如果1)您已经在钥匙串中拥有私钥并且2)您刚收到CA的证书,那么如何在iPhone钥匙串中创建SecIdentityRef?
除非有API从私钥和证书创建.p12,否则SecPKCS12Import在这种情况下没有帮助.
SecIdentityCreateWithCertificate将是Mac上的答案,但iPhone上不存在.
是否可以使用SecItemAdd? http://developer.apple.com/library/ios/#documentation/Security/Reference/keychainservices/Reference/reference.html
非常感谢,安德鲁
我从我的应用程序尝试连接的服务器收到身份验证质询,因此我实现了该connection:didReceiveAuthenticationChallenge:方法.我需要发一个SecCertificateRef和一个SecIdentityRef.身份正在运行,但证书需要作为一个发送NSArray,我无法弄清楚如何将a转换CFArrayRef为a NSArray.
这是我创建身份和证书的方法:
// Returns an array containing the certificate
- (CFArrayRef)getCertificate {
SecCertificateRef certificate = nil;
NSString *thePath = [[NSBundle mainBundle] pathForResource:@"CertificateName" ofType:@"p12"];
NSData *PKCS12Data = [[NSData alloc] initWithContentsOfFile:thePath];
CFDataRef inPKCS12Data = (__bridge CFDataRef)PKCS12Data;
certificate = SecCertificateCreateWithData(nil, inPKCS12Data);
SecCertificateRef certs[1] = { certificate };
CFArrayRef array = CFArrayCreate(NULL, (const void **) certs, 1, NULL);
SecPolicyRef myPolicy = SecPolicyCreateBasicX509();
SecTrustRef myTrust;
OSStatus status = SecTrustCreateWithCertificates(array, myPolicy, &myTrust);
if (status …