Created a certificate using SecCertificateCreateWi

2019-04-09 15:56发布

问题:

I want to create a certificate programmatically within an iOS app. The closest API I could find is SecCertificateCreateWithData which requires a DER encoded binary input.

Given that I have all the data needed available as runtime objects, How can I construct the DER encoded binary data input ?

回答1:

This is how it can be doen:

NSString* certPath = [[NSBundle mainBundle] pathForResource:@"myCertificate" ofType:@"cer"];
NSData* certData = [NSData dataWithContentsOfFile:certPath];
SecCertificateRef cert;
if( [certData length] ) {
    cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)certData);
    if( cert != NULL ) {
        CFStringRef certSummary = SecCertificateCopySubjectSummary(cert);
        NSString* summaryString = [[NSString alloc] initWithString:(__bridge NSString*)certSummary];
        NSLog(@"CERT SUMMARY: %@", summaryString);
        CFRelease(certSummary);
    } else {
        NSLog(@" *** ERROR *** trying to create the SSL certificate from data located at %@, but failed", certPath);
    }
}
// play with cert here

myCertificate.cer must be in your application bundle. I create the cer file with openssl. If you are planning to use this in iOS application, make sure your certificate contains required extensions, check here. Even though the answer is -1, it helped me to get this running.



回答2:

Look at SecKeyGeneratePair I think this is what you are looking for.



标签: ios security pki