Accepting Un-Trusted Certificates Using The IOS Simulator
来源:互联网 发布:淘宝闲鱼能小二介入 编辑:程序博客网 时间:2024/06/01 13:31
There are scenarios where an iOS developer might want to accept an un-trusted SSL certificate, such as when they are testing their application using the iOS simulator. By default applications using the NSUrlConnection API for performing remote connections contains built-in certificate validation. Therefore, developers or testers may encounter issues when testing HTTPS traffic using the iOS simulator. Some example scenarios may include applications communicating with remote services hosted on a non-production environment using self-signed certificates or the testers who need to debug SSL communication between the application and service using a local proxy tool, such as Burp Proxy or Fiddler. From a developer’s perspective, what is the best way to accept SSL certificates? While performing a Google search, I encountered the following thread on Stack Overflow discussing ways to accept self-signed certificates when using NSUrlConnection to connect to a website. In general, the responses all recommended performing code level changes in order to disable the built in certificate validation performed by iOS. Although, some answers recommend disabling certificate validation against certain hosts, there are also recommendations for disabling validation against all hosts. Given the temptation to copy and paste, this guidance is likely to result in insecure iOS application releases to the Apple App Store as the applications will be susceptible to man in the middle attacks.
Is there a better way to temporarily trust un-trusted certificates within the Simulator? In my opinion, the more secure way is to add the Certificate Authority(CA) certificate which signed the website’s certificate as a Trusted CA on the simulator. On an iOS device, this can be performed easily by opening the CA certificate on the device by emailing the certificate; however this is not possible with the simulator. Behind the scenes, when a CA certificate is added as a Trusted CA on the device, the certificate is inserted into the tsettings table of the TrustStore.sqlite3 database. This database is also used by the Simulator and can be found in the ~/Library/Application Support/iPhone Simulator/<SDK version>/Library/Keychains/ directory on your Mac workstation.
The tsettings table stores the contents of the CA certificate (Fingerprint, Subject, etc) but the only field needed by iOS during validation is the sha1 column which refers to the certificate’s SHA1 fingerprint. The table can be manually modified by using one of the many available SQLite clients. In order to simplify this process, I wrote a simple python script which can be used to import CA certificates into each TrustStore database used by the Simulator. The following example will walkthrough the steps for importing the Portswigger CA certificate. Importing this certificate will provide testers with the ability to intercept application HTTPS traffic using Burp Proxy. Although we can view and intercept SSL HTTP traffic while testing applications, the insecurity of accepting un-trusted certificates is no longer built into the application logic
Step 1: Modify the System Preferences/Network Proxy settings on your Mac in order to have all HTTP/HTTPS traffic be sent to your Burp Proxy.
Step 2: Visit an HTTPS website using Firefox. You will be shown a “This Connection is Untrusted” error page. Choose the Add Exception option and then click the Viewbutton. Enter the Details tab and you will be shown information about the certificate chain. Select the PortSwigger CA within the “Certificate Hierarchy” listing. Export the Certificate to the directory of your choice.
Step 3: Run the add_ca_to_iossim script and pass in the exported certificate as an argument.
Sample Usage:
python add_ca_to_iossim.py PortSwiggerCA.cer Successfully added CA to /User/GDS/Library/Application Support/iPhone Simulator/4.3/Library/Keychains/TrustStore.sqlite3 Successfully added CA to /User/GDS/Library/Application Support/iPhone Simulator/4.3.2/Library/Keychains/TrustStore.sqlite3
Run the simulator while proxying through Burp Proxy and you should be able to intercept HTTPS application sent by your application.
The add_ca_to_iossim python script can be download within the GDS Github page
原文参考:http://blog.gdssecurity.com/labs/2011/8/7/accepting-un-trusted-certificates-using-the-ios-simulator.html
- Accepting Un-Trusted Certificates Using The IOS Simulator
- Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates, v.1.1
- Five Tips for Using Self Signed SSL Certificates with iOS
- Unable to boot the iOS Simulator
- XCode unable to boot the ios simulator
- ios Xcode5 iOS Simulator failed to install the application
- 在虚拟机,ios开发,Unable to boot the iOS Simulator
- iOS Simulator failed to install the application 解决方法
- Run iOS Simulator from the Command Line (runsim)
- Requirements engineering using the agent paradigm: a case study of an aircraft turnaround simulator
- Introducing SSL and Certificates using SSLeay
- iOS Development--Certificates, Provisioning Profiles
- IOS Certificates, Identifiers, Devices, Profiles
- xcode之iOS simulator
- 重置iOS simulator
- iOS Simulator 用户操作方法
- unable to IOS simulator
- iOS 模拟器(Simulator) 简介
- Liunx 命令行与shell脚本编程大全 第五章学习笔记(Vim 编辑器使用详解 解释+图示)
- 大数据设计的主要技术
- MONGODB 集群 配置及 客户端PHP 连接
- Xtrabackup备份恢复常用命令与压缩测试
- Block in iOS (1)
- Accepting Un-Trusted Certificates Using The IOS Simulator
- ACM 模板 c++ STL 队列 queue 优先队列
- Advertising Identifier审核被拒终极解决方法
- java实现字符串转化为整数
- 可变参数函数定义要点
- eclipse构建Maven项目 (step-by-step)
- 安装Oracle EM 11g Fusion Middleware Control
- Android 读取文件头判断文件类型
- linux分区方案
