I am struggling hard to find a way to create x509 certificates programmatically (Self-signed) in objective c using Security Framework. I am NOT using OpenSSL for my project. So I can't consider using OpenSSL. Here are the few things I already created.
--Created RSA key pair. Used - (void)generateKeyPairPlease function from https://developer.apple.com/library/ios/documentation/Security/Conceptual/CertKeyTrustProgGuide/iPhone_Tasks/iPhone_Tasks.html
--Used ios-csr (https://github.com/ateska/ios-csr) to create CSR. See the below code
SCCSR *sccsr = [[SCCSR alloc]init];
sccsr.commonName = @"some name";
sccsr.organizationName = @"some organisation";
NSData *certificateRequest = [sccsr build:pPublicKey privateKey:privateKey];
NSString *str = [certificateRequest base64EncodedStringWithOptions:NSDataBase64Encoding64CharacterLineLength];
NSString *strCertificateRequest = @"-----BEGIN CERTIFICATE REQUEST-----\n";
strCertificateRequest = [strCertificateRequest stringByAppendingString:str];
strCertificateRequest = [strCertificateRequest stringByAppendingString:@"\n-----END CERTIFICATE REQUEST-----\n"];
--Now I need to create X509 Certificate (self-signed). I used the below code.
// Convert to Base64 data
NSData *base64Data = [certificateRequest base64EncodedDataWithOptions:0];
SecCertificateRef cer = SecCertificateCreateWithData ( NULL, (__bridge CFDataRef) base64Data);
NSLog(@"%@", cer);
-- cer seems to be NULL.SecCertificateCreateWithData needs "A DER (Distinguished Encoding Rules) representation of an X.509 certificate" as per the documentation, https://developer.apple.com/library/mac/documentation/Security/Reference/certifkeytrustservices/index.html#//apple_ref/c/func/SecCertificateCreateWithData
Is my approach right? To reiterate I have RSA key pair (public and private keys), successfully generated CSR (Certificate Signing Request). Now I need X509 Certificate to be generated programatically. Any help is appreciated.
I am using Version 6.2 (6C131e) and iOS SDK 8.2.
0 comments:
Post a Comment