TrustKit-Android icon indicating copy to clipboard operation
TrustKit-Android copied to clipboard

Published 20 hours ago verified publisher icon datatheorem

Metadata

Easy SSL pinning validation and reporting for Android.

Results 33 TrustKit-Android issues
Sort by recently updated
recently updated
newest added

Do not support .shop domains

Hn-BinRong avatar Hn-BinRong

Migrate away from deprecated APIs for Android Q support

Some APIs used by TrustKit have been deprecated in Android Q: * android.preference (https://developer.android.com/reference/android/preference/Preference): the replacement is androidx.preference (https://developer.android.com/reference/androidx/preference/package-summary.html). * Junit is deprecated: we need to switch AndroidxJunit instead. *...

nabla-c0d3 avatar nabla-c0d3

enhancement
to-release

TrustKit throws IllegalArgumentException

Hello! **Describe the bug** I'm seeing one crash in Google play console: ``` java.lang.IllegalArgumentException: at com.datatheorem.android.trustkit.config.TrustKitConfiguration.getPolicyForHostname (TrustKitConfiguration.java:90) at com.datatheorem.android.trustkit.pinning.TrustManagerBuilder.getTrustManager (TrustManagerBuilder.java:67) at com.datatheorem.android.trustkit.TrustKit.getTrustManager (TrustKit.java:390) ``` https://github.com/datatheorem/TrustKit-Android/blob/master/trustkit/src/main/java/com/datatheorem/android/trustkit/config/TrustKitConfiguration.java#L91 **To Reproduce** Unfortunately I cannot...

iskugor avatar iskugor

Domains under new gTLDs such as as .blog are rejected with "invalid domain" error

1 comment

I performed all the steps in the documentation. I received a CA certificate for the application and included it in the application with custom SSLSocketFactory. However, I always get this...

ahmetcuneydioglu avatar ahmetcuneydioglu

bug

Add the policy's expiration date to reports

nabla-c0d3 avatar nabla-c0d3

enhancement

Report is not sent if didChainValidationFail is true

Whenever i try to do `MITM` attack, the ChainValidation Fail and exception is thrown without sending any report to the server `dataTheorem`, although with `wrong pinning key` and no `MITM`...

ghadly avatar ghadly

under investigation

Kotlin implementation for onCreate override

**Describe the bug** I've used the documentation https://github.com/datatheorem/TrustKit-Android/blob/master/docs/getting-started.md#adding-trustkit-as-a-dependency for integrating TrustKit into a Flutter app with Kotlin. When trying to initialize TrustKit with the Pinning Policy (https://github.com/datatheorem/TrustKit-Android/blob/master/docs/getting-started.md#initializing-trustkit-with-the-pinning-policy) I can only...

sebastianbuechler avatar sebastianbuechler

Dynamic network security config pin set keys

Currently, I configure pin sets in the network security config file using TrustKit. However, I'd like to avoid storing these pins in the file to enhance security. Is there a...

batuhangoktepe avatar batuhangoktepe

Accessing string resources inside network-security-config

Is it possible to use [string resources][1] inside `android:networkSecurityConfig` defined in AndroidManifest.xml? I have a config file like this: mydomain.com @string/pin @string/pin_fallback but my app doesn't seem to detect resources...

numandev1 avatar numandev1

Wrong public key not blocking the API request.

**Describe the bug** I have added the wrong public key in network_security_config file, still the API request is working fine. I am using Volley for network request. ` HurlStack sslHurlStack...

MahaleTushar avatar MahaleTushar

Metadata

578
Stars
92
Forks
Watchers

Owner

verified publisher icon datatheorem

Metadata

Easy SSL pinning validation and reporting for Android.

Back