以下代码读出macOS中的根证书。以编程方式读取iOS中的根CA证书
我只是想知道iOS中的等效代码是什么?
https://github.com/HaxeFoundation/hxcpp/blob/7bd5ff3/src/hx/libs/ssl/SSL.cpp#L455-L491
CFMutableDictionaryRef search;
CFArrayRef result;
SecKeychainRef keychain;
SecCertificateRef item;
CFDataRef dat;
sslcert *chain = NULL;
// Load keychain
if(SecKeychainOpen("/System/Library/Keychains/SystemRootCertificates.keychain",&keychain) != errSecSuccess)
return null();
// Search for certificates
search = CFDictionaryCreateMutable(NULL, 0, NULL, NULL);
CFDictionarySetValue(search, kSecClass, kSecClassCertificate);
CFDictionarySetValue(search, kSecMatchLimit, kSecMatchLimitAll);
CFDictionarySetValue(search, kSecReturnRef, kCFBooleanTrue);
CFDictionarySetValue(search, kSecMatchSearchList, CFArrayCreate(NULL, (const void **)&keychain, 1, NULL));
if(SecItemCopyMatching(search, (CFTypeRef *)&result) == errSecSuccess){
CFIndex n = CFArrayGetCount(result);
for(CFIndex i = 0; i < n; i++){
item = (SecCertificateRef)CFArrayGetValueAtIndex(result, i);
// Get certificate in DER format
dat = SecCertificateCopyData(item);
if(dat){
if(chain == NULL){
chain = new sslcert();
chain->create(NULL);
}
mbedtls_x509_crt_parse_der(chain->c, (unsigned char *)CFDataGetBytePtr(dat), CFDataGetLength(dat));
CFRelease(dat);
}
}
}
CFRelease(keychain);
if(chain != NULL)
return chain;
由于您显示的代码是用'cpp'编写的,所以您仍然可以直接使用它,因为cpp中使用的所有关键字都来自Apple的'Security.framework',您是否尝试过使用相同的内容,您可以使用整个'SSL.cpp'?我认为它会为你工作。 – iphonic
'/ System/Library/Keychains/SystemRootCertificates.keychain'在iOS上不存在。或者至少你不能读它,因为一切都是沙盒。 – KevinResoL