Wi-Fi Encryption iOS, Network Extension and App Review Process

Hi,


I'm developing an app to specifically test the Wi-Fi, and i would like to get the wi-fi encryption.

From what i know, it's not possible (the only thing that can be retrieve is the SSID and BSSID 😢).

So i searched for another way, and the Network Extension API does have some tools that may help me to have some hints about encryption :

- I first decided to go with the NEHotspotHelper API, but the only thing that this API return about encryption is a boolean saying if it secured or not (and there is no documentation of how security is determined 😎 - see https://stackoverflow.com/a/32971064

- Secondly, there is another new (since iOS 11) API called NEHotspotConfigurationManager that let configure an hotspot with specified encryption (trial and error approach to retrieve the encryption - definitly not the best).


I asked to "appreview@apple.com" and support staff if using this approach was safe to pass the App-Store Review Process (using the Network Extension should be justified) and i got those responses :


support staff answered me :

"These APIs are not designed for the use you’ve identified. If you would like to see your desired functionality included in a future iOS update, please file an Enhancement Request using Apple’s online bug reporting system at <https://bugreport.apple.com>."


appreview@apple.com answered me :

"Thank you for contacting App Store Review regarding your planned app. We are not able to preapprove proposed app ideas or concepts without reviewing the app itself. Therefore, we recommend that you submit your app for review.

We have forwarded your case to the appropriate team for review, and they will follow up with you directly."

-> I never had a follo-up of the appropriate team.


So now i'm trying the forum to get an answer about my approach.

Thanks.

Up vote post of benjerem Down vote post of benjerem
1.6k views
Posted by
benjerem
Reply
Add a Comment

Replies

As the replies point out, there are no pre-reviews, and you should file a request if this is something like going forward.


You'll need to go thru that process same as the rest of us, as recommended, but I suspect that what you want via the noted API isn't going to get you very far.


Good luck.

Posted by
KMT
Up vote reply of KMT Down vote reply of KMT
Add a Comment

So now i'm trying the forum to get an answer about my approach.

You haven’t asked a specific question (I searched for question marks in your post and there is none )-: so I’m going to point you to our general answer on this, namely, QA1942 iOS Wi-Fi Management APIs.

With regards NEHotspotHelper, the Q&A says:

If your app helps the user navigate a hotspot (a Wi-Fi network where the user must interact with the network to gain access to the wider Internet), you should look at NEHotspotHelper …

Given that your app does not help the user navigate a hotspot, it seems unlikely that you’ll be granted the special entitlement required to use NEHotspotHelper.

With regards NEHotspotConfigurationManager, you wrote:

(trial and error approach to retrieve the encryption - definitly not the best)

I can’t imagine how that would work. If I recall correctly NEHotspotConfigurationManager doesn’t give you any indication as to whether it successfully joined the network, just whether it saved your configuration. And beyond that, how are you going to ‘trial and error’ the network password?

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Hi !


> You haven’t asked a specific question (I searched for question marks in your post and there is none )-: so I’m going to point you to our general answer on this, namely, QA1942 iOS Wi-Fi Management APIs.


As i said in my first sentence, the initial goal was to retrieve the wi-fi encryption of a known wi-fi hotspot (how can i retrieve it (and pass the review process) ?)


> Given that your app does not help the user navigate a hotspot, it seems unlikely that you’ll be granted the special entitlement required to use NEHotspotHelper.


✅. In a way i'm trying to assess the Wi-Fi, and helping the user to connect to a safe network.


> I can’t imagine how that would work. If I recall correctly NEHotspotConfigurationManager doesn’t give you any indication as to whether it successfully joined the network, just whether it saved your configuration.


I didn't know that the configuration wasn't tested, from that screen below (LINK IMG)(of the WWDC17 Advances in Networking, Part 1), i thought the apply method was testing the configuration.

The documentation of the apply method of the NEHostpotConfigurationManager says :

Adds or updates a Wi-Fi network configuration after prompting the user for permission, and then attempts to join the network under certain conditions.


> And beyond that, how are you going to ‘trial and error’ the network password?

The trial and error approach is more about the init with bad arguments (set isWEP to true for example) to guess the encryption.

About the network password, the only option is to ask the user to fill out a password form (without store it permanently).


Retrieving the encryption is only one of some features that i need to develop, i don't want to develop all the app and be rejected from the App Review Process because of my "misuse" of the Network Extension. That's why i'm asking, will it be rejected doing this way ?

Posted by
benjerem
Up vote reply of benjerem Down vote reply of benjerem
Add a Comment

Hello, I am currently developing a NEHotSpotHelper APP, but after iOS11 update found a problem. The problem is, in iOS11 NEHotspotHelper.register method in the connection after WiFi is no longer implemented, and in the first time into the system WiFi list page is not implemented, only in the 4G and other mobile networks can call. So I ask how iOS11 can be in the WiFi connection, can also call this method.

Posted by
1185695795
Up vote reply of 1185695795 Down vote reply of 1185695795
Add a Comment

I didn't know that the configuration wasn't tested, from that screen below … i thought the apply method was testing the configuration.

Given that NEHotspotConfigurationManager is a super simple API, my recommendation is that you create a small test project and try this out for yourself.

That's why i'm asking, will it be rejected doing this way ?

The only folks who can give you definitive answers about what will or won’t be allowed on the store is App Review.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

I am currently developing a NEHotSpotHelper APP, but after iOS11 update found a problem.

Given that your issue is quite different from benjerem’s, I recommend that you open a new thread for it.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment