我正在开发一个iOS5应用程序,它将促进两个用户之间的移动支付.作为付款流程的一部分,发件人和收件人需要与服务器通信.服务器要求双方在连接时启动身份验证质询时显示其身份.
目前,我在代码中使用以下两种方法对证书过程进行了硬编码:
NSURLConnection委托didReceiveAuthenticationChallenge
(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge: (NSURLAuthenticationChallenge *)challenge
{
NSLog(@"Authentication challenge");
// Load Certificate
NSString *path = [[NSBundle mainBundle] pathForResource:@"PKCS12" ofType:@"p12"];
NSData *p12data = [NSData dataWithContentsOfFile:path];
CFDataRef inP12data = (__bridge CFDataRef)p12data;
SecIdentityRef myIdentity;
SecTrustRef myTrust;
extractIdentityAndTrust(inP12data, &myIdentity, &myTrust);
SecCertificateRef myCertificate;
SecIdentityCopyCertificate(myIdentity, &myCertificate);
const void *certs[] = { myCertificate };
CFArrayRef certsArray = CFArrayCreate(NULL, certs, 1, NULL);
NSURLCredential *credential = [NSURLCredential credentialWithIdentity:myIdentity certificates:(__bridge NSArray*)certsArray persistence:NSURLCredentialPersistencePermanent];
[[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];
}
C方法extractIdentityAndTrust
OSStatus extractIdentityAndTrust(CFDataRef inP12data, SecIdentityRef *identity, SecTrustRef *trust)
{ …我正在尝试在iOS应用程序中构建HTTPS服务器,以便充当我的Web应用程序和外部服务器之间的代理.
我已经设法通过监听套接字来创建HTTP服务器,这要归功于CFSocketRef或使用GCDAsyncSocket库.我还成功地使用GCDAsyncSocket库制作运行HTTPS服务器的Mac应用程序,并且感谢我的方法"secureSocket:",它可以保护连接:
- (void)socket:(GCDAsyncSocket *)sock didAcceptNewSocket:(GCDAsyncSocket *)newSocket
{
// (...)
// secure the connection
[self secureSocket:newSocket];
// (...)
}
- (void)secureSocket:(GCDAsyncSocket *)sock
{
// The root self-signed certificate I have created
NSString *certificatePath = [[NSBundle mainBundle] pathForResource:@"certificate" ofType:@"cer"];
NSData *certData = [[NSData alloc] initWithContentsOfFile:certificatePath];
CFDataRef certDataRef = (CFDataRef)certData;
SecCertificateRef cert = SecCertificateCreateWithData(NULL, certDataRef);
[certData release];
// the "identity" certificate
SecIdentityRef identityRef;
SecIdentityCreateWithCertificate(NULL, cert, &identityRef);
// the certificates array, containing the identity then the root certificate
NSArray …如何在java sun keytool中创建.bks密钥库,我该怎么办?
C:\Program Files\Java\jdk1.6.0\jre\bin>keytool -genkey -alias server3private -ke
ystore server3.private -storetype BKS -keyalg rsa -dname "CN=Your Name, OU=Your
Organizational Unit, O=Your Organization, L=Your City, S=Your State, C=Your Coun
try" -storepass tahirpw -keypass tahirpw
它给了我错误
keytool错误:java.security.KeyStoreException:找不到BKS