTRY_PRIVATE_TRIE_SEARCH_H_ 22 | 23 | #include 24 | 25 | #include "registry_types.h" 26 | #include "trie_node.h" 27 | 28 | /* 29 | * Find a TrieNode under the given parent node with the specified 30 | * name. If parent is NULL then the search is performed at the root 31 | * TrieNode. 32 | */ 33 | const struct TrieNode* FindRegistryNode(const char* component, 34 | const struct TrieNode* parent); 35 | 36 | /* 37 | * Find a leaf TrieNode under the given parent node with the specified 38 | * name. If parent does not have all leaf children (i.e. if 39 | * HasLeafChildren(parent) returns zero), will assert and return 40 | * NULL. If parent is NULL then the search is performed at the root 41 | * TrieNode. 42 | */ 43 | const char* FindRegistryLeafNode(const char* component, 44 | const struct TrieNode* parent); 45 | 46 | /* Get the hostname part for the given string table offset. */ 47 | const char* GetHostnamePart(size_t offset); 48 | 49 | /* Does the given node have all leaf children? */ 50 | int HasLeafChildren(const struct TrieNode* node); 51 | 52 | /* 53 | * Initialize the registry tables. Called at system startup by 54 | * InitializeDomainRegistry(). 55 | */ 56 | void SetRegistryTables(const char* string_table, 57 | const struct TrieNode* node_table, 58 | size_t num_root_children, 59 | const REGISTRY_U16* leaf_node_table, 60 | size_t leaf_node_table_offset); 61 | 62 | #endif /* DOMAIN_REGISTRY_PRIVATE_TRIE_SEARCH_H_ */ 63 | -------------------------------------------------------------------------------- /TrustKit/Dependencies/domain_registry/private/tsk_assert.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011 Google Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | #include "tsk_assert.h" 18 | 19 | #include "../domain_registry.h" 20 | #include 21 | #include 22 | 23 | static void DefaultAssertHandler(const char* file, int line, const char* cond_str) { 24 | fprintf(stderr, "%s:%d. CHECK failed: %s\n", file, line, cond_str); 25 | abort(); 26 | } 27 | 28 | static DomainRegistryAssertHandler g_assert_hander = DefaultAssertHandler; 29 | 30 | void DoAssert(const char* file, 31 | int line, 32 | const char* condition_str, 33 | int condition) { 34 | if (condition == 0) { 35 | g_assert_hander(file, line, condition_str); 36 | } 37 | } 38 | 39 | void SetDomainRegistryAssertHandler(DomainRegistryAssertHandler handler) { 40 | g_assert_hander = handler; 41 | } 42 | -------------------------------------------------------------------------------- /TrustKit/Dependencies/domain_registry/private/tsk_assert.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011 Google Inc. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | #ifndef DOMAIN_REGISTRY_PRIVATE_ASSERT_H_ 18 | #define DOMAIN_REGISTRY_PRIVATE_ASSERT_H_ 19 | 20 | void DoAssert(const char* file, int line, const char* cond_str, int cond); 21 | 22 | #ifdef NDEBUG 23 | #define DCHECK(x) 24 | #else 25 | #define DCHECK(x) DoAssert(__FILE__, __LINE__, #x, (x)) 26 | #endif 27 | 28 | #endif /* DOMAIN_REGISTRY_PRIVATE_ASSERT_H_ */ 29 | -------------------------------------------------------------------------------- /TrustKit/Framework/Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleDevelopmentRegion 6 | en 7 | CFBundleExecutable 8 | $(EXECUTABLE_NAME) 9 | CFBundleIdentifier 10 | $(PRODUCT_BUNDLE_IDENTIFIER) 11 | CFBundleInfoDictionaryVersion 12 | 6.0 13 | CFBundleName 14 | $(PRODUCT_NAME) 15 | CFBundlePackageType 16 | FMWK 17 | CFBundleShortVersionString 18 | 1.0 19 | CFBundleSignature 20 | ???? 21 | CFBundleVersion 22 | $(CURRENT_PROJECT_VERSION) 23 | NSPrincipalClass 24 | 25 | 26 | 27 | -------------------------------------------------------------------------------- /TrustKit/Pinning/TSKPublicKeyAlgorithm.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKPublicKeyAlgorithm.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #ifndef TSKPublicKeyAlgorithm_h 13 | #define TSKPublicKeyAlgorithm_h 14 | 15 | #if __has_feature(modules) 16 | @import Foundation; 17 | #else 18 | #import 19 | #endif 20 | 21 | // The internal enum we use for public key algorithms; not to be confused with the exported TSKSupportedAlgorithm 22 | typedef NS_ENUM(NSInteger, TSKPublicKeyAlgorithm) 23 | { 24 | // Some assumptions are made about this specific ordering in public_key_utils.m 25 | TSKPublicKeyAlgorithmRsa2048 = 0, 26 | TSKPublicKeyAlgorithmRsa4096 = 1, 27 | TSKPublicKeyAlgorithmEcDsaSecp256r1 = 2, 28 | TSKPublicKeyAlgorithmEcDsaSecp384r1 = 3, 29 | 30 | TSKPublicKeyAlgorithmLast = TSKPublicKeyAlgorithmEcDsaSecp384r1 31 | } __deprecated_msg("Starting with TrustKit 1.6.0, key algorithms no longer need to be specified; remove TSKPublicKeyAlgorithms from your configuration."); 32 | 33 | #endif /* TSKPublicKeyAlgorithm_h */ 34 | -------------------------------------------------------------------------------- /TrustKit/Pinning/TSKSPKIHashCache.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKSPKIHashCache.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #if __has_feature(modules) 13 | @import Foundation; 14 | #else 15 | #import 16 | #endif 17 | 18 | #if __has_feature(modules) 19 | @import Security; 20 | #else 21 | #import 22 | #endif 23 | 24 | NS_ASSUME_NONNULL_BEGIN 25 | 26 | // The identifier used for the default shared hash cache. Use this identifier 27 | // in the TSKSPKIHashCache constructor to use the shared cache. 28 | static NSString * const kTSKSPKISharedHashCacheIdentifier = @"spki-hash.cache"; 29 | 30 | // Each key is a raw certificate data (for easy lookup) and each value is the certificate's raw SPKI data 31 | typedef NSMutableDictionary SPKICacheDictionnary; 32 | 33 | @interface TSKSPKIHashCache : NSObject 34 | 35 | - (instancetype)new NS_UNAVAILABLE; 36 | - (instancetype)init NS_UNAVAILABLE; 37 | 38 | /** 39 | Create a new cache of SPKI hashes. The identifier is required to ensure that multiple cache 40 | instances do not attempt to use the same file on disk for persistence. 41 | 42 | @param uniqueIdentifier A unique identifier that is stable across app launches/instance creation 43 | @return An initialized hash cache. 44 | */ 45 | - (instancetype _Nullable)initWithIdentifier:(NSString*)uniqueIdentifier NS_DESIGNATED_INITIALIZER; 46 | 47 | /** 48 | Get a pin cache for the provided certificate. The pins 49 | are cached so subsequent calls will be faster than the initial call. 50 | 51 | @param certificate The certificate containing the public key that will be hashed 52 | @return The hash of the public key or nil if the hash could not be generated 53 | */ 54 | - (NSData * _Nullable)hashSubjectPublicKeyInfoFromCertificate:(SecCertificateRef)certificate; 55 | 56 | @end 57 | 58 | NS_ASSUME_NONNULL_END 59 | -------------------------------------------------------------------------------- /TrustKit/Pinning/pinning_utils.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | pinning_utils.h 4 | TrustKit 5 | 6 | Copyright 2023 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #if __has_feature(modules) 13 | @import Foundation; 14 | #else 15 | #import 16 | #endif 17 | 18 | #if __has_feature(modules) 19 | @import Security; 20 | #else 21 | #import 22 | #endif 23 | 24 | 25 | #ifndef TrustKit_pinning_utils_h 26 | #define TrustKit_pinning_utils_h 27 | 28 | /** 29 | Evaluate trust for the specified certificate and policies 30 | 31 | This function invokes SecTrustEvaluateWithError() on iOS12+, macOS14+ and SecTrustEvaluate() otherwise. 32 | 33 | @param serverTrust The trust management object to evaluate 34 | @param trustResult On return, points to a result type reflecting the result of this evaluation. 35 | @param error An error pointer the method uses to return an error when trust evaluation fails. Set to nil to ignore the error (this is not recommended!) 36 | 37 | */ 38 | void evaluateCertificateChainTrust(SecTrustRef serverTrust, SecTrustResultType *trustResult, NSError **error); 39 | 40 | /** 41 | Returns a specific certificate from the certificate chain used to evaluate trust. 42 | 43 | This function invokes SecTrustCopyCertificateChain() on iOS 15+, macOS 12+ and SecTrustGetCertificateAtIndex() otherwise 44 | @param serverTrust The trust management object to evaluate 45 | @param index The index of the certificate to return 46 | @return A certificate object for the requested certificate. 47 | */ 48 | SecCertificateRef getCertificateAtIndex(SecTrustRef serverTrust, CFIndex index); 49 | 50 | /** 51 | Returns the public key for a leaf certificate after it has been evaluated. 52 | 53 | This function invokes SecTrustCopyKey() on iOS 14+ and SecTrustCopyPublicKey otherwise 54 | @param serverTrust The trust management object to evaluate 55 | @return The leaf certificate's public key, or nil if it the public key could not be extracted 56 | */ 57 | SecKeyRef copyKey(SecTrustRef serverTrust); 58 | 59 | #endif 60 | -------------------------------------------------------------------------------- /TrustKit/Pinning/pinning_utils.m: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | pinning_utils.m 4 | TrustKit 5 | 6 | Copyright 2023 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "pinning_utils.h" 13 | #include 14 | #include "TargetConditionals.h" 15 | 16 | void evaluateCertificateChainTrust(SecTrustRef serverTrust, SecTrustResultType *trustResult, NSError **error) { 17 | if (@available(iOS 12.0, macOS 14.0, tvOS 12.0, watchOS 5.0, *)) { 18 | CFErrorRef errorRef; 19 | bool certificateEvaluationSucceeded = SecTrustEvaluateWithError(serverTrust, &errorRef); 20 | OSStatus status = SecTrustGetTrustResult(serverTrust, trustResult); 21 | if (error != NULL) { 22 | if (status != errSecSuccess) 23 | { 24 | NSString *errDescription = [NSString stringWithFormat:@"got status %d", (int)status]; 25 | *error = [[NSError alloc] initWithDomain:@"com.datatheorem.trustkit" code:1 userInfo:@{NSLocalizedDescriptionKey:errDescription}]; 26 | } 27 | else if (!certificateEvaluationSucceeded) 28 | { 29 | *error = (__bridge_transfer NSError *)errorRef; 30 | } 31 | } 32 | } 33 | else 34 | { 35 | // Use pragmas to supress deprecated warnings 36 | #pragma clang diagnostic push 37 | #pragma clang diagnostic ignored "-Wdeprecated-declarations" 38 | OSStatus status = SecTrustEvaluate(serverTrust, trustResult); 39 | #pragma clang diagnostic pop 40 | if (status != errSecSuccess && (error != NULL)) { 41 | NSString *errDescription = [NSString stringWithFormat:@"got status %d", (int)status]; 42 | *error = [[NSError alloc] initWithDomain:@"com.datatheorem.trustkit" code:2 userInfo:@{NSLocalizedDescriptionKey:errDescription}]; 43 | } 44 | } 45 | } 46 | 47 | SecCertificateRef getCertificateAtIndex(SecTrustRef serverTrust, CFIndex index) { 48 | NSInteger majorVersion = [[NSProcessInfo processInfo] operatingSystemVersion].majorVersion; 49 | #if TARGET_OS_WATCH 50 | int osVersionThreshold = 8; // watchOS 8+ 51 | #elif TARGET_OS_IPHONE || TARGET_OS_SIMULATOR || TARGET_OS_IOS 52 | int osVersionThreshold = 15; // iOS 15+, tvOS 15+ 53 | #else 54 | int osVersionThreshold = 12; // macOS 12+ 55 | #endif 56 | SecCertificateRef certificate = NULL; 57 | void *_Security = dlopen("/System/Library/Frameworks/Security.framework/Security", RTLD_NOW); 58 | 59 | if (majorVersion >= osVersionThreshold) 60 | { 61 | CFArrayRef (*_SecTrustCopyCertificateChain)(SecTrustRef) = dlsym(_Security, "SecTrustCopyCertificateChain"); 62 | CFArrayRef certs = _SecTrustCopyCertificateChain(serverTrust); 63 | certificate = (SecCertificateRef)CFArrayGetValueAtIndex(certs, index); 64 | CFRelease(certs); 65 | } 66 | else 67 | { 68 | SecCertificateRef (*_SecTrustGetCertificateAtIndex)(SecTrustRef, CFIndex) = dlsym(_Security, "SecTrustGetCertificateAtIndex"); 69 | certificate = _SecTrustGetCertificateAtIndex(serverTrust, index); 70 | } 71 | return certificate; 72 | } 73 | 74 | SecKeyRef copyKey(SecTrustRef serverTrust) { 75 | if (@available(iOS 14.0, macOS 11.0, tvOS 14.0, watchOS 7.0, *)) { 76 | return SecTrustCopyKey(serverTrust); 77 | } else { 78 | #pragma clang diagnostic push 79 | #pragma clang diagnostic ignored "-Wdeprecated-declarations" 80 | return SecTrustCopyPublicKey(serverTrust); 81 | #pragma clang diagnostic pop 82 | } 83 | } 84 | -------------------------------------------------------------------------------- /TrustKit/Pinning/ssl_pin_verifier.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | ssl_pin_verifier.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "../public/TSKTrustDecision.h" 13 | #if __has_feature(modules) 14 | @import Foundation; 15 | #else 16 | #import 17 | #endif 18 | 19 | @class TSKSPKIHashCache; 20 | 21 | // Validate that the server trust contains at least one of the know/expected pins 22 | TSKTrustEvaluationResult verifyPublicKeyPin(SecTrustRef _Nonnull serverTrust, 23 | NSString * _Nonnull serverHostname, 24 | NSSet * _Nonnull knownPins, 25 | TSKSPKIHashCache * _Nullable hashCache); 26 | -------------------------------------------------------------------------------- /TrustKit/PrivacyInfo.xcprivacy: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | NSPrivacyAccessedAPITypes 6 | 7 | 8 | NSPrivacyAccessedAPIType 9 | NSPrivacyAccessedAPICategoryUserDefaults 10 | NSPrivacyAccessedAPITypeReasons 11 | 12 | CA92.1 13 | 14 | 15 | 16 | NSPrivacyCollectedDataTypes 17 | 18 | NSPrivacyTracking 19 | 20 | NSPrivacyTrackingDomains 21 | 22 | 23 | 24 | -------------------------------------------------------------------------------- /TrustKit/Reporting/TSKBackgroundReporter.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKBackgroundReporter.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "../Pinning/ssl_pin_verifier.h" 13 | 14 | #if __has_feature(modules) 15 | @import Foundation; 16 | #else 17 | #import 18 | #endif 19 | 20 | /** 21 | `TSKSimpleBackgroundReporter` is a class for uploading pin failure reports using the background transfer service. 22 | 23 | */ 24 | @interface TSKBackgroundReporter : NSObject 25 | 26 | ///--------------------- 27 | /// @name Initialization 28 | ///--------------------- 29 | 30 | /** 31 | Initializes a background reporter. 32 | 33 | @param shouldRateLimitReports Prevent identical pin failure reports from being sent more than once per day. 34 | @param sharedContainerIdentifier The container identifier for an app extension. This must be set in order 35 | for reports to be sent from an app extension. See 36 | https://developer.apple.com/documentation/foundation/nsurlsessionconfiguration/1409450-sharedcontaineridentifier 37 | @exception NSException Thrown when the App does not have a bundle ID, meaning we're running in unit tests where the background transfer service can't be used. 38 | 39 | */ 40 | - (nonnull instancetype)initAndRateLimitReports:(BOOL)shouldRateLimitReports 41 | sharedContainerIdentifier:(nullable NSString *)sharedContainerIdentifier; 42 | 43 | ///---------------------- 44 | /// @name Sending Reports 45 | ///---------------------- 46 | 47 | /** 48 | Send a pin validation failure report; each argument is described section 3. of RFC 7469. 49 | */ 50 | - (void)pinValidationFailedForHostname:(nonnull NSString *)serverHostname 51 | port:(nullable NSNumber *)serverPort 52 | certificateChain:(nonnull NSArray *)certificateChain 53 | notedHostname:(nonnull NSString *)notedHostname 54 | reportURIs:(nonnull NSArray *)reportURIs 55 | includeSubdomains:(BOOL)includeSubdomains 56 | enforcePinning:(BOOL)enforcePinning 57 | knownPins:(nonnull NSSet *)knownPins 58 | validationResult:(TSKTrustEvaluationResult)validationResult 59 | expirationDate:(nullable NSDate *)knownPinsExpirationDate; 60 | 61 | - (void)URLSession:(nonnull NSURLSession *)session task:(nonnull NSURLSessionTask *)task didCompleteWithError:(nullable NSError *)error; 62 | 63 | @end 64 | 65 | -------------------------------------------------------------------------------- /TrustKit/Reporting/TSKPinFailureReport.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKPinFailureReport.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "../Pinning/ssl_pin_verifier.h" 13 | 14 | #if __has_feature(modules) 15 | @import Foundation; 16 | #else 17 | #import 18 | #endif 19 | 20 | @interface TSKPinFailureReport : NSObject 21 | 22 | @property (readonly, nonatomic, nonnull) NSString *appBundleId; // Not part of the HPKP spec 23 | @property (readonly, nonatomic, nonnull) NSString *appVersion; // Not part of the HPKP spec 24 | @property (readonly, nonatomic, nonnull) NSString *appPlatform; // Not part of the HPKP spec 25 | @property (readonly, nonatomic, nonnull) NSString *appPlatformVersion; // Not part of the HPKP spec 26 | @property (readonly, nonatomic, nonnull) NSString *appVendorId; // Not part of the HPKP spec 27 | @property (readonly, nonatomic, nonnull) NSString *trustkitVersion; // Not part of the HPKP spec 28 | @property (readonly, nonatomic, nonnull) NSString *notedHostname; 29 | @property (readonly, nonatomic, nonnull) NSString *hostname; 30 | @property (readonly, nonatomic, nonnull) NSNumber *port; 31 | @property (readonly, nonatomic, nonnull) NSDate *dateTime; 32 | @property (readonly, nonatomic) BOOL includeSubdomains; 33 | @property (readonly, nonatomic, nonnull) NSArray *validatedCertificateChain; 34 | @property (readonly, nonatomic, nonnull) NSArray *knownPins; 35 | @property (readonly, nonatomic) TSKTrustEvaluationResult validationResult; // Not part of the HPKP spec 36 | @property (readonly, nonatomic) BOOL enforcePinning; // Not part of the HPKP spec 37 | @property (readonly, nonatomic, nullable) NSDate *knownPinsExpirationDate; // Not part of the HPKP spec 38 | 39 | 40 | // Init with default bundle ID and current time as the date-time 41 | - (nonnull instancetype) initWithAppBundleId:(nonnull NSString *)appBundleId 42 | appVersion:(nonnull NSString *)appVersion 43 | appPlatform:(nonnull NSString *)appPlatform 44 | appPlatformVersion:(nonnull NSString *)appPlatformVersion 45 | appVendorId:(nonnull NSString *)appVendorId 46 | trustkitVersion:(nonnull NSString *)trustkitVersion 47 | hostname:(nonnull NSString *)serverHostname 48 | port:(nonnull NSNumber *)serverPort 49 | dateTime:(nonnull NSDate *)dateTime 50 | notedHostname:(nonnull NSString *)notedHostname 51 | includeSubdomains:(BOOL)includeSubdomains 52 | enforcePinning:(BOOL)enforcePinning 53 | validatedCertificateChain:(nonnull NSArray *)validatedCertificateChain 54 | knownPins:(nonnull NSArray *)knownPins 55 | validationResult:(TSKTrustEvaluationResult)validationResult 56 | expirationDate:(nullable NSDate *)knownPinsExpirationDate; 57 | 58 | // Return the report in JSON format for POSTing it 59 | - (nonnull NSData *)json; 60 | 61 | // Return a request ready to be sent with the report in JSON format in the response's body 62 | - (nonnull NSMutableURLRequest *)requestToUri:(nonnull NSURL *)reportUri; 63 | 64 | 65 | @end 66 | -------------------------------------------------------------------------------- /TrustKit/Reporting/TSKReportsRateLimiter.