我有以下代码可以从 .p12 证书中读取,并且我想将证书数据交给身份验证挑战:
- (SecIdentityRef)getClientCertificate {
NSString *thePath = [[NSBundle mainBundle] pathForResource:@"fest" ofType:@"p12"];
if(!thePath)
return NULL;
NSData *PKCS12Data = [[NSData alloc] initWithContentsOfFile:thePath] ;
CFDataRef inPKCS12Data = (CFDataRef)CFBridgingRetain(PKCS12Data);
CFStringRef password = CFSTR("fest");
const void *keys[] = { kSecImportExportPassphrase };
const void *values[] = { password };
CFDictionaryRef optionsDictionary = CFDictionaryCreate(NULL, keys, values, 1, NULL, NULL);
CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);
OSStatus ret = SecPKCS12Import(inPKCS12Data, optionsDictionary, &items);
if (ret != errSecSuccess)
{
// TODO: handle error.
NSLog(@"-> SecPKCS12Import error (%ld)", ret);
}
CFRelease(optionsDictionary);
CFDictionaryRef identityDict = CFArrayGetValueAtIndex(items, 0);
SecIdentityRef identityApp = nil;
if(!identityDict)
return nil;
identityApp = (SecIdentityRef)CFDictionaryGetValue(identityDict, kSecImportItemIdentity);
SecIdentityRef identity;
SecCertificateRef cert;
OSStatus err;
CFStringRef certName;
identity = identityApp;
assert( (identity != NULL) && (CFGetTypeID(identity) == SecIdentityGetTypeID()) );
cert = NULL;
err = SecIdentityCopyCertificate(identity, &cert);
assert(err == noErr);
assert(cert != NULL);
certName = SecCertificateCopySubjectSummary(cert);
assert(certName != NULL);
NSLog(@"%@" , (id) CFBridgingRelease(certName));
//NSDictionary *userInfo = [NSDictionary dictionaryWithObjectsAndKeys:(id)CFBridgingRelease(certName),@"USERID",nil];
[[NSNotificationCenter defaultCenter] postNotificationName:@"UserInfoReceived" object:nil];
//CFRelease(cert);
//CFRelease(certName);
return identityApp;
_identities = [[NSMutableArray alloc] initWithArray:(__bridge NSArray *)(items)];
_certs = [[NSMutableArray alloc] initWithArray:(__bridge NSArray *)(cert)];
}
最后,我想将项目 CFArrayRef 分配给身份数组。但是是行不通的。有人有想法吗?
谢谢!