gpt4 book ai didi

ios - NSUrlConnection sendAsynchronousRequest 和自签名证书

转载 作者:可可西里 更新时间:2023-11-01 03:57:26 25 4
gpt4 key购买 nike

我正在编写一些执行 http 请求的 API 代码,并且我一直在使用 [NSUrlConnection:sendAsynchronousRequest:queue:completionHandler] 进行调用,因为它使得编写简单的处理程序变得非常容易,而且我不必为每个调用设置不同的类和不同的委托(delegate)。

我遇到的问题是,接受自签名证书的唯一方法似乎是让一个实现几个函数的委托(delegate)说证书没问题。有没有办法用使用 block 的异步方法来做到这一点?

最佳答案

不,但是委托(delegate)调用并没有那么难。这是您需要的代码:

1) 将其设为静态文件

static CFArrayRef certs;

2) 在初始化时执行此操作:

    // I had a crt certificate, needed a der one, so found this site:
// http://fixunix.com/openssl/537621-re-der-crt-file-conversion.html
// and did this from Terminal: openssl x509 -in crt.crt -outform der -out crt.der
NSString *path = [[NSBundle mainBundle] pathForResource:@"<your name>" ofType:@"der"];
assert(path);
NSData *data = [NSData dataWithContentsOfFile:path];
assert(data);

SecCertificateRef rootcert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)data);
if(rootcert) {
const void *array[1] = { rootcert };
certs = CFArrayCreate(NULL, array, 1, &kCFTypeArrayCallBacks);
CFRelease(rootcert); // for completeness, really does not matter
} else {
NSLog(@"BIG TROUBLE - ROOT CERTIFICATE FAILED!");
}

3) 然后添加这个方法:

- (void)connection:(NSURLConnection *)conn didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
#pragma unused(conn)
// NSLog(@"didReceiveAuthenticationChallenge %@ FAILURES=%zd", [[challenge protectionSpace] authenticationMethod], (ssize_t)[challenge previousFailureCount]);

/* Setup */
NSURLProtectionSpace *protectionSpace = [challenge protectionSpace];
assert(protectionSpace);
SecTrustRef trust = [protectionSpace serverTrust];
assert(trust);
CFRetain(trust); // Don't know when ARC might release protectionSpace
NSURLCredential *credential = [NSURLCredential credentialForTrust:trust];

BOOL trusted = NO;
OSStatus err;
SecTrustResultType trustResult = 0;

err = SecTrustSetAnchorCertificates(trust, certs);
if (err == noErr) {
err = SecTrustEvaluate(trust, &trustResult);
if(err == noErr) {
// http://developer.apple.com/library/mac/#qa/qa1360/_index.html
switch(trustResult) {
case kSecTrustResultProceed:
case kSecTrustResultConfirm:
case kSecTrustResultUnspecified:
trusted = YES;
break;
}
}
}
CFRelease(trust);

// Return based on whether we decided to trust or not
if (trusted) {
[[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];
} else {
NSLog(@"Trust evaluation failed");
[[challenge sender] cancelAuthenticationChallenge:challenge];
}
}

关于ios - NSUrlConnection sendAsynchronousRequest 和自签名证书,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/11615237/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com