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKReportsRateLimiter.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "TSKPinFailureReport.h" 13 | 14 | #if __has_feature(modules) 15 | @import Foundation; 16 | #else 17 | #import 18 | #endif 19 | 20 | 21 | /* 22 | * Simple helper class which caches reports for 24 hours to prevent identical reports from being sent twice 23 | * during this 24 hour period. 24 | * This is best-effort as the class doesn't persist state across App restarts, so if the App 25 | * gets killed, it will start sending reports again. 26 | */ 27 | @interface TSKReportsRateLimiter : NSObject 28 | 29 | /** 30 | Determine if the report should be reported or ignored due to the rate limiting policy. 31 | 32 | @param report The report to check whether or not to rate limit 33 | @return True if the report should be ignored under the rate-limiting policy that 34 | is in effect. 35 | */ 36 | - (BOOL)shouldRateLimitReport:(TSKPinFailureReport * _Nonnull)report; 37 | 38 | @end 39 | -------------------------------------------------------------------------------- /TrustKit/Reporting/TSKReportsRateLimiter.m: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKReportsRateLimiter.m 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "TSKReportsRateLimiter.h" 13 | #import "reporting_utils.h" 14 | 15 | static const NSTimeInterval kIntervalBetweenReportsCacheReset = 3600 * 24; 16 | 17 | @interface TSKReportsRateLimiter () 18 | 19 | /** Cache to rate-limit the number of pin failure reports that get sent */ 20 | @property (nonatomic) NSMutableSet *reportsCache; 21 | 22 | /** We reset the reports cache every 24 hours to ensure identical reports are only sent once per day */ 23 | @property (nonatomic) NSDate *lastReportsCacheResetDate; 24 | 25 | /** Concurrent queue for multi-reader, single-writer to the reports cache using dispatch barriers */ 26 | @property (nonatomic) dispatch_queue_t reportsCacheQueue; 27 | 28 | @end 29 | 30 | @implementation TSKReportsRateLimiter 31 | 32 | - (instancetype)init 33 | { 34 | self = [super init]; 35 | if (self) { 36 | // Initialize all the internal state for rate-limiting report uploads 37 | _reportsCache = [NSMutableSet set]; 38 | _lastReportsCacheResetDate = [NSDate date]; 39 | _reportsCacheQueue = dispatch_queue_create("TSKReportsRateLimiter", DISPATCH_QUEUE_SERIAL); 40 | } 41 | return self; 42 | } 43 | 44 | - (BOOL)shouldRateLimitReport:(TSKPinFailureReport *)report 45 | { 46 | NSParameterAssert(report); 47 | 48 | // Check if we need to clear the reports cache for rate-limiting 49 | NSTimeInterval secondsSinceCacheReset = -[self.lastReportsCacheResetDate timeIntervalSinceNow]; 50 | 51 | // Create an array containg the gist of the pin failure report; do not include the dates 52 | NSArray *pinFailureInfo = @[ report.notedHostname, 53 | report.hostname, 54 | report.port, 55 | report.validatedCertificateChain, 56 | report.knownPins, 57 | @(report.validationResult) ]; 58 | 59 | __block BOOL shouldRateLimitReport = NO; 60 | __weak typeof(self) weakSelf = self; 61 | dispatch_sync(self.reportsCacheQueue, ^{ 62 | typeof(self) strongSelf = weakSelf; 63 | 64 | if (secondsSinceCacheReset > kIntervalBetweenReportsCacheReset) 65 | { 66 | // Reset the cache 67 | [strongSelf.reportsCache removeAllObjects]; 68 | strongSelf.lastReportsCacheResetDate = [NSDate date]; 69 | } 70 | 71 | // Check if the exact same report has already been sent recently 72 | shouldRateLimitReport = [strongSelf.reportsCache containsObject:pinFailureInfo]; 73 | if (shouldRateLimitReport == NO) 74 | { 75 | // An identical report has NOT been sent recently 76 | // Add this report to the cache for rate-limiting 77 | [strongSelf.reportsCache addObject:pinFailureInfo]; 78 | } 79 | }); 80 | 81 | return shouldRateLimitReport; 82 | } 83 | 84 | - (void)setLastReportsCacheResetDate:(NSDate *)lastReportsCacheResetDate 85 | { 86 | NSParameterAssert(lastReportsCacheResetDate); 87 | _lastReportsCacheResetDate = lastReportsCacheResetDate; 88 | } 89 | 90 | @end 91 | 92 | -------------------------------------------------------------------------------- /TrustKit/Reporting/reporting_utils.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | reporting_utils.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #if __has_feature(modules) 13 | @import Foundation; 14 | #else 15 | #import 16 | #endif 17 | 18 | #ifndef TrustKit_reporting_utils_h 19 | #define TrustKit_reporting_utils_h 20 | 21 | NSArray *convertTrustToPemArray(SecTrustRef serverTrust); 22 | NSArray *convertPinsToHpkpPins(NSSet *knownPins); 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /TrustKit/Reporting/reporting_utils.m: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | reporting_utils.m 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "reporting_utils.h" 13 | #import "../Pinning/pinning_utils.h" 14 | 15 | NSArray *convertTrustToPemArray(SecTrustRef serverTrust) 16 | { 17 | // Convert the trust object into an array of PEM certificates 18 | // Warning: SecTrustEvaluate() always needs to be called first on the serverTrust to be able to extract the certificates 19 | NSMutableArray *certificateChain = [NSMutableArray array]; 20 | CFIndex chainLen = SecTrustGetCertificateCount(serverTrust); 21 | for (CFIndex i=0;i *convertPinsToHpkpPins(NSSet *knownPins) 38 | { 39 | // Convert the know pins from a set of data to an array of strings as described in the HPKP spec 40 | NSMutableArray *formattedPins = [NSMutableArray array]; 41 | for (NSData *pin in knownPins) 42 | { 43 | [formattedPins addObject:[NSString stringWithFormat:@"pin-sha256=\"%@\"", [pin base64EncodedStringWithOptions:(NSDataBase64EncodingOptions)0]]]; 44 | } 45 | return formattedPins; 46 | } 47 | 48 | -------------------------------------------------------------------------------- /TrustKit/Reporting/vendor_identifier.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | vendor_identifier.h 4 | TrustKit 5 | 6 | Copyright 2016 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #if __has_feature(modules) 13 | @import Foundation; 14 | #else 15 | #import 16 | #endif 17 | 18 | // Will return the IDFV on platforms that support it (iOS, tvOS) and a randomly generated UUID on other platforms (macOS, watchOS) 19 | NSString *identifier_for_vendor(void); 20 | -------------------------------------------------------------------------------- /TrustKit/Reporting/vendor_identifier.m: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | vendor_identifier.m 4 | TrustKit 5 | 6 | Copyright 2016 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "vendor_identifier.h" 13 | 14 | static NSString * const kTSKVendorIdentifierKey = @"TSKVendorIdentifier"; 15 | 16 | NSString *identifier_for_vendor(void) 17 | { 18 | // Try to retrieve the vendor ID from the preferences 19 | NSUserDefaults *preferences = NSUserDefaults.standardUserDefaults; 20 | NSString *vendorId = [preferences stringForKey:kTSKVendorIdentifierKey]; 21 | if (vendorId == nil) 22 | { 23 | // Generate and store a new UUID 24 | vendorId = NSUUID.UUID.UUIDString; 25 | [preferences setObject:vendorId forKey:kTSKVendorIdentifierKey]; 26 | [preferences synchronize]; 27 | } 28 | return vendorId; 29 | } 30 | 31 | 32 | -------------------------------------------------------------------------------- /TrustKit/Swizzling/TSKNSURLConnectionDelegateProxy.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKNSURLConnectionDelegateProxy.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #if __has_feature(modules) 13 | @import Foundation; 14 | #else 15 | #import 16 | #endif 17 | 18 | NS_ASSUME_NONNULL_BEGIN 19 | 20 | @class TrustKit; 21 | 22 | @interface TSKNSURLConnectionDelegateProxy : NSObject 23 | 24 | // Initalize our hooks 25 | + (void)swizzleNSURLConnectionConstructors:(TrustKit *)trustKit; 26 | 27 | - (instancetype)init NS_UNAVAILABLE; 28 | 29 | - (instancetype _Nullable)initWithTrustKit:(TrustKit *)trustKit connectionDelegate:(id _Nullable)delegate NS_DESIGNATED_INITIALIZER; 30 | 31 | - (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge; 32 | 33 | // Forward messages to the original delegate if the proxy doesn't implement the method 34 | - (id)forwardingTargetForSelector:(SEL)sel; 35 | 36 | @end 37 | 38 | NS_ASSUME_NONNULL_END 39 | -------------------------------------------------------------------------------- /TrustKit/Swizzling/TSKNSURLSessionDelegateProxy.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKNSURLSessionDelegateProxy.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #if __has_feature(modules) 13 | @import Foundation; 14 | #else 15 | #import 16 | #endif 17 | 18 | NS_ASSUME_NONNULL_BEGIN 19 | 20 | @class TrustKit; 21 | 22 | typedef void(^TSKURLSessionAuthChallengeCallback)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * _Nullable credential); 23 | 24 | @interface TSKNSURLSessionDelegateProxy : NSObject 25 | 26 | + (void)swizzleNSURLSessionConstructors:(TrustKit *)trustKit; 27 | 28 | - (instancetype)init NS_UNAVAILABLE; 29 | 30 | - (instancetype _Nullable)initWithTrustKit:(TrustKit *)trustKit sessionDelegate:(id)delegate NS_DESIGNATED_INITIALIZER; 31 | 32 | - (void)URLSession:(NSURLSession *)session 33 | didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge 34 | completionHandler:(TSKURLSessionAuthChallengeCallback)completionHandler; 35 | 36 | - (void)URLSession:(NSURLSession *)session 37 | task:(NSURLSessionTask *)task 38 | didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge 39 | completionHandler:(TSKURLSessionAuthChallengeCallback)completionHandler; 40 | 41 | // Forward messages to the original delegate if the proxy doesn't implement the method 42 | - (id)forwardingTargetForSelector:(SEL)sel; 43 | 44 | @end 45 | 46 | NS_ASSUME_NONNULL_END 47 | -------------------------------------------------------------------------------- /TrustKit/TSKLog.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKLog.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | // Common header with internal constants and defines. 13 | 14 | #ifndef TSKLog_h 15 | #define TSKLog_h 16 | 17 | // The logging function we use within TrustKit 18 | void TSKLog(NSString *format, ...); 19 | 20 | 21 | #endif /* TSKLog_h */ 22 | -------------------------------------------------------------------------------- /TrustKit/TSKPinningValidatorResult.m: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKPinningValidator.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "TSKPinningValidatorResult.h" 13 | #import "Reporting/reporting_utils.h" 14 | 15 | @implementation TSKPinningValidatorResult 16 | 17 | - (instancetype _Nullable)initWithServerHostname:(NSString * _Nonnull)serverHostname 18 | serverTrust:(SecTrustRef _Nonnull)serverTrust 19 | validationResult:(TSKTrustEvaluationResult)validationResult 20 | finalTrustDecision:(TSKTrustDecision)finalTrustDecision 21 | validationDuration:(NSTimeInterval)validationDuration 22 | { 23 | NSParameterAssert(serverHostname); 24 | NSParameterAssert(serverTrust); 25 | 26 | self = [super init]; 27 | if (self) { 28 | _serverHostname = serverHostname; 29 | _evaluationResult = validationResult; 30 | _finalTrustDecision = finalTrustDecision; 31 | _validationDuration = validationDuration; 32 | 33 | // Convert the server trust to a certificate chain as soon as we get it, as the trust object sometimes gets freed right after the authentication challenge has been handled 34 | _certificateChain = convertTrustToPemArray(serverTrust); 35 | } 36 | return self; 37 | } 38 | 39 | @end 40 | -------------------------------------------------------------------------------- /TrustKit/TSKPinningValidator_Private.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKPinningValidator_Private.h 4 | TrustKit 5 | 6 | Copyright 2017 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | NS_ASSUME_NONNULL_BEGIN 13 | 14 | /* Methods that are internal to TrustKit */ 15 | @interface TSKPinningValidator (Internal) 16 | 17 | /** 18 | Initialize an instance of TSKPinningValidator. 19 | 20 | @param domainPinningPolicies A dictionnary of domains and the corresponding pinning policy. 21 | @param hashCache The hash cache to use. If nil, no caching is performed, performance may suffer. 22 | @param ignorePinsForUserTrustAnchors Set to true to ignore the trust anchors in the user trust store 23 | @param validationCallbackQueue The queue used when invoking the validationResultHandler 24 | @param validationCallback The callback invoked with validation results 25 | @return Initialized instance 26 | */ 27 | - (instancetype _Nullable)initWithDomainPinningPolicies:(NSDictionary *)domainPinningPolicies 28 | hashCache:(TSKSPKIHashCache *)hashCache 29 | ignorePinsForUserTrustAnchors:(BOOL)ignorePinsForUserTrustAnchors 30 | validationCallbackQueue:(dispatch_queue_t)validationCallbackQueue 31 | validationCallback:(TSKPinningValidatorCallback)validationCallback; 32 | 33 | @end 34 | 35 | 36 | @interface TSKPinningValidatorResult (Internal) 37 | 38 | - (instancetype _Nullable)initWithServerHostname:(NSString *)serverHostname 39 | serverTrust:(SecTrustRef)serverTrust 40 | validationResult:(TSKTrustEvaluationResult)validationResult 41 | finalTrustDecision:(TSKTrustDecision)finalTrustDecision 42 | validationDuration:(NSTimeInterval)validationDuration; 43 | 44 | @end 45 | 46 | NS_ASSUME_NONNULL_END 47 | -------------------------------------------------------------------------------- /TrustKit/TSKTrustKitConfig.m: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKTrustKitConfig.m 4 | TrustKit 5 | 6 | Copyright 2017 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "TSKTrustKitConfig.h" 13 | 14 | NSString * const TrustKitVersion = @"3.0.0"; 15 | 16 | // General keys 17 | const TSKGlobalConfigurationKey kTSKSwizzleNetworkDelegates = @"TSKSwizzleNetworkDelegates"; 18 | const TSKGlobalConfigurationKey kTSKPinnedDomains = @"TSKPinnedDomains"; 19 | 20 | const TSKGlobalConfigurationKey kTSKIgnorePinningForUserDefinedTrustAnchors = @"TSKIgnorePinningForUserDefinedTrustAnchors"; 21 | 22 | // Keys for each domain within the TSKPinnedDomains entry 23 | const TSKDomainConfigurationKey kTSKPublicKeyHashes = @"TSKPublicKeyHashes"; 24 | const TSKDomainConfigurationKey kTSKEnforcePinning = @"TSKEnforcePinning"; 25 | const TSKDomainConfigurationKey kTSKExcludeSubdomainFromParentPolicy = @"kSKExcludeSubdomainFromParentPolicy"; 26 | 27 | const TSKDomainConfigurationKey kTSKIncludeSubdomains = @"TSKIncludeSubdomains"; 28 | const TSKDomainConfigurationKey kTSKPublicKeyAlgorithms = @"TSKPublicKeyAlgorithms"; 29 | const TSKDomainConfigurationKey kTSKReportUris = @"TSKReportUris"; 30 | const TSKDomainConfigurationKey kTSKDisableDefaultReportUri = @"TSKDisableDefaultReportUri"; 31 | const TSKDomainConfigurationKey kTSKExpirationDate = @"TSKExpirationDate"; 32 | 33 | #pragma mark Public key Algorithms Constants 34 | const TSKSupportedAlgorithm kTSKAlgorithmRsa2048 = @"TSKAlgorithmRsa2048"; 35 | const TSKSupportedAlgorithm kTSKAlgorithmRsa4096 = @"TSKAlgorithmRsa4096"; 36 | const TSKSupportedAlgorithm kTSKAlgorithmEcDsaSecp256r1 = @"TSKAlgorithmEcDsaSecp256r1"; 37 | const TSKSupportedAlgorithm kTSKAlgorithmEcDsaSecp384r1 = @"TSKAlgorithmEcDsaSecp384r1"; 38 | -------------------------------------------------------------------------------- /TrustKit/TrustKit-Bridging-Header.h: -------------------------------------------------------------------------------- 1 | // 2 | // Use this file to import your target's public headers that you would like to expose to Swift. 3 | // 4 | 5 | -------------------------------------------------------------------------------- /TrustKit/configuration_utils.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | configuration_utils.h 4 | TrustKit 5 | 6 | Copyright 2017 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "TSKPinningValidatorCallback.h" 13 | 14 | #if __has_feature(modules) 15 | @import Foundation; 16 | #else 17 | #import 18 | #endif 19 | 20 | // Figure out if a specific domain is pinned and retrieve this domain's configuration key; returns nil if no configuration was found 21 | NSString * _Nullable getPinningConfigurationKeyForDomain(NSString * _Nonnull hostname , NSDictionary * _Nonnull domainPinningPolicies); 22 | 23 | // Create an ephemeral NSURLSessionConfiguration, with best practices defaults 24 | // for the current platform 25 | NSURLSessionConfiguration * _Nonnull ephemeralNSURLSessionConfiguration(void); 26 | -------------------------------------------------------------------------------- /TrustKit/parse_configuration.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | parse_configuration.h 4 | TrustKit 5 | 6 | Copyright 2016 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #ifndef parse_configuration_h 13 | #define parse_configuration_h 14 | 15 | #if __has_feature(modules) 16 | @import Foundation; 17 | #else 18 | #import 19 | #endif 20 | 21 | NSDictionary *parseTrustKitConfiguration(NSDictionary *trustKitArguments); 22 | 23 | #endif /* parse_configuration_h */ 24 | -------------------------------------------------------------------------------- /TrustKit/public/TSKPinningValidatorCallback.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKPinningValidatorCallback.h 4 | TrustKit 5 | 6 | Copyright 2017 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #ifndef TSKPinningValidatorCallback_h 13 | #define TSKPinningValidatorCallback_h 14 | 15 | #import "TSKPinningValidatorResult.h" 16 | #import "TSKTrustKitConfig.h" 17 | 18 | /** 19 | The pinning policy set for a specific hostname. 20 | */ 21 | typedef NSDictionary TKSDomainPinningPolicy; 22 | 23 | 24 | /** 25 | A block that can be set in a `TrustKit` instance to be invoked for every request that is going through 26 | instance's pinning validation logic. 27 | 28 | The callback will be invoked every time the validator performs pinning validation against a server's 29 | certificate chain; if the server's hostname is not defined in the pinning policy, no invocations will 30 | result as no pinning validation was performed. 