`
ttsiangogole
  • 浏览: 73375 次
文章分类
社区版块
存档分类
最新评论

[转]PKCS12 证书的生成及验证

阅读更多

    http://blog.csdn.net/kmyhy/article/details/6431609


?

<span style="color: #ff0000;">本文首先感谢 Apple 开发者论坛的eskimo1,他是我见过的最热心肠的人,对任何人他都不吝于给予无私帮助。</span>



</span>

一、
</span>
<span style="">生成证书</span>


</span>

keytool -genkey -v
-alias root -keyalg RSA -storetype PKCS12 -keystore dlt.p12 -dname "CN=www.handtimes.com,OU=ipcc,O=云电同方,L=昆明,ST=云南,C=中国"
-storepass ipcc@95598 -keypass ipcc@95598</span>



keytool -genkey -v
-alias p12client -keyalg RSA -storetype PKCS12 -keystore dlt.p12 -dname
"CN=www.handtimes.com,OU=ipcc,O=云电同方,L=昆明,ST=云南,C=中国" -storepass ipcc@95598
-keypass 123456 -validity 1</span>





keytool -list -v
-alias p12client -keystore dlt.p12 -storepass ipcc@95598 -storetype PKCS12</span>



keytool -list -v
-keystore IPCCCA </span>
<span lang="EN-US">–</span>
<span style="" lang="EN-US">dlt.p12 ipcc@95598 -storetype PKCS12</span>




</span>

keytool -export
-alias p12client -keystore dlt.p12 -storetype PKCS12 -storepass ipcc@95598 -rfc
-file p12.cer</span>


</span>

keytool -printcert
-v -file /Users/kmyhy/Desktop/client.cer</span>


</span>

Keytool.exe
-importkeystore -srckeystore IPCCCA -srcstoretype jks -srcstorepass ipcc@95598 -srcalias
p12client?
-destkeystore dltclient.p12
-deststoretype pkcs12 -deststorepass ipcc@95598 -destkeypass 123456 </span>
<span lang="EN-US">–</span>
<span style="" lang="EN-US">validity 3</span>


</span>


</span>

重新输入密码<span lang="EN-US">123456,回车,将在用户主目录下生成dltclient.p12文件。</span>



</span>


</span>

keytool.exe -list
-keystore dltclient.p12 -storepass ipcc@95598 -storetype pkcs12</span>



?


<span style="" lang="EN-US"><img src="http://hi.csdn.net/attachment/201105/19/0_1305774857vB0C.gif" alt=""></span>

可以看到其中包含了证书和私钥<span lang="EN-US">,并且其认证指纹是和IPCCCA中的一模一样的。</span>



</span>

一、
</span>
<span style="">提供证书下载</span>




</span>


[/b]
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">class</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> GetP12Cert </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">extends</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> HttpServlet {</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">private</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">static</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">final</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">long</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">serialVersionUID</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> = 1L;</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">private</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">static</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">final</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">int</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">max_days</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">=1;??
</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f5fbf;' lang="EN-US">/**</span>

????
* </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f9fbf;' lang="EN-US">@see</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: #3f5fbf;' lang="EN-US"> HttpServlet#HttpServlet()</span>

????
*/</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">public</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> GetP12Cert() {</span>

???????
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">super</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">();</span>

???????
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f9fbf;' lang="EN-US">TODO</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US"> Auto-generated constructor stub</span>

???
}</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f5fbf;' lang="EN-US">/**</span>


?
* </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f9fbf;' lang="EN-US">@see</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: #3f5fbf;' lang="EN-US"> HttpServlet#doGet(HttpServletRequest
request, HttpServletResponse response)</span>


?
*/</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">protected</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">void</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> doGet(HttpServletRequest
request, HttpServletResponse response) </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">throws</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> ServletException, IOException {</span>



String filename=</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #2a00ff;' lang="EN-US">"C://Documents and
Settings//Administrator//dlt.cer"</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">;</span>



String pass=</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #2a00ff;' lang="EN-US">"ipcc@95598"</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">;</span>



