我有客户端证书“A”并且我有 CA1 证书作为根证书。
现在我必须通过使用 CA1 证书 (trusted) 来验证证书 A 是否受信任
是否可以进行此验证?
NSString *thePath = [[NSBundle mainBundle]
pathForResource:@"CA" ofType:@"crt"];
NSData *certData = [[NSData alloc]
initWithContentsOfFile:thePath];
CFDataRef myCertData = (__bridge CFDataRef)certData; // 1
SecCertificateRef myCert;
myCert = SecCertificateCreateWithData(NULL, myCertData); // 2
SecPolicyRef myPolicy = SecPolicyCreateBasicX509(); // 3
SecCertificateRef certArray[1] = { myCert };
CFArrayRef myCerts = CFArrayCreate(
NULL, (void *)certArray,
1, NULL);
SecTrustRef myTrust;
OSStatus status = SecTrustCreateWithCertificates(
myCerts,
myPolicy,
&myTrust); // 4
SecTrustResultType trustResult;
if (status == noErr) {
status = SecTrustEvaluate(myTrust, &trustResult); // 5
}
//... // 6
if (trustResult == kSecTrustResultRecoverableTrustFailure) {
// ...;
}
// ...
if (myPolicy)
CFRelease(myPolicy);
但我得到 SecCertificateCreateWithData null 并崩溃