3

我有客户端证书“A”并且我有 CA1 证书作为根证书。

现在我必须通过使用 CA1 证书 (trusted) 来验证证书 A 是否受信任

是否可以进行此验证?

NSString *thePath = [[NSBundle mainBundle]

                      pathForResource:@"CA" ofType:@"crt"];

NSData *certData = [[NSData alloc]

                     initWithContentsOfFile:thePath];

CFDataRef myCertData = (__bridge CFDataRef)certData;                 // 1



SecCertificateRef myCert;

myCert = SecCertificateCreateWithData(NULL, myCertData);    // 2



SecPolicyRef myPolicy = SecPolicyCreateBasicX509();         // 3



SecCertificateRef certArray[1] = { myCert };

CFArrayRef myCerts = CFArrayCreate(

                                   NULL, (void *)certArray,

                                   1, NULL);

SecTrustRef myTrust;

OSStatus status = SecTrustCreateWithCertificates(

                                                myCerts,

                                                myPolicy,

                                                &myTrust);  // 4



SecTrustResultType trustResult;

if (status == noErr) {

    status = SecTrustEvaluate(myTrust, &trustResult);       // 5

}

//... // 6

if (trustResult == kSecTrustResultRecoverableTrustFailure) {

    // ...;

}

// ...

if (myPolicy)

    CFRelease(myPolicy);

但我得到 SecCertificateCreateWithData null 并崩溃

4

0 回答 0