Pkcs12Manager man=</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">null</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">;</span>



String alias=</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #2a00ff;' lang="EN-US">"p12client"</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">;</span>



String keypass=</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #2a00ff;' lang="EN-US">"123456"</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">;</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">try</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">{</span>




man=</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">new</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Pkcs12Manager(</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">new</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> File(filename),pass);


</span>




man.updateExpiration(alias,
keypass,</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">max_days</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);</span>




exportCert(man,alias,response);</span>

//


man.saveCert(alias,
"123456");</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">//man.saveCert(alias,
"123456");</span>




</span>



}</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">catch</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">(Exception e){</span>




e.printStackTrace();</span>



}</span>


}</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">导出证书</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">private</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">void</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> exportCert(Pkcs12Manager
man,String alias,HttpServletResponse response){</span>



OutputStream out=</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">null</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">;</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">try</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">{</span>



???
Certificate cert = man.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">keyStore</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.getCertificate(alias);</span>



???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">得到证书内容(以编码过的格式)</span>



???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">byte</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">[] buf = cert.getEncoded();</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">写证书文件</span>



???
response.setContentType(</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #2a00ff;' lang="EN-US">"application/x-download"</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);??
</span>



???
response.addHeader(</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #2a00ff;' lang="EN-US">"Content-Disposition"</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">, </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #2a00ff;' lang="EN-US">"attachment;filename="</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">?
</span>



???????????
+ man.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">file</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.getName());??
</span>



???
out= response.getOutputStream(); </span>



???
out.write(buf);

???
</span>



}</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">catch</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">(Exception e){e.printStackTrace();}</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">finally</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">{</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">try</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">{</span>





out.close();</span>




}</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">catch</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">(Exception e){



</span>




}</span>



}</span>


}</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f5fbf;' lang="EN-US">/**</span>


?
* </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f9fbf;' lang="EN-US">@see</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: #3f5fbf;' lang="EN-US">
HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)</span>


?
*/</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">protected</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">void</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">
doPost(HttpServletRequest request, HttpServletResponse response) </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">throws</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> ServletException,
IOException {</span>



doGet(request,response);</span>


}</span>






</span>


[/b]
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">class</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Pkcs12Manager {</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">public</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> File </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">file</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">;</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">public</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> KeyStore </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">keyStore</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">;</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">private</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">char</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">[] </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">storePass</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">;</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">public</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Pkcs12Manager(File file, String pass) </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">throws</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> IOException, Exception {</span>

???????
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">this</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">file</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> = file;</span>

???????
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">this</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">storePass</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">=pass.toCharArray();</span>

???????
getKeyStore();</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">加载</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">KeyStore</span>
<span style="">文件</span>

???
}</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">加载</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">KeyStore</span>
<span style="">文件</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">public</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">synchronized</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> KeyStore getKeyStore() </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">throws</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> IOException, Exception {</span>

???????
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">if</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> (</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">keyStore</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> == </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">null</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">) {</span>

???????????
FileInputStream fin = </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">new</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> FileInputStream(</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">file</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);</span>

???????????
KeyStore store = KeyStore.getInstance
(</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #2a00ff;' lang="EN-US">"PKCS12"</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);</span>

???????????
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">try</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> {</span>

???????????????
store.load(fin,</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">storePass</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);???????????????
</span>

???????????
} </span>

???????????
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">finally</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> {</span>

???????????????
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">try</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> {</span>

??????????????????
?
fin.close();</span>

???????????????
} </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">catch</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> (IOException e) { }</span>

???????????
}</span>

???????????
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">keyStore</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> = store;</span>

???????
}</span>

???????
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">return</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">keyStore</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">;</span>

???
}</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">读取</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">alias</span>
<span style="">指定的证书内容</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">public</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> X509CertInfo
getX509CertInfo(String alias)</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">throws</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Exception {</span>



X509CertImpl cimp=getX509CertImpl(alias);</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">//</span>
<span style="">获取</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">X509CertInfo</span>
<span style="">对象</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">return</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> (X509CertInfo) cimp.get(X509CertImpl.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">NAME</span>







