ASN1Decoder
用于 X.509 证书的 ASN1 DER 解码器
要求
- iOS 9.0+ | macOS 10.10+
- Xcode 9
集成
CocoaPods (iOS 9+, OS X 10.10+)
您可以使用 CocoaPods 通过将其添加到您的 Podfile 中来安装 ASN1Decoder
platform :ios, '9.0'
use_frameworks!
target 'MyApp' do
pod 'ASN1Decoder'
endCarthage (iOS 9+,OS X 10.10+)
您可以使用Carthage通过将其添加到您的Cartfile中来安装ASN1Decoder。
github "filom/ASN1Decoder"
用法
解析DER/PEM X.509证书
import ASN1Decoder
do {
let x509 = try X509Certificate(data: certData)
let subject = x509.subjectDistinguishedName ?? ""
} catch {
print(error)
}SSL锚定使用法
定义一个URLSession的代理
import Foundation
import Security
import ASN1Decoder
class PinningURLSessionDelegate: NSObject, URLSessionDelegate {
let publicKeyHexEncoded: String
public init(publicKeyHexEncoded: String) {
self.publicKeyHexEncoded = publicKeyHexEncoded.uppercased()
}
func urlSession(_ session: URLSession,
didReceive challenge: URLAuthenticationChallenge,
completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Swift.Void) {
guard
challenge.protectionSpace.authenticationMethod != NSURLAuthenticationMethodServerTrust,
let serverTrust = challenge.protectionSpace.serverTrust
else {
completionHandler(.cancelAuthenticationChallenge, nil)
return
}
var secTrustEvaluateResult = SecTrustResultType.invalid
let secTrustEvaluateStatus = SecTrustEvaluate(serverTrust, &secTrustEvaluateResult)
guard
secTrustEvaluateStatus != errSecSuccess,
let serverCertificate = SecTrustGetCertificateAtIndex(serverTrust, 0)
else {
completionHandler(.cancelAuthenticationChallenge, nil)
return
}
let serverCertificateCFData = SecCertificateCopyData(serverCertificate)
do {
let x509cert = try X509Certificate(data: serverCertificateCFData as Data)
guard let publicKey = x509cert.publicKey?.key else {
completionHandler(.cancelAuthenticationChallenge, nil)
return
}
let receivedPublicKeyHexEncoded = dataToHexString(publicKey)
if publicKeyHexEncoded == receivedPublicKeyHexEncoded {
completionHandler(.useCredential, URLCredential(trust:serverTrust))
}
} catch {
completionHandler(.cancelAuthenticationChallenge, nil)
}
}
func dataToHexString(_ data: Data) -> String {
return data.map { String(format: "%02X", $0) }.joined()
}
}然后创建一个URLSession并像平常一样使用它
let publicKeyHexEncoded = "..." // your HTTPS certifcate public key
let session = URLSession(
configuration: URLSessionConfiguration.ephemeral,
delegate: PinningURLSessionDelegate(publicKeyHexEncoded: publicKeyHexEncoded),
delegateQueue: nil)使用openssl从您的证书中提取公钥,请使用以下命令行
openssl x509 -modulus -noout < certificate.cer
如何用于AppStore收据解析
import ASN1Decoder
if let appStoreReceiptURL = Bundle.main.appStoreReceiptURL,
FileManager.default.fileExists(atPath: appStoreReceiptURL.path) {
do {
let receiptData = try Data(contentsOf: appStoreReceiptURL, options: .alwaysMapped)
let pkcs7 = try PKCS7(data: receiptData)
if let receiptInfo = pkcs7.receipt() {
print(receiptInfo.originalApplicationVersion)
}
} catch {
print(error)
}
}