Ale*_*sis 11 ssl certificate signature fingerprint ios
我想检查-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge收到的SSL证书,我有以下代码片段,它给出了Issuer Common Name和DER.
SecTrustRef trustRef = [[challenge protectionSpace] serverTrust];
SecTrustEvaluate(trustRef, NULL);
CFIndex count = SecTrustGetCertificateCount(trustRef);
for (CFIndex i = 0; i < count; i++)
{
SecCertificateRef certRef = SecTrustGetCertificateAtIndex(trustRef, i);
CFStringRef certSummary = SecCertificateCopySubjectSummary(certRef);
CFDataRef certData = SecCertificateCopyData(certRef);
}
另外我想得到指纹和签名.我的SSL知识并不那么深刻; 我可以从DER表示中提取上述内容吗?
Bar*_*ley 13
你可以像这样获得sha1指纹.
// #import <CommonCrypto/CommonDigest.h>
+(NSString*)sha1:(NSData*)certData {
unsigned char sha1Buffer[CC_SHA1_DIGEST_LENGTH];
CC_SHA1(certData.bytes, certData.length, sha1Buffer);
NSMutableString *fingerprint = [NSMutableString stringWithCapacity:CC_SHA1_DIGEST_LENGTH * 3];
for (int i = 0; i < CC_SHA1_DIGEST_LENGTH; ++i)
[fingerprint appendFormat:@"%02x ",sha1Buffer[i]];
return [fingerprint stringByTrimmingCharactersInSet:[NSCharacterSet whitespaceCharacterSet]];
}
可以以类似的方式获得md5指纹.以这种方式获得的sha1和md5哈希值与Safari和Chrome显示的指纹匹配,以获得不受信任的证书.
| 归档时间: |
|
| 查看次数: |
6368 次 |
| 最近记录: |