SDKS-8420: Certificate pinning feature

CHANGES.txt

@@ -1,3 +1,6 @@
+2.25.1 (Jun 3, 2024)
+- Updated impressions deduplication to apply across sessions.
+
 2.25.0: (May 21, 2024)
 - Added support for targeting rules based on semantic versions (https://semver.org/).
 - Added special impression label "targeting rule type unsupported by sdk" when the matcher type is not supported by the SDK, which returns 'control' treatment.

Split.podspec

@@ -1,7 +1,7 @@
 Pod::Spec.new do |s|
   s.name             = 'Split'
   s.module_name      = 'Split'
-  s.version          = '2.25.0'
+  s.version          = '2.26.0-rc6'
   s.summary          = 'iOS SDK for Split'
   s.description      = <<-DESC
 This SDK is designed to work with Split, the platform for controlled rollouts, serving features to your users via the Split feature flag to manage your complete customer experience.

Split/Api/CertificatePinningConfig.swift

@@ -0,0 +1,165 @@
+//
+//  CertificatePinningConfig.swift
+//  Split
+//
+//  Created by Javier L. Avrudsky on 04/08/2020.
+//  Copyright © 2020 Split. All rights reserved.
+//
+
+import Foundation
+
+/// Custom error type for certificate pinning errors, conforming to LocalizedError.
+@objc
+public class CertificatePinningError: NSObject, LocalizedError {
+    private let message: String
+
+    /// Initializes a new instance of CertificatePinningError with a custom message.
+    /// - Parameter message: The error message.
+    init(message: String) {
+        self.message = message
+    }
+
+    /// Provides a localized description of the error.
+    public var errorDescription: String? {
+        return message
+    }
+}
+
+/// Configuration class for Certificate Pinning.
+@objc public class CertificatePinningConfig: NSObject {
+    private(set) var pins: [CredentialPin]
+
+    /// Initializes a new instance of CertificatePinningConfig with an array of pins.
+    /// - Parameter pins: Array of CredentialPin objects.
+    init(pins: [CredentialPin]) {
+        self.pins = pins
+    }
+
+    /// Provides a builder for CertificatePinningConfig.
+    @objc(builder)
+    public static func builder() -> Builder {
+        return Builder()
+    }
+
+    /// Builder class for constructing a CertificatePinningConfig.
+    @objc(CertificatePinningConfigBuilder)
+    public class Builder: NSObject {
+
+        private enum PinType {
+            case key
+            case certificate
+        }
+
+        private struct Pin {
+            let host: String
+            let data: String
+            let type: PinType
+        }
+
+        private let splitValidator = SplitNameValidator()
+        private var builderPins = [Pin]()
+
+        // Visible for testing variable
+        var bundle: Bundle = Bundle.main
+
+        /// Builds and returns a CertificatePinningConfig with the added pins.
+        /// - Throws: CertificatePinningError if any pin cannot be parsed.
+        /// - Returns: A configured CertificatePinningConfig instance.
+        @objc
+        public func build() throws -> CertificatePinningConfig {
+            var pins = [CredentialPin]()
+            for pin in builderPins {
+                let credential = (pin.type == .certificate ? try parseCertificate(pin: pin) : try parseHash(pin: pin))
+                pins.append(credential)
+            }
+            return CertificatePinningConfig(pins: pins)
+        }
+
+        /// Adds a certificate pin for the specified host.
+        /// The certificate file must be in DER format.
+        /// - Parameters:
+        ///   - host: The host for which to add the pin.
+        ///   - certificateName: The name of the certificate file (without the `.der` extension) located in the app bundle.
+        ///                      The method will automatically look for a `.der` file with this name in the main bundle.
+        ///                      Ensure the certificate file is correctly included in your app's bundle resources.
+        /// - Returns: The Builder instance for chaining.
+        @discardableResult
+        @objc(addPinForHost:certificateName:)
+        public func addPin(host: String, certificateName: String) -> CertificatePinningConfig.Builder {
+            builderPins.append(Pin(host: host, data: certificateName, type: .certificate))
+            return self
+        }
+
+        /// Adds a key hash pin for the specified host.
+        /// - Parameters:
+        ///   - host: The host for which to add the pin.
+        ///   - keyHash: A string representing the base64-encoded key hash along with its hashing algorithm.
+        ///              The format must follow the pattern `"algorithm/hash"`, where:
+        ///              - `algorithm` is the name of the hashing algorithm used (e.g., `sha256`, `sha1`).
+        ///              - `hash` is the base64-encoded hash value generated by applying the specified algorithm to the key.
+        ///
+        ///              Example Format:
+        ///              - `"sha256/g8gd29aGVsbybEP="`
+        ///
+        ///              Detailed Example:
+        ///              - If you have a key hash generated using the SHA-256 algorithm, it should look something like:
+        ///                `"sha256/aGVsbG8gd29ybGQ="`, where `"aGVsbG8gd29ybGQ="` is the base64-encoded result of the hash.
+        /// - Returns: The Builder instance for chaining.
+        @discardableResult
+        @objc(addPinForHost:hash:)
+        public func addPin(host: String, keyHash: String) -> CertificatePinningConfig.Builder {
+            builderPins.append(Pin(host: host, data: keyHash, type: .key))
+            return self
+        }
+
+        /// Parses a certificate pin into a CredentialPin.
+        /// - Parameter pin: The pin to parse.
+        /// - Throws: CertificatePinningError if the certificate cannot be parsed.
+        /// - Returns: A CredentialPin object.
+        private func parseCertificate(pin: Pin) throws -> CredentialPin {
+            // Add pin from certificate
+            // It is important to take into account that this method could delay a bit the init process
+            // TODO: Measure time
+            guard let spki = TlsCertificateParser.spki(from: pin.data, bundle: bundle) else {
+                throw errLog("Couldn't get SPKI from \(pin.data).der")
+            }
+
+            return CredentialPin(host: pin.host,
+                                 hash: AlgoHelper.computeHash(spki.data, algo: .sha256),
+                                 algo: .sha256)
+        }
+
+        /// Parses a key hash pin into a CredentialPin.
+        /// - Parameter pin: The pin to parse.
+        /// - Throws: CertificatePinningError if the key hash is invalid.
+        /// - Returns: A CredentialPin object.
+        private func parseHash(pin: Pin) throws -> CredentialPin {
+            let hash = pin.data
+            guard let separatorIndex = hash.firstIndex(of: "/") else {
+                throw errLog("Unable to add pin for host \(pin.host), invalid key hash")
+            }
+
+            let algoName = String(hash[hash.startIndex..<separatorIndex])
+            guard let algo = KeyHashAlgo(rawValue: algoName) else {
+                throw errLog("Key hash algorithm not supported for pin: \(algoName)")
+            }
+
+            let keyHash = String(hash[hash.index(after: separatorIndex)..<hash.endIndex])
+            guard let dataHash = Data(base64Encoded: keyHash) else {
+                throw errLog("Key hash not valid for host \(pin.host) and algorithm: \(algoName)")
+            }
+            if dataHash.isEmpty {
+                throw errLog("Key hash is empty for host \(pin.host) algorithm: \(algoName)")
+            }
+            return CredentialPin(host: pin.host, hash: dataHash, algo: algo)
+        }
+
+        /// Logs an error and returns a CertificatePinningError.
+        /// - Parameter message: The error message.
+        /// - Returns: A CertificatePinningError object.
+        private func errLog(_ message: String) -> CertificatePinningError {
+            Logger.e(message)
+            return CertificatePinningError(message: message)
+        }
+    }
+}

Split/Api/DefaultSplitFactory.swift

@@ -58,6 +58,9 @@ public class DefaultSplitFactory: NSObject, SplitFactory {
                                                userKey: params.key.matchingKey)
 
         HttpSessionConfig.default.httpsAuthenticator = params.config.httpsAuthenticator
+        if let pinningConfig = params.config.certificatePinningConfig {
+            HttpSessionConfig.default.pinChecker = DefaultTlsPinChecker(pins: pinningConfig.pins)
+        }
 
