SecCertificateCreateWithData 总是返回 null [英] SecCertificateCreateWithData always returning null
问题描述
我目前正在处理以下帖子.代码如下:
I'm currently working from the following post. Here is the code:
SecCertificateRef certs = NULL;
SecPolicyRef policy = NULL;
NSString *publicKeyString = @"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCeJ8N8fuGShAJnniDg4yuRrxrG61ZF2T24eXSEH87jCJmLbc+MV70AgP/LC8btzSU4FFP56lBmDcmW+Prupf5gO1RXhjPIlET73t5Ny1I3ze+xaShAA9qB0c9dNb26NxVd95wCHNmQhon9qBFmTVZb0CdgscxYcDuLOGskDnATrwIDAQAB";
NSData *publicKeyStringData = [[NSData alloc] initWithBase64EncodedString:publicKeyString options:0];
certs = SecCertificateCreateWithData(kCFAllocatorDefault, (__bridge CFDataRef) publicKeyStringData);
根据帖子,如果 certs 变量为 NULL,则数据格式不正确.我检查了上面的公钥,它确实是 base64,所以我不明白为什么 certs 会是 NULL?
Based on the post if the certs variable is NULL then data was in an incorrect format. I checked the above public key and it is indeed base64, so I can't see why certs would be NULL?
推荐答案
证书可以有以下扩展名:.CER、.CRT、.DER、.PEM.它可以用两种方式编码:DER 和 PEM.这个apple方法只接受DER编码.
Certificate can have these extensions: .CER, .CRT, .DER, .PEM. And it can be encoded in two ways: DER and PEM. This apple method accepts only DER encoding.
如果您有 .CER 或 .CRT 扩展名,您必须查明它是以 DER 还是 PEM 编码进行编码的.(如果有 .PEM 或 .DER 扩展名就很清楚了.)
If you have .CER or .CRT extension you have to find out if it is encoded in DER or PEM encoding. (If there is .PEM or .DER extension it is clear.)
要检查当前编码,将扩展名更改为DER并尝试读取它:
To check the current encoding, change the extension to DER and try to read it:
- 重命名文件 (certificate.crt -> certificate.der)
- 在终端:openssl x509 -in certificate.der -inform der -text -noout
如果您看到错误,很可能是 PEM 编码的证书,您需要将其更改为 DER 编码:
If you see an error it is likely PEM encoded certificate and you need to change it to DER encoded:
- 重命名回 crt (certificate.der -> certificate.crt)
- 在终端:openssl x509 -in certificate.crt -outform der -out certificate.der
这篇关于SecCertificateCreateWithData 总是返回 null的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
