问题
My iOS app is handling x509 certificates + keys (DER encoded) at runtime. The only way I am able to successfully import them into the keychain is to use PKCS12 using the function: SecPKCS12Import()
I have been trying hard to get it running using only SecItemAdd(). I used that function for the DER encoded certificate and again for the DER encoded key. But even though the call return with success, querying the keychain afterwards didn't yield a SecIdentityRef.
So I ended up using the OpenSSL PKCS12 implementation. I am very keen on getting rid of my dependency on OpenSSL. I have been looking around for alernative implementations of PKCS12. The only alternative lib I found was hosted in apples open source repo:
https://opensource.apple.com/source/Security/Security-57031.10.10/Security/libsecurity_pkcs12/
Though this is an OS X project that has (i suppose) many dependencies to other modules of the security framework. Before I start looking deeper into this
I was wondering:
- Is there any chance for me to run libsecurity_pkcs12 on iOS?
- Or better: is there any alternative small footprint PKCS12 library that I am not aware of?
- Or even better: has anyone imported x509 + key into the iOS keychain (yielding a
SecIdentityRefafterwards) without using PKCS12?
来源:https://stackoverflow.com/questions/40523857/creating-pkcs12-at-runtime-on-ios-without-using-openssl