         // Creating Events Manager first speeds up init process
         let eventsManager = components.getSplitEventsManagerCoordinator()

Split/Api/LocalhostSplitFactory.swift

@@ -94,7 +94,7 @@ public class LocalhostSplitFactory: NSObject, SplitFactory {
 
     private static func splitsDataSource(config: SplitClientConfig, bundle: Bundle) -> LocalhostDataSource {
         let dataFolderName = SplitDatabaseHelper.sanitizeForFolderName(config.localhostDataFolder)
-        let fileStorage = FileStorage(dataFolderName: dataFolderName)
+        let fileStorage = DefaultFileStorage(dataFolderName: dataFolderName)
         var loaderConfig = FeatureFlagsFileLoaderConfig()
         loaderConfig.refreshInterval = config.offlineRefreshRate
 

Split/Api/SplitCertPinningAuthenticator.swift

@@ -0,0 +1,17 @@
+//
+//  SplitCertPinningAuthenticator.swift
+//  Split
+//
+//  Created by Javier Avrudsky on 05/07/2024.
+//  Copyright © 2024 Split. All rights reserved.
+//
+
+import Foundation
+
+typealias AuthCompletion = (URLSession.AuthChallengeDisposition, URLCredential?) -> Void
+
+class SplitCertPinningAuthenticator {
+
+
+
+}

Split/Api/SplitClientConfig.swift

@@ -320,6 +320,32 @@ public class SplitClientConfig: NSObject {
     /// This is useful when using two factories with the same SDK Key to avoid having issues with the shared data
     @objc public var prefix: String?
 
+
+    /// The `CertificatePinningConfig` class is used to configure certificate pinning for a given set of hosts.
+    /// It holds an array of credentials, each of which represents a pin for a specific host,
+    /// either in the form of a certificate name or a base64-encoded key hash.
+    /// This configuration ensures that only trusted certificates are used for secure communication.
+    ///
+    /// ### Usage Example:
+    /// ```swift
+    /// // Create a new builder instance
+    /// let builder = CertificatePinningConfig.builder()
+    ///
+    /// // Add certificate pin for a host
+    /// builder.addPin(host: "example.com", certificateName: "example_cert")
+    ///
+    /// // Add key hash pin for a host
+    /// builder.addPin(host: "example.com", keyHash: "sha256/aGVsbG8gd29ybGQ=")
+    ///
+    /// // Build the CertificatePinningConfig
+    /// let config = try builder.build()
+    /// ```
+    ///
+    /// This example demonstrates how to add certificate and key hash pins for a host and build the configuration.
+    ///
+    /// - Note: The certificate files must be in DER format and included in the app bundle.
+    @objc public var certificatePinningConfig: CertificatePinningConfig?
+
     ///
     ///  Update this variable to enable / disable telemetry for testing
     ///

Split/Common/Utils/Base64Utils.swift

@@ -9,7 +9,7 @@
 import Foundation
 
 class Base64Utils {
-    static let kOffsetLenght = 4
+    static let kOffsetLength = 4
     class func decodeBase64URL(base64: String?) -> String? {
         guard let base64 = base64 else {
             return nil

Split/Common/Utils/FileUtil.swift

@@ -0,0 +1,49 @@
+//
+//  FileUtil.swift
+//  Split
+//
+//  Created by Javier Avrudsky on 04/07/2024.
+//  Copyright © 2024 Split. All rights reserved.
+//
+
+import Foundation
+
+// FileHelper
+struct FileUtil {
+
+    static func copySourceFile(name: String, type: String, fileStorage: FileStorage, bundle: Bundle) -> Bool {
+
+        guard let fileContent = loadFile(name: name, type: type, bundle: bundle) else {
+            return false
+        }
+        fileStorage.write(fileName: "\(name).\(type)", content: fileContent)
+        return true
+    }
+
+    static func loadFile(name fileName: String, type fileType: String, bundle: Bundle) -> String? {
+        var fileContent: String?
+        if let filepath = bundle.path(forResource: fileName, ofType: fileType) {
+            do {
+                fileContent = try String(contentsOfFile: filepath, encoding: .utf8)
+            } catch {
+                Logger.e("Could not load file: \(filepath)")
+            }
+        }
+        return fileContent
+    }
+
+    static func loadFileData(name: String, type fileType: String, bundle: Bundle)-> Data? {
+
+        guard let filepath = bundle.path(forResource: name, ofType: fileType) else {
+            return nil
+        }
+
+        let uri = URL(fileURLWithPath: filepath)
+        do {
+            return try Data(contentsOf: uri)
+        } catch {
+            print("File Read Error for file \(filepath)")
+            return nil
+        }
+    }
+}

