在iOS上使用SecCertificateCreateWithData创建证书

Question

我想在iOS应用程序中以编程方式创建证书.我能找到的最接近的API是SecCertificateCreateWithData,它需要DER编码的二进制输入.

鉴于我有所有可用的数据作为运行时对象,我如何构造DER编码的二进制数据输入？

Answer 1

这是怎么做的:

NSString* certPath = [[NSBundle mainBundle] pathForResource:@"myCertificate" ofType:@"cer"];
NSData* certData = [NSData dataWithContentsOfFile:certPath];
SecCertificateRef cert;
if( [certData length] ) {
    cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)certData);
    if( cert != NULL ) {
        CFStringRef certSummary = SecCertificateCopySubjectSummary(cert);
        NSString* summaryString = [[NSString alloc] initWithString:(__bridge NSString*)certSummary];
        NSLog(@"CERT SUMMARY: %@", summaryString);
        CFRelease(certSummary);
    } else {
        NSLog(@" *** ERROR *** trying to create the SSL certificate from data located at %@, but failed", certPath);
    }
}
// play with cert here

myCertificate.cer必须位于您的应用程序包中.我用openssl创建了cer文件.如果您计划在iOS应用程序中使用此功能,请确保您的证书包含所需的扩展名,请在此处查看.尽管答案是-1,但它帮助我实现了这个目标.