如何使iPhoneHTTPServer安全的服務器

Question

我對iPhone的發展很新。

我從bellow鏈接下載了iPhoneHTTPServer應用程序。 https://github.com/robbiehanson/CocoaHTTPServer/tree/master/Samples/iPhoneHTTPServer

它對HTTP請求正常工作。

現在我想把它作爲一個安全的服務器。 （使用HTTPS） 爲我所控繼MyHTTPConnection.m兩種方法

我可以肯定在這個方法的變化：

/** 
* Overrides HTTPConnection's method 
**/ 
- (BOOL)isSecureServer 
{ 
    // Create an HTTPS server (all connections will be secured via SSL/TLS) 
    return YES; 
} 

我需要應用在波紋管方法的變化：（請指引我） 問題：DDKeychain和Cocoa.h不適用於iOS。

/** 
    * Overrides HTTPConnection's method 
    * 
    * This method is expected to returns an array appropriate for use in 
    * kCFStreamSSLCertificates SSL Settings. 
    * It should be an array of SecCertificateRefs except for the first element in 
    * the array, which is a SecIdentityRef. 
    **/ 
    - (NSArray *)sslIdentityAndCertificates 
    { 
     NSArray *result = [DDKeychain SSLIdentityAndCertificates]; 
     if([result count] == 0) 
     { 
     [DDKeychain createNewIdentity]; 
     return [DDKeychain SSLIdentityAndCertificates]; 
     } 
     return result; 
    } 

Answer 1

我已經解決了的問題與以下步驟：從您的鑰匙串訪問控制（MAC OS X）

• 打開鑰匙串訪問
• 選擇證書
  1. 導出證書，點擊右鍵並選擇導出...
  2. 以文件格式導出證書：個人信息交換（.p12）
     
  3. 提供用於導出文件的名稱和密碼。
     文件名：TestCertificate.p12
     密碼：test123（*試試你的管理員登錄通行證，如果沒有工作）
     
     

進口TestCertificate.p12在你的XCode項目。

添加安全框架在您的項目中。

導入Security.h文件在你的代碼。

#import <Security/Security.h>

替代和更改sslIdentityAndCertificates方法波紋管。

/** 
    * Overrides HTTPConnection's method 
    * 
    * This method is expected to returns an array appropriate for use in kCFStreamSSLCertificates SSL Settings. 
    * It should be an array of SecCertificateRefs except for the first element in the array, which is a SecIdentityRef. 
    **/ 
    - (NSArray *)sslIdentityAndCertificates 
    {  
     SecIdentityRef identityRef = NULL; 
     SecCertificateRef certificateRef = NULL; 
     SecTrustRef trustRef = NULL; 

     NSString *thePath = [[NSBundle mainBundle] pathForResource:@"TestCertificate" ofType:@"p12"]; 
     NSData *PKCS12Data = [[NSData alloc] initWithContentsOfFile:thePath]; 
     CFDataRef inPKCS12Data = (CFDataRef)PKCS12Data; 
     CFStringRef password = CFSTR("test123"); 
     const void *keys[] = { kSecImportExportPassphrase }; 
     const void *values[] = { password }; 
     CFDictionaryRef optionsDictionary = CFDictionaryCreate(NULL, keys, values, 1, NULL, NULL); 
     CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL); 

     OSStatus securityError = errSecSuccess; 
     securityError = SecPKCS12Import(inPKCS12Data, optionsDictionary, &items); 
     if (securityError == 0) { 
      CFDictionaryRef myIdentityAndTrust = CFArrayGetValueAtIndex (items, 0); 
      const void *tempIdentity = NULL; 
      tempIdentity = CFDictionaryGetValue (myIdentityAndTrust, kSecImportItemIdentity); 
      identityRef = (SecIdentityRef)tempIdentity; 
      const void *tempTrust = NULL; 
      tempTrust = CFDictionaryGetValue (myIdentityAndTrust, kSecImportItemTrust); 
      trustRef = (SecTrustRef)tempTrust; 
     } else { 
      NSLog(@"Failed with error code %d",(int)securityError); 
      return nil; 
     } 

     SecIdentityCopyCertificate(identityRef, &certificateRef); 
     NSArray *result = [[NSArray alloc] initWithObjects:(id)identityRef, (id)certificateRef, nil]; 

     return result;  
    }