Closed mark-kowalski closed 5 years ago
Hello, TrustKit is built on Android's Network Security Configuration, which does not support dynamic initialization of the configuration/pins. However I agree that there is a use case for having more then one pinning policy per app (although it makes things a lot more complicated).
We might have to take the same approach as iOS, which is adding another "non singleton" initializer ( https://datatheorem.github.io/TrustKit/documentation/Classes/TrustKit.html#/c:objc(cs)TrustKit(im)initWithConfiguration: ) so that an app can have multiple pinning configuration at a given time. A pull request would be nice :), this might require a lot of changes tho. We can look it as well, I just don't know how long it will take us. Thanks!
Hey @nabla-c0d3,
thanks for your answer.
I did some small initial changes in a local branch to show you how i would like to implement it. I wanted to push my branch to your repo to show the suggestion, but i am not allowed to do that. Can you please give me the rights for that or how is the usual way to contribute?
is there any update on this?
Hey guys,
are you still working on improvements of the library? I would like to see the possibility to initialize Truskit with an instance of TrustKitConfiguration.
I wanted to use your library in a professional app but i need the possibility to add cert pins at runtime. The app gets his pinning-urls and hashes from a backend service. I know that can be dangerous. But this first backend call is pinned with a static buildconfig pin. After this successfull call i need to initialize TrustKit with the received hashes and urls. The key advantage of this method is that we can change pins and urls as fast as possible. Unfortunately this is not possible with your current implementation.
If you guys are willing to extend your library with this feature but don't have time for that i would like to contribute that change and create a PullRequest. What do you think?