我需要在 iOS 14 上实现身份验证挑战,我获得了一个 crt 和一个 pem 文件形式的私钥。
我确实知道如何创建SecKey和SecCertificate摆脱它,但对于挑战,我需要一个SecIdentity:
public init(identity: SecIdentity, certificates certArray: [Any]?, persistence: URLCredential.Persistence)
如何做到这一点?
我还尝试.p12从这两个文件中生成一个,然后通过导入该文件SecPKCS12Import以从那里获取身份和证书,但它仍然不起作用。尝试做时有什么特别需要考虑的吗
URLCredential(identity: ..., certificates: [myCertificate], persistence: .none)
这就是我获取发送到服务器的证书和身份的方式:
var certificateRef: SecCertificate? = nil
var items : CFArray?
let securityError: OSStatus = SecPKCS12Import(decodedData, [kSecImportExportPassphrase as NSString : psswd] as CFDictionary, &items)
let theArray: CFArray = items!
if securityError == noErr && CFArrayGetCount(theArray) > 0 {
let newArray = theArray as [AnyObject] as NSArray
let dictionary = newArray.object(at: 0)
let secIdentity = (dictionary as AnyObject)[kSecImportItemIdentity as String] as! SecIdentity
let securityError = SecIdentityCopyCertificate(secIdentity , &certificateRef)
if securityError != noErr {
certificateRef = nil
}
return secIdentity
}