TrustKit Reference Implementing Pinning Validation Reference

Implementing Pinning Validation

TSKPinningValidator
A TSKPinningValidator instance can be used to verify a server’s identity against an SSL pinning policy.

In specific scenarios, TrustKit cannot intercept outgoing SSL connections and automatically validate the server’s identity against the pinning policy:
- All connections within an App that disables TrustKit’s network delegate swizzling by setting the kTSKSwizzleNetworkDelegates configuration key to NO.
- Connections that do not rely on the NSURLConnection or NSURLSession APIs:
  
  WKWebView connections.
  
  Connections leveraging low-level network APIs (such as NSStream).
  
  Connections initiated using a third-party SSL library such as OpenSSL.
For these connections, pin validation must be manually triggered using one of the two available methods within TSKPinningValidator.
See more
Declaration
Objective-C

@interface TSKPinningValidator : NSObject
Swift

class TSKPinningValidator : NSObject

TSKTrustDecision
Possible return values when verifying a server’s identity against an SSL pinning policy.
See more
Declaration
Objective-C

enum TSKTrustDecision {}
Swift

enum TSKTrustDecision : Int