+ </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #2a00ff;' lang="EN-US">"."</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> + X509CertImpl.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">INFO</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);</span>


}</span>

???
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">根据</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">alias</span>
<span style="">获取</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">X509CertImpl</span>
<span style="">对象</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">private</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> X509CertImpl
getX509CertImpl(String alias)</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">throws</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Exception{</span>



Certificate c = </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">keyStore</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.getCertificate(alias);</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">读取证书</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">从待签发的证书中提取证书信息  </span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">byte</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">[] enc = c.getEncoded();</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">//</span>
<span style="">获取</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;'> </span>
<span style="">证书内容(经过编码的字节)</span>



X509CertImpl cimp= </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">new</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> X509CertImpl(enc);</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">//</span>
<span style="">创建</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">X509CertImpl</span>
<span style="">象</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">return</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> cimp;</span>


}</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">修改证书过期时间</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">:</span>
<span style="">过期时间顺延</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">n</span>
<span style="">天</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">public</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">void</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> updateExpiration(String
alias,String keypass,</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">int</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> n)</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">throws</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Exception{</span>



System.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">out</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.println(getExpiration(alias));</span>



X509CertInfo cinfo=getX509CertInfo(alias);
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">获取</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">X509CertInfo</span>
<span style="">对象</span>



X509CertImpl cimp=getX509CertImpl(alias);
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">获取</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">X509CertImpl</span>
<span style="">对象</span>



String sigAlgrithm=cimp.getSigAlgName();
</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">获取签名算法</span>



CertificateValidity
cv=(CertificateValidity)cinfo.get(X509CertInfo.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">VALIDITY</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">有效期为当前日期后延</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">n</span>
<span style="">天</span>



Date d2 = </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">new</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Date(</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">new</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Date().getTime() + n * 24 * 60 * 60 *
1000L);</span>



System.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">out</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.println(</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #2a00ff;' lang="EN-US">"new date:"</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">+d2.toString());</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">创建有效期对象</span>



cv.set(CertificateValidity.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">NOT_AFTER</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">, d2);</span>



cinfo.set(X509CertInfo.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">VALIDITY</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">, cv);</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">//</span>
<span style="">设置有效期</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">
</span>



saveCert(alias,keypass,cinfo,sigAlgrithm);</span>



System.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">out</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.println(getExpiration(alias));</span>


}</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">//?
</span>
<span style="">读取证书过期时间</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">public</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> String
getExpiration(String alias)</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">throws</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Exception{</span>



X509CertInfo cinfo=getX509CertInfo(alias);</span>



CertificateValidity
cv=(CertificateValidity)cinfo.get(X509CertInfo.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">VALIDITY</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">创建有效期对象</span>



Date d=(Date)cv.get(CertificateValidity.</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">NOT_AFTER</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">return</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> d.toString();</span>


}</span>

//?
</span>
<span style="">存储证书</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">private</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">void</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> saveCert(String
alias,String keypass,</span>




X509CertInfo
cinfo,String algrithm) </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">throws</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Exception{</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">从密钥库中读取</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">CA</span>
<span style="">的私钥</span>



PrivateKey pKey = (PrivateKey) </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">keyStore</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.getKey(alias,
keypass.toCharArray());</span>



X509CertImpl cert = </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">new</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> X509CertImpl(cinfo);</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">新建证书</span>




cert.sign(pKey,
algrithm); </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">//</span>
<span style="">使用</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">CA</span>
<span style="">私钥对其签名</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">//</span>
<span style="">获取别名对应条目的证书链</span>




Certificate[]
chain = </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">new</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Certificate[] { cert };</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">向密钥库中添加条目</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">,</span>
<span style="">使用已存在别名将覆盖已存在条目</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">keyStore</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.setKeyEntry(alias, pKey,
keypass.toCharArray(), chain);</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">将</span>
<span style="text-decoration: underline;"><span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">keystore</span>
</span>
<span style="">存储至文件</span>




