1. 首頁
  2. 問答
  3. 來自NSString的createKeychainValue

來自NSString的createKeychainValue

2013-10-25 124 views
4

我試圖將證書添加到鑰匙串。我從文件中看到了幾篇文章,但我想從NSString創建一篇文章。來自NSString的createKeychainValue

我的NSString是RSA - 64base是這樣的:

-----BEGIN CERTIFICATE----- 
MIIDoDCCAoigAwIBAgIJAL8qgXMVVVhPMA0GCSqGSIb3DQEBBQUAMGwxCzAJBgNVBAYTAkJSMRIw 
... 
FT70at8bty9ocDaXuI3j6mfw2SI= 
-----END CERTIFICATE-----

而且我試圖做這樣的事情:

+ (NSMutableDictionary *)newSearchDictionary:(NSString *)identifier { 
    NSMutableDictionary *searchDictionary = [[NSMutableDictionary alloc] init]; 

    [searchDictionary setObject:(__bridge id)kSecClassCertificate forKey:(__bridge id)kSecClass]; 

    NSData *encodedIdentifier = [identifier dataUsingEncoding:NSUTF8StringEncoding]; 
    [searchDictionary setObject:encodedIdentifier forKey:(__bridge id)kSecAttrGeneric]; 
    [searchDictionary setObject:encodedIdentifier forKey:(__bridge id)kSecAttrAccount]; 
    [searchDictionary setObject:SERVICE_NAME forKey:(__bridge id)kSecAttrService]; 
    return searchDictionary; 
} 


+ (BOOL)createKeychainValue:(NSString *)certificado forIdentifier:(NSString *)identifier { 
    NSMutableDictionary *dictionary = [self newSearchDictionary:identifier]; 

    NSData *certificadoData = [certificado dataUsingEncoding:NSUTF8StringEncoding]; 
    SecCertificateRef cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef) certificadoData); 

    [dictionary setObject:(__bridge id)(cert) forKey:(__bridge id<NSCopying>)(kSecValueRef)]; 

    OSStatus status = SecItemAdd((__bridge CFDictionaryRef)dictionary, NULL); 

    CFRelease(cert); 

    if (status == errSecSuccess) { 
     return YES; 
    } 
    return NO; 
}

但正在恢復的證書是零。可能是因爲我的證書是PEM,我需要DER。我該如何轉換?我在我的項目上使用openssl。

來源

2013-10-25 Marylia Gutierrez

回答

3

爲我的作品的功能,並建立了SecCertificateRef是:

+ (NSData *)derFromPem:(NSString *)pem { 

    BIO *certBio = BIO_new(BIO_s_mem()); 
    BIO_write(certBio, [pem UTF8String], strlen([pem UTF8String])); 
    X509 *x = PEM_read_bio_X509(certBio,NULL,0,NULL); 
    BIO *outBio = BIO_new(BIO_s_mem()); 
    i2d_X509_bio(outBio, x); 

    int len = BIO_pending(outBio); 
    char *out = calloc(len + 1, 1); 
    int i = BIO_read(outBio, out, len); 

    return [NSData dataWithBytes:out length:i]; 
}

來源

2013-10-28 17:36:04

+1

這是什麼生物? – RMDeveloper

1

轉換RSA從PEM公共密鑰爲DER:

UPDATE

- (NSData *)derFromPem:(NSString *)pem 
{ 
    if (pem.length == 0) { 
     return nil; 
    } 

    NSData *result = nil; 
    const char *pem_str = [pem UTF8String]; 

    BIO *bio; 
    RSA *rsa; 
    // X509 *x509; 

    bio = BIO_new_mem_buf(pem_str, strlen(pem_str)); 

    if (bio) { 
     rsa = PEM_read_bio_RSAPublicKey(bio, &rsa, NULL, NULL); 
     // x509 = PEM_read_bio_X509(bio, &x509, NULL/*password*/, NULL); 

     if (rsa) { // or if (x509) 
      uint8_t *buf, *bufp; 
      int len = i2d_RSAPublicKey(rsa, NULL); 
      // int len = i2d_X509(x509, NULL); 

      if (len >= 0) { 
       buf = bufp = malloc(len); 
       i2d_RSAPublicKey(rsa, &bufp); 
       // i2d_X509(x509, &bufp); 
      } 

      if (len >= 0) { 
       result = [NSData dataWithBytes:buf length:len]; 
       free(buf); 
      } 

      RSA_free(rsa); 
      // X509_free(x509); 
     } 

     BIO_free(bio); 
    } 

    return result; 
}

來源

2013-10-25 04:59:50 Elden

+0

的問題是我從NSString中讀取,而不是從文件中讀取。我正在嘗試這個,但不工作:'+(NSString *)derFromPem:(NSString *)pem {BIO * certBio = BIO_new(BIO_s_mem()); BIO_puts(certBio,[pem UTF8String]); X509 * x = PEM_read_bio_X509(certBio,NULL,0,NULL); BIO * outBio = BIO_new(BIO_s_mem()); i2d_X509_bio(outBio,x); int len = BIO_pending(outBio); char * out = calloc(len + 1,1); BIO_write(outBio,out,len); return [NSString stringWithUTF8String:out]; }' –

+0

對不起,我編輯了我現在正常工作的答案。 – Elden

相關問題

 相關問題