Split/Common/Utils/NotificationsHelper.swift

@@ -24,11 +24,12 @@ import WatchKit
 import TVUIKit
 #endif
 
-typealias ObserverAction = () -> Void
+typealias ObserverAction = (AnyObject?) -> Void
 
 enum AppNotification: String {
     case didEnterBackground
     case didBecomeActive
+    case pinnedCredentialValidationFail
 }
 
 /// ** NotificationHelper **
@@ -38,16 +39,18 @@ enum AppNotification: String {
 /// that way the code becomes streight and simple.
 
 protocol NotificationHelper {
-
     func addObserver(for notification: AppNotification, action: @escaping ObserverAction)
     func removeAllObservers()
+    func post(notification: AppNotification, info: AnyObject?)
 }
 
 class DefaultNotificationHelper: NotificationHelper {
 
     private let queue = DispatchQueue(label: "split-notification-helper", attributes: .concurrent)
     private var actions = [String: [ObserverAction]]()
 
+    static let pinnedCredentialValidationFailed = NSNotification.Name("pinnedCredentialValidationFailed")
+
 #if os(iOS) || os(tvOS)
 
 #if swift(>=4.2)
@@ -107,14 +110,14 @@ class DefaultNotificationHelper: NotificationHelper {
         NotificationCenter.default.removeObserver(self, name: Self.didBecomeActiveNotification, object: nil)
     }
 
-    private func executeActions(for notification: AppNotification) {
+    private func executeActions(for notification: AppNotification, info: AnyObject? = nil) {
         var actions: [ObserverAction]?
         queue.sync {
             actions = self.actions[notification.rawValue]
         }
         if let actions =  actions {
             for action in actions {
-                action()
+                action(info)
             }
         }
     }
@@ -135,4 +138,8 @@ class DefaultNotificationHelper: NotificationHelper {
             self.actions.removeAll()
         }
     }
+
+    func post(notification: AppNotification, info: AnyObject?) {
+        executeActions(for: AppNotification.pinnedCredentialValidationFail, info: info)
+    }
 }

Split/Common/Utils/Version.swift

@@ -9,7 +9,7 @@ import Foundation
 
 class Version {
     private static let kSdkPlatform: String = "ios"
-    private static let kVersion = "2.25.0"
+    private static let kVersion = "2.26.0-rc6"
 
     static var semantic: String {
         return kVersion

Split/FetcherEngine/Refresh/RetryableSyncWorker.swift

@@ -133,7 +133,7 @@ class RetryableMySegmentsSyncWorker: BaseRetryableSyncWorker {
                    reconnectBackoffCounter: reconnectBackoffCounter)
     }
 
-    override func fetchFromRemote() -> Bool {
+    override func fetchFromRemote() throws -> Bool {
         do {
             let oldSegments = mySegmentsStorage.getAll()
             if let segments = try self.mySegmentsFetcher.execute(userKey: self.userKey, headers: getHeaders()) {
@@ -190,7 +190,7 @@ class RetryableSplitsSyncWorker: BaseRetryableSyncWorker {
         super.init(eventsManager: eventsManager, reconnectBackoffCounter: reconnectBackoffCounter)
     }
 
-    override func fetchFromRemote() -> Bool {
+    override func fetchFromRemote() throws -> Bool {
         var changeNumber = splitsStorage.changeNumber
         var clearCache = false
         if changeNumber != -1 {