有关chromium浏览器 ios 读证书 验证证书 (注没有找到方法),在这里做一下笔记
来源:互联网 发布:mac自定义边栏图标 编辑:程序博客网 时间:2024/06/06 13:23
最近看了一下chromium浏览器代码,想找到 ios平台有关读证书和验证证书的接口,最终没有找到,但有发现一些证书相关的接口,不知道以后会不会用到,在这里做一下笔记。
如果你看到这篇文章,知道在ios平台有关读证书和验证证书的一些信息,希望分享一下!
chromium浏览器证书操作公用部分路径: ../src/net/cert/
此路径下cert_status_flags_list.h 头文件定义了证书状态:
// This is the list of CertStatus flags and their values.//// Defines the values using a macro CERT_STATUS_FLAG,// so it can be expanded differently in some places// The possible status bits for CertStatus.// Bits 0 to 15 are for errors.CERT_STATUS_FLAG(COMMON_NAME_INVALID, 1 << 0)CERT_STATUS_FLAG(DATE_INVALID, 1 << 1)CERT_STATUS_FLAG(AUTHORITY_INVALID, 1 << 2)// 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP).CERT_STATUS_FLAG(NO_REVOCATION_MECHANISM, 1 << 4)CERT_STATUS_FLAG(UNABLE_TO_CHECK_REVOCATION, 1 << 5)CERT_STATUS_FLAG(REVOKED, 1 << 6)CERT_STATUS_FLAG(INVALID, 1 << 7)CERT_STATUS_FLAG(WEAK_SIGNATURE_ALGORITHM, 1 << 8)// 1 << 9 was used for CERT_STATUS_NOT_IN_DNSCERT_STATUS_FLAG(NON_UNIQUE_NAME, 1 << 10)CERT_STATUS_FLAG(WEAK_KEY, 1 << 11)// 1 << 12 was used for CERT_STATUS_WEAK_DH_KEYCERT_STATUS_FLAG(PINNED_KEY_MISSING, 1 << 13)CERT_STATUS_FLAG(NAME_CONSTRAINT_VIOLATION, 1 << 14)CERT_STATUS_FLAG(VALIDITY_TOO_LONG, 1 << 15)// Bits 16 to 23 are for non-error statuses.CERT_STATUS_FLAG(IS_EV, 1 << 16)CERT_STATUS_FLAG(REV_CHECKING_ENABLED, 1 << 17)// Bit 18 was CERT_STATUS_IS_DNSSECCERT_STATUS_FLAG(SHA1_SIGNATURE_PRESENT, 1 << 19)CERT_STATUS_FLAG(CT_COMPLIANCE_FAILED, 1 << 20)// Bits 24 - 31 are for errors.CERT_STATUS_FLAG(CERTIFICATE_TRANSPARENCY_REQUIRED, 1 << 24)
ios证书相关的操作路径:../src/ios/web/net/
相关文件:
crw_cert_verification_controller.h
crw_cert_verification_controller.mm
crw_cert_verification_controller_unittest.mm
crw_cert_verification_controller.h 头文件定义:
证书下载策略:
// Accept policy for valid or invalid SSL cert.typedef NS_ENUM(NSInteger, CertAcceptPolicy) { // Cert status can't be determined due to an error. Caller should reject the // load and show a net error page. CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR = 0, // The cert is not valid. Caller may present an SSL warning and ask the user // if they want to proceed or reject the load. CERT_ACCEPT_POLICY_RECOVERABLE_ERROR_UNDECIDED_BY_USER, // The cert is not valid. However, the caller should proceed with the load // because the user has decided to proceed with this invalid cert. CERT_ACCEPT_POLICY_RECOVERABLE_ERROR_ACCEPTED_BY_USER, // The cert is valid. Caller should proceed with the load. CERT_ACCEPT_POLICY_ALLOW,};
- (void)decideLoadPolicyForTrust:(base::ScopedCFTypeRef<SecTrustRef>)trust host:(NSString*)host completionHandler:(web::PolicyDecisionHandler)completionHandler;
此函数根据trust和host决定证书的状态
- (void)querySSLStatusForTrust:(base::ScopedCFTypeRef<SecTrustRef>)trust host:(NSString*)host completionHandler:(web::StatusQueryHandler)completionHandler;
此函数记录证书被允许用于host 在以后decideLoadPolicyForTrust调用中
- (void)allowCert:(scoped_refptr<net::X509Certificate>)cert forHost:(NSString*)host status:(net::CertStatus)status;
仅做一下记录,如有新的发现再更新...
0 0
- 有关chromium浏览器 ios 读证书 验证证书 (注没有找到方法),在这里做一下笔记
- iOS HPPTS证书验证
- ios证书笔记
- iOS UIWebView 访问https 绕过证书验证的方法
- iOS UIWebView 访问https 绕过证书验证的方法
- iOS UIWebView 访问https绕过证书验证的方法
- Chromium+GoAgent证书导入
- 无法在证书存储区中找到清单签名证书
- 无法在证书存储区中找到清单签名证书
- 无法在证书存储区中找到清单签名证书
- 无法在证书存储区中找到清单签名证书
- 无法在证书存储区中找到清单签名证书
- 无法在证书存储区中找到清单签名证书
- 有关于iOS测试证书问题
- ClickOnce,无法在证书存储区中找到清单签名证书的错误提示,应用程序自动更新的方法总结。
- iOS制作推送证书笔记
- IOS 生成pem证书方法
- IOS 生成pem证书方法
- Gentos6.5 配置node 环境
- transient
- Linux下sshd服务
- 数据结构实验之图论八:欧拉回路
- Appium真机运行Device Name获取方法
- 有关chromium浏览器 ios 读证书 验证证书 (注没有找到方法),在这里做一下笔记
- Android N 通知
- 黑客必备的s.exe源码
- [iOS 报错] local declaration of hides instance
- objc_setAssociatedObject的使用
- linux逻辑卷-修改分区大小
- HDU Median (乱搞)
- Java面试基础知识提纲
- crontab文件配置简要说明