如何让 iPhoneHTTPServer 成为安全服务器 [英] How to make iPhoneHTTPServer secure server
问题描述
我对 iPhone 开发很陌生.
I am very new to iPhone development.
我从下面的链接下载了 iPhoneHTTPServer 应用程序.https://github.com/robbiehanson/CocoaHTTPServer/tree/master/Samples/iPhoneHTTPServer
I downloaded the iPhoneHTTPServer application from bellow link. https://github.com/robbiehanson/CocoaHTTPServer/tree/master/Samples/iPhoneHTTPServer
它适用于 HTTP 请求.
It works fine for HTTP request.
现在我想让它成为一个安全的服务器.(使用HTTPS)为此,我在 MyHTTPConnection.m
Now I want to make it as a secure server. (use HTTPS) for that I have override following two methods in MyHTTPConnection.m
我确信此方法会发生变化:
I am sure about changes in this method:
/**
* Overrides HTTPConnection's method
**/
- (BOOL)isSecureServer
{
// Create an HTTPS server (all connections will be secured via SSL/TLS)
return YES;
}
我需要在波纹管方法中应用更改:(请在此处指导我.)问题:DDKeychain 和 Cocoa.h 不适用于 iOS.
I need to apply changes in bellow method: (Please guide me here.) PROBLEM : DDKeychain and Cocoa.h is not available for iOS.
/**
* Overrides HTTPConnection's method
*
* This method is expected to returns an array appropriate for use in
* kCFStreamSSLCertificates SSL Settings.
* It should be an array of SecCertificateRefs except for the first element in
* the array, which is a SecIdentityRef.
**/
- (NSArray *)sslIdentityAndCertificates
{
NSArray *result = [DDKeychain SSLIdentityAndCertificates];
if([result count] == 0)
{
[DDKeychain createNewIdentity];
return [DDKeychain SSLIdentityAndCertificates];
}
return result;
}
推荐答案
我已经通过以下步骤解决了问题:
I have solved issue with following steps:
- 从您的钥匙串访问(Mac OS X)导出证书
- 打开钥匙串访问
- 选择证书,右键单击并选择导出...
- 以文件格式导出证书:个人信息交换 (.p12)
- 提供名称和密码以导出文件.
文件名:TestCertificate.p12
密码:test123(* 如果无效,请尝试您的管理员登录通行证)
- Export certificate from your Keychain Access(Mac OS X)
- Open Keychain Access
- Select Certificate, Right click and select Export...
- Export Certificate with file format : Personal Information Exchange (.p12)
- Provide name and password to export file.
FileName: TestCertificate.p12
Password: test123 (* try your admin login pass if not worked)
在您的 XCode 项目中导入 TestCertificate.p12.
Import TestCertificate.p12 in you XCode project.
在您的项目中添加Security.framework.
在您的代码中导入 Security.h 文件.#import
Import Security.h file in you code.
#import <Security/Security.h>
覆盖并更改 sslIdentityAndCertificates 方法,如下所示.
Override and change sslIdentityAndCertificates method as bellow.
/**
* Overrides HTTPConnection's method
*
* This method is expected to returns an array appropriate for use in kCFStreamSSLCertificates SSL Settings.
* It should be an array of SecCertificateRefs except for the first element in the array, which is a SecIdentityRef.
**/
- (NSArray *)sslIdentityAndCertificates
{
SecIdentityRef identityRef = NULL;
SecCertificateRef certificateRef = NULL;
SecTrustRef trustRef = NULL;
NSString *thePath = [[NSBundle mainBundle] pathForResource:@"TestCertificate" ofType:@"p12"];
NSData *PKCS12Data = [[NSData alloc] initWithContentsOfFile:thePath];
CFDataRef inPKCS12Data = (CFDataRef)PKCS12Data;
CFStringRef password = CFSTR("test123");
const void *keys[] = { kSecImportExportPassphrase };
const void *values[] = { password };
CFDictionaryRef optionsDictionary = CFDictionaryCreate(NULL, keys, values, 1, NULL, NULL);
CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);
OSStatus securityError = errSecSuccess;
securityError = SecPKCS12Import(inPKCS12Data, optionsDictionary, &items);
if (securityError == 0) {
CFDictionaryRef myIdentityAndTrust = CFArrayGetValueAtIndex (items, 0);
const void *tempIdentity = NULL;
tempIdentity = CFDictionaryGetValue (myIdentityAndTrust, kSecImportItemIdentity);
identityRef = (SecIdentityRef)tempIdentity;
const void *tempTrust = NULL;
tempTrust = CFDictionaryGetValue (myIdentityAndTrust, kSecImportItemTrust);
trustRef = (SecTrustRef)tempTrust;
} else {
NSLog(@"Failed with error code %d",(int)securityError);
return nil;
}
SecIdentityCopyCertificate(identityRef, &certificateRef);
NSArray *result = [[NSArray alloc] initWithObjects:(id)identityRef, (id)certificateRef, nil];
return result;
}
这篇关于如何让 iPhoneHTTPServer 成为安全服务器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
