如何在ios中使用openssl使用可信CA证书验证.crt文件

时间:2013-09-04 10:03:48

标签: ios objective-c ssl

我有客户证书“A”并且我有CA1证书作为根证书。

现在,我必须使用CA1证书(可信任)验证证书A是否受信任

是否可以进行此验证?

NSString *thePath = [[NSBundle mainBundle]

                      pathForResource:@"CA" ofType:@"crt"];

NSData *certData = [[NSData alloc]

                     initWithContentsOfFile:thePath];

CFDataRef myCertData = (__bridge CFDataRef)certData;                 // 1



SecCertificateRef myCert;

myCert = SecCertificateCreateWithData(NULL, myCertData);    // 2



SecPolicyRef myPolicy = SecPolicyCreateBasicX509();         // 3



SecCertificateRef certArray[1] = { myCert };

CFArrayRef myCerts = CFArrayCreate(

                                   NULL, (void *)certArray,

                                   1, NULL);

SecTrustRef myTrust;

OSStatus status = SecTrustCreateWithCertificates(

                                                myCerts,

                                                myPolicy,

                                                &myTrust);  // 4



SecTrustResultType trustResult;

if (status == noErr) {

    status = SecTrustEvaluate(myTrust, &trustResult);       // 5

}

// ... // 6

if (trustResult == kSecTrustResultRecoverableTrustFailure) {

    // ...;

}

// ...

if (myPolicy)

    CFRelease(myPolicy); 

但我得到SecCertificateCreateWithData null并且崩溃

0 个答案:

没有答案