检测iOS 11设备上安装的证书

时间:2017-06-05 20:56:57

标签: ios objective-c certificate

我有iOS 11,这段代码没有检测到我安装的自定义证书:

- (BOOL)IsMobileConfigInstalled {
    NSString *certPath = [[NSBundle mainBundle] pathForResource:@"cert" ofType:@"der"];
    NSData *certData = [NSData dataWithContentsOfFile:certPath];
    SecCertificateRef cert = NULL;
    if ([certData length]) {
         cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef) certData);
        if (cert != NULL) {
            CFStringRef certSummary = SecCertificateCopySubjectSummary(cert);
            NSString *summaryString = [[NSString alloc] initWithString:(__bridge NSString *) certSummary];
            CFRelease(certSummary);
        }
    }
    SecPolicyRef policy = SecPolicyCreateBasicX509();
    SecTrustRef trust;
    OSStatus err = SecTrustCreateWithCertificates((__bridge CFArrayRef) @[
            (__bridge id) cert
    ], policy, &trust);
    SecTrustResultType trustResult = (SecTrustResultType) -1;
    err = SecTrustEvaluate(trust, &trustResult);
    CFRelease(trust);
    CFRelease(policy);
    CFRelease(cert);
    return kSecTrustResultUnspecified == trustResult;
}

有什么问题?

1 个答案:

答案 0 :(得分:0)

问题解决了。 Apple只是“修复”了trustResult的结果。

所以,现在正确回答:kSecTrustResultProceed

我的固定代码版本: 在ios 10和11上工作。

- (BOOL)IsMobileConfigInstalled {
    NSString *certPath = [[NSBundle mainBundle] pathForResource:@"cert" ofType:@"der"];
    NSData *certData = [NSData dataWithContentsOfFile:certPath];
    SecCertificateRef cert = NULL;
    if ([certData length]) {
        cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef) certData);
        if (cert != NULL) {
            CFStringRef certSummary = SecCertificateCopySubjectSummary(cert);
            NSString *summaryString = [[NSString alloc] initWithString:(__bridge NSString *) certSummary];
            CFRelease(certSummary);
        }
    }
    SecPolicyRef policy = SecPolicyCreateBasicX509();
    SecTrustRef trust;
    OSStatus err = SecTrustCreateWithCertificates((__bridge CFArrayRef) @[
            (__bridge id) cert
    ], policy, &trust);
    SecTrustResultType trustResult = (SecTrustResultType) -1;
    err = SecTrustEvaluate(trust, &trustResult);
    CFRelease(trust);
    CFRelease(policy);
    CFRelease(cert);
    NSString *ver = [[UIDevice currentDevice] systemVersion];
    float ver_float = [ver floatValue];
    if (ver_float >= 11)
        return kSecTrustResultProceed == trustResult;
    return kSecTrustResultUnspecified == trustResult;
}
相关问题
最新问题