ios - 如何从 iOS 下钥匙串(keychain)中存在的证书中解码序列号、发行者信息等？

Question

我正在创建一个 iOS 应用程序，它可以检索钥匙串(keychain)中存在的证书 (.cer) 的信息。

引用链接: Link1 , Link2

代码如下:

const char *certLabelString = "Certificates";
    CFStringRef certLabel = CFStringCreateWithCString(
                                                      NULL, certLabelString,
                                                      kCFStringEncodingUTF8);

const void *keys[] =   { kSecClass, kSecAttrLabel, kSecReturnAttributes };
    const void *values[] = { kSecClassCertificate, certLabel, kCFBooleanTrue };

CFDictionaryRef dict = CFDictionaryCreate(NULL, keys,
                                              values, 3,
                                              NULL, NULL)
 if ((SecItemCopyMatching(dict, &myCertData)) == errSecSuccess){
            NSLog(@"Certificate found");

            CFDictionaryRef dictCertificateRef = (CFDictionaryRef)myCertData;

            NSDictionary *dictCertificate = (__bridge NSDictionary *)dictCertificateRef;
            NSLog(@"%@",dictCertificate);

        }

输出:

我获得了证书数据，但我可以看到编码形式的序列号或颁发者名称。

像这样: issr = <310b3009 06035504 06130255 53311330 11060355 040a0c0a 4170706c 6520496e 632e312c 302a0603 55040b0c 23417070 6c652057 6f726c64 77696465 20446576 656c6f70 65722052 656c6174 696f6e73 31443042 06035504 030c3b41 70706c65 20576f72 6c647769 64652044 6576656c 6f706572 2052656c 6174696f 6e732043 65727469 66696361 74696f6e 20417574 686f7269 7479>;

谁能告诉我如何解码这些信息？

Answer 1

我也很想知道这个。到目前为止，在查看证书时，我做了以下事情:

id data = [keychainDictionary objectForKey:@"issr"];

然后您可以在此行设置一个断点，并在您越过它时，在调试窗口左侧面板中选择“数据”变量。选择“watch memory of *data”，您会看到一堆垃圾，其中包含来自该数据的真实字符串。我不知道如何从那里开始。

获取所有钥匙串(keychain)项并将它们加载到 TableView 中的完整方法:

-(void)loadDataSource
{

    //enumerate all items in keychain http://stackoverflow.com/questions/10966969/enumerate-all-keychain-items-in-my-ios-application
    NSMutableDictionary *query = [NSMutableDictionary dictionaryWithObjectsAndKeys:
                                  (__bridge id)kCFBooleanTrue, (__bridge id)kSecReturnAttributes,
                                  (__bridge id)kSecMatchLimitAll, (__bridge id)kSecMatchLimit,
                                  nil];

    NSArray *secItemClasses = [NSArray arrayWithObjects:
                               (__bridge id)kSecClassGenericPassword,
                               (__bridge id)kSecClassInternetPassword,
                               (__bridge id)kSecClassCertificate,
                               (__bridge id)kSecClassKey,
                               (__bridge id)kSecClassIdentity,
                               nil];


    NSMutableArray* results = [NSMutableArray array];

    for(int i = 0; i < (int)secItemClasses.count;i++)
    {
        [results addObject:[NSMutableArray array]];
    }



    for (id secItemClass in secItemClasses) {
        [query setObject:secItemClass forKey:(__bridge id)kSecClass];

        CFTypeRef result = NULL;
        SecItemCopyMatching((__bridge CFDictionaryRef)query, &result);
//        NSLog(@"%@", (__bridge id)result);
        if (result != NULL)
        {
            NSMutableArray* thisSection = results[[secItemClasses indexOfObject:secItemClass]];
            [thisSection addObject:(__bridge id)result];


//            [results addObject:(__bridge id)result];
            CFRelease(result);
        }

        for(NSArray* object in results[[secItemClasses indexOfObject:secItemClass]])
        {
            DLog(@"object is of class: %@",[[object class] description]);

            for (NSDictionary* innerObject in object)
            {
                DLog(@"object is of class: %@",[[innerObject class] description]);


            }




            }

        }

    self.datasource = results;

    [self.tableView reloadData];
}

//这是描述，您可以将其分配给表格 View 单元格中的文本标签

-(NSMutableString*)descriptionForObject:(NSDictionary*)object
{
    NSMutableString* string = [[NSMutableString alloc] initWithCapacity:1024];

//    https://developer.apple.com/library/mac/documentation/security/Reference/keychainservices/Reference/reference.html
    //search for kSecAlias for a list of codes

    if(object[@"labl"] != nil)
    {
    [string appendString:[NSString stringWithFormat:@"Label: %@\n",object[@"labl"]]];
    }

    [string appendString:[NSString stringWithFormat:@"Created at: %@\n",object[@"cdat"]]];
    if(object[@"agrp"] != nil)
    {
        [string appendString:[NSString stringWithFormat:@"Belongs to application: %@\n",object[@"agrp"]]];
    }



    for(NSString* key in @[@"issr",@"subj"])
    {
        id data = [object objectForKey:key];


        @try {


            if([data isKindOfClass:[NSData class]]==NO)
            {
                continue;
            }
            NSString* stringAscii = [[NSString alloc] initWithData:data encoding:NSASCIIStringEncoding];


            NSCharacterSet* alphaNumeric = [NSCharacterSet characterSetWithCharactersInString:@"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.@"];


            NSCharacterSet *doNotWant = [alphaNumeric invertedSet];
            NSString* cleanedUpString = [[stringAscii componentsSeparatedByCharactersInSet: doNotWant] componentsJoinedByString: @" "];

            if(cleanedUpString.length>0)
            {
                DLog(@" %@ Cleaned up: %@",key,cleanedUpString);

                [string appendString:[NSString stringWithFormat:@" %@ Cleaned up: %@",key,cleanedUpString]];
            }
        }
        @catch (NSException *exception) {

        }
        @finally {

        }
    }


//    [string appendString:[NSString stringWithFormat:@"Complete description:(%@)\n", [object description]]];



    return string;
}