31 | 32 | The callback provides the following arguments: 33 | 34 | * The `TSKPinningValidatorResult` resulting from the validation of the server's identity. 35 | * The `notedHostname`, which is the entry within the SSL pinning configuration that was used for the 36 | server being validated. 37 | * The `notedHostname`'s pinning policy, which was used for the server being validated. 38 | 39 | The callback can be used for advanced features such as performance measurement or customizing the 40 | reporting mechanism. Hence, most Apps should not have to use this callback. If set, the callback may 41 | be invoked very frequently and is not a suitable place for expensive tasks. 42 | 43 | Lastly, the callback is always invoked after the validation has been completed, and therefore 44 | cannot be used to modify the result of the validation (for example to accept invalid certificates). 45 | */ 46 | typedef void (^TSKPinningValidatorCallback)(TSKPinningValidatorResult * _Nonnull result, NSString * _Nonnull notedHostname, TKSDomainPinningPolicy * _Nonnull policy); 47 | 48 | 49 | 50 | #endif /* TSKPinningValidatorCallback_h */ 51 | -------------------------------------------------------------------------------- /TrustKit/public/TSKPinningValidatorResult.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKPinningValidator.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "TSKTrustDecision.h" 13 | 14 | #if __has_feature(modules) 15 | @import Foundation; 16 | #else 17 | #import 18 | #endif 19 | 20 | /** 21 | A `TSKPinningValidatorResult` instance contains all the details regarding a pinning validation 22 | performed against a specific server. 23 | */ 24 | @interface TSKPinningValidatorResult : NSObject 25 | 26 | /** 27 | The hostname of the server SSL pinning validation was performed against. 28 | */ 29 | @property (nonatomic, readonly, nonnull) NSString *serverHostname; 30 | 31 | /** 32 | The result of validating the server's certificate chain against the set of SSL pins configured for 33 | the `notedHostname`. 34 | */ 35 | @property (nonatomic, readonly) TSKTrustEvaluationResult evaluationResult; 36 | 37 | /** 38 | The trust decision returned for this connection, which describes whether the connection should be blocked 39 | or allowed, based on the `evaluationResult` returned when evaluating the `serverTrust` and the SSL pining 40 | policy configured for this server. 41 | 42 | For example, the pinning validation could have failed (ie. evaluationResult being 43 | `TSKTrustEvaluationFailedNoMatchingPin`) but the policy might be set to ignore pinning validation failures 44 | for this server, thereby returning `TSKTrustDecisionShouldAllowConnection`. 45 | */ 46 | @property (nonatomic, readonly) TSKTrustDecision finalTrustDecision; 47 | 48 | /** 49 | The time it took for the SSL pinning validation to be performed. 50 | */ 51 | @property (nonatomic, readonly) NSTimeInterval validationDuration; 52 | 53 | /** 54 | The certificate chain sent by the server when establishing the connection as PEM-formatted certificates. 55 | */ 56 | @property (nonatomic, readonly, nonnull) NSArray *certificateChain; 57 | 58 | @end 59 | -------------------------------------------------------------------------------- /TrustKit/public/TSKTrustDecision.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKTrustDecision.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #if __has_feature(modules) 13 | @import Foundation; 14 | #else 15 | #import 16 | #endif 17 | 18 | /** 19 | Possible return values when verifying a server's identity against a set of pins. 20 | */ 21 | typedef NS_ENUM(NSInteger, TSKTrustEvaluationResult) 22 | { 23 | /** 24 | The server trust was succesfully evaluated and contained at least one of the configured pins. 25 | */ 26 | TSKTrustEvaluationSuccess, 27 | 28 | /** 29 | The server trust was succesfully evaluated but did not contain any of the configured pins. 30 | */ 31 | TSKTrustEvaluationFailedNoMatchingPin, 32 | 33 | /** 34 | The server trust's evaluation failed: the server's certificate chain is not trusted. 35 | */ 36 | TSKTrustEvaluationFailedInvalidCertificateChain, 37 | 38 | /** 39 | The server trust could not be evaluated due to invalid parameters. 40 | */ 41 | TSKTrustEvaluationErrorInvalidParameters, 42 | 43 | /** 44 | The server trust was succesfully evaluated but did not contain any of the configured pins. However, the certificate chain terminates at a user-defined trust anchor (ie. a custom/private CA that was manually added to the macOS trust store). Only available on macOS. 45 | */ 46 | TSKTrustEvaluationFailedUserDefinedTrustAnchor NS_AVAILABLE_MAC(10_9), 47 | 48 | /** 49 | The server trust could not be evaluated due to an error when trying to generate the certificate's subject public key info hash. On iOS 9 or below, this could be caused by a Keychain failure when trying to extract the certificate's public key bytes. 50 | */ 51 | TSKTrustEvaluationErrorCouldNotGenerateSpkiHash, 52 | }; 53 | 54 | /** 55 | Possible return values when verifying a server's identity against an SSL pinning policy. 56 | */ 57 | typedef NS_ENUM(NSInteger, TSKTrustDecision) 58 | { 59 | /** 60 | Based on the server's certificate chain and the configured pinning policy for this domain, the SSL connection should be allowed. 61 | This return value does not necessarily mean that the pinning validation succeded (for example if `kTSKEnforcePinning` was set to `NO` for this domain). If a pinning validation failure occured and if a report URI was configured, a pin failure report was sent. 62 | */ 63 | TSKTrustDecisionShouldAllowConnection, 64 | 65 | /** 66 | Based on the server's certificate chain and the configured pinning policy for this domain, the SSL connection should be blocked. 67 | A pinning validation failure occured and if a report URI was configured, a pin failure report was sent. 68 | */ 69 | TSKTrustDecisionShouldBlockConnection, 70 | 71 | /** 72 | No pinning policy was configured for this domain and TrustKit did not validate the server's identity. 73 | Because this will happen in an authentication handler, it means that the server's _serverTrust_ object __needs__ to be verified against the device's trust store using `SecTrustEvaluate()`. Failing to do so will __disable SSL certificate validation__. 74 | */ 75 | TSKTrustDecisionDomainNotPinned, 76 | }; 77 | -------------------------------------------------------------------------------- /TrustKitDemo/Podfile: -------------------------------------------------------------------------------- 1 | # Uncomment the next line to define a global platform for your project 2 | platform :ios, '14.0' 3 | 4 | target 'TrustKitDemo-ObjC' do 5 | # Uncomment the next line if you're using Swift or would like to use dynamic frameworks 6 | # use_frameworks! 7 | 8 | # Pods for TrustKitDemo 9 | pod 'TrustKit', :path => '../' 10 | 11 | end 12 | 13 | 14 | target 'TrustKitDemo-Swift' do 15 | # Uncomment the next line if you're using Swift or would like to use dynamic frameworks 16 | use_frameworks! 17 | 18 | # Pods for TrustKitDemo 19 | pod 'TrustKit', :path => '../' 20 | 21 | end 22 | -------------------------------------------------------------------------------- /TrustKitDemo/Podfile.lock: -------------------------------------------------------------------------------- 1 | PODS: 2 | - TrustKit (3.0.0) 3 | 4 | DEPENDENCIES: 5 | - TrustKit (from `../`) 6 | 7 | EXTERNAL SOURCES: 8 | TrustKit: 9 | :path: "../" 10 | 11 | SPEC CHECKSUMS: 12 | TrustKit: fc7f4720360f26550b77e9c6528ee8e966cf30bf 13 | 14 | PODFILE CHECKSUM: 89182e75d6c55fb4fa9b097fad3dc89b9092ffd4 15 | 16 | COCOAPODS: 1.11.3 17 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/RSSwizzle.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Dependencies/RSSwizzle/RSSwizzle.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKBackgroundReporter.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Reporting/TSKBackgroundReporter.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKLog.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/TSKLog.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKNSURLConnectionDelegateProxy.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Swizzling/TSKNSURLConnectionDelegateProxy.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKNSURLSessionDelegateProxy.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Swizzling/TSKNSURLSessionDelegateProxy.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKPinFailureReport.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Reporting/TSKPinFailureReport.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKPinningValidator.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TSKPinningValidator.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKPinningValidatorCallback.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TSKPinningValidatorCallback.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKPinningValidatorResult.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TSKPinningValidatorResult.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKPinningValidator_Private.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/TSKPinningValidator_Private.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKPublicKeyAlgorithm.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Pinning/TSKPublicKeyAlgorithm.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKReportsRateLimiter.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Reporting/TSKReportsRateLimiter.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKSPKIHashCache.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Pinning/TSKSPKIHashCache.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKTrustDecision.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TSKTrustDecision.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TSKTrustKitConfig.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TSKTrustKitConfig.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TrustKit-Bridging-Header.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/TrustKit-Bridging-Header.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/TrustKit.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TrustKit.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/configuration_utils.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/configuration_utils.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/domain_registry.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Dependencies/domain_registry/domain_registry.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/parse_configuration.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/parse_configuration.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/pinning_utils.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Pinning/pinning_utils.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/registry_tables.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Dependencies/domain_registry/registry_tables_genfiles/registry_tables.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/registry_types.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Dependencies/domain_registry/private/registry_types.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/reporting_utils.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Reporting/reporting_utils.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/ssl_pin_verifier.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Pinning/ssl_pin_verifier.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/string_util.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Dependencies/domain_registry/private/string_util.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/trie_node.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Dependencies/domain_registry/private/trie_node.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/trie_search.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Dependencies/domain_registry/private/trie_search.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/tsk_assert.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Dependencies/domain_registry/private/tsk_assert.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Private/TrustKit/vendor_identifier.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/Reporting/vendor_identifier.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Public/TrustKit/TSKPinningValidator.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TSKPinningValidator.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Public/TrustKit/TSKPinningValidatorCallback.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TSKPinningValidatorCallback.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Public/TrustKit/TSKPinningValidatorResult.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TSKPinningValidatorResult.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Public/TrustKit/TSKTrustDecision.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TSKTrustDecision.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Public/TrustKit/TSKTrustKitConfig.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TSKTrustKitConfig.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Public/TrustKit/TrustKit-library-umbrella.h: -------------------------------------------------------------------------------- 1 | ../../../Target Support Files/TrustKit-library/TrustKit-library-umbrella.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Public/TrustKit/TrustKit-library.modulemap: -------------------------------------------------------------------------------- 1 | ../../../Target Support Files/TrustKit-library/TrustKit-library.modulemap -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Headers/Public/TrustKit/TrustKit.h: -------------------------------------------------------------------------------- 1 | ../../../../../TrustKit/public/TrustKit.h -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Local Podspecs/TrustKit.podspec.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "TrustKit", 3 | "version": "3.0.0", 4 | "summary": "TrustKit is an open source framework that makes it easy to deploy SSL pinning in any iOS, macOS, tvOS or watchOS App.", 5 | "homepage": "https://datatheorem.github.io/TrustKit", 6 | "documentation_url": "https://datatheorem.github.io/TrustKit/documentation/", 7 | "license": { 8 | "type": "MIT", 9 | "file": "LICENSE" 10 | }, 11 | "authors": [ 12 | "Alban Diquet", 13 | "Angela Chow", 14 | "Eric Castro" 15 | ], 16 | "source": { 17 | "git": "https://github.com/datatheorem/TrustKit.git", 18 | "tag": "3.0.0" 19 | }, 20 | "platforms": { 21 | "ios": "14.0", 22 | "osx": "11.0", 23 | "tvos": "14.0", 24 | "watchos": "7.0" 25 | }, 26 | "pod_target_xcconfig": { 27 | "DEFINES_MODULE": "YES" 28 | }, 29 | "source_files": [ 30 | "TrustKit", 31 | "TrustKit/**/*.{h,m,c}" 32 | ], 33 | "public_header_files": [ 34 | "TrustKit/public/TrustKit.h", 35 | "TrustKit/public/TSKTrustKitConfig.h", 36 | "TrustKit/public/TSKPinningValidator.h", 37 | "TrustKit/public/TSKPinningValidatorCallback.h", 38 | "TrustKit/public/TSKPinningValidatorResult.h", 39 | "TrustKit/public/TSKTrustDecision.h" 40 | ], 41 | "frameworks": [ 42 | "Foundation", 43 | "Security" 44 | ], 45 | "requires_arc": true 46 | } 47 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Manifest.lock: -------------------------------------------------------------------------------- 1 | PODS: 2 | - TrustKit (3.0.0) 3 | 4 | DEPENDENCIES: 5 | - TrustKit (from `../`) 6 | 7 | EXTERNAL SOURCES: 8 | TrustKit: 9 | :path: "../" 10 | 11 | SPEC CHECKSUMS: 12 | TrustKit: fc7f4720360f26550b77e9c6528ee8e966cf30bf 13 | 14 | PODFILE CHECKSUM: 89182e75d6c55fb4fa9b097fad3dc89b9092ffd4 15 | 16 | COCOAPODS: 1.11.3 17 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-ObjC/Pods-TrustKitDemo-ObjC-acknowledgements.markdown: -------------------------------------------------------------------------------- 1 | # Acknowledgements 2 | This application makes use of the following third party libraries: 3 | 4 | ## TrustKit 5 | 6 | The MIT License (MIT) 7 | 8 | Copyright (c) 2015 Data Theorem, Inc. 9 | 10 | Permission is hereby granted, free of charge, to any person obtaining a copy 11 | of this software and associated documentation files (the "Software"), to deal 12 | in the Software without restriction, including without limitation the rights 13 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 14 | copies of the Software, and to permit persons to whom the Software is 15 | furnished to do so, subject to the following conditions: 16 | 17 | The above copyright notice and this permission notice shall be included in 18 | all copies or substantial portions of the Software. 19 | 20 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 21 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 22 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 23 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 24 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 25 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 26 | THE SOFTWARE. 27 | 28 | Generated by CocoaPods - https://cocoapods.org 29 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-ObjC/Pods-TrustKitDemo-ObjC-acknowledgements.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | PreferenceSpecifiers 6 | 7 | 8 | FooterText 9 | This application makes use of the following third party libraries: 10 | Title 11 | Acknowledgements 12 | Type 13 | PSGroupSpecifier 14 | 15 | 16 | FooterText 17 | The MIT License (MIT) 18 | 19 | Copyright (c) 2015 Data Theorem, Inc. 20 | 21 | Permission is hereby granted, free of charge, to any person obtaining a copy 22 | of this software and associated documentation files (the "Software"), to deal 23 | in the Software without restriction, including without limitation the rights 24 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 25 | copies of the Software, and to permit persons to whom the Software is 26 | furnished to do so, subject to the following conditions: 27 | 28 | The above copyright notice and this permission notice shall be included in 29 | all copies or substantial portions of the Software. 