How do I programmatically import a certificate into my iOS app's keychain and pass the identity to a server when needed?
The following code should do the trick :
NSMutableDictionary *secIdentityParams = [[NSMutableDictionary alloc] init];
[secIdentityParams setObject:(id)myIdentity forKey:(id)kSecValueRef];
OSStatus status = SecItemAdd((CFDictionaryRef) secIdentityParams, NULL);
You interact with the Keychain by passing in a dictionary of key-value pairs that you want to find or create. Each key represents a search option or an attribute of the item in the keychain.
Keys are pre-defined constants that you must use depending on the type of data to be stored.
Those keys can be found in Apple's developer doc.
I think Apple's source code is indeed missing the allocation of persistentRef. They should have added such declaration at the beginning of the method :
NSData *persistentRef = nil;
Note that use of persistent reference is not mandatory. The above code should work just fine. As Apple explains it well :
Because a persistent reference remains valid between invocations of
your program and can be stored on disk, you can use one to make it
easier to find a keychain item that you will need repeatedlysource : https://developer.apple.com/library/ios/#documentation/Security/Conceptual/CertKeyTrustProgGuide/iPhone_Tasks/iPhone_Tasks.html#//apple_ref/doc/uid/TP40001358-CH208-DontLinkElementID_10
How to use NSURLConnection to connect with SSL for an untrusted cert?
There is a supported API for accomplishing this! Add something like this to your NSURLConnection
delegate:
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
if ([trustedHosts containsObject:challenge.protectionSpace.host])
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
[challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}
Note that connection:didReceiveAuthenticationChallenge:
can send its message to challenge.sender (much) later, after presenting a dialog box to the user if necessary, etc.
Related Topics
What Is a "Delegate" in Objective C's iPhone Development
Xcode 6 Isn't Autocompleting in Swift
Save and Load from Keychain | Swift
Uibezierpath Triangle with Rounded Edges
Simple Way to Change the Position of Uiview
Uitableview Dynamic Cell Heights Only Correct After Some Scrolling
Use Didselectrowatindexpath or Prepareforsegue Method for Uitableview
Xcode - There Are No Dsyms Available for Download
How to Make View the Size of Another View in Swiftui
Native Facebook App Does Not Open with Facebook Login in iOS 9
How to Draw a "Speech Bubble" on an Iphone
How to Attach Debugger to iOS App After Launch
Change Color of Back Button in Navigation Bar
How to Convert Nsdate into Unix Timestamp iPhone Sdk
Check If Uicolor Is Dark or Bright