在canAuthenticateAgainstProtectionSpace中检查公钥 [英] Checking a Public Key in canAuthenticateAgainstProtectionSpace
本文介绍了在canAuthenticateAgainstProtectionSpace中检查公钥的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我被要求根据 canAuthenticateAgainstProtectionSpace
( NSURLConnection
)
这是我到目前为止:
- (BOOL)连接:(NSURLConnection *)连接
canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
SecKeyRef publicKey = SecTrustCopyPublicKey([protectionSpace serverTrust]);
NSLog(@%@,SecTrustCopyPublicKey([protectionSpace serverTrust]));
return YES;
}
如何比较公钥和已知值?
NSLog产生:< SecKeyRef:0x687c000>
b $ b
解决方案
任何人都关心,解决方案是使用保存在bundle上的证书来检查字节的证书字节。
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
SecTrustRef trust = [protectionSpace serverTrust] ;
SecCertificateRef certificate = SecTrustGetCertificateAtIndex(trust,0);
NSData * ServerCertificateData =(NSData *)SecCertificateCopyData(certificate);
//检查从服务器返回的证书是否与
中保存的证书相同//主包
BOOL areCertificatesEqual =([ServerCertificateData
isEqualToData: [MyClass getCertificate]]);
[ServerCertificateData release];
if(!areCertificatesEqual)
{
NSLog(@Bad Certificate,cancelling request);
[connection cancel];
}
//如果证书不相等,我们不应该与服务器通信;
return areCertificatesEqual;
}
I have been asked to check the public key against a known value in canAuthenticateAgainstProtectionSpace
( a delegate callback of NSURLConnection
)
This is what I have so far:
- (BOOL)connection:(NSURLConnection *)connection
canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
SecKeyRef publicKey = SecTrustCopyPublicKey([protectionSpace serverTrust]);
NSLog(@"%@",SecTrustCopyPublicKey([protectionSpace serverTrust]));
return YES;
}
How can I compare the public key against a known value?
The NSLog produces: <SecKeyRef: 0x687c000>
which isn't vary useful.
解决方案
Incase anyone cares, the solution was to check the certificatie byte for byte with a certificate saved on the bundle.
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
SecTrustRef trust = [protectionSpace serverTrust];
SecCertificateRef certificate = SecTrustGetCertificateAtIndex(trust, 0);
NSData* ServerCertificateData = (NSData*) SecCertificateCopyData(certificate);
// Check if the certificate returned from the server is identical to the saved certificate in
// the main bundle
BOOL areCertificatesEqual = ([ServerCertificateData
isEqualToData:[MyClass getCertificate]]);
[ServerCertificateData release];
if (!areCertificatesEqual)
{
NSLog(@"Bad Certificate, canceling request");
[connection cancel];
}
// If the certificates are not equal we should not talk to the server;
return areCertificatesEqual;
}
这篇关于在canAuthenticateAgainstProtectionSpace中检查公钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文