30 | 31 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 32 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 33 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 34 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 35 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 36 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 37 | THE SOFTWARE. 38 | 39 | License 40 | MIT 41 | Title 42 | TrustKit 43 | Type 44 | PSGroupSpecifier 45 | 46 | 47 | FooterText 48 | Generated by CocoaPods - https://cocoapods.org 49 | Title 50 | 51 | Type 52 | PSGroupSpecifier 53 | 54 | 55 | StringsTable 56 | Acknowledgements 57 | Title 58 | Acknowledgements 59 | 60 | 61 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-ObjC/Pods-TrustKitDemo-ObjC-dummy.m: -------------------------------------------------------------------------------- 1 | #import 2 | @interface PodsDummy_Pods_TrustKitDemo_ObjC : NSObject 3 | @end 4 | @implementation PodsDummy_Pods_TrustKitDemo_ObjC 5 | @end 6 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-ObjC/Pods-TrustKitDemo-ObjC.debug.xcconfig: -------------------------------------------------------------------------------- 1 | CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = NO 2 | GCC_PREPROCESSOR_DEFINITIONS = $(inherited) COCOAPODS=1 3 | HEADER_SEARCH_PATHS = $(inherited) "${PODS_ROOT}/Headers/Public" "${PODS_ROOT}/Headers/Public/TrustKit" 4 | LIBRARY_SEARCH_PATHS = $(inherited) "${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-library" 5 | OTHER_CFLAGS = $(inherited) -fmodule-map-file="${PODS_ROOT}/Headers/Public/TrustKit/TrustKit-library.modulemap" 6 | OTHER_LDFLAGS = $(inherited) -ObjC -l"TrustKit-library" -framework "Foundation" -framework "Security" 7 | OTHER_SWIFT_FLAGS = $(inherited) -D COCOAPODS -Xcc -fmodule-map-file="${PODS_ROOT}/Headers/Public/TrustKit/TrustKit-library.modulemap" 8 | PODS_BUILD_DIR = ${BUILD_DIR} 9 | PODS_CONFIGURATION_BUILD_DIR = ${PODS_BUILD_DIR}/$(CONFIGURATION)$(EFFECTIVE_PLATFORM_NAME) 10 | PODS_PODFILE_DIR_PATH = ${SRCROOT}/. 11 | PODS_ROOT = ${SRCROOT}/Pods 12 | PODS_XCFRAMEWORKS_BUILD_DIR = $(PODS_CONFIGURATION_BUILD_DIR)/XCFrameworkIntermediates 13 | USE_RECURSIVE_SCRIPT_INPUTS_IN_SCRIPT_PHASES = YES 14 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-ObjC/Pods-TrustKitDemo-ObjC.release.xcconfig: -------------------------------------------------------------------------------- 1 | CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = NO 2 | GCC_PREPROCESSOR_DEFINITIONS = $(inherited) COCOAPODS=1 3 | HEADER_SEARCH_PATHS = $(inherited) "${PODS_ROOT}/Headers/Public" "${PODS_ROOT}/Headers/Public/TrustKit" 4 | LIBRARY_SEARCH_PATHS = $(inherited) "${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-library" 5 | OTHER_CFLAGS = $(inherited) -fmodule-map-file="${PODS_ROOT}/Headers/Public/TrustKit/TrustKit-library.modulemap" 6 | OTHER_LDFLAGS = $(inherited) -ObjC -l"TrustKit-library" -framework "Foundation" -framework "Security" 7 | OTHER_SWIFT_FLAGS = $(inherited) -D COCOAPODS -Xcc -fmodule-map-file="${PODS_ROOT}/Headers/Public/TrustKit/TrustKit-library.modulemap" 8 | PODS_BUILD_DIR = ${BUILD_DIR} 9 | PODS_CONFIGURATION_BUILD_DIR = ${PODS_BUILD_DIR}/$(CONFIGURATION)$(EFFECTIVE_PLATFORM_NAME) 10 | PODS_PODFILE_DIR_PATH = ${SRCROOT}/. 11 | PODS_ROOT = ${SRCROOT}/Pods 12 | PODS_XCFRAMEWORKS_BUILD_DIR = $(PODS_CONFIGURATION_BUILD_DIR)/XCFrameworkIntermediates 13 | USE_RECURSIVE_SCRIPT_INPUTS_IN_SCRIPT_PHASES = YES 14 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-Swift/Pods-TrustKitDemo-Swift-Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleDevelopmentRegion 6 | en 7 | CFBundleExecutable 8 | ${EXECUTABLE_NAME} 9 | CFBundleIdentifier 10 | ${PRODUCT_BUNDLE_IDENTIFIER} 11 | CFBundleInfoDictionaryVersion 12 | 6.0 13 | CFBundleName 14 | ${PRODUCT_NAME} 15 | CFBundlePackageType 16 | FMWK 17 | CFBundleShortVersionString 18 | 1.0.0 19 | CFBundleSignature 20 | ???? 21 | CFBundleVersion 22 | ${CURRENT_PROJECT_VERSION} 23 | NSPrincipalClass 24 | 25 | 26 | 27 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-Swift/Pods-TrustKitDemo-Swift-acknowledgements.markdown: -------------------------------------------------------------------------------- 1 | # Acknowledgements 2 | This application makes use of the following third party libraries: 3 | 4 | ## TrustKit 5 | 6 | The MIT License (MIT) 7 | 8 | Copyright (c) 2015 Data Theorem, Inc. 9 | 10 | Permission is hereby granted, free of charge, to any person obtaining a copy 11 | of this software and associated documentation files (the "Software"), to deal 12 | in the Software without restriction, including without limitation the rights 13 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 14 | copies of the Software, and to permit persons to whom the Software is 15 | furnished to do so, subject to the following conditions: 16 | 17 | The above copyright notice and this permission notice shall be included in 18 | all copies or substantial portions of the Software. 19 | 20 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 21 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 22 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 23 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 24 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 25 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 26 | THE SOFTWARE. 27 | 28 | Generated by CocoaPods - https://cocoapods.org 29 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-Swift/Pods-TrustKitDemo-Swift-acknowledgements.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | PreferenceSpecifiers 6 | 7 | 8 | FooterText 9 | This application makes use of the following third party libraries: 10 | Title 11 | Acknowledgements 12 | Type 13 | PSGroupSpecifier 14 | 15 | 16 | FooterText 17 | The MIT License (MIT) 18 | 19 | Copyright (c) 2015 Data Theorem, Inc. 20 | 21 | Permission is hereby granted, free of charge, to any person obtaining a copy 22 | of this software and associated documentation files (the "Software"), to deal 23 | in the Software without restriction, including without limitation the rights 24 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 25 | copies of the Software, and to permit persons to whom the Software is 26 | furnished to do so, subject to the following conditions: 27 | 28 | The above copyright notice and this permission notice shall be included in 29 | all copies or substantial portions of the Software. 30 | 31 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 32 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 33 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 34 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 35 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 36 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 37 | THE SOFTWARE. 38 | 39 | License 40 | MIT 41 | Title 42 | TrustKit 43 | Type 44 | PSGroupSpecifier 45 | 46 | 47 | FooterText 48 | Generated by CocoaPods - https://cocoapods.org 49 | Title 50 | 51 | Type 52 | PSGroupSpecifier 53 | 54 | 55 | StringsTable 56 | Acknowledgements 57 | Title 58 | Acknowledgements 59 | 60 | 61 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-Swift/Pods-TrustKitDemo-Swift-dummy.m: -------------------------------------------------------------------------------- 1 | #import 2 | @interface PodsDummy_Pods_TrustKitDemo_Swift : NSObject 3 | @end 4 | @implementation PodsDummy_Pods_TrustKitDemo_Swift 5 | @end 6 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-Swift/Pods-TrustKitDemo-Swift-umbrella.h: -------------------------------------------------------------------------------- 1 | #ifdef __OBJC__ 2 | #import 3 | #else 4 | #ifndef FOUNDATION_EXPORT 5 | #if defined(__cplusplus) 6 | #define FOUNDATION_EXPORT extern "C" 7 | #else 8 | #define FOUNDATION_EXPORT extern 9 | #endif 10 | #endif 11 | #endif 12 | 13 | 14 | FOUNDATION_EXPORT double Pods_TrustKitDemo_SwiftVersionNumber; 15 | FOUNDATION_EXPORT const unsigned char Pods_TrustKitDemo_SwiftVersionString[]; 16 | 17 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-Swift/Pods-TrustKitDemo-Swift.debug.xcconfig: -------------------------------------------------------------------------------- 1 | CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = NO 2 | FRAMEWORK_SEARCH_PATHS = $(inherited) "${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-framework" 3 | GCC_PREPROCESSOR_DEFINITIONS = $(inherited) COCOAPODS=1 4 | HEADER_SEARCH_PATHS = $(inherited) "${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-framework/TrustKit.framework/Headers" 5 | LD_RUNPATH_SEARCH_PATHS = $(inherited) '@executable_path/Frameworks' '@loader_path/Frameworks' 6 | OTHER_LDFLAGS = $(inherited) -framework "Foundation" -framework "Security" -framework "TrustKit" 7 | PODS_BUILD_DIR = ${BUILD_DIR} 8 | PODS_CONFIGURATION_BUILD_DIR = ${PODS_BUILD_DIR}/$(CONFIGURATION)$(EFFECTIVE_PLATFORM_NAME) 9 | PODS_PODFILE_DIR_PATH = ${SRCROOT}/. 10 | PODS_ROOT = ${SRCROOT}/Pods 11 | PODS_XCFRAMEWORKS_BUILD_DIR = $(PODS_CONFIGURATION_BUILD_DIR)/XCFrameworkIntermediates 12 | USE_RECURSIVE_SCRIPT_INPUTS_IN_SCRIPT_PHASES = YES 13 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-Swift/Pods-TrustKitDemo-Swift.modulemap: -------------------------------------------------------------------------------- 1 | framework module Pods_TrustKitDemo_Swift { 2 | umbrella header "Pods-TrustKitDemo-Swift-umbrella.h" 3 | 4 | export * 5 | module * { export * } 6 | } 7 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/Pods-TrustKitDemo-Swift/Pods-TrustKitDemo-Swift.release.xcconfig: -------------------------------------------------------------------------------- 1 | CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = NO 2 | FRAMEWORK_SEARCH_PATHS = $(inherited) "${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-framework" 3 | GCC_PREPROCESSOR_DEFINITIONS = $(inherited) COCOAPODS=1 4 | HEADER_SEARCH_PATHS = $(inherited) "${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-framework/TrustKit.framework/Headers" 5 | LD_RUNPATH_SEARCH_PATHS = $(inherited) '@executable_path/Frameworks' '@loader_path/Frameworks' 6 | OTHER_LDFLAGS = $(inherited) -framework "Foundation" -framework "Security" -framework "TrustKit" 7 | PODS_BUILD_DIR = ${BUILD_DIR} 8 | PODS_CONFIGURATION_BUILD_DIR = ${PODS_BUILD_DIR}/$(CONFIGURATION)$(EFFECTIVE_PLATFORM_NAME) 9 | PODS_PODFILE_DIR_PATH = ${SRCROOT}/. 10 | PODS_ROOT = ${SRCROOT}/Pods 11 | PODS_XCFRAMEWORKS_BUILD_DIR = $(PODS_CONFIGURATION_BUILD_DIR)/XCFrameworkIntermediates 12 | USE_RECURSIVE_SCRIPT_INPUTS_IN_SCRIPT_PHASES = YES 13 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-framework/TrustKit-framework-Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleDevelopmentRegion 6 | en 7 | CFBundleExecutable 8 | ${EXECUTABLE_NAME} 9 | CFBundleIdentifier 10 | ${PRODUCT_BUNDLE_IDENTIFIER} 11 | CFBundleInfoDictionaryVersion 12 | 6.0 13 | CFBundleName 14 | ${PRODUCT_NAME} 15 | CFBundlePackageType 16 | FMWK 17 | CFBundleShortVersionString 18 | 3.0.0 19 | CFBundleSignature 20 | ???? 21 | CFBundleVersion 22 | ${CURRENT_PROJECT_VERSION} 23 | NSPrincipalClass 24 | 25 | 26 | 27 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-framework/TrustKit-framework-dummy.m: -------------------------------------------------------------------------------- 1 | #import 2 | @interface PodsDummy_TrustKit_framework : NSObject 3 | @end 4 | @implementation PodsDummy_TrustKit_framework 5 | @end 6 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-framework/TrustKit-framework-prefix.pch: -------------------------------------------------------------------------------- 1 | #ifdef __OBJC__ 2 | #import 3 | #else 4 | #ifndef FOUNDATION_EXPORT 5 | #if defined(__cplusplus) 6 | #define FOUNDATION_EXPORT extern "C" 7 | #else 8 | #define FOUNDATION_EXPORT extern 9 | #endif 10 | #endif 11 | #endif 12 | 13 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-framework/TrustKit-framework-umbrella.h: -------------------------------------------------------------------------------- 1 | #ifdef __OBJC__ 2 | #import 3 | #else 4 | #ifndef FOUNDATION_EXPORT 5 | #if defined(__cplusplus) 6 | #define FOUNDATION_EXPORT extern "C" 7 | #else 8 | #define FOUNDATION_EXPORT extern 9 | #endif 10 | #endif 11 | #endif 12 | 13 | #import "TrustKit.h" 14 | #import "TSKTrustKitConfig.h" 15 | #import "TSKPinningValidator.h" 16 | #import "TSKPinningValidatorCallback.h" 17 | #import "TSKPinningValidatorResult.h" 18 | #import "TSKTrustDecision.h" 19 | 20 | FOUNDATION_EXPORT double TrustKitVersionNumber; 21 | FOUNDATION_EXPORT const unsigned char TrustKitVersionString[]; 22 | 23 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-framework/TrustKit-framework.debug.xcconfig: -------------------------------------------------------------------------------- 1 | CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = NO 2 | CONFIGURATION_BUILD_DIR = ${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-framework 3 | DEFINES_MODULE = YES 4 | GCC_PREPROCESSOR_DEFINITIONS = $(inherited) COCOAPODS=1 5 | HEADER_SEARCH_PATHS = $(inherited) "${PODS_ROOT}/Headers/Public" 6 | OTHER_LDFLAGS = $(inherited) -framework "Foundation" -framework "Security" 7 | PODS_BUILD_DIR = ${BUILD_DIR} 8 | PODS_CONFIGURATION_BUILD_DIR = ${PODS_BUILD_DIR}/$(CONFIGURATION)$(EFFECTIVE_PLATFORM_NAME) 9 | PODS_ROOT = ${SRCROOT} 10 | PODS_TARGET_SRCROOT = ${PODS_ROOT}/../.. 11 | PODS_XCFRAMEWORKS_BUILD_DIR = $(PODS_CONFIGURATION_BUILD_DIR)/XCFrameworkIntermediates 12 | PRODUCT_BUNDLE_IDENTIFIER = org.cocoapods.${PRODUCT_NAME:rfc1034identifier} 13 | SKIP_INSTALL = YES 14 | USE_RECURSIVE_SCRIPT_INPUTS_IN_SCRIPT_PHASES = YES 15 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-framework/TrustKit-framework.modulemap: -------------------------------------------------------------------------------- 1 | framework module TrustKit { 2 | umbrella header "TrustKit-framework-umbrella.h" 3 | 4 | export * 5 | module * { export * } 6 | } 7 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-framework/TrustKit-framework.release.xcconfig: -------------------------------------------------------------------------------- 1 | CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = NO 2 | CONFIGURATION_BUILD_DIR = ${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-framework 3 | DEFINES_MODULE = YES 4 | GCC_PREPROCESSOR_DEFINITIONS = $(inherited) COCOAPODS=1 5 | HEADER_SEARCH_PATHS = $(inherited) "${PODS_ROOT}/Headers/Public" 6 | OTHER_LDFLAGS = $(inherited) -framework "Foundation" -framework "Security" 7 | PODS_BUILD_DIR = ${BUILD_DIR} 8 | PODS_CONFIGURATION_BUILD_DIR = ${PODS_BUILD_DIR}/$(CONFIGURATION)$(EFFECTIVE_PLATFORM_NAME) 9 | PODS_ROOT = ${SRCROOT} 10 | PODS_TARGET_SRCROOT = ${PODS_ROOT}/../.. 11 | PODS_XCFRAMEWORKS_BUILD_DIR = $(PODS_CONFIGURATION_BUILD_DIR)/XCFrameworkIntermediates 12 | PRODUCT_BUNDLE_IDENTIFIER = org.cocoapods.${PRODUCT_NAME:rfc1034identifier} 13 | SKIP_INSTALL = YES 14 | USE_RECURSIVE_SCRIPT_INPUTS_IN_SCRIPT_PHASES = YES 15 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-framework/TrustKit-framework.xcconfig: -------------------------------------------------------------------------------- 1 | CONFIGURATION_BUILD_DIR = ${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-framework 2 | DEFINES_MODULE = YES 3 | GCC_PREPROCESSOR_DEFINITIONS = $(inherited) COCOAPODS=1 4 | HEADER_SEARCH_PATHS = $(inherited) "${PODS_ROOT}/Headers/Public" 5 | OTHER_LDFLAGS = $(inherited) -framework "Foundation" -framework "Security" 6 | PODS_BUILD_DIR = ${BUILD_DIR} 7 | PODS_CONFIGURATION_BUILD_DIR = ${PODS_BUILD_DIR}/$(CONFIGURATION)$(EFFECTIVE_PLATFORM_NAME) 8 | PODS_ROOT = ${SRCROOT} 9 | PODS_TARGET_SRCROOT = ${PODS_ROOT}/../.. 10 | PRODUCT_BUNDLE_IDENTIFIER = org.cocoapods.${PRODUCT_NAME:rfc1034identifier} 11 | SKIP_INSTALL = YES 12 | USE_RECURSIVE_SCRIPT_INPUTS_IN_SCRIPT_PHASES = YES 13 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-library/TrustKit-library-dummy.m: -------------------------------------------------------------------------------- 1 | #import 2 | @interface PodsDummy_TrustKit_library : NSObject 3 | @end 4 | @implementation PodsDummy_TrustKit_library 5 | @end 6 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-library/TrustKit-library-prefix.pch: -------------------------------------------------------------------------------- 1 | #ifdef __OBJC__ 2 | #import 3 | #else 4 | #ifndef FOUNDATION_EXPORT 5 | #if defined(__cplusplus) 6 | #define FOUNDATION_EXPORT extern "C" 7 | #else 8 | #define FOUNDATION_EXPORT extern 9 | #endif 10 | #endif 11 | #endif 12 | 13 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-library/TrustKit-library-umbrella.h: -------------------------------------------------------------------------------- 1 | #ifdef __OBJC__ 2 | #import 3 | #else 4 | #ifndef FOUNDATION_EXPORT 5 | #if defined(__cplusplus) 6 | #define FOUNDATION_EXPORT extern "C" 7 | #else 8 | #define FOUNDATION_EXPORT extern 9 | #endif 10 | #endif 11 | #endif 12 | 13 | #import "TrustKit.h" 14 | #import "TSKTrustKitConfig.h" 15 | #import "TSKPinningValidator.h" 16 | #import "TSKPinningValidatorCallback.h" 17 | #import "TSKPinningValidatorResult.h" 18 | #import "TSKTrustDecision.h" 19 | 20 | FOUNDATION_EXPORT double TrustKitVersionNumber; 21 | FOUNDATION_EXPORT const unsigned char TrustKitVersionString[]; 22 | 23 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-library/TrustKit-library.debug.xcconfig: -------------------------------------------------------------------------------- 1 | CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = NO 2 | CONFIGURATION_BUILD_DIR = ${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-library 3 | DEFINES_MODULE = YES 4 | GCC_PREPROCESSOR_DEFINITIONS = $(inherited) COCOAPODS=1 5 | HEADER_SEARCH_PATHS = $(inherited) "${PODS_ROOT}/Headers/Private" "${PODS_ROOT}/Headers/Private/TrustKit" "${PODS_ROOT}/Headers/Public" 6 | PODS_BUILD_DIR = ${BUILD_DIR} 7 | PODS_CONFIGURATION_BUILD_DIR = ${PODS_BUILD_DIR}/$(CONFIGURATION)$(EFFECTIVE_PLATFORM_NAME) 8 | PODS_ROOT = ${SRCROOT} 9 | PODS_TARGET_SRCROOT = ${PODS_ROOT}/../.. 10 | PODS_XCFRAMEWORKS_BUILD_DIR = $(PODS_CONFIGURATION_BUILD_DIR)/XCFrameworkIntermediates 11 | PRODUCT_BUNDLE_IDENTIFIER = org.cocoapods.