020Transport Security using SSL

iOS apps needs to be written in a way to provide security to data which is being transported over network.

SSL is the common way to do it.

Whenever app tries to call web services to pull or push data to servers, it should use SSL over HTTP, i.e. HTTPS.

To do this, app must call https://server.com/part such web services and not http://server.com/part.

In this case, app needs to trust the server server.com using SSL certificate.

Here is the example of validating server trust-

Implement URLSessionDelegate as:

func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
    
    if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
        let serverTrust:SecTrust = challenge.protectionSpace.serverTrust!

        func acceptServerTrust() {
            let credential:URLCredential = URLCredential(trust: serverTrust)
            challenge.sender?.use(credential, for: challenge)
            completionHandler(.useCredential, URLCredential(trust: challenge.protectionSpace.serverTrust!))
        }
        
        let success = SSLTrustManager.shouldTrustServerTrust(serverTrust, forCert: "Server_Public_SSL_Cert")
        if success {
            acceptServerTrust()
            return
        }
    }
    else if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodClientCertificate {
        completionHandler(.rejectProtectionSpace, nil);
        return
    }
    completionHandler(.cancelAuthenticationChallenge, nil)
}

Here is trust manager: (couldn’t found Swift code)

@implementation SSLTrustManager
+ (BOOL)shouldTrustServerTrust:(SecTrustRef)serverTrust forCert:(NSString*)certName {
// Load up the bundled certificate.
NSString *certPath = [[NSBundle mainBundle] pathForResource:certName ofType:@"der"];
NSData *certData = [[NSData alloc] initWithContentsOfFile:certPath];
CFDataRef certDataRef = (__bridge_retained CFDataRef)certData;
SecCertificateRef cert = SecCertificateCreateWithData(NULL, certDataRef);

// Establish a chain of trust anchored on our bundled certificate.
CFArrayRef certArrayRef = CFArrayCreate(NULL, (void *)&cert, 1, NULL);
SecTrustSetAnchorCertificates(serverTrust, certArrayRef);

// Verify that trust.
SecTrustResultType trustResult;
SecTrustEvaluate(serverTrust, &trustResult);

// Clean up.
CFRelease(certArrayRef);
CFRelease(cert);
CFRelease(certDataRef);

// Did our custom trust chain evaluate successfully?
return trustResult == kSecTrustResultUnspecified;
}
@end

Server_Public_SSL_Cert.der is servers’ public SSL key.

Using this approach our app can make sure that it is communicating to the intended server and no one is intercepting the app-server communication.

Found a mistake? Have a question or improvement idea? Let me know.

Security:

