我需要一个 react-native 应用程序来使用 Swift5 中的自签名证书发送请求。我无法控制远程服务器,他们强制我们使用这些生成的自签名证书。我发现在 React-Native 中这是不可能的,所以现在,我正在使用我们自己的库编写 Swift 5 实现,但我遇到了问题。
基本上,远程服务器正在向我发送此证书以进一步与其通信(我也有相关的私钥,只是将我的 CSR 发送到服务器):
-----BEGIN CERTIFICATE-----\nMIIDKzCCAhOgAwIBAgIUDjU2Ls05Hr9+0VLQb1He4yFT7BgwDQYJKoZIhvcNAQELBQAweDELMAkGA1UEBhMCQ0ExFjAUBgNVBAoTDVJldmVudSBRdWViZWMxIDAeBgNVBAsTF0ZhY3R1cmF0aW9uIE9ibGlnYXRvaXJlMS8wLQYDVQQDEyZDb25jZXB0ZXVycy0yIC0gdHJwLmFjLmZvLnJldmVudXF1ZWJlYzAeFw0yMTA1MDQxNDA5NDNaFw0yNjA1MDQxNDA5NDNaMIGeMQswCQYDVQQGEwJDQTELMAkGA1UECBMCUUMxDzANBgNVBAcTBi0wNTowMDEPMA0GA1UEKhMGVFIwMDAxMRgwFgYDVQQEEw9Wb2l0dXJlIG5vaXJlIDExGTAXBgNVBAsTEDYzMjgxODk2ODNUUTAwMDExFjAUBgNVBAoTDVRSUC02OFQ4LVc4VzgxEzARBgNVBAMTCjYzMjgxODk2ODMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATKYmY3Apm9l4Ym4KIEpS3bb2aMiuCk64LBJ1Ppo2mNATaj8AuUPfjowfyZO6eTdJry7S8oZ6bbuZOU1Dn0toGQo1EwTzATBgNVHSUEDDAKBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBsAwCQYDVR0TBAIwADAdBgNVHQ4EFgQUCtWz9whGcJYa+yyt78vI0QwN2cAwDQYJKoZIhvcNAQELBQADggEBAFAyuzZklCeZqVoU2Kpoy9XlqiFD0J8PcYkW3r9Q0/e8Hv7N6SmYF7QxYxdWkbo73nzKPqmIXDhpQmrXnD/Z8M4FxYTlfHE379H1MD0OlFZSyOOJneBlkf8vt4dO0mO0vCQuSdsytiCZHt8JBFBxnlc2p+swQj8DxjSX04mKWLCjzHhKpmKpTzadHJg7PEW7vQ/+JEnRXeYBhbG63nAfP+otb2Kz2s6THckkymf48x/d0XP7Z6DK2T94PMOWH5Fi1C0SHn87I/4NI5G4fuZ0I4IxZ0tTTrGVw3yz4uhLNJf7W/YuCl2AWROSnsLt9VYVmfh8pzPZPaLqI8eOy/8qH8s=\n-----END CERTIFICATE-----\n
这是证书的编码 b64 字符串。在 python 中,我会使用这个证书和私钥,把它们都放在一个文件和请求库中,通过声明私钥和证书的路径,它会很容易工作:
response = requests.post('%s/my_endpoint_using_this_cert/' % API_URL, json=json_data, headers=headers, cert=(TEMP_FILE_CERTIFICATE, TEMP_FILE_PRIVATE_KEY))
TEMP_FILE_CERTIFICATE 是包含上述 b64 格式证书的文件。
TEMP_FILE_PRIVATE_KEY 是包含在 csr 之前生成的 b64 格式的私钥的文件。
在 swift 5 中,我有编码的 b64 字符串和相关的私钥,但我不知道网络库如何允许我使用这个 b64 编码的字符串证书进行通信。此外,我找不到任何东西清除任何地方。
@objc(testRaphReplaceCertificate:withResolver:withRejecter:)
func testRaphReplaceCertificate(certName: String, resolve:RCTPromiseResolveBlock,reject:RCTPromiseRejectBlock) -> Void {
print("Testing the replace certificate.")
let Url = String(format: "https://.../my_endpoint_using_this_cert")
guard let serviceUrl = URL(string: Url) else { return }
let parameters: [String: Any] = [
"reqCertif": [
"jsonVersi" : "01.00",
"modif": "REM",
"csr": "-----BEGIN CERTIFICATE REQUEST-----\nMIIBhTCCASoCAQAwgZ4xEzARBgNVBAMMCjYzMjgxODk2ODMxFjAUBgNVBAoMDVRSUC02OFQ4LVc4VzgxGTAXBgNVBAsMEDYzMjgxODk2ODNUUTAwMDExGDAWBgNVBAQMD1ZvaXR1cmUgbm9pcmUgMTEPMA0GA1UEKgwGVFIwMDAxMQ8wDQYDVQQHDAYtMDU6MDAxCzAJBgNVBAgMAlFDMQswCQYDVQQGEwJDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMpiZjcCmb2XhibgogSlLdtvZoyK4KTrgsEnU+mjaY0BNqPwC5Q9+OjB/Jk7p5N0mvLtLyhnptu5k5TUOfS2gZCgKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgbAMAoGCCqGSM49BAMCA0kAMEYCIQDFHz+1rzT3dkoFoIIAMQcFZydIu1nl5UX7R0mnWFta4AIhAMJB1HwmBTdvt7v1YZJvmWIWhL4fg88m8//THOtS9uwE\n-----END CERTIFICATE REQUEST-----"
]
]
var request = URLRequest(url: serviceUrl)
request.httpMethod = "POST"
request.setValue("DEV", forHTTPHeaderField: "ENVIRN")
guard let httpBody = try? JSONSerialization.data(withJSONObject: parameters, options: []) else {
return
}
request.httpBody = httpBody
request.timeoutInterval = 60
let config = URLSessionConfiguration.default
let session = URLSession(configuration: config)
// NEED TO ADD THE CERT SOMEWHERE AROUND HERE
session.dataTask(with: request) { (data, response, error) in
if let response = response {
print(response)
}
if let data = data {
do {
let json = try JSONSerialization.jsonObject(with: data, options: [])
print(json)
} catch {
print(error)
}
}
}.resume()