${PRODUCT_NAME:rfc1034identifier} 12 | SKIP_INSTALL = YES 13 | USE_RECURSIVE_SCRIPT_INPUTS_IN_SCRIPT_PHASES = YES 14 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-library/TrustKit-library.modulemap: -------------------------------------------------------------------------------- 1 | module TrustKit { 2 | umbrella header "TrustKit-library-umbrella.h" 3 | 4 | export * 5 | module * { export * } 6 | } 7 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-library/TrustKit-library.release.xcconfig: -------------------------------------------------------------------------------- 1 | CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = NO 2 | CONFIGURATION_BUILD_DIR = ${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-library 3 | DEFINES_MODULE = YES 4 | GCC_PREPROCESSOR_DEFINITIONS = $(inherited) COCOAPODS=1 5 | HEADER_SEARCH_PATHS = $(inherited) "${PODS_ROOT}/Headers/Private" "${PODS_ROOT}/Headers/Private/TrustKit" "${PODS_ROOT}/Headers/Public" 6 | PODS_BUILD_DIR = ${BUILD_DIR} 7 | PODS_CONFIGURATION_BUILD_DIR = ${PODS_BUILD_DIR}/$(CONFIGURATION)$(EFFECTIVE_PLATFORM_NAME) 8 | PODS_ROOT = ${SRCROOT} 9 | PODS_TARGET_SRCROOT = ${PODS_ROOT}/../.. 10 | PODS_XCFRAMEWORKS_BUILD_DIR = $(PODS_CONFIGURATION_BUILD_DIR)/XCFrameworkIntermediates 11 | PRODUCT_BUNDLE_IDENTIFIER = org.cocoapods.${PRODUCT_NAME:rfc1034identifier} 12 | SKIP_INSTALL = YES 13 | USE_RECURSIVE_SCRIPT_INPUTS_IN_SCRIPT_PHASES = YES 14 | -------------------------------------------------------------------------------- /TrustKitDemo/Pods/Target Support Files/TrustKit-library/TrustKit-library.xcconfig: -------------------------------------------------------------------------------- 1 | CONFIGURATION_BUILD_DIR = ${PODS_CONFIGURATION_BUILD_DIR}/TrustKit-library 2 | DEFINES_MODULE = YES 3 | GCC_PREPROCESSOR_DEFINITIONS = $(inherited) COCOAPODS=1 4 | HEADER_SEARCH_PATHS = $(inherited) "${PODS_ROOT}/Headers/Private" "${PODS_ROOT}/Headers/Private/TrustKit" "${PODS_ROOT}/Headers/Public" 5 | PODS_BUILD_DIR = ${BUILD_DIR} 6 | PODS_CONFIGURATION_BUILD_DIR = ${PODS_BUILD_DIR}/$(CONFIGURATION)$(EFFECTIVE_PLATFORM_NAME) 7 | PODS_ROOT = ${SRCROOT} 8 | PODS_TARGET_SRCROOT = ${PODS_ROOT}/../.. 9 | PRODUCT_BUNDLE_IDENTIFIER = org.cocoapods.${PRODUCT_NAME:rfc1034identifier} 10 | SKIP_INSTALL = YES 11 | USE_RECURSIVE_SCRIPT_INPUTS_IN_SCRIPT_PHASES = YES 12 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-ObjC/AppDelegate.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | AppDelegate.h 4 | TrustKitDemo 5 | 6 | Copyright 2017 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import 13 | 14 | @interface AppDelegate : UIResponder 15 | 16 | @property (nonatomic) UIWindow *window; 17 | 18 | @property (nonatomic, readonly) NSDictionary *trustKitConfig; 19 | 20 | @end 21 | 22 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-ObjC/AppDelegate.m: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | AppDelegate.m 4 | TrustKitDemo 5 | 6 | Copyright 2017 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import "AppDelegate.h" 13 | #import 14 | #import 15 | #import 16 | 17 | @interface AppDelegate () 18 | 19 | @end 20 | 21 | @implementation AppDelegate 22 | 23 | 24 | - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions 25 | { 26 | // Override TrustKit's logger method 27 | void (^loggerBlock)(NSString *) = ^void(NSString *message) 28 | { 29 | NSLog(@"TrustKit log: %@", message); 30 | 31 | }; 32 | [TrustKit setLoggerBlock:loggerBlock]; 33 | 34 | // Initialize TrustKit 35 | _trustKitConfig = 36 | @{ 37 | // Do not auto-swizzle NSURLSession delegates 38 | kTSKSwizzleNetworkDelegates: @NO, 39 | 40 | kTSKPinnedDomains: @{ 41 | 42 | // Pin invalid SPKI hashes to *.yahoo.com to demonstrate pinning failures 43 | @"yahoo.com": @{ 44 | kTSKEnforcePinning: @YES, 45 | kTSKIncludeSubdomains: @YES, 46 | 47 | // Wrong SPKI hashes to demonstrate pinning failure 48 | kTSKPublicKeyHashes: @[ 49 | @"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=", 50 | @"BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB=" 51 | ], 52 | 53 | // Send reports for pinning failures 54 | // Email info@datatheorem.com if you need a free dashboard to see your App's reports 55 | kTSKReportUris: @[@"https://overmind.datatheorem.com/trustkit/report"] 56 | }, 57 | 58 | 59 | // Pin valid SPKI hashes to www.datatheorem.com to demonstrate success 60 | @"www.datatheorem.com" : @{ 61 | kTSKEnforcePinning:@YES, 62 | 63 | // Valid SPKI hashes to demonstrate success 64 | kTSKPublicKeyHashes : @[ 65 | @"hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", // GTS Root R1 66 | @"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=", // Fake key but 2 pins need to be provided 67 | ] 68 | }}}; 69 | 70 | [TrustKit initSharedInstanceWithConfiguration:_trustKitConfig]; 71 | 72 | // Demonstrate how to receive pin validation notifications (only useful for performance/metrics) 73 | [TrustKit sharedInstance].pinningValidatorCallbackQueue = dispatch_get_main_queue(); 74 | [TrustKit sharedInstance].pinningValidatorCallback = ^(TSKPinningValidatorResult *result, NSString *notedHostname, TKSDomainPinningPolicy *policy) { 75 | NSLog(@"Received pinning validation notification:\n\tDuration: %0.4f\n\tDecision: %ld\n\tResult: %ld\n\tHostname: %@", 76 | result.validationDuration, 77 | (long)result.finalTrustDecision, 78 | (long)result.evaluationResult, 79 | result.serverHostname); 80 | }; 81 | 82 | return YES; 83 | } 84 | 85 | @end 86 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-ObjC/Assets.xcassets/AppIcon.appiconset/Contents.json: -------------------------------------------------------------------------------- 1 | { 2 | "images" : [ 3 | { 4 | "idiom" : "iphone", 5 | "size" : "20x20", 6 | "scale" : "2x" 7 | }, 8 | { 9 | "idiom" : "iphone", 10 | "size" : "20x20", 11 | "scale" : "3x" 12 | }, 13 | { 14 | "idiom" : "iphone", 15 | "size" : "29x29", 16 | "scale" : "2x" 17 | }, 18 | { 19 | "idiom" : "iphone", 20 | "size" : "29x29", 21 | "scale" : "3x" 22 | }, 23 | { 24 | "idiom" : "iphone", 25 | "size" : "40x40", 26 | "scale" : "2x" 27 | }, 28 | { 29 | "idiom" : "iphone", 30 | "size" : "40x40", 31 | "scale" : "3x" 32 | }, 33 | { 34 | "idiom" : "iphone", 35 | "size" : "60x60", 36 | "scale" : "2x" 37 | }, 38 | { 39 | "idiom" : "iphone", 40 | "size" : "60x60", 41 | "scale" : "3x" 42 | }, 43 | { 44 | "idiom" : "ios-marketing", 45 | "size" : "1024x1024", 46 | "scale" : "1x" 47 | } 48 | ], 49 | "info" : { 50 | "version" : 1, 51 | "author" : "xcode" 52 | } 53 | } -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-ObjC/Base.lproj/LaunchScreen.storyboard: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-ObjC/Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleDevelopmentRegion 6 | en 7 | CFBundleExecutable 8 | $(EXECUTABLE_NAME) 9 | CFBundleIdentifier 10 | $(PRODUCT_BUNDLE_IDENTIFIER) 11 | CFBundleInfoDictionaryVersion 12 | 6.0 13 | CFBundleName 14 | $(PRODUCT_NAME) 15 | CFBundlePackageType 16 | APPL 17 | CFBundleShortVersionString 18 | 1.0 19 | CFBundleVersion 20 | 1 21 | LSRequiresIPhoneOS 22 | 23 | UILaunchStoryboardName 24 | LaunchScreen 25 | UIMainStoryboardFile 26 | Main 27 | UIRequiredDeviceCapabilities 28 | 29 | armv7 30 | 31 | UISupportedInterfaceOrientations 32 | 33 | UIInterfaceOrientationPortrait 34 | UIInterfaceOrientationLandscapeLeft 35 | UIInterfaceOrientationLandscapeRight 36 | 37 | 38 | 39 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-ObjC/ViewController.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | ViewController.h 4 | TrustKitDemo 5 | 6 | Copyright 2017 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import 13 | 14 | @interface ViewController : UIViewController 15 | 16 | @property (weak, nonatomic) IBOutlet UIButton *invalidPinBtn; 17 | @property (weak, nonatomic) IBOutlet UIButton *validPinBtn; 18 | @property (weak, nonatomic) IBOutlet UIActivityIndicatorView *activityIndicator; 19 | @property (weak, nonatomic) IBOutlet UIWebView *destinationWebView; 20 | 21 | @end 22 | 23 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-ObjC/main.m: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | main.m 4 | TrustKitDemo 5 | 6 | Copyright 2017 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #import 13 | #import "AppDelegate.h" 14 | 15 | int main(int argc, char * argv[]) { 16 | @autoreleasepool { 17 | return UIApplicationMain(argc, argv, nil, NSStringFromClass([AppDelegate class])); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-Swift/AppDelegate.swift: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | AppDelegate.swift 4 | TrustKitDemoInSwift 5 | 6 | Copyright 2017 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | import UIKit 13 | import TrustKit 14 | 15 | @UIApplicationMain 16 | class AppDelegate: UIResponder, UIApplicationDelegate { 17 | 18 | var window: UIWindow? 19 | 20 | func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?) -> Bool { 21 | 22 | TrustKit.setLoggerBlock { (message) in 23 | print("TrustKit log: \(message)") 24 | } 25 | 26 | let trustKitConfig: [String: Any] = [ 27 | kTSKSwizzleNetworkDelegates: false, 28 | kTSKPinnedDomains: [ 29 | "yahoo.com": [ 30 | kTSKEnforcePinning: true, 31 | kTSKIncludeSubdomains: true, 32 | 33 | // Invalid pins to demonstrate a pinning failure 34 | kTSKPublicKeyHashes: [ 35 | "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=", 36 | "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB=" 37 | ], 38 | kTSKReportUris:["https://overmind.datatheorem.com/trustkit/report"], 39 | ], 40 | "www.datatheorem.com": [ 41 | kTSKEnforcePinning: true, 42 | 43 | // Valid pin and backup pin 44 | kTSKPublicKeyHashes: [ 45 | "hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=", 46 | "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB=" 47 | ], 48 | kTSKReportUris:["https://overmind.datatheorem.com/trustkit/report"], 49 | ] 50 | ]] 51 | 52 | TrustKit.initSharedInstance(withConfiguration: trustKitConfig) 53 | 54 | return true 55 | } 56 | } 57 | 58 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-Swift/Assets.xcassets/AppIcon.appiconset/Contents.json: -------------------------------------------------------------------------------- 1 | { 2 | "images" : [ 3 | { 4 | "idiom" : "iphone", 5 | "size" : "20x20", 6 | "scale" : "2x" 7 | }, 8 | { 9 | "idiom" : "iphone", 10 | "size" : "20x20", 11 | "scale" : "3x" 12 | }, 13 | { 14 | "idiom" : "iphone", 15 | "size" : "29x29", 16 | "scale" : "2x" 17 | }, 18 | { 19 | "idiom" : "iphone", 20 | "size" : "29x29", 21 | "scale" : "3x" 22 | }, 23 | { 24 | "idiom" : "iphone", 25 | "size" : "40x40", 26 | "scale" : "2x" 27 | }, 28 | { 29 | "idiom" : "iphone", 30 | "size" : "40x40", 31 | "scale" : "3x" 32 | }, 33 | { 34 | "idiom" : "iphone", 35 | "size" : "60x60", 36 | "scale" : "2x" 37 | }, 38 | { 39 | "idiom" : "iphone", 40 | "size" : "60x60", 41 | "scale" : "3x" 42 | }, 43 | { 44 | "idiom" : "ios-marketing", 45 | "size" : "1024x1024", 46 | "scale" : "1x" 47 | } 48 | ], 49 | "info" : { 50 | "version" : 1, 51 | "author" : "xcode" 52 | } 53 | } -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-Swift/Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleDevelopmentRegion 6 | en 7 | CFBundleExecutable 8 | $(EXECUTABLE_NAME) 9 | CFBundleIdentifier 10 | $(PRODUCT_BUNDLE_IDENTIFIER) 11 | CFBundleInfoDictionaryVersion 12 | 6.0 13 | CFBundleName 14 | $(PRODUCT_NAME) 15 | CFBundlePackageType 16 | APPL 17 | CFBundleShortVersionString 18 | 1.0 19 | CFBundleVersion 20 | 1 21 | LSRequiresIPhoneOS 22 | 23 | UILaunchStoryboardName 24 | LaunchScreen 25 | UIMainStoryboardFile 26 | Main 27 | UIRequiredDeviceCapabilities 28 | 29 | armv7 30 | 31 | UISupportedInterfaceOrientations 32 | 33 | UIInterfaceOrientationPortrait 34 | UIInterfaceOrientationLandscapeLeft 35 | UIInterfaceOrientationLandscapeRight 36 | 37 | 38 | 39 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo-Swift/LaunchScreen.storyboard: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo.xcodeproj/project.xcworkspace/contents.xcworkspacedata: -------------------------------------------------------------------------------- 1 | 2 | 4 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo.xcworkspace/contents.xcworkspacedata: -------------------------------------------------------------------------------- 1 | 2 | 4 | 6 | 7 | 9 | 10 | 11 | -------------------------------------------------------------------------------- /TrustKitDemo/TrustKitDemo.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | IDEDidComputeMac32BitWarning 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /TrustKitTests/Certificates/ECDSA_sec256r1/www.cloudflare.com.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Certificates/ECDSA_sec256r1/www.cloudflare.com.der -------------------------------------------------------------------------------- /TrustKitTests/Certificates/ECDSA_sec384r1/GeoTrust_Primary_CA_G2_ECC.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Certificates/ECDSA_sec384r1/GeoTrust_Primary_CA_G2_ECC.der -------------------------------------------------------------------------------- /TrustKitTests/Certificates/RSA_2048/GlobalSignDomainValidationCA-SHA256-G2.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Certificates/RSA_2048/GlobalSignDomainValidationCA-SHA256-G2.der -------------------------------------------------------------------------------- /TrustKitTests/Certificates/RSA_2048/GlobalSignRootCA.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Certificates/RSA_2048/GlobalSignRootCA.der -------------------------------------------------------------------------------- /TrustKitTests/Certificates/RSA_2048/www.globalsign.com.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Certificates/RSA_2048/www.globalsign.com.der -------------------------------------------------------------------------------- /TrustKitTests/Certificates/RSA_4096/GoodRootCA.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Certificates/RSA_4096/GoodRootCA.der -------------------------------------------------------------------------------- /TrustKitTests/Certificates/RSA_4096/www.good.com.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Certificates/RSA_4096/www.good.com.der -------------------------------------------------------------------------------- /TrustKitTests/Certificates/RSA_4096/www.good.com.selfsigned.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Certificates/RSA_4096/www.good.com.selfsigned.der -------------------------------------------------------------------------------- /TrustKitTests/Certificates/TrustAnchor/anchor-ca.cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIGQDCCBCigAwIBAgIJAKDVSMZou8YPMA0GCSqGSIb3DQEBCwUAMIGsMQswCQYD 3 | VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxl 4 | MRMwEQYDVQQKDApZYWhvbywgSW5jMRswGQYDVQQLDBJQdWJsaXNoZXIgUHJvZHVj 5 | dHMxGTAXBgNVBAMMEFBpbmN1c2hpb24gRGVidWcxJzAlBgkqhkiG9w0BCQEWGGFk 6 | YW1rYXBsYW5AeWFob28taW5jLmNvbTAeFw0xNzA1MzEwMjM4MzFaFw0zNzA1MjYw 7 | MjM4MzFaMIGsMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAG 8 | A1UEBwwJU3Vubnl2YWxlMRMwEQYDVQQKDApZYWhvbywgSW5jMRswGQYDVQQLDBJQ 9 | dWJsaXNoZXIgUHJvZHVjdHMxGTAXBgNVBAMMEFBpbmN1c2hpb24gRGVidWcxJzAl 10 | BgkqhkiG9w0BCQEWGGFkYW1rYXBsYW5AeWFob28taW5jLmNvbTCCAiIwDQYJKoZI 11 | hvcNAQEBBQADggIPADCCAgoCggIBAMeMDecA/otarMBHfMYEfa42KeM0lsx4LVVM 12 | DhwTJUMBbU55DevPAksPnS1gIvzVGeFQ8VzS+2rCK3Dn96vyjcevRUFJRXh4p7FW 13 | aNCCya73inKHMBDNyIJaYxZbfww8uafyzpSssJLkx6PR29c/t6VlA2tRBfxdAOWI 14 | rUggP09IG65yWhvS8If3pNJ579iuKi+RTpN3Nakgktz0Vhp+BDpKpoC9TstlGJQV 15 | CCwSxxtUIRl9Eq6rymgHOU3f7SS12siQwibRq2Bp7Lgv034MCDQHRwkSCAvFw9c1 16 | DaxvE7CvAX69RyHbyZg2/TMjRWTleNkc3TnZrMoTdUrQ8CjHVAyp+j08hiK3MuIZ 17 | 8nJfaORTxZkerj9Qe921lmC5CB9d8xYoArdU1JZ8guiRi1ZqXQjE9/IwTS3jvG2k 18 | W7HpaSLIVOPMbSGXG9XjEoDh3A7lCTQhwvBrITd1fyjvJaudVqcow1t1hySZshmU 19 | K1PO4FdpUd2w1SnZuE+c60P7Rcm3vXJ0DLEN02Zlogxw8VSoKNCKWGTfqEAcVP8d 20 | ICkDBvkbB5WTxesQ4KSO2A20qTpsMq8nkyc0aQIKsiOYflw58zT47hbJ2oqHjfFU 21 | R6jL1qPAbbTX+1y9XwtV6+7bOLMwqeOCg7+rv8Op89Oiv/eOGaMZaA41akwjl4fk 22 | an8ROv5pAgMBAAGjYzBhMB0GA1UdDgQWBBQef5GmV1R6agSIcUC+lLyIoJFhHDAf 23 | BgNVHSMEGDAWgBQef5GmV1R6agSIcUC+lLyIoJFhHDAPBgNVHRMBAf8EBTADAQH/ 24 | MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAM0dWgQ478nzQLG/x 25 | BJYk5CB8tYa3DTS5c896OQwig6yX4M1aokx+k8p5Zi9YE8YUXb6v0mcwDk072rUm 26 | xy68gTLSCrcfPPLAuI6mceg4t7re9HxLDF7/q3t6rdQGIxNJyVqU3e3AStckEjm6 27 | FaFQEVSaz3yNmcVix4MI5HoQ5q5dKyfDm1MQeW7MZCqDdD5vr40YExjNw2CX+0NQ 28 | kaJgfZFTo2+D9/uks2IeCUwhX0/nro4uafurshoBmfs82ZXLDHZQJZl3T7fo60aD 29 | N2aoZLOA1peXVhX/fbSXKfuuA7zHDMhShiqNmCOxpkWR8LaAdP4vnG94cMNnADcY 30 | xlEUVQXHjzTIDM+D703q54uogr2KLt0BC0u2yI4ePaumPAKRY7bSN4oq8uDPVAwV 31 | GhzAFrSP7rLsbQi+TQP9HoOpaf7evx32FRXH57NuAqRPDMbUo8sdQhiyzDLbDSzS 32 | nwMDtog294UGIcXS1ZjLq+4qzwsp18ip3iXrKj0Mf96rUa4vKRcLujtZUUCM0zlP 33 | 5UNY1rDesuHsb2ziDjEXtxh0UsdoDaKa7gXPfNqtumW96v6hh0OkNWCX/x9GUIGe 34 | WsYtZBTD1+uqy4JHP4gEGewOU93Dhw6TWqqUcP516s67r59WBSxWSQnVA22wJLYc 35 | WcqquNULAx3uOWA5ZeO0yiOGgqc= 36 | -----END CERTIFICATE----- 37 | -------------------------------------------------------------------------------- /TrustKitTests/Certificates/TrustAnchor/anchor-fake.yahoo.com.cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIFSjCCBDKgAwIBAgICEEwwDQYJKoZIhvcNAQELBQAwgaoxCzAJBgNVBAYTAlVT 3 | MRMwEQYDVQQIDApDYWxpZm9ybmlhMRMwEQYDVQQKDApZYWhvbywgSW5jMRswGQYD 4 | VQQLDBJQdWJsaXNoZXIgUHJvZHVjdHMxLTArBgNVBAMMJFBpbmN1c2hpb24gRXBo 5 | ZW1lcmFsIEludGVybWVkaWF0ZSBDQTElMCMGCSqGSIb3DQEJARYWbm8tcmVwbHlA 6 | eWFob28taW5jLmNvbTAeFw0xNzA2MDkyMDQ1MTJaFw00MjA2MDMyMDQ1MTJaMIGo 7 | MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vu 8 | bnl2YWxlMRMwEQYDVQQKDApZYWhvbywgSW5jMRswGQYDVQQLDBJQdWJsaXNoZXIg 9 | UHJvZHVjdHMxFzAVBgNVBAMMDmZha2UueWFob28uY29tMSUwIwYJKoZIhvcNAQkB 10 | FhZuby1yZXBseUB5YWhvby1pbmMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A 11 | MIIBCgKCAQEA3tIexwPqDC4qRF3G1EtRZlEwOFhMFcsjp7Fhc+YbAqtGVZwSEqo7 12 | YJfTGh3byCwikoBy/ZZTSVxDocY5k8UIfEGQJEwxuRZSc+iMWJkqeblwFbHeR0lw 13 | nH033o53E/n4Yj57cIl2/GQ+jZSetLoxLKnf4N7FOje7+qDOWaSGxNHD5KCaBG/j 14 | cpF14PKI09MXza1KqOtxTnd+0cqtUNV2EsTEE6INiVC9f4L7QmLoZDnemQF250fe 15 | jEfKyK+x2b+dcRKdNkD5Xmap3w++9Jd3dBWEIZv8l6518t/307z61ATL9dpaW9fn 16 | xgh6nIhJ/tUlq8bU+BXFJZKJANNksifXJwIDAQABo4IBeDCCAXQwCQYDVR0TBAIw 17 | ADARBglghkgBhvhCAQEEBAMCBkAwMwYJYIZIAYb4QgENBCYWJE9wZW5TU0wgR2Vu 18 | ZXJhdGVkIFNlcnZlciBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUxok2/uVwT+tXOG61 19 | D+CweINe/u8wgdoGA1UdIwSB0jCBz4AUNdswOI7W+txCQKery4t0kNkMQByhgbKk 20 | ga8wgawxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQH 21 | DAlTdW5ueXZhbGUxEzARBgNVBAoMCllhaG9vLCBJbmMxGzAZBgNVBAsMElB1Ymxp 22 | c2hlciBQcm9kdWN0czEZMBcGA1UEAwwQUGluY3VzaGlvbiBEZWJ1ZzEnMCUGCSqG 23 | SIb3DQEJARYYYWRhbWthcGxhbkB5YWhvby1pbmMuY29tggIQSjAOBgNVHQ8BAf8E 24 | BAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAJqo 25 | iCLaILCV+qK18icv5UNUkeNKOtreWHTK0CSFAIZ02Xft2nAQhDwGMd4TPcDJEQR0 26 | yChiMciQWBXxpHE+iTgES/NXAtirU/2KkimisVw4lMJQ4+AYhCnBIUEbeFfW0gNy 27 | xtbQ0p/qyOt1bKe998TObc+OPfCP0QmDQGFzpXebn0rtFNZOhBB2c+jZJ18yW+R3 28 | ZirArIhPhQqE/WXMxtkdTel9uHxHTDdEPvvysW6wVYSsIrOF9OCTGRF57UMv2Sxb 29 | OhoqmGdfRicDH+PNnKsCTiBY7UuD1SEUZIJiS70mHPHKzmIZ2HUSIVoITm8v4hIA 30 | 25ZjY8e0wSkXyoSiBeY= 31 | -----END CERTIFICATE----- 32 | -------------------------------------------------------------------------------- /TrustKitTests/Certificates/TrustAnchor/anchor-intermediate.cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIFOjCCAyKgAwIBAgICEEowDQYJKoZIhvcNAQELBQAwgawxCzAJBgNVBAYTAlVT 3 | MRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxEzARBgNV 4 | BAoMCllhaG9vLCBJbmMxGzAZBgNVBAsMElB1Ymxpc2hlciBQcm9kdWN0czEZMBcG 5 | A1UEAwwQUGluY3VzaGlvbiBEZWJ1ZzEnMCUGCSqGSIb3DQEJARYYYWRhbWthcGxh 6 | bkB5YWhvby1pbmMuY29tMB4XDTE3MDYwOTIwMTcyNFoXDTM3MDYwOTIwMTcyNFow 7 | gaoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRMwEQYDVQQKDApZ 8 | YWhvbywgSW5jMRswGQYDVQQLDBJQdWJsaXNoZXIgUHJvZHVjdHMxLTArBgNVBAMM 9 | JFBpbmN1c2hpb24gRXBoZW1lcmFsIEludGVybWVkaWF0ZSBDQTElMCMGCSqGSIb3 10 | DQEJARYWbm8tcmVwbHlAeWFob28taW5jLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD 11 | ggEPADCCAQoCggEBAMSCXZEEIWfbHEZg4NzjlY8J4GjxNaC9CQ+o/El/NFFAgTkc 12 | BIxShkTOg2mwnHuenWhsvvH4hJOT/1aliLCvRX9x+EcbJGcmAO+Op+lrt+090MQG 13 | RbsjvmdregsRtmFX8ScXAulSi345BzQFHSpATO8lEO7d9a6IC3q/lL2U2Y8EYYLV 14 | xvvWOIkEUMj3t3HRBoZ/UJX7syfsrOOdeJJehIWmMhpudI1r3m7kasWWGRjFE1J7 15 | FVquRE6al4vHdh0RxJbuU2vX/eqWbr42I2xgnsIFkUO5aJj6ilZ/gNMp40Ct8ouk 16 | nDlwb18t7EeF9PEDouUAY+SMn3r1BuuLSaoti+ECAwEAAaNmMGQwHQYDVR0OBBYE 17 | FDXbMDiO1vrcQkCnq8uLdJDZDEAcMB8GA1UdIwQYMBaAFB5/kaZXVHpqBIhxQL6U 18 | vIigkWEcMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqG 19 | SIb3DQEBCwUAA4ICAQC3mEBzBnX294fFxYn1VNQq7B71zRIsgOfupT/w3SXk2LWf 20 | utBcQmEIBKyCtX7fSFcQMDyU5X4b8jlRg8V7zehlFd4rp/4jtMyYLvHloOgJejtB 21 | n2W00GUSgxfEgYzU7g/cWNopj2jxZjH3nP7rOHWw9m0XTYgYoyU7Zyuj/zMSN5SF 22 | ArvlbYOYMTqmqWb2rHiNxiXwP+ldGCtOV24Enygc1QwKpHpU0PYTOl8eqes1RTb6 23 | VMT0MfkMwNG3QE9HU3CPssRfDT839DmVE/qIMSmg0DVJpKfvx5l6XAcG44AcR9Sc 24 | fP2mLsueUqZz81B4X/5gMaRCPEjAYvczi/gaZHaMdY2UyngpcH9HsT7pa0RxB+a/ 25 | 4VO2NwtHtaerSD5ZrKhbXNskqtuI/T5N9C4zEriMjW1lcCD6wH3cZ9t7YioWc+1/ 26 | PWEq7tDp3CWdghWp0aHo/BYhSdsl26soKoP5tCHekV8Mvpi+fHjj9JxGTJnrK5Bs 27 | kaFMIsnBVl+eTPaQSN1zI00fck8hQ2z+8nv2tCwanHes7QyuPgLWiGMRZnSU6eaT 28 | SQ8Jh4H+8JkcaMAYgnSAPjfI4rFFgjPAMdHrVSSASFI+C2ap6iFZ65TdSso638RT 29 | KUfap5rkzQIPM1I0j5KEmeHYeMMssmQSkDMzTs013S27FzhADZCjgVBTF3DHDQ== 30 | -----END CERTIFICATE----- 31 | -------------------------------------------------------------------------------- /TrustKitTests/Corporation Service Company RSA OV SSL CA.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Corporation Service Company RSA OV SSL CA.der -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Headers: -------------------------------------------------------------------------------- 1 | Versions/Current/Headers -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Modules: -------------------------------------------------------------------------------- 1 | Versions/Current/Modules -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/OCMock: -------------------------------------------------------------------------------- 1 | Versions/Current/OCMock -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Resources: -------------------------------------------------------------------------------- 1 | Versions/Current/Resources -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/NSNotificationCenter+OCMAdditions.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2009-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCObserverMockObject; 20 | 21 | 22 | @interface NSNotificationCenter(OCMAdditions) 23 | 24 | - (void)addMockObserver:(OCObserverMockObject *)notificationObserver name:(NSString *)notificationName object:(id)notificationSender; 25 | 26 | @end 27 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/OCMArg.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2009-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @interface OCMArg : NSObject 20 | 21 | // constraining arguments 22 | 23 | + (id)any; 24 | + (SEL)anySelector; 25 | + (void *)anyPointer; 26 | + (id __autoreleasing *)anyObjectRef; 27 | + (id)isNil; 28 | + (id)isNotNil; 29 | + (id)isEqual:(id)value; 30 | + (id)isNotEqual:(id)value; 31 | + (id)isKindOfClass:(Class)cls; 32 | + (id)checkWithSelector:(SEL)selector onObject:(id)anObject; 33 | + (id)checkWithBlock:(BOOL (^)(id obj))block; 34 | 35 | // manipulating arguments 36 | 37 | + (id *)setTo:(id)value; 38 | + (void *)setToValue:(NSValue *)value; 39 | + (id)invokeBlock; 40 | + (id)invokeBlockWithArgs:(id)first,... NS_REQUIRES_NIL_TERMINATION; 41 | 42 | + (id)defaultValue; 43 | 44 | // internal use only 45 | 46 | + (id)resolveSpecialValues:(NSValue *)value; 47 | 48 | @end 49 | 50 | #define OCMOCK_ANY [OCMArg any] 51 | 52 | #if defined(__GNUC__) && !defined(__STRICT_ANSI__) 53 | #define OCMOCK_VALUE(variable) \ 54 | ({ __typeof__(variable) __v = (variable); [NSValue value:&__v withObjCType:@encode(__typeof__(__v))]; }) 55 | #else 56 | #define OCMOCK_VALUE(variable) [NSValue value:&variable withObjCType:@encode(__typeof__(variable))] 57 | #endif 58 | 59 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/OCMConstraint.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2007-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @interface OCMConstraint : NSObject 20 | 21 | + (instancetype)constraint; 22 | - (BOOL)evaluate:(id)value; 23 | 24 | // if you are looking for any, isNil, etc, they have moved to OCMArg 25 | 26 | // try to use [OCMArg checkWith...] instead of the constraintWith... methods below 27 | 28 | + (instancetype)constraintWithSelector:(SEL)aSelector onObject:(id)anObject; 29 | + (instancetype)constraintWithSelector:(SEL)aSelector onObject:(id)anObject withValue:(id)aValue; 30 | 31 | 32 | @end 33 | 34 | @interface OCMAnyConstraint : OCMConstraint 35 | @end 36 | 37 | @interface OCMIsNilConstraint : OCMConstraint 38 | @end 39 | 40 | @interface OCMIsNotNilConstraint : OCMConstraint 41 | @end 42 | 43 | @interface OCMIsNotEqualConstraint : OCMConstraint 44 | { 45 | @public 46 | id testValue; 47 | } 48 | 49 | @end 50 | 51 | @interface OCMInvocationConstraint : OCMConstraint 52 | { 53 | @public 54 | NSInvocation *invocation; 55 | } 56 | 57 | @end 58 | 59 | @interface OCMBlockConstraint : OCMConstraint 60 | { 61 | BOOL (^block)(id); 62 | } 63 | 64 | - (instancetype)initWithConstraintBlock:(BOOL (^)(id))block; 65 | 66 | @end 67 | 68 | #ifndef OCM_DISABLE_SHORT_SYNTAX 69 | #define CONSTRAINT(aSelector) [OCMConstraint constraintWithSelector:aSelector onObject:self] 70 | #define CONSTRAINTV(aSelector, aValue) [OCMConstraint constraintWithSelector:aSelector onObject:self withValue:(aValue)] 71 | #endif 72 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/OCMFunctions.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | 20 | #if defined(__cplusplus) 21 | #define OCMOCK_EXTERN extern "C" 22 | #else 23 | #define OCMOCK_EXTERN extern 24 | #endif 25 | 26 | 27 | OCMOCK_EXTERN BOOL OCMIsObjectType(const char *objCType); 28 | OCMOCK_EXTERN BOOL OCMIsSubclassOfMockClass(Class cls); 29 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/OCMLocation.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | #import 19 | 20 | @interface OCMLocation : NSObject 21 | { 22 | id testCase; 23 | NSString *file; 24 | NSUInteger line; 25 | } 26 | 27 | + (instancetype)locationWithTestCase:(id)aTestCase file:(NSString *)aFile line:(NSUInteger)aLine; 28 | 29 | - (instancetype)initWithTestCase:(id)aTestCase file:(NSString *)aFile line:(NSUInteger)aLine; 30 | 31 | - (id)testCase; 32 | - (NSString *)file; 33 | - (NSUInteger)line; 34 | 35 | @end 36 | 37 | OCMOCK_EXTERN OCMLocation *OCMMakeLocation(id testCase, const char *file, int line); 38 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/OCMMacroState.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMLocation; 20 | @class OCMQuantifier; 21 | @class OCMRecorder; 22 | @class OCMStubRecorder; 23 | @class OCMockObject; 24 | 25 | 26 | @interface OCMMacroState : NSObject 27 | { 28 | id recorder; 29 | BOOL invocationDidThrow; 30 | } 31 | 32 | + (void)beginStubMacro; 33 | + (OCMStubRecorder *)endStubMacro; 34 | 35 | + (void)beginExpectMacro; 36 | + (OCMStubRecorder *)endExpectMacro; 37 | 38 | + (void)beginRejectMacro; 39 | + (OCMStubRecorder *)endRejectMacro; 40 | 41 | + (void)beginVerifyMacroAtLocation:(OCMLocation *)aLocation; 42 | + (void)beginVerifyMacroAtLocation:(OCMLocation *)aLocation withQuantifier:(OCMQuantifier *)quantifier; 43 | + (void)endVerifyMacro; 44 | 45 | + (OCMMacroState *)globalState; 46 | 47 | - (void)setRecorder:(id)aRecorder; 48 | - (id)recorder; 49 | 50 | - (void)switchToClassMethod; 51 | 52 | - (void)setInvocationDidThrow:(BOOL)flag; 53 | - (BOOL)invocationDidThrow; 54 | 55 | @end 56 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/OCMQuantifier.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2016-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @interface OCMQuantifier : NSObject 20 | { 21 | NSUInteger expectedCount; 22 | } 23 | 24 | + (instancetype)never; 25 | + (instancetype)exactly:(NSUInteger)count; 26 | + (instancetype)atLeast:(NSUInteger)count; 27 | + (instancetype)atMost:(NSUInteger)count; 28 | 29 | - (BOOL)isValidCount:(NSUInteger)count; 30 | 31 | - (NSString *)description; 32 | 33 | @end 34 | 35 | 36 | #define OCMNever() ([OCMQuantifier never]) 37 | #define OCMTimes(n) ([OCMQuantifier exactly:(n)]) 38 | #define OCMAtLeast(n) ([OCMQuantifier atLeast:(n)]) 39 | #define OCMAtMost(n) ([OCMQuantifier atMost:(n)]) 40 | 41 | #ifndef OCM_DISABLE_SHORT_QSYNTAX 42 | #define never() OCMNever() 43 | #define times(n) OCMTimes(n) 44 | #define atLeast(n) OCMAtLeast(n) 45 | #define atMost(n) OCMAtMost(n) 46 | #endif 47 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/OCMRecorder.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMockObject; 20 | @class OCMInvocationMatcher; 21 | 22 | 23 | @interface OCMRecorder : NSProxy 24 | { 25 | OCMockObject *mockObject; 26 | OCMInvocationMatcher *invocationMatcher; 27 | BOOL didRecordInvocation; 28 | BOOL shouldReturnMockFromInit; 29 | } 30 | 31 | 32 | - (instancetype)init; 33 | - (instancetype)initWithMockObject:(OCMockObject *)aMockObject; 34 | 35 | - (void)setMockObject:(OCMockObject *)aMockObject; 36 | - (void)setShouldReturnMockFromInit:(BOOL)flag; 37 | 38 | - (OCMInvocationMatcher *)invocationMatcher; 39 | - (BOOL)didRecordInvocation; 40 | 41 | - (id)classMethod; 42 | - (id)ignoringNonObjectArgs; 43 | 44 | 45 | @end 46 | 47 | @interface OCMRecorder (Properties) 48 | 49 | #define ignoringNonObjectArgs() _ignoringNonObjectArgs() 50 | @property (nonatomic, readonly) OCMRecorder *(^ _ignoringNonObjectArgs)(void); 51 | 52 | @end 53 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/OCMVerifier.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMLocation; 20 | @class OCMQuantifier; 21 | 22 | @interface OCMVerifier : OCMRecorder 23 | 24 | @property(strong) OCMLocation *location; 25 | @property(strong) OCMQuantifier *quantifier; 26 | 27 | - (id)withQuantifier:(OCMQuantifier *)quantifier; 28 | 29 | @end 30 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/OCMock.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2004-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | #import 19 | #import 20 | #import 21 | #import 22 | #import 23 | #import 24 | #import 25 | #import 26 | #import 27 | #import 28 | #import 29 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Headers/OCMockObject.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2004-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMLocation; 20 | @class OCMQuantifier; 21 | @class OCMInvocationStub; 22 | @class OCMStubRecorder; 23 | @class OCMInvocationMatcher; 24 | @class OCMInvocationExpectation; 25 | 26 | 27 | @interface OCMockObject : NSProxy 28 | { 29 | BOOL isNice; 30 | BOOL expectationOrderMatters; 31 | NSMutableArray *stubs; 32 | NSMutableArray *expectations; 33 | NSMutableArray *exceptions; 34 | NSMutableArray *invocations; 35 | } 36 | 37 | + (id)mockForClass:(Class)aClass; 38 | + (id)mockForProtocol:(Protocol *)aProtocol; 39 | + (id)partialMockForObject:(NSObject *)anObject; 40 | 41 | + (id)niceMockForClass:(Class)aClass; 42 | + (id)niceMockForProtocol:(Protocol *)aProtocol; 43 | 44 | + (id)observerMock __deprecated_msg("Please use XCTNSNotificationExpectation instead."); 45 | 46 | - (instancetype)init; 47 | 48 | - (void)setExpectationOrderMatters:(BOOL)flag; 49 | 50 | - (id)stub; 51 | - (id)expect; 52 | - (id)reject; 53 | 54 | - (id)verify; 55 | - (id)verifyAtLocation:(OCMLocation *)location; 56 | 57 | - (void)verifyWithDelay:(NSTimeInterval)delay; 58 | - (void)verifyWithDelay:(NSTimeInterval)delay atLocation:(OCMLocation *)location; 59 | 60 | - (void)stopMocking; 61 | 62 | // internal use only 63 | 64 | - (void)addStub:(OCMInvocationStub *)aStub; 65 | - (void)addExpectation:(OCMInvocationExpectation *)anExpectation; 66 | - (void)addInvocation:(NSInvocation *)anInvocation; 67 | 68 | - (BOOL)handleInvocation:(NSInvocation *)anInvocation; 69 | - (void)handleUnRecordedInvocation:(NSInvocation *)anInvocation; 70 | - (BOOL)handleSelector:(SEL)sel; 71 | 72 | - (void)verifyInvocation:(OCMInvocationMatcher *)matcher; 73 | - (void)verifyInvocation:(OCMInvocationMatcher *)matcher atLocation:(OCMLocation *)location; 74 | - (void)verifyInvocation:(OCMInvocationMatcher *)matcher withQuantifier:(OCMQuantifier *)quantifier atLocation:(OCMLocation *)location; 75 | - (NSString *)descriptionForVerificationFailureWithMatcher:(OCMInvocationMatcher *)matcher quantifier:(OCMQuantifier *)quantifier invocationCount:(NSUInteger)count; 76 | 77 | @end 78 | 79 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Modules/module.modulemap: -------------------------------------------------------------------------------- 1 | framework module OCMock { 2 | umbrella header "OCMock.h" 3 | 4 | export * 5 | module * { export * } 6 | } 7 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/OCMock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/OCMock -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/A/Resources/Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | BuildMachineOSBuild 6 | 20C69 7 | CFBundleDevelopmentRegion 8 | en 9 | CFBundleExecutable 10 | OCMock 11 | CFBundleIdentifier 12 | com.mulle-kybernetik.OCMock 13 | CFBundleInfoDictionaryVersion 14 | 6.0 15 | CFBundleName 16 | OCMock 17 | CFBundlePackageType 18 | FMWK 19 | CFBundleShortVersionString 20 | 1.0 21 | CFBundleSignature 22 | ???? 23 | CFBundleSupportedPlatforms 24 | 25 | MacOSX 26 | 27 | DTCompiler 28 | com.apple.compilers.llvm.clang.1_0 29 | DTPlatformBuild 30 | 12C33 31 | DTPlatformName 32 | macosx 33 | DTPlatformVersion 34 | 11.1 35 | DTSDKBuild 36 | 20C63 37 | DTSDKName 38 | macosx11.1 39 | DTXcode 40 | 1230 41 | DTXcodeBuild 42 | 12C33 43 | LSMinimumSystemVersion 44 | 10.10 45 | NSHumanReadableCopyright 46 | Copyright © 2004-2020 Mulle Kybernetik. 47 | 48 | 49 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/Mac/OCMock.framework/Versions/Current: -------------------------------------------------------------------------------- 1 | A -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/NSNotificationCenter+OCMAdditions.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2009-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCObserverMockObject; 20 | 21 | 22 | @interface NSNotificationCenter(OCMAdditions) 23 | 24 | - (void)addMockObserver:(OCObserverMockObject *)notificationObserver name:(NSString *)notificationName object:(id)notificationSender; 25 | 26 | @end 27 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/OCMArg.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2009-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @interface OCMArg : NSObject 20 | 21 | // constraining arguments 22 | 23 | + (id)any; 24 | + (SEL)anySelector; 25 | + (void *)anyPointer; 26 | + (id __autoreleasing *)anyObjectRef; 27 | + (id)isNil; 28 | + (id)isNotNil; 29 | + (id)isEqual:(id)value; 30 | + (id)isNotEqual:(id)value; 31 | + (id)isKindOfClass:(Class)cls; 32 | + (id)checkWithSelector:(SEL)selector onObject:(id)anObject; 33 | + (id)checkWithBlock:(BOOL (^)(id obj))block; 34 | 35 | // manipulating arguments 36 | 37 | + (id *)setTo:(id)value; 38 | + (void *)setToValue:(NSValue *)value; 39 | + (id)invokeBlock; 40 | + (id)invokeBlockWithArgs:(id)first,... NS_REQUIRES_NIL_TERMINATION; 41 | 42 | + (id)defaultValue; 43 | 44 | // internal use only 45 | 46 | + (id)resolveSpecialValues:(NSValue *)value; 47 | 48 | @end 49 | 50 | #define OCMOCK_ANY [OCMArg any] 51 | 52 | #if defined(__GNUC__) && !defined(__STRICT_ANSI__) 53 | #define OCMOCK_VALUE(variable) \ 54 | ({ __typeof__(variable) __v = (variable); [NSValue value:&__v withObjCType:@encode(__typeof__(__v))]; }) 55 | #else 56 | #define OCMOCK_VALUE(variable) [NSValue value:&variable withObjCType:@encode(__typeof__(variable))] 57 | #endif 58 | 59 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/OCMConstraint.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2007-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @interface OCMConstraint : NSObject 20 | 21 | + (instancetype)constraint; 22 | - (BOOL)evaluate:(id)value; 23 | 24 | // if you are looking for any, isNil, etc, they have moved to OCMArg 25 | 26 | // try to use [OCMArg checkWith...] instead of the constraintWith... methods below 27 | 28 | + (instancetype)constraintWithSelector:(SEL)aSelector onObject:(id)anObject; 29 | + (instancetype)constraintWithSelector:(SEL)aSelector onObject:(id)anObject withValue:(id)aValue; 30 | 31 | 32 | @end 33 | 34 | @interface OCMAnyConstraint : OCMConstraint 35 | @end 36 | 37 | @interface OCMIsNilConstraint : OCMConstraint 38 | @end 39 | 40 | @interface OCMIsNotNilConstraint : OCMConstraint 41 | @end 42 | 43 | @interface OCMIsNotEqualConstraint : OCMConstraint 44 | { 45 | @public 46 | id testValue; 47 | } 48 | 49 | @end 50 | 51 | @interface OCMInvocationConstraint : OCMConstraint 52 | { 53 | @public 54 | NSInvocation *invocation; 55 | } 56 | 57 | @end 58 | 59 | @interface OCMBlockConstraint : OCMConstraint 60 | { 61 | BOOL (^block)(id); 62 | } 63 | 64 | - (instancetype)initWithConstraintBlock:(BOOL (^)(id))block; 65 | 66 | @end 67 | 68 | #ifndef OCM_DISABLE_SHORT_SYNTAX 69 | #define CONSTRAINT(aSelector) [OCMConstraint constraintWithSelector:aSelector onObject:self] 70 | #define CONSTRAINTV(aSelector, aValue) [OCMConstraint constraintWithSelector:aSelector onObject:self withValue:(aValue)] 71 | #endif 72 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/OCMFunctions.