FileOutputStream
fOut = </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">new</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> FileOutputStream(</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">file</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);</span>




</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">keyStore</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.store(fOut, </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">storePass</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">);</span>




fOut.close();</span>


}</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">获取签名算法</span>


</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">public</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> String
getSigAlgName(String alias)</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">throws</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> Exception{</span>



Certificate c = </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #0000c0;' lang="EN-US">keyStore</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">.getCertificate(alias);</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">读取证书</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">// </span>
<span style="">获取</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;'> </span>
<span style="">证书内容(经过编码的字节)  </span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">byte</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US">[] enc = c.getEncoded();</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">//</span>
<span style="">创建</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #3f7f5f;' lang="EN-US">X509CertImpl</span>
<span style="">对象</span>



X509CertImpl cimp2 = </span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">new</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> X509CertImpl(enc);</span>



String sigAlgrithm=cimp2.getSigAlgName();</span>



</span>
<span style='font-size: 10pt; font-family: "Courier New"; color: #7f0055;' lang="EN-US">return</span>

<span style='font-size: 10pt; font-family: "Courier New"; color: black;' lang="EN-US"> sigAlgrithm;</span>


}</span>



Servlet
和javabean 部署到服务器中。这样,通过访问<a href="http://localhost/GetP12Cert">http://localhost/GetP12Cert
</a>
就可以获得一个有效的证书dlt.cer。</span>
</span>

二、
</span>
<span style="">证书的验证</span>


</span>


<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">* path=[[</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSBundle</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">mainBundle</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">]</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">pathForResource</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">@"dlt.cer"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">ofType</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">nil</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">];</span>


<span style="">参数为任意一个有效的日期(在证书有效期之内)</span>


<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">* myTrust=[[</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">MyTrustService</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">alloc</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">]</span>


initWithFilename</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:path </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">EfficientDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">@"2011-05-10 0:0:0"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">];</span>


<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> ret=[myTrust </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">trustValuate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:[[</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">alloc</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">]</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">init</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">]];</span>


<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> (ret) {</span>



</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">case</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">ValuateResultOK</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">NSLog</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">@"</span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #c41a16;'>证书有效</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">break</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">;</span>



</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">case</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">ValuateResultEXPIRED</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">NSLog</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">@"</span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #c41a16;'>证书已过期</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">break</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">;</span>



</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">default</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">NSLog</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">@"</span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #c41a16;'>证书校验失败</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">break</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">;</span>




<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">release</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">];</span>




</span>


<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US"><Foundation/Foundation.h></span>


<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US"><Security/Security.h></span>


<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">const</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">char</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> * </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">kTrustNames</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">[</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #1c00cf;' lang="EN-US">8</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">] = {</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"Invalid"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">,</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"Proceed"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">,</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"Confirm"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">,</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"Deny"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">,</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"Unspecified"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">,</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"RecoverableTrustFailure"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">,</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"FatalTrustFailure"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">,</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"OtherError"</span>




<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">enum</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">ValuateResultINVALID</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> = </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #1c00cf;' lang="EN-US">0</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">,
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>评估结果无效,表明评估出错或未经过评估</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">ValuateResultFAILED</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">,

</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>证书签名无效</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">ValuateResultEXPIRED</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">,

</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>证书过期</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">ValuateResultOK</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">



</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>证书有效</span>






<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> MyTrustService :
NSObject {</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSString</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> *</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">file</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">;
</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">* </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">efficientDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">;</span>




<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">id</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)initWithFilename:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSString</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">*)filename EfficientDate:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSString</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">*)date;</span>


<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">ValuateResult</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)trustValuate:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">*)date;</span>


<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">ValuateResult</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)valuate:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">SecCertificateRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)cert Trust:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">SecTrustRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)trust Date:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">*)date;</span>






<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">"MyTrustService.h"</span>






<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> MyTrustService</span>


<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">id</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)initWithFilename:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSString</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">*)filename
EfficientDate:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSString</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">*)date{</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">if</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> (</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">self</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">=[</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">super</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">init</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">]) {</span>