* 000Security

* Securing Data in iTunes Backups

* 020Transport Security using SSL

Table Of Contents

0 Getting started with iOS

1 UILabel

2 Change Status Bar Color

3 Passing Data between View Controllers

4 Managing the Keyboard

5 UIButton

6 UILocalNotification

7 UIImageView

8 Checking for Network Connectivity

9 Accessibility

10 UITableView

11 Auto Layout

12 UIView

13 UIAlertController

14 MKMapView

15 UIColor

16 NSAttributedString

17 CAAnimation

18 UITextView

19 UINavigationController

20 Concurrency

21 CAGradientLayer

22 UIGestureRecognizer

23 Custom UIViews from XIB files

24 Safari Services

25 UIStackView

26 UIImage

27 UIWebView

28 CALayer

29 Swift and Objective-C interoperability

30 NSDate

31 Custom Fonts

32 AVSpeechSynthesizer

33 UIBarButtonItem

34 UIScrollView

35 Localization

36 NSNotificationCenter

37 UITextField

38 Networking with Alamofire

39 UIViewController

40 iBeacon

41 CLLocation

42 NSURLSession

43 UISwitch

44 Checking iOS version

45 Universal Links

46 UICollectionView

47 PDF Creation

48 In-App Purchase

49 NSTimer

50 CGContext

51 UITabBarController

52 UISearchController

53 UIActivityViewController

54 Core Location

55 FacebookSDK

56 AFNetworking

57 CTCallCenter

58 UIImagePickerController

59 NSUserDefaults

60 UIControl - Event Handling with Blocks

61 UIBezierPath

62 UIPageViewController

63 UIAppearance

64 Push Notifications

65 Key Value Coding

66 Initialization idioms

67 Storyboard

68 Background Modes and Events

69 Fastlane

70 CAShapeLayer

71 WKWebView

72 UUID Universally Unique Identifier

73 Categories

74 Handling URL Schemes

75 Realm database

76 ARC Automatic Reference Counting

77 UIPickerView

78 Dynamic Type

79 NSURL

80 SWRevealViewController

81 Snapshot of UIView

82 DispatchGroup

83 GCD Grand Central Dispatch

84 Size Classes and Adaptivity

85 UIScrollView, AutoLayout

86 IBOutlets

87 AWS SDK

88 Debugging Crashes

89 UISplitViewController

90 UISplitViewController

91 UIDevice

92 CloudKit

93 GameplayKit

94 XCode Build Archive From Command Line

95 Unit Testing with XCTest

96 NSData

97 AVPlayer and AVPlayerViewController

98 Deep Linking

99 App Transport Security (ATS)

100 Core Graphics

101 Segues

102 UIDatePicker

103 NSPredicate

104 EventKit

105 NSBundle

106 SiriKit

107 Contacts Framework

108 Dynamically updating a UIStackView

109 Speech Recognition

110 NSURLConnection

111 StoreKit

112 Code signing

113 .ipa file to upload on appstore with ApplicationLoader

114 Resizing UIImage

115 Size Classes and Adaptivity

116 MKDistanceFormatter

117 3D Touch

118 GameCenter Leaderboards

119 Keychain

120 Handle Multiple Environment using Macro

121 Set View Background

122 Block

123 Content Hugging

124 Google Places API

125 Navigation Bar

126 UITextField Delegate

127 App-wide operations

128 UILabel text underlining

129 Cut a UIImage into a circle

130 Make selective UIView corners rounded

131 Convert HTML to NSAttributed string and vice versa

132 Convert NSAttributedString to UIImage

133 CoreImage Filters

134 Face Detection Using CoreImageOpenCV

135 MPMediaPickerDelegate

136 Graph Coreplot

137 NSHTTPCookieStorage

138 FCM Messaging

139 Create Custom Framework

140 Custom Keyboard

141 AirDrop

142 SLComposeViewController

143 AirPrint tutorial

144 UISlider

145 Carthage

146 HealthKit

147 Core SpotLight

148 UI Testing

149 Core Motion

150 QR Code Scanner

151 plist

152 NSInvocation

153 UIRefreshControl TableView

154 WCSessionDelegate

155 AppDelegate

156 App Submission Process

157 MVVM

158 UIStoryboard

159 Basic text file I/O

160 Text To Speech (TTS)

161 MPVolumeView

162 Objective-C Associated Objects

163 Passing Data between View Controllers

164 UIPhoenix

165 Blocks in Queue with MKBlockQueue

166 Simulator

167 BackgroundModes

168 NSArray

169 OpenGL

170 UIScrollView with StackView child

171 Cache online images

172 MVP Architecture

173 UIKit Dynamics

174 Configure Beacons with CoreBluetooth

175 Core Data

176 Extension for rich Push Notification

177 Profiling with Instruments

178 Application rating review request

179 MyLayout

180 UIFont

181 Simulator Builds

182 Simulating Location Using GPX files

183 Custom methods of selection of UITableViewCells

184 Custom methods of selection of UITableViewCells

185 UISegmentedControl

186 SqlCipher integration

187 Custom UITextField

188 Custom UITextField

189 Security

190 Guideline to architecture patterns

191 UIFeedbackGenerator

192 UIKit Dynamics with UICollectionView

193 Multicast Delegates

194 Using image assets

195 UITableViewCell

196 Runtime in Objective-C

197 ModelPresentationStyles

198 CydiaSubstrate tweak

199 Create a video from images

200 Codable

201 FileHandle

202 NSUserActivity

203 Rich Notifications

204 Load images async

205 Adding Swift bridging header

206 Creating an App ID

207 Changing the rootview controller

208 Attributed text in UILabel

209 UITableViewController

210 Contributors