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | 20 | #if defined(__cplusplus) 21 | #define OCMOCK_EXTERN extern "C" 22 | #else 23 | #define OCMOCK_EXTERN extern 24 | #endif 25 | 26 | 27 | OCMOCK_EXTERN BOOL OCMIsObjectType(const char *objCType); 28 | OCMOCK_EXTERN BOOL OCMIsSubclassOfMockClass(Class cls); 29 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/OCMLocation.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | #import 19 | 20 | @interface OCMLocation : NSObject 21 | { 22 | id testCase; 23 | NSString *file; 24 | NSUInteger line; 25 | } 26 | 27 | + (instancetype)locationWithTestCase:(id)aTestCase file:(NSString *)aFile line:(NSUInteger)aLine; 28 | 29 | - (instancetype)initWithTestCase:(id)aTestCase file:(NSString *)aFile line:(NSUInteger)aLine; 30 | 31 | - (id)testCase; 32 | - (NSString *)file; 33 | - (NSUInteger)line; 34 | 35 | @end 36 | 37 | OCMOCK_EXTERN OCMLocation *OCMMakeLocation(id testCase, const char *file, int line); 38 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/OCMMacroState.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMLocation; 20 | @class OCMQuantifier; 21 | @class OCMRecorder; 22 | @class OCMStubRecorder; 23 | @class OCMockObject; 24 | 25 | 26 | @interface OCMMacroState : NSObject 27 | { 28 | id recorder; 29 | BOOL invocationDidThrow; 30 | } 31 | 32 | + (void)beginStubMacro; 33 | + (OCMStubRecorder *)endStubMacro; 34 | 35 | + (void)beginExpectMacro; 36 | + (OCMStubRecorder *)endExpectMacro; 37 | 38 | + (void)beginRejectMacro; 39 | + (OCMStubRecorder *)endRejectMacro; 40 | 41 | + (void)beginVerifyMacroAtLocation:(OCMLocation *)aLocation; 42 | + (void)beginVerifyMacroAtLocation:(OCMLocation *)aLocation withQuantifier:(OCMQuantifier *)quantifier; 43 | + (void)endVerifyMacro; 44 | 45 | + (OCMMacroState *)globalState; 46 | 47 | - (void)setRecorder:(id)aRecorder; 48 | - (id)recorder; 49 | 50 | - (void)switchToClassMethod; 51 | 52 | - (void)setInvocationDidThrow:(BOOL)flag; 53 | - (BOOL)invocationDidThrow; 54 | 55 | @end 56 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/OCMQuantifier.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2016-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @interface OCMQuantifier : NSObject 20 | { 21 | NSUInteger expectedCount; 22 | } 23 | 24 | + (instancetype)never; 25 | + (instancetype)exactly:(NSUInteger)count; 26 | + (instancetype)atLeast:(NSUInteger)count; 27 | + (instancetype)atMost:(NSUInteger)count; 28 | 29 | - (BOOL)isValidCount:(NSUInteger)count; 30 | 31 | - (NSString *)description; 32 | 33 | @end 34 | 35 | 36 | #define OCMNever() ([OCMQuantifier never]) 37 | #define OCMTimes(n) ([OCMQuantifier exactly:(n)]) 38 | #define OCMAtLeast(n) ([OCMQuantifier atLeast:(n)]) 39 | #define OCMAtMost(n) ([OCMQuantifier atMost:(n)]) 40 | 41 | #ifndef OCM_DISABLE_SHORT_QSYNTAX 42 | #define never() OCMNever() 43 | #define times(n) OCMTimes(n) 44 | #define atLeast(n) OCMAtLeast(n) 45 | #define atMost(n) OCMAtMost(n) 46 | #endif 47 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/OCMRecorder.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMockObject; 20 | @class OCMInvocationMatcher; 21 | 22 | 23 | @interface OCMRecorder : NSProxy 24 | { 25 | OCMockObject *mockObject; 26 | OCMInvocationMatcher *invocationMatcher; 27 | BOOL didRecordInvocation; 28 | BOOL shouldReturnMockFromInit; 29 | } 30 | 31 | 32 | - (instancetype)init; 33 | - (instancetype)initWithMockObject:(OCMockObject *)aMockObject; 34 | 35 | - (void)setMockObject:(OCMockObject *)aMockObject; 36 | - (void)setShouldReturnMockFromInit:(BOOL)flag; 37 | 38 | - (OCMInvocationMatcher *)invocationMatcher; 39 | - (BOOL)didRecordInvocation; 40 | 41 | - (id)classMethod; 42 | - (id)ignoringNonObjectArgs; 43 | 44 | 45 | @end 46 | 47 | @interface OCMRecorder (Properties) 48 | 49 | #define ignoringNonObjectArgs() _ignoringNonObjectArgs() 50 | @property (nonatomic, readonly) OCMRecorder *(^ _ignoringNonObjectArgs)(void); 51 | 52 | @end 53 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/OCMVerifier.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMLocation; 20 | @class OCMQuantifier; 21 | 22 | @interface OCMVerifier : OCMRecorder 23 | 24 | @property(strong) OCMLocation *location; 25 | @property(strong) OCMQuantifier *quantifier; 26 | 27 | - (id)withQuantifier:(OCMQuantifier *)quantifier; 28 | 29 | @end 30 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/OCMock.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2004-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | #import 19 | #import 20 | #import 21 | #import 22 | #import 23 | #import 24 | #import 25 | #import 26 | #import 27 | #import 28 | #import 29 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Headers/OCMockObject.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2004-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMLocation; 20 | @class OCMQuantifier; 21 | @class OCMInvocationStub; 22 | @class OCMStubRecorder; 23 | @class OCMInvocationMatcher; 24 | @class OCMInvocationExpectation; 25 | 26 | 27 | @interface OCMockObject : NSProxy 28 | { 29 | BOOL isNice; 30 | BOOL expectationOrderMatters; 31 | NSMutableArray *stubs; 32 | NSMutableArray *expectations; 33 | NSMutableArray *exceptions; 34 | NSMutableArray *invocations; 35 | } 36 | 37 | + (id)mockForClass:(Class)aClass; 38 | + (id)mockForProtocol:(Protocol *)aProtocol; 39 | + (id)partialMockForObject:(NSObject *)anObject; 40 | 41 | + (id)niceMockForClass:(Class)aClass; 42 | + (id)niceMockForProtocol:(Protocol *)aProtocol; 43 | 44 | + (id)observerMock __deprecated_msg("Please use XCTNSNotificationExpectation instead."); 45 | 46 | - (instancetype)init; 47 | 48 | - (void)setExpectationOrderMatters:(BOOL)flag; 49 | 50 | - (id)stub; 51 | - (id)expect; 52 | - (id)reject; 53 | 54 | - (id)verify; 55 | - (id)verifyAtLocation:(OCMLocation *)location; 56 | 57 | - (void)verifyWithDelay:(NSTimeInterval)delay; 58 | - (void)verifyWithDelay:(NSTimeInterval)delay atLocation:(OCMLocation *)location; 59 | 60 | - (void)stopMocking; 61 | 62 | // internal use only 63 | 64 | - (void)addStub:(OCMInvocationStub *)aStub; 65 | - (void)addExpectation:(OCMInvocationExpectation *)anExpectation; 66 | - (void)addInvocation:(NSInvocation *)anInvocation; 67 | 68 | - (BOOL)handleInvocation:(NSInvocation *)anInvocation; 69 | - (void)handleUnRecordedInvocation:(NSInvocation *)anInvocation; 70 | - (BOOL)handleSelector:(SEL)sel; 71 | 72 | - (void)verifyInvocation:(OCMInvocationMatcher *)matcher; 73 | - (void)verifyInvocation:(OCMInvocationMatcher *)matcher atLocation:(OCMLocation *)location; 74 | - (void)verifyInvocation:(OCMInvocationMatcher *)matcher withQuantifier:(OCMQuantifier *)quantifier atLocation:(OCMLocation *)location; 75 | - (NSString *)descriptionForVerificationFailureWithMatcher:(OCMInvocationMatcher *)matcher quantifier:(OCMQuantifier *)quantifier invocationCount:(NSUInteger)count; 76 | 77 | @end 78 | 79 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Info.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Info.plist -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/Modules/module.modulemap: -------------------------------------------------------------------------------- 1 | framework module OCMock { 2 | umbrella header "OCMock.h" 3 | 4 | export * 5 | module * { export * } 6 | } 7 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/OCMock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Dependencies/OCMock/iOS/OCMock.framework/OCMock -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/NSNotificationCenter+OCMAdditions.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2009-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCObserverMockObject; 20 | 21 | 22 | @interface NSNotificationCenter(OCMAdditions) 23 | 24 | - (void)addMockObserver:(OCObserverMockObject *)notificationObserver name:(NSString *)notificationName object:(id)notificationSender; 25 | 26 | @end 27 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/OCMArg.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2009-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @interface OCMArg : NSObject 20 | 21 | // constraining arguments 22 | 23 | + (id)any; 24 | + (SEL)anySelector; 25 | + (void *)anyPointer; 26 | + (id __autoreleasing *)anyObjectRef; 27 | + (id)isNil; 28 | + (id)isNotNil; 29 | + (id)isEqual:(id)value; 30 | + (id)isNotEqual:(id)value; 31 | + (id)isKindOfClass:(Class)cls; 32 | + (id)checkWithSelector:(SEL)selector onObject:(id)anObject; 33 | + (id)checkWithBlock:(BOOL (^)(id obj))block; 34 | 35 | // manipulating arguments 36 | 37 | + (id *)setTo:(id)value; 38 | + (void *)setToValue:(NSValue *)value; 39 | + (id)invokeBlock; 40 | + (id)invokeBlockWithArgs:(id)first,... NS_REQUIRES_NIL_TERMINATION; 41 | 42 | + (id)defaultValue; 43 | 44 | // internal use only 45 | 46 | + (id)resolveSpecialValues:(NSValue *)value; 47 | 48 | @end 49 | 50 | #define OCMOCK_ANY [OCMArg any] 51 | 52 | #if defined(__GNUC__) && !defined(__STRICT_ANSI__) 53 | #define OCMOCK_VALUE(variable) \ 54 | ({ __typeof__(variable) __v = (variable); [NSValue value:&__v withObjCType:@encode(__typeof__(__v))]; }) 55 | #else 56 | #define OCMOCK_VALUE(variable) [NSValue value:&variable withObjCType:@encode(__typeof__(variable))] 57 | #endif 58 | 59 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/OCMConstraint.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2007-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @interface OCMConstraint : NSObject 20 | 21 | + (instancetype)constraint; 22 | - (BOOL)evaluate:(id)value; 23 | 24 | // if you are looking for any, isNil, etc, they have moved to OCMArg 25 | 26 | // try to use [OCMArg checkWith...] instead of the constraintWith... methods below 27 | 28 | + (instancetype)constraintWithSelector:(SEL)aSelector onObject:(id)anObject; 29 | + (instancetype)constraintWithSelector:(SEL)aSelector onObject:(id)anObject withValue:(id)aValue; 30 | 31 | 32 | @end 33 | 34 | @interface OCMAnyConstraint : OCMConstraint 35 | @end 36 | 37 | @interface OCMIsNilConstraint : OCMConstraint 38 | @end 39 | 40 | @interface OCMIsNotNilConstraint : OCMConstraint 41 | @end 42 | 43 | @interface OCMIsNotEqualConstraint : OCMConstraint 44 | { 45 | @public 46 | id testValue; 47 | } 48 | 49 | @end 50 | 51 | @interface OCMInvocationConstraint : OCMConstraint 52 | { 53 | @public 54 | NSInvocation *invocation; 55 | } 56 | 57 | @end 58 | 59 | @interface OCMBlockConstraint : OCMConstraint 60 | { 61 | BOOL (^block)(id); 62 | } 63 | 64 | - (instancetype)initWithConstraintBlock:(BOOL (^)(id))block; 65 | 66 | @end 67 | 68 | #ifndef OCM_DISABLE_SHORT_SYNTAX 69 | #define CONSTRAINT(aSelector) [OCMConstraint constraintWithSelector:aSelector onObject:self] 70 | #define CONSTRAINTV(aSelector, aValue) [OCMConstraint constraintWithSelector:aSelector onObject:self withValue:(aValue)] 71 | #endif 72 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/OCMFunctions.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | 20 | #if defined(__cplusplus) 21 | #define OCMOCK_EXTERN extern "C" 22 | #else 23 | #define OCMOCK_EXTERN extern 24 | #endif 25 | 26 | 27 | OCMOCK_EXTERN BOOL OCMIsObjectType(const char *objCType); 28 | OCMOCK_EXTERN BOOL OCMIsSubclassOfMockClass(Class cls); 29 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/OCMLocation.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | #import 19 | 20 | @interface OCMLocation : NSObject 21 | { 22 | id testCase; 23 | NSString *file; 24 | NSUInteger line; 25 | } 26 | 27 | + (instancetype)locationWithTestCase:(id)aTestCase file:(NSString *)aFile line:(NSUInteger)aLine; 28 | 29 | - (instancetype)initWithTestCase:(id)aTestCase file:(NSString *)aFile line:(NSUInteger)aLine; 30 | 31 | - (id)testCase; 32 | - (NSString *)file; 33 | - (NSUInteger)line; 34 | 35 | @end 36 | 37 | OCMOCK_EXTERN OCMLocation *OCMMakeLocation(id testCase, const char *file, int line); 38 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/OCMMacroState.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMLocation; 20 | @class OCMQuantifier; 21 | @class OCMRecorder; 22 | @class OCMStubRecorder; 23 | @class OCMockObject; 24 | 25 | 26 | @interface OCMMacroState : NSObject 27 | { 28 | id recorder; 29 | BOOL invocationDidThrow; 30 | } 31 | 32 | + (void)beginStubMacro; 33 | + (OCMStubRecorder *)endStubMacro; 34 | 35 | + (void)beginExpectMacro; 36 | + (OCMStubRecorder *)endExpectMacro; 37 | 38 | + (void)beginRejectMacro; 39 | + (OCMStubRecorder *)endRejectMacro; 40 | 41 | + (void)beginVerifyMacroAtLocation:(OCMLocation *)aLocation; 42 | + (void)beginVerifyMacroAtLocation:(OCMLocation *)aLocation withQuantifier:(OCMQuantifier *)quantifier; 43 | + (void)endVerifyMacro; 44 | 45 | + (OCMMacroState *)globalState; 46 | 47 | - (void)setRecorder:(id)aRecorder; 48 | - (id)recorder; 49 | 50 | - (void)switchToClassMethod; 51 | 52 | - (void)setInvocationDidThrow:(BOOL)flag; 53 | - (BOOL)invocationDidThrow; 54 | 55 | @end 56 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/OCMQuantifier.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2016-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @interface OCMQuantifier : NSObject 20 | { 21 | NSUInteger expectedCount; 22 | } 23 | 24 | + (instancetype)never; 25 | + (instancetype)exactly:(NSUInteger)count; 26 | + (instancetype)atLeast:(NSUInteger)count; 27 | + (instancetype)atMost:(NSUInteger)count; 28 | 29 | - (BOOL)isValidCount:(NSUInteger)count; 30 | 31 | - (NSString *)description; 32 | 33 | @end 34 | 35 | 36 | #define OCMNever() ([OCMQuantifier never]) 37 | #define OCMTimes(n) ([OCMQuantifier exactly:(n)]) 38 | #define OCMAtLeast(n) ([OCMQuantifier atLeast:(n)]) 39 | #define OCMAtMost(n) ([OCMQuantifier atMost:(n)]) 40 | 41 | #ifndef OCM_DISABLE_SHORT_QSYNTAX 42 | #define never() OCMNever() 43 | #define times(n) OCMTimes(n) 44 | #define atLeast(n) OCMAtLeast(n) 45 | #define atMost(n) OCMAtMost(n) 46 | #endif 47 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/OCMRecorder.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMockObject; 20 | @class OCMInvocationMatcher; 21 | 22 | 23 | @interface OCMRecorder : NSProxy 24 | { 25 | OCMockObject *mockObject; 26 | OCMInvocationMatcher *invocationMatcher; 27 | BOOL didRecordInvocation; 28 | BOOL shouldReturnMockFromInit; 29 | } 30 | 31 | 32 | - (instancetype)init; 33 | - (instancetype)initWithMockObject:(OCMockObject *)aMockObject; 34 | 35 | - (void)setMockObject:(OCMockObject *)aMockObject; 36 | - (void)setShouldReturnMockFromInit:(BOOL)flag; 37 | 38 | - (OCMInvocationMatcher *)invocationMatcher; 39 | - (BOOL)didRecordInvocation; 40 | 41 | - (id)classMethod; 42 | - (id)ignoringNonObjectArgs; 43 | 44 | 45 | @end 46 | 47 | @interface OCMRecorder (Properties) 48 | 49 | #define ignoringNonObjectArgs() _ignoringNonObjectArgs() 50 | @property (nonatomic, readonly) OCMRecorder *(^ _ignoringNonObjectArgs)(void); 51 | 52 | @end 53 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/OCMVerifier.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMLocation; 20 | @class OCMQuantifier; 21 | 22 | @interface OCMVerifier : OCMRecorder 23 | 24 | @property(strong) OCMLocation *location; 25 | @property(strong) OCMQuantifier *quantifier; 26 | 27 | - (id)withQuantifier:(OCMQuantifier *)quantifier; 28 | 29 | @end 30 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/OCMock.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2004-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | #import 19 | #import 20 | #import 21 | #import 22 | #import 23 | #import 24 | #import 25 | #import 26 | #import 27 | #import 28 | #import 29 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Headers/OCMockObject.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2004-2020 Erik Doernenburg and contributors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | * not use these files except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | * License for the specific language governing permissions and limitations 14 | * under the License. 15 | */ 16 | 17 | #import 18 | 19 | @class OCMLocation; 20 | @class OCMQuantifier; 21 | @class OCMInvocationStub; 22 | @class OCMStubRecorder; 23 | @class OCMInvocationMatcher; 24 | @class OCMInvocationExpectation; 25 | 26 | 27 | @interface OCMockObject : NSProxy 28 | { 29 | BOOL isNice; 30 | BOOL expectationOrderMatters; 31 | NSMutableArray *stubs; 32 | NSMutableArray *expectations; 33 | NSMutableArray *exceptions; 34 | NSMutableArray *invocations; 35 | } 36 | 37 | + (id)mockForClass:(Class)aClass; 38 | + (id)mockForProtocol:(Protocol *)aProtocol; 39 | + (id)partialMockForObject:(NSObject *)anObject; 40 | 41 | + (id)niceMockForClass:(Class)aClass; 42 | + (id)niceMockForProtocol:(Protocol *)aProtocol; 43 | 44 | + (id)observerMock __deprecated_msg("Please use XCTNSNotificationExpectation instead."); 45 | 46 | - (instancetype)init; 47 | 48 | - (void)setExpectationOrderMatters:(BOOL)flag; 49 | 50 | - (id)stub; 51 | - (id)expect; 52 | - (id)reject; 53 | 54 | - (id)verify; 55 | - (id)verifyAtLocation:(OCMLocation *)location; 56 | 57 | - (void)verifyWithDelay:(NSTimeInterval)delay; 58 | - (void)verifyWithDelay:(NSTimeInterval)delay atLocation:(OCMLocation *)location; 59 | 60 | - (void)stopMocking; 61 | 62 | // internal use only 63 | 64 | - (void)addStub:(OCMInvocationStub *)aStub; 65 | - (void)addExpectation:(OCMInvocationExpectation *)anExpectation; 66 | - (void)addInvocation:(NSInvocation *)anInvocation; 67 | 68 | - (BOOL)handleInvocation:(NSInvocation *)anInvocation; 69 | - (void)handleUnRecordedInvocation:(NSInvocation *)anInvocation; 70 | - (BOOL)handleSelector:(SEL)sel; 71 | 72 | - (void)verifyInvocation:(OCMInvocationMatcher *)matcher; 73 | - (void)verifyInvocation:(OCMInvocationMatcher *)matcher atLocation:(OCMLocation *)location; 74 | - (void)verifyInvocation:(OCMInvocationMatcher *)matcher withQuantifier:(OCMQuantifier *)quantifier atLocation:(OCMLocation *)location; 75 | - (NSString *)descriptionForVerificationFailureWithMatcher:(OCMInvocationMatcher *)matcher quantifier:(OCMQuantifier *)quantifier invocationCount:(NSUInteger)count; 76 | 77 | @end 78 | 79 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Info.