2

我正在尝试使用存储在 iPhone 上的 .mobileconfig 文件中的 .pfx 连接到服务器。

当服务器要求它时

-(void)connection:(NSURLConnection*)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge*)challenge{

如何使用 .pfx 创建 NSURLCredential?我应该使用

+ (NSURLCredential *)credentialWithIdentity:(SecIdentityRef)identity certificates:(NSArray *)certArray persistence:(NSURLCredentialPersistence)persistence

如果是这样,我如何提取 .pfx 以将其放入数组中。

提前致谢。

4

2 回答 2

2

所以不,没有办法从 mobileconfig 文件中获取证书。iOS 应用程序使用自己的钥匙串访问和存储。只有电子邮件和互联网等其他电话服务可以使用这些证书

于 2013-10-12T16:28:20.620 回答
1

你可以使用我的代码:

 - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge   
{
    NSString *path = [[NSBundle mainBundle] pathForResource:@"torbix" ofType:@"pfx"];
    NSData *pfxdata = [NSData dataWithContentsOfFile:path];
    CFDataRef inpfxdata = (CFDataRef)pfxdata;
    SecIdentityRef myIdentity;
    SecTrustRef myTrust;
    OSStatus status = extractIdentityAndTrust(inpfxdata, &myIdentity, &myTrust);
    SecCertificateRef myCertificate;
    SecIdentityCopyCertificate(myIdentity, &myCertificate);
    const void *certs[] = { myCertificate };
    CFArrayRef certsArray = CFArrayCreate(NULL, certs, 1, NULL);
    NSURLCredential *credential = [NSURLCredential credentialWithIdentity:myIdentity
                                                             certificates:(NSArray *)myCertificate
                                                              persistence:NSURLCredentialPersistencePermanent];
    [challenge.sender useCredential:credential forAuthenticationChallenge:challenge];
    CFRelease(myIdentity);
    CFRelease(myCertificate);
    CFRelease(certsArray);

}
//extractIdentityAndTrust method.
-(OSStatus) extractIdentityAndTrust:(CFDataRef)inpfxdata identity:(SecIdentityRef *)identity trust:(SecTrustRef *)trust
{
    OSStatus securityError = errSecSuccess;
    CFStringRef password = CFSTR("password");
    const void *keys[] = { kSecImportExportPassphrase };
    const void *values[] = { password };
    CFDictionaryRef options = CFDictionaryCreate(NULL, keys, values, 1, NULL, NULL);
    CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);
    securityError = SecPKCS12Import(inpfxdata, options, &items);
    if (securityError == 0) {
        CFDictionaryRef myIdentityAndTrust = CFArrayGetValueAtIndex(items, 0);
        const void *tempIdentity = NULL;
        tempIdentity = CFDictionaryGetValue(myIdentityAndTrust, kSecImportItemIdentity);
        *identity = (SecIdentityRef)tempIdentity;
        const void *tempTrust = NULL;
        tempTrust = CFDictionaryGetValue(myIdentityAndTrust, kSecImportItemTrust);
        *trust = (SecTrustRef)tempTrust;
    }
    if (options) {
        CFRelease(options);
    }
    return securityError;
}

祝你好运!^-^

于 2012-07-30T10:47:04.140 回答