SSL Socket connection iOS -


i trying setup secure connection java run sslserversocket.

i have created own root ca, , have signed certificate java sslserversocket using certificate.

i want add root certificate app certificate signed root certificate work.

so far have secure connection working fine setting read , write stream properties this:

nsdictionary *settings = [[nsdictionary alloc] initwithobjectsandkeys: (id)kcfstreamsocketsecuritylevelnegotiatedssl, kcfstreampropertysocketsecuritylevel, [nsnumber numberwithbool:yes], kcfstreamsslallowsexpiredcertificates, [nsnumber numberwithbool:yes], kcfstreamsslallowsexpiredroots, [nsnumber numberwithbool:no], kcfstreamsslvalidatescertificatechain,nil];

i add certificate keychain this:

-(void)addrootcert{ nsstring* rootcertpath = [[nsbundle mainbundle] pathforresource:@"rootca" oftype:@"der"]; nsdata* rootcertdata = [nsdata datawithcontentsoffile:rootcertpath];  osstatus err = noerr; seccertificateref rootcert = seccertificatecreatewithdata(kcfallocatordefault, (__bridge cfdataref)rootcertdata); nsdictionary* dict = [nsdictionary dictionarywithobjectsandkeys:(__bridge_transfer id)ksecclasscertificate, ksecclass, rootcert, ksecvalueref, nil];  err = secitemadd((__bridge cfdictionaryref) dict, null); if (err == noerr) {     nslog(@"sucessfully added root certificate"); }else if (err == errsecduplicateitem){     nslog(@"root certificate exists"); }else{     nslog(@"root certificate add failed"); } }

this fine want validate certificate chain, app accepts certificates signed ca (or default trusted ones)

how can this?

if set kcfstreamsslvalidatescertificatechain yes, error: cfnetwork sslhandshake failed (-9807) if it's no, doesn't matter signed server certificate, connect regardless (i assume that's right?)

thanks!

technote 2232, "https server trust evaluation", should have answers need. there documentation , several examples of how evaluate server trust.


Comments

Post a Comment

Popular posts from this blog

c++ - CryptStringToBinary API behavior -

i seeing strange behavior cryptstringtobinary cryptography api. please see below code (config: x64 debug): #include "stdafx.h" #include <windows.h> #include <strsafe.h> #include <iostream> #include <exception> void main() { dword dwskip; dword dwflags; dword dwdatalen; //lpcwstr pszinput = l"jaaaaaecaaadzgaaakqaagdnnl1l56bwgfjdgr3rpxtqqqn6daw3usv2emkjym4t"; //this works fine lpcwstr pszinput = l"mytest"; //doesnt work, api returns false,error code 0x0000000d // determine size of byte array , allocate memory. if(! cryptstringtobinary( pszinput, _tcslen( pszinput ) + 1, crypt_string_base64, null, &dwdatalen, &dwskip, &dwflags ) ) { dword dw = getlasterror(); //0x0000000d: data invalid throw std::exception( "error computing byte length." ); } byte *pbytebyte = null; try { ...
Read more

java.util.scanner - How to read and add only numbers to array from a text file -

i'm learning java , have question regarding reading file want read numbers file contains strings well. here example of file: 66.56 "3 java 3-43 5-42 2.1 1 and here coding: public class test { public static void main (string [] args){ if (0 < args.length) { file x = new file(args[0]); try{ scanner in = new scanner( new fileinputstream(x)); arraylist<double> test = new arraylist<>(); while(in.hasnext()){ if(in.hasnextdouble()){ double f=in.nextdouble(); test.add(f);} else {in.next();} } catch(ioexception e) { system.err.println("exception during reading: " + e); } } my problem add 66.56,2.1 , 1 doesn't add 3 after "3 or ignores 3-43 , 5-42 can tell me how skip strings , add doubles here? thanks all said 3 ie; "3, 3-43 , 4-42 strings either u read string , split , check number @ " , - or put in space between characters , integers. jvm after compilation tre...
Read more

iphone - Three second countdown in cocos2d -

i trying have 3 second countdown display when level beat in game. did: -(void) gamesegmentbeat { [self pauseschedulerandactions]; // overlay game opaque background ccsprite *opaquebg = [ccsprite spritewithfile:@"background1.png"]; opaquebg.position = screencenter; [self addchild:opaquebg z:10000]; // these 3 labels 3 seconds cclabelttf *three = [cclabelttf labelwithstring:@"3" fontname:@"helvetica" fontsize:100]; three.position = ccp(screencenter.x, screencenter.y); cclabelttf *two = [cclabelttf labelwithstring:@"2" fontname:@"helvetica" fontsize:100]; two.position = ccp(screencenter.x, screencenter.y); cclabelttf *one = [cclabelttf labelwithstring:@"1" fontname:@"helvetica" fontsize:100]; one.position = ccp(screencenter.x, screencenter.y); // secondspast specified in update method secondspast = 0; if (secondspast == 1) { [self addchild:thr...
Read more