datatrans / android-sdk

Accept payments on your Android apps: Our mobile SDKs support your entire payment and registration process and simplify the integration of any payment method in your mobile apps.
Other
6 stars 0 forks source link

SDK fails with domain-specific network_security_config #9

Closed cmatija-ergon closed 1 year ago

cmatija-ergon commented 1 year ago

We intend to use public key pinning for connections to our backend. Consequently, our network_security_config.xml contains entries such as:

  <domain-config cleartextTrafficPermitted="false">
    <domain includeSubdomains="false">[domain]</domain>
    <pin-set>
      <pin digest="SHA-256">[hash1]</pin>
      <pin digest="SHA-256">[hash2]</pin>
    </pin-set>
  </domain-config>

However, as soon as we use such a domain-specific config, an SSLHandshakeException gets thrown in the SDK, stating: Domain specific configurations require that hostname aware checkServerTrusted(X509Certificate[], String, String) is used. In the frontend, an error message is displayed, stating that no secure connection could be established.

Note: I could explicity see the exception in the onTransactionError-Method when using SDK version 2.2.1, while in version 3.0.2, I can only ever end up in onTransationCancel(), where I can't see the exception information. However, I strongly suspect that the issue is the same.

BasilAch commented 1 year ago

Hi @cmatija-ergon,

It is unfortunately not possible to do programmatic pinning and configuration-based pinning at the same time. This means that you either have to remove your pinning configuration and use the SDK's certificate pinning option (useCertificatePinning=true), or use your pinning configuration but disable certificate pinning for the SDK.

In the latter case you could add public key entries for our hosts (api.datatrans.com / pay.datatrans.com and the respective sandbox variants) to your configuration, but please be aware that you do so at your own risk and we do not provide support for this method. Make sure to set useCertificatePinning to false and to never pin certificates but only public keys.

bacherma commented 1 year ago

Closing this. @cmatija-ergon, thanks for bringing the differences between 2.2 and 3.0 to our attention. We'll fix this in an upcoming release.

cmatija-ergon commented 1 year ago

@BasilAch @bacherma Thanks a lot for your responses!

However, there seems to be a slight misunderstanding: We are in no way, shape or form pinning any certificates/keys related to datatrans. The only pinning we do concerns the connection between our app and our backend (whereas your SDK communicates with your system directly). Nevertheless, the sdk crashes when trying to pay using a credit card when we use public key pinning of our own certificates

bacherma commented 1 year ago

Hello @cmatija-ergon, are you certain that you do not set the SDK's certificate pinning option anywhere in your code (options.useCertificatePinning)? We have never been able to reproduce this issue if pinning is not enabled.

Would it be possible to create a minimal test project for us to reproduce?