</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">file</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">=filename;</span>



</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>设置有效日期,注意,第</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">2</span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>个参数是一个有效的证书日期,只要这个日期对证书而言是有效的就行</span>



</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">efficientDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">=[[</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">alloc</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">]</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">initWithString</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:date];

</span>


}</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">return</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">self</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">;</span>




<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">ValuateResult</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)trustValuate:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">*)date{</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">ValuateResult</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> ret;</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">OSStatus</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">???????????
err;</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSData</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> *???????????
certData;</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">SecCertificateRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">??
cert;</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">SecPolicyRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">???????
policy;</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">SecTrustRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">????????
trust;</span>

?

</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">file</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> != </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">nil</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(date != </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">nil</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>


</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>从文件获得</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US"> DER </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>数据</span>

???
certData = [</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSData</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">dataWithContentsOfFile</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">file</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">];</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(certData != </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">nil</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>


</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>从</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US"> NSData </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>获得</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US"> Certificate </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>对象</span>

???
cert = </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">SecCertificateCreateWithData</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">NULL</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">, (</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">CFDataRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">) certData);</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(cert != </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">NULL</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>


</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>获得</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US"> x509 policy</span>

???
policy = </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">SecPolicyCreateBasicX509</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">();</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(policy != </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">NULL</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>


</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>获得</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US"> Trust </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>对象</span>

???
err = </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">SecTrustCreateWithCertificates</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(cert,
policy, &amp;trust);</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(err == </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">noErr</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>


</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>由于是自签名证书,需要将锚证书设置为要验证的证书自己。注意,这样将使所有除了参数指定的锚证书之外的所有锚证书无效</span>

???
err = </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">SecTrustSetAnchorCertificates</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(trust,
(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">CFArrayRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">) [</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSArray</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">arrayWithObject</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">id</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">) cert]);</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(err == </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">noErr</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>


</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>调用</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US"> valuate </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>方法进行评估</span>


ret=[</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">self</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">valuate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:cert </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">Trust</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:trust </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">Date</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">:date];</span>


</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>评估结束,把</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">SecTrustSetAnchorCertificates</span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>指定的锚证书失效,于是所有锚证书又可被信任了</span>

??

err=</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">SecTrustSetAnchorCertificatesOnly</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(trust,</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">NO</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">CFRelease</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(trust);</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">CFRelease</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(policy);</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">CFRelease</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(cert);</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">return</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> ret;</span>




<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">ValuateResult</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)valuate:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">SecCertificateRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)cert Trust:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">SecTrustRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)trust Date:(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">NSDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">*)date{</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">ValuateResult</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> ret;</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">OSStatus</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">???????????
err;</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">SecTrustResultType</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">?
result;</span>


</span>

???
err = </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">SecTrustSetVerifyDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(trust,
(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">CFDateRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">) date);</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(err == </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">noErr</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>


</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">CFAbsoluteTime</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">
trustTime;</span>


trustTime = </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">SecTrustGetVerifyTime</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(trust);</span>


</span>

???
err = </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">SecTrustEvaluate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(trust,
&amp;result);</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(err == </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">noErr</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>


</span>

???
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">if</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> (result < (</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">sizeof</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">kTrustNames</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">) / </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">sizeof</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(*</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">kTrustNames</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">))) {</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// if(result <</span>

???????
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">if</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> (result==</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #1c00cf;' lang="EN-US">5</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">) {</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// if result=RecoverableTrustFailure</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">//
</span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>设了个有效的日期,进行再次评估</span>




err=</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">SecTrustSetVerifyDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(trust, (</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">CFDateRef</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">efficientDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(err==</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">noErr</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>




err=</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">SecTrustEvaluate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(trust, &amp;result);</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #643820;' lang="EN-US">assert</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(err == </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">noErr</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">);</span>




</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">if</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> (result==</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #1c00cf;' lang="EN-US">4</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">) {</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// if result=Unspecified,</span>