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Info.plist -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/Modules/module.modulemap: -------------------------------------------------------------------------------- 1 | framework module OCMock { 2 | umbrella header "OCMock.h" 3 | 4 | export * 5 | module * { export * } 6 | } 7 | -------------------------------------------------------------------------------- /TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/OCMock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/TrustKitTests/Dependencies/OCMock/tvOS/OCMock.framework/OCMock -------------------------------------------------------------------------------- /TrustKitTests/Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleDevelopmentRegion 6 | en 7 | CFBundleExecutable 8 | $(EXECUTABLE_NAME) 9 | CFBundleIdentifier 10 | $(PRODUCT_BUNDLE_IDENTIFIER) 11 | CFBundleInfoDictionaryVersion 12 | 6.0 13 | CFBundleName 14 | $(PRODUCT_NAME) 15 | CFBundlePackageType 16 | BNDL 17 | CFBundleShortVersionString 18 | 1.0 19 | CFBundleSignature 20 | ???? 21 | CFBundleVersion 22 | 1 23 | NSAppTransportSecurity 24 | 25 | NSAllowsArbitraryLoads 26 | 27 | 28 | 29 | 30 | -------------------------------------------------------------------------------- /TrustKitTests/TSKCertificateUtils.h: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | TSKCertificateUtils.h 4 | TrustKit 5 | 6 | Copyright 2015 The TrustKit Project Authors 7 | Licensed under the MIT license, see associated LICENSE file for terms. 8 | See AUTHORS file for the list of project authors. 9 | 10 | */ 11 | 12 | #if __has_feature(modules) 13 | @import Foundation; 14 | #else 15 | #import 16 | #endif 17 | 18 | @interface TSKCertificateUtils : NSObject 19 | 20 | + (SecCertificateRef)createCertificateFromPem:(NSString *)pemFilename; 21 | 22 | + (SecCertificateRef)createCertificateFromDer:(NSString *)derFilename; 23 | 24 | + (SecTrustRef)createTrustWithCertificates:(const void **)certArray 25 | arrayLength:(NSInteger)certArrayLength 26 | anchorCertificates:(const void **)anchorCertificates 27 | arrayLength:(NSInteger)anchorArrayLength; 28 | 29 | @end 30 | -------------------------------------------------------------------------------- /TrustKitTests/TSKLoggerTests.m: -------------------------------------------------------------------------------- 1 | // 2 | // TSKLoggerTests.m 3 | // TrustKit 4 | // 5 | // Created by Alban Diquet on 8/29/16. 6 | // Copyright © 2016 TrustKit. All rights reserved. 7 | // 8 | 9 | #import 10 | #import "../TrustKit/public/TrustKit.h" 11 | #import "../TrustKit/TSKLog.h" 12 | 13 | 14 | @interface TSKLoggerTests : XCTestCase 15 | 16 | @end 17 | 18 | @implementation TSKLoggerTests 19 | 20 | - (void)setUp 21 | { 22 | [super setUp]; 23 | } 24 | 25 | - (void)tearDown 26 | { 27 | [super tearDown]; 28 | } 29 | 30 | - (void)testDefaultLoggerBlock 31 | { 32 | TSKLog(@"test %@", @"test"); 33 | } 34 | 35 | 36 | - (void)testSetLoggerBlock 37 | { 38 | __block bool wasBlockCalled = false; 39 | void (^loggerBlock)(NSString *) = ^void(NSString *message) 40 | { 41 | XCTAssert(message, @"test test"); 42 | wasBlockCalled = true; 43 | }; 44 | 45 | [TrustKit setLoggerBlock:loggerBlock]; 46 | TSKLog(@"test %@", @"test"); 47 | XCTAssertTrue(wasBlockCalled); 48 | } 49 | 50 | @end 51 | -------------------------------------------------------------------------------- /TrustKitTests/TSKSwizzlingTests.m: -------------------------------------------------------------------------------- 1 | // 2 | // TSKSwizzlingTests.m 3 | // TrustKit 4 | // 5 | // Created by Alban Diquet on 6/26/17. 6 | // Copyright © 2017 TrustKit. All rights reserved. 7 | // 8 | 9 | #import 10 | #import "../TrustKit/Swizzling/TSKNSURLSessionDelegateProxy.h" 11 | #import "../TrustKit/Swizzling/TSKNSURLConnectionDelegateProxy.m" 12 | 13 | @interface TSKSwizzlingTests : XCTestCase 14 | 15 | @end 16 | 17 | 18 | /* Basic tests to ensure RSSwizzle does not trigger a crash because a method we are hooking has changed 19 | */ 20 | @implementation TSKSwizzlingTests 21 | 22 | - (void)setUp { 23 | [super setUp]; 24 | } 25 | 26 | - (void)tearDown { 27 | [super tearDown]; 28 | } 29 | 30 | 31 | - (void)testNSURLSession 32 | { 33 | NSDictionary *trustKitConfig = 34 | @{ 35 | kTSKPinnedDomains : 36 | @{ 37 | @"www.datatheorem.com" : @{ 38 | kTSKEnforcePinning : @YES, 39 | kTSKPublicKeyHashes : @[@"58qRu/uxh4gFezqAcERupSkRYBlBAvfcw7mEjGPLnNU=", // CA key 40 | @"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" // Fake key 41 | ]}}}; 42 | 43 | TrustKit *trustKit = [[TrustKit alloc] initWithConfiguration:trustKitConfig]; 44 | 45 | [TSKNSURLSessionDelegateProxy swizzleNSURLSessionConstructors:trustKit]; 46 | 47 | } 48 | 49 | 50 | - (void)testNSURLConnection 51 | { 52 | NSDictionary *trustKitConfig = 53 | @{ 54 | kTSKPinnedDomains : 55 | @{ 56 | @"www.datatheorem.com" : @{ 57 | kTSKEnforcePinning : @YES, 58 | kTSKPublicKeyHashes : @[@"58qRu/uxh4gFezqAcERupSkRYBlBAvfcw7mEjGPLnNU=", // CA key 59 | @"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" // Fake key 60 | ]}}}; 61 | 62 | TrustKit *trustKit = [[TrustKit alloc] initWithConfiguration:trustKitConfig]; 63 | 64 | [TSKNSURLConnectionDelegateProxy swizzleNSURLConnectionConstructors:trustKit]; 65 | 66 | } 67 | 68 | @end 69 | -------------------------------------------------------------------------------- /docs/TrustKit-BH2015.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/TrustKit-BH2015.pdf -------------------------------------------------------------------------------- /docs/documentation-readme.md: -------------------------------------------------------------------------------- 1 | # TrustKit Documentation 2 | 3 | TrustKit is an open source framework that makes it easy to deploy SSL public key pinning in any iOS, macOS, tvOS or watchOS App. 4 | 5 | This is the API documentation for TrustKit. A "Getting Started" guide is available at https://github.com/datatheorem/TrustKit/blob/master/docs/getting-started.md. 6 | 7 | TrustKit exposes two core classes for enabling SSL pinning in an App: 8 | 9 | * `TrustKit` for configuring an SSL pinning policy and initializing the framework. 10 | * `TSKPinningValidator`, for validating a server's certificate chain against an SSL pinning policy. 11 | -------------------------------------------------------------------------------- /docs/documentation/docsets/TrustKit.docset/Contents/Info.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleIdentifier 6 | com.jazzy.trustkit 7 | CFBundleName 8 | TrustKit 9 | DocSetPlatformFamily 10 | trustkit 11 | isDashDocset 12 | 13 | dashIndexFilePath 14 | index.html 15 | isJavaScriptEnabled 16 | 17 | DashDocSetFamily 18 | dashtoc 19 | 20 | 21 | -------------------------------------------------------------------------------- /docs/documentation/docsets/TrustKit.docset/Contents/Resources/Documents/img/carat.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/documentation/docsets/TrustKit.docset/Contents/Resources/Documents/img/carat.png -------------------------------------------------------------------------------- /docs/documentation/docsets/TrustKit.docset/Contents/Resources/Documents/img/dash.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/documentation/docsets/TrustKit.docset/Contents/Resources/Documents/img/dash.png -------------------------------------------------------------------------------- /docs/documentation/docsets/TrustKit.docset/Contents/Resources/Documents/img/gh.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/documentation/docsets/TrustKit.docset/Contents/Resources/Documents/img/gh.png -------------------------------------------------------------------------------- /docs/documentation/docsets/TrustKit.docset/Contents/Resources/Documents/img/spinner.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/documentation/docsets/TrustKit.docset/Contents/Resources/Documents/img/spinner.gif -------------------------------------------------------------------------------- /docs/documentation/docsets/TrustKit.docset/Contents/Resources/Documents/js/jazzy.js: -------------------------------------------------------------------------------- 1 | window.jazzy = {'docset': false} 2 | if (typeof window.dash != 'undefined') { 3 | document.documentElement.className += ' dash' 4 | window.jazzy.docset = true 5 | } 6 | if (navigator.userAgent.match(/xcode/i)) { 7 | document.documentElement.className += ' xcode' 8 | window.jazzy.docset = true 9 | } 10 | 11 | function toggleItem($link, $content) { 12 | var animationDuration = 300; 13 | $link.toggleClass('token-open'); 14 | $content.slideToggle(animationDuration); 15 | } 16 | 17 | function itemLinkToContent($link) { 18 | return $link.parent().parent().next(); 19 | } 20 | 21 | // On doc load + hash-change, open any targetted item 22 | function openCurrentItemIfClosed() { 23 | if (window.jazzy.docset) { 24 | return; 25 | } 26 | var $link = $(`.token[href="${location.hash}"]`); 27 | $content = itemLinkToContent($link); 28 | if ($content.is(':hidden')) { 29 | toggleItem($link, $content); 30 | } 31 | } 32 | 33 | $(openCurrentItemIfClosed); 34 | $(window).on('hashchange', openCurrentItemIfClosed); 35 | 36 | // On item link ('token') click, toggle its discussion 37 | $('.token').on('click', function(event) { 38 | if (window.jazzy.docset) { 39 | return; 40 | } 41 | var $link = $(this); 42 | toggleItem($link, itemLinkToContent($link)); 43 | 44 | // Keeps the document from jumping to the hash. 45 | var href = $link.attr('href'); 46 | if (history.pushState) { 47 | history.pushState({}, '', href); 48 | } else { 49 | location.hash = href; 50 | } 51 | event.preventDefault(); 52 | }); 53 | 54 | // Clicks on links to the current, closed, item need to open the item 55 | $("a:not('.token')").on('click', function() { 56 | if (location == this.href) { 57 | openCurrentItemIfClosed(); 58 | } 59 | }); 60 | -------------------------------------------------------------------------------- /docs/documentation/docsets/TrustKit.docset/Contents/Resources/Documents/js/jazzy.search.js: -------------------------------------------------------------------------------- 1 | $(function(){ 2 | var $typeahead = $('[data-typeahead]'); 3 | var $form = $typeahead.parents('form'); 4 | var searchURL = $form.attr('action'); 5 | 6 | function displayTemplate(result) { 7 | return result.name; 8 | } 9 | 10 | function suggestionTemplate(result) { 11 | var t = '
'; 12 | t += '' + result.name + ''; 13 | if (result.parent_name) { 14 | t += '' + result.parent_name + ''; 15 | } 16 | t += '
'; 17 | return t; 18 | } 19 | 20 | $typeahead.one('focus', function() { 21 | $form.addClass('loading'); 22 | 23 | $.getJSON(searchURL).then(function(searchData) { 24 | const searchIndex = lunr(function() { 25 | this.ref('url'); 26 | this.field('name'); 27 | this.field('abstract'); 28 | for (const [url, doc] of Object.entries(searchData)) { 29 | this.add({url: url, name: doc.name, abstract: doc.abstract}); 30 | } 31 | }); 32 | 33 | $typeahead.typeahead( 34 | { 35 | highlight: true, 36 | minLength: 3, 37 | autoselect: true 38 | }, 39 | { 40 | limit: 10, 41 | display: displayTemplate, 42 | templates: { suggestion: suggestionTemplate }, 43 | source: function(query, sync) { 44 | const lcSearch = query.toLowerCase(); 45 | const results = searchIndex.query(function(q) { 46 | q.term(lcSearch, { boost: 100 }); 47 | q.term(lcSearch, { 48 | boost: 10, 49 | wildcard: lunr.Query.wildcard.TRAILING 50 | }); 51 | }).map(function(result) { 52 | var doc = searchData[result.ref]; 53 | doc.url = result.ref; 54 | return doc; 55 | }); 56 | sync(results); 57 | } 58 | } 59 | ); 60 | $form.removeClass('loading'); 61 | $typeahead.trigger('focus'); 62 | }); 63 | }); 64 | 65 | var baseURL = searchURL.slice(0, -"search.json".length); 66 | 67 | $typeahead.on('typeahead:select', function(e, result) { 68 | window.location = baseURL + result.url; 69 | }); 70 | }); 71 | -------------------------------------------------------------------------------- /docs/documentation/docsets/TrustKit.docset/Contents/Resources/docSet.dsidx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/documentation/docsets/TrustKit.docset/Contents/Resources/docSet.dsidx -------------------------------------------------------------------------------- /docs/documentation/img/carat.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/documentation/img/carat.png -------------------------------------------------------------------------------- /docs/documentation/img/dash.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/documentation/img/dash.png -------------------------------------------------------------------------------- /docs/documentation/img/gh.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/documentation/img/gh.png -------------------------------------------------------------------------------- /docs/documentation/img/spinner.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/documentation/img/spinner.gif -------------------------------------------------------------------------------- /docs/documentation/js/jazzy.js: -------------------------------------------------------------------------------- 1 | window.jazzy = {'docset': false} 2 | if (typeof window.dash != 'undefined') { 3 | document.documentElement.className += ' dash' 4 | window.jazzy.docset = true 5 | } 6 | if (navigator.userAgent.match(/xcode/i)) { 7 | document.documentElement.className += ' xcode' 8 | window.jazzy.docset = true 9 | } 10 | 11 | function toggleItem($link, $content) { 12 | var animationDuration = 300; 13 | $link.toggleClass('token-open'); 14 | $content.slideToggle(animationDuration); 15 | } 16 | 17 | function itemLinkToContent($link) { 18 | return $link.parent().parent().next(); 19 | } 20 | 21 | // On doc load + hash-change, open any targetted item 22 | function openCurrentItemIfClosed() { 23 | if (window.jazzy.docset) { 24 | return; 25 | } 26 | var $link = $(`.token[href="${location.hash}"]`); 27 | $content = itemLinkToContent($link); 28 | if ($content.is(':hidden')) { 29 | toggleItem($link, $content); 30 | } 31 | } 32 | 33 | $(openCurrentItemIfClosed); 34 | $(window).on('hashchange', openCurrentItemIfClosed); 35 | 36 | // On item link ('token') click, toggle its discussion 37 | $('.token').on('click', function(event) { 38 | if (window.jazzy.docset) { 39 | return; 40 | } 41 | var $link = $(this); 42 | toggleItem($link, itemLinkToContent($link)); 43 | 44 | // Keeps the document from jumping to the hash. 45 | var href = $link.attr('href'); 46 | if (history.pushState) { 47 | history.pushState({}, '', href); 48 | } else { 49 | location.hash = href; 50 | } 51 | event.preventDefault(); 52 | }); 53 | 54 | // Clicks on links to the current, closed, item need to open the item 55 | $("a:not('.token')").on('click', function() { 56 | if (location == this.href) { 57 | openCurrentItemIfClosed(); 58 | } 59 | }); 60 | -------------------------------------------------------------------------------- /docs/documentation/js/jazzy.search.js: -------------------------------------------------------------------------------- 1 | $(function(){ 2 | var $typeahead = $('[data-typeahead]'); 3 | var $form = $typeahead.parents('form'); 4 | var searchURL = $form.attr('action'); 5 | 6 | function displayTemplate(result) { 7 | return result.name; 8 | } 9 | 10 | function suggestionTemplate(result) { 11 | var t = '
'; 12 | t += '' + result.name + ''; 13 | if (result.parent_name) { 14 | t += '' + result.parent_name + ''; 15 | } 16 | t += '
'; 17 | return t; 18 | } 19 | 20 | $typeahead.one('focus', function() { 21 | $form.addClass('loading'); 22 | 23 | $.getJSON(searchURL).then(function(searchData) { 24 | const searchIndex = lunr(function() { 25 | this.ref('url'); 26 | this.field('name'); 27 | this.field('abstract'); 28 | for (const [url, doc] of Object.entries(searchData)) { 29 | this.add({url: url, name: doc.name, abstract: doc.abstract}); 30 | } 31 | }); 32 | 33 | $typeahead.typeahead( 34 | { 35 | highlight: true, 36 | minLength: 3, 37 | autoselect: true 38 | }, 39 | { 40 | limit: 10, 41 | display: displayTemplate, 42 | templates: { suggestion: suggestionTemplate }, 43 | source: function(query, sync) { 44 | const lcSearch = query.toLowerCase(); 45 | const results = searchIndex.query(function(q) { 46 | q.term(lcSearch, { boost: 100 }); 47 | q.term(lcSearch, { 48 | boost: 10, 49 | wildcard: lunr.Query.wildcard.TRAILING 50 | }); 51 | }).map(function(result) { 52 | var doc = searchData[result.ref]; 53 | doc.url = result.ref; 54 | return doc; 55 | }); 56 | sync(results); 57 | } 58 | } 59 | ); 60 | $form.removeClass('loading'); 61 | $typeahead.trigger('focus'); 62 | }); 63 | }); 64 | 65 | var baseURL = searchURL.slice(0, -"search.json".length); 66 | 67 | $typeahead.on('typeahead:select', function(e, result) { 68 | window.location = baseURL + result.url; 69 | }); 70 | }); 71 | -------------------------------------------------------------------------------- /docs/documentation/undocumented.json: -------------------------------------------------------------------------------- 1 | { 2 | "warnings": [ 3 | 4 | ], 5 | "source_directory": "/Users/nabla/Documents/ios/TrustKit" 6 | } -------------------------------------------------------------------------------- /docs/images/linking3_dynamic.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/datatheorem/TrustKit/a94f27be00a9811618ff92f0d3fc40dac8211ba7/docs/images/linking3_dynamic.png -------------------------------------------------------------------------------- /docs/index.html: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /generate_test_certificates.py: -------------------------------------------------------------------------------- 1 | import trustme 2 | 3 | # Create a CA 4 | ca = trustme.CA() 5 | 6 | # Issue a cert signed by this CA 7 | server_cert = ca.issue_cert(u"www.good.com") 8 | 9 | # Save the PEM-encoded data to a file 10 | ca.cert_pem.write_to_path("GoodRootCA.pem") 11 | server_cert.private_key_and_cert_chain_pem.write_to_path("www.good.com.pem") 12 | --------------------------------------------------------------------------------