i'm junior objective c developer , i'm trying call soap web service needs client side certificate.
i've made soap call, server returns need certificate.
i've got .p12 file (the certificate) , i've saved on keychain can access browser don't know how use file on app i'm trying build. i've searched on google can't find working answer.
any clue? in advance.
i'll answer own question because no 1 did , i've found solution.
first of all, need save certificate in project's directory. drag , drop certificate it's folder directory of project in xcode. select "copy" , yes window appear.
then, you'll need make project recognize file.
targets > build phases > copy bundle resources. , add here file.
back class make call:
-(void)connection:(nsurlconnection *)connection didreceivedata:(nsdata *)data { [webdata appenddata:data]; } -(void)connection:(nsurlconnection *)connection didfailwitherror:(nserror *)error { nslog(@"error theconenction"); [connection release]; [webdata release]; } -(void)connectiondidfinishloading:(nsurlconnection *)connection { nslog(@"done. received bytes: %lu", (unsigned long)[webdata length]); nsstring *thexml = [[nsstring alloc] initwithbytes: [webdata mutablebytes] length:[webdata length] encoding:nsutf8stringencoding];//nsutf8stringencoding nsasciistringencoding nslog(@"%@",thexml); [thexml release]; } - (osstatus)extractidentity:(cfdataref)inp12data :(secidentityref*)identity { osstatus securityerror = errsecsuccess; cfstringref password = cfstr("passwd"); const void *keys[] = { ksecimportexportpassphrase }; const void *values[] = { password }; cfdictionaryref options = cfdictionarycreate(null, keys, values, 1, null, null); cfarrayref items = cfarraycreate(null, 0, 0, null); securityerror = secpkcs12import(inp12data, options, &items); if (securityerror == 0) { cfdictionaryref ident = cfarraygetvalueatindex(items,0); const void *tempidentity = null; tempidentity = cfdictionarygetvalue(ident, ksecimportitemidentity); *identity = (secidentityref)tempidentity; } if (options) { cfrelease(options); } return securityerror; } - (bool)connection:(nsurlconnection *)connection canauthenticateagainstprotectionspace:(nsurlprotectionspace *)protectionspace { return yes; } osstatus extractidentityandtrust(cfdataref inp12data, secidentityref *identity, sectrustref *trust) { osstatus securityerror = errsecsuccess; cfstringref password = cfstr("passwd"); const void *keys[] = { ksecimportexportpassphrase }; const void *values[] = { password }; cfdictionaryref options = cfdictionarycreate(null, keys, values, 1, null, null); cfarrayref items = cfarraycreate(null, 0, 0, null); securityerror = secpkcs12import(inp12data, options, &items); if (securityerror == 0) { cfdictionaryref myidentityandtrust = cfarraygetvalueatindex(items, 0); const void *tempidentity = null; tempidentity = cfdictionarygetvalue(myidentityandtrust, ksecimportitemidentity); *identity = (secidentityref)tempidentity; const void *temptrust = null; temptrust = cfdictionarygetvalue(myidentityandtrust, ksecimportitemtrust); *trust = (sectrustref)temptrust; } if (options) { cfrelease(options); } return securityerror; } - (void)didreceivememorywarning { [super didreceivememorywarning]; // dispose of resources can recreated. } - (void)connection:(nsurlconnection *)connection didreceiveauthenticationchallenge:(nsurlauthenticationchallenge *)challenge { nslog(@"authentication challenge"); // load cert nsstring *path = [[nsbundle mainbundle] pathforresource:@"nameoffile" oftype:@"p12"];// if it's not working targets > build phases > copy bundle resources nsdata *p12data = [nsdata datawithcontentsoffile:path]; cfdataref inp12data = (__bridge cfdataref)p12data; secidentityref myidentity; sectrustref mytrust; osstatus status = extractidentityandtrust(inp12data, &myidentity, &mytrust); seccertificateref mycertificate; secidentitycopycertificate(myidentity, &mycertificate); const void *certs[] = { mycertificate }; cfarrayref certsarray = cfarraycreate(null, certs, 1, null); nsurlcredential *credential = [nsurlcredential credentialwithidentity:myidentity certificates:(__bridge nsarray*)certsarray persistence:nsurlcredentialpersistencepermanent]; [[challenge sender] usecredential:credential forauthenticationchallenge:challenge]; } then run!
Comments
Post a Comment