</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>返回证书已过期,这里我们假设把证书尚未生效的情况也算作过期</span>





ret= </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">ValuateResultEXPIRED</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">;</span>




}</span>



}</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">else</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">if</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> (result==</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #1c00cf;' lang="EN-US">4</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">) {</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">// </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>如果第</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">1</span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>次就通过评估,证书有效</span>




ret=</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">ValuateResultOK</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">; </span>



}</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">else</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> {</span>




ret=</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #26474b;' lang="EN-US">ValuateResultFAILED</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">;</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;' lang="EN-US">//</span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>证书</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #007400;'> </span>
<span style='font-size: 11pt; font-family: "Heiti SC Light"; color: #007400;'>无效</span>



}</span>





</span>

???
} </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">else</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> {</span>

???????
</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">NSLog</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">(</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #c41a16;' lang="EN-US">@"result = unknown (%zu)"</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">, (</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #5c2699;' lang="EN-US">size_t</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">) result);</span>

???
}</span>


</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">return</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> ret;</span>




<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">void</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">)dealloc{</span>


[</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #3f6e74;' lang="EN-US">efficientDate</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">release</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">];</span>


[</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #aa0d91;' lang="EN-US">super</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US"> </span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: #2e0d6e;' lang="EN-US">dealloc</span>
<span style='font-size: 11pt; font-family: "Menlo Regular"; color: black;' lang="EN-US">];</span>







 
0
0
分享到:
评论

相关推荐

    创建pkcs12格式数字签名证书的Java代码

    总结来说,创建PKCS#12格式的数字签名证书涉及密钥对生成、X.509证书创建、PKCS#12存储构建和文件输出等步骤。BouncyCastle库提供了一套完整的API,使得在Java中实现这一过程变得相对简单。了解并熟练掌握这些步骤和...

    PKCS #12 中文版

    2. 私钥和证书管理:PKCS #12 支持私钥和证书的管理,包括私钥的生成、存储和传递,以及证书的签发和验证。 3. 秘密值管理:PKCS #12 定义了一种秘密值的管理机制,包括秘密值的生成、存储和传递。 4. 扩展机制:...

    C# SHA256 PKCS#7 生成验名、验签源码 中行支付.rar

    "C# SHA256 PKCS#7 生成验名、验签源码 中行支付.rar"这个压缩包文件提供了使用C#编程语言实现SHA256哈希算法和PKCS#7标准来创建和验证签名的源代码。以下将详细解释这两个关键概念及其在金融支付中的应用。 1. SHA...

    pfx证书生成 工具

    在PFX证书生成过程中,RSA算法用于生成密钥对,确保数据的安全传输。 生成PFX证书通常涉及以下步骤: 1. **生成密钥对**:使用工具(如OpenSSL或Windows的Certreq.exe)生成一对RSA密钥,即一个公钥和一个私钥。...

    cer 转成p12方法

    P12证书生成步骤 理论上来讲,只要拥有原始的RSA密钥对以及CA根据该密钥对生成的证书,即可通过特定的工具和流程将X.509 DER证书转换为P12格式。具体步骤包括: - **生成RSA密钥对**:使用如OpenSSL这样的工具...

    按PKCS#10数据格式封装PKCS#10数据

    总的来说,掌握PKCS#10和ASN.1对于理解数字证书的申请和管理至关重要,这对于网络服务器的安全配置、企业内部的身份验证以及各种在线服务的访问控制都有深远影响。无论是开发安全系统还是进行系统管理员工作,都需要...

    PKCS11导入证书.rar_pkcs11_PKCS11示例_源码

    在给定的"PKCS11导入证书.rar"压缩包中,我们主要关注的是如何使用PKCS11来处理证书。证书,通常指的是X.509证书,是公钥基础设施PKI中的重要组成部分,用于验证一个实体的身份。它包含了公钥、持有者信息、颁发者...

