如何在 iOS 中检查 SSL 证书的安全性?

How to check the security of the SSL certificate in iOS?(如何在 iOS 中检查 SSL 证书的安全性?)
本文介绍了如何在 iOS 中检查 SSL 证书的安全性?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我想检查 URL 中是否存在 SSL 证书,还想检查其版本和验证类型.

I wanna check whether the SSL certificate is present in the URL also wants to check its version and validation type.

我创建了一个应用程序,我在其中调用 NSURLConnection 委托方法以通过服务器发送请求.

I have created a application where I am calling the NSURLConnection delegate methods to send request over a server.

也使用了 "canAuthenticateAgainstProtectionSpace" 方法,但是一旦建立连接就不会调用此方法.

Also used "canAuthenticateAgainstProtectionSpace" method, but this method is not getting called once the connection is established.

我如何做到这一点?

推荐答案

iOS 无法提供对证书信息的非常精细的访问权限.您有两个选择:私有 API 或使用 OpenSSL 构建您自己的评估器.

iOS does not give you very granular access to certificate information. You have two choices: private APIs or build your own evaluator with OpenSSL.

您可以在opensource 中看到私有证书功能代码.该版本可从 SecCertificateVersion() 获得.我不确定您所说的验证类型"是什么意思.

You can see the private certificate functions in the opensource code. The version is available from SecCertificateVersion(). I'm not certain what you mean by "validation type" here.

要使用 OpenSSL 执行此操作,您可以使用 SecCertificateCopyData() 获取 DER 数据,然后自己解析所有内容.

To do this with OpenSSL, you can get the DER data with SecCertificateCopyData() and then parse everything yourself.

我建议就这个问题打开一个雷达 (bugreporter.apple.com).无法访问有关证书的基本信息是一个严重的问题.

I suggest opening a radar (bugreporter.apple.com) on this issue. The lack of access to basic information about the certificate is a serious problem.

如果您正在寻找从 NSURLConnection 中提取证书的示例代码,请参阅 第 11 章示例代码 来自 iOS:PTL:

If you're looking for sample code that extracts the certificate from the NSURLConnection, see the Chapter 11 sample code from iOS:PTL:

- (void)connection:(NSURLConnection *)connection
  willSendRequestForAuthenticationChallenge:
  (NSURLAuthenticationChallenge *)challenge
{
  NSURLProtectionSpace *protSpace = challenge.protectionSpace;
  SecTrustRef trust = protSpace.serverTrust;
  ...
    SecCertificateRef cert = SecTrustGetCertificateAtIndex(trust, 0);
  ...

此时,cert 持有您的叶子证书.

At this point, cert holds your leaf certificate.

这篇关于如何在 iOS 中检查 SSL 证书的安全性?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!

本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

Why local notification is not firing for UNCalendarNotificationTrigger(为什么没有为UNCalendarNotificationTrigger触发本地通知)
iOS VoiceOver functionality changes with Bundle Identifier(IOS画外音功能随捆绑包标识符而变化)
tabbar middle tab out of tabbar corner(选项卡栏中间的选项卡角外)
Pushing UIViewController above UITabBar(将UIView控制器推送到UITabBar上方)
How can I sync two flatList scroll position in react native(如何在本机Reaction中同步两个平面列表滚动位置)
Get an event when UIBarButtonItem menu is displayed(显示UIBarButtonItem菜单时获取事件)