    证书转换生成工具protecle

    2. **证书格式**:常见的证书格式有PEM(Privacy Enhanced Mail)、DER(Distinguished Encoding Rules,二进制格式)和PKCS#12(Public Key Cryptography Standards #12)。每种格式都有其特定的应用场景和优势。 ...

    java生成证书 包括openssl

    1. 生成服务端证书:`keytool -genkey -v -alias serverkey -keyalg RSA -storetype PKCS12 -keystore kserver.key.p12` 这将生成一个服务端证书,用于 Java 应用程序。 2. 导出服务端公钥证书:`keytool -export -...

    capicom数字签名及验证源代码(pkcs#7)

    6. 处理证书链:验证签名时还需要检查证书的有效性,包括证书是否过期,颁发者是否可信,以及证书链是否完整。 通过这个源代码,开发者不仅可以学习到如何使用Capicom进行数字签名和验证,还可以了解到如何在实际...

    OpenSSL 解析P12格式证书文件

    P12格式,也称为PKCS#12,是一种常用的存储私钥和公钥证书的标准格式,常用于个人身份验证、服务器证书等场景。 在“OpenSSL 解析P12格式证书文件”这一主题中,我们主要会探讨以下几个知识点: 1. **P12格式**:...

    pkcs7_php.zip

    验签时,需要验证签名是否由拥有相应私钥的实体产生,这通常通过对比签名中嵌入的证书与已知的证书链进行。 在"pkcs7_php"这个项目中,可能包含了实现这些功能的PHP代码示例,可能包括签名函数、验签函数以及必要的...

    PKCS7签名的ASN1格式

    可使用此格式,通过ASN1C生成完整的PKCS7签名C语言代码,实现诸如SM2算法数字签名及验证。 注意,CertificateSerialNumber本来在PKCS7标准ASN1结构中定义为INTEGER类型,但由于ASN1C将INTEGER类型翻译成long,不支持...

    证书生成工具

    证书生成工具,如标题所示,是用来创建这些证书的软件。这些工具通常包括一系列命令行工具或图形用户界面(GUI)应用,使得用户能够自定义证书参数,满足特定的安全需求。 在Windows操作系统中,证书的生成涉及多种...

    C# BouncyCastle实现带原文数据PKCS#7 签名、验签

    7. **处理证书链**:在实际应用中,接收方可能还需要验证发送方的证书链,确保证书是由信任的CA(证书颁发机构)签发的,并且没有过期。这可以通过BouncyCastle的`X509CertificateParser`和`X509Store`类来完成。 ...

    pkcs10 规范

    总的来说,PKCS #10规范为公钥基础设施(PKI)中的证书申请提供了一套标准流程和数据格式,确保了公钥证书的发放和验证过程的安全与可靠。而随着网络应用的广泛扩展,PKI和PKCS #10在保障网络安全、身份验证和数据...

    SSL中各证书的转换

    openssl pkcs12 -in d:\tomcatclient.p12 -out d:\key.pem ``` 其中,“d:\tomcatclient.p12”是输入的`.p12`文件路径,“d:\key.pem”是输出的`.pem`文件路径。 #### 注意事项 - 执行此命令时可能需要输入`.p12...

    PKCS11获取USBKEY最好的例子

    PKCS11接口提供了一系列函数,这些函数允许应用程序执行诸如生成密钥对、存储和检索证书、签名和验证数据等任务。这些函数通常包括初始化、选择对象、执行加密和解密、签名和验证签名等操作。 USB KEY,也称为电子...

    C#创建数字证书并导出为pfx,并使用pfx进行非对称加解密

    源码示例是实践这些概念的关键,通过实际编写和运行代码,开发者可以更好地理解和掌握数字证书的生成、导出及非对称加解密的过程。通过不断实践和积累,无论是个人还是团队,都能提升在网络安全和软件开发方面的专业...

    pkcs#11测试源码

    标题"pkcs#11测试源码"指的是针对PKCS#11接口的源代码测试项目,目的是验证和确保PKCS#11接口在不同环境和设备上的正确性和兼容性。测试源码通常包括各种测试用例,用于覆盖接口的所有功能,如生成密钥对、加密解密...

Global site tag (gtag.js) - Google Analytics