如何使iPhoneHTTPServer安全的服务器

Question

我对iPhone的发展很新。

我从bellow链接下载了iPhoneHTTPServer应用程序。 https://github.com/robbiehanson/CocoaHTTPServer/tree/master/Samples/iPhoneHTTPServer

它对HTTP请求正常工作。

现在我想把它作为一个安全的服务器。 （使用HTTPS） 为我所控继MyHTTPConnection.m两种方法

我可以肯定在这个方法的变化：

/** 
* Overrides HTTPConnection's method 
**/ 
- (BOOL)isSecureServer 
{ 
    // Create an HTTPS server (all connections will be secured via SSL/TLS) 
    return YES; 
} 

我需要应用在波纹管方法的变化：（请指引我） 问题：DDKeychain和Cocoa.h不适用于iOS。

/** 
    * Overrides HTTPConnection's method 
    * 
    * This method is expected to returns an array appropriate for use in 
    * kCFStreamSSLCertificates SSL Settings. 
    * It should be an array of SecCertificateRefs except for the first element in 
    * the array, which is a SecIdentityRef. 
    **/ 
    - (NSArray *)sslIdentityAndCertificates 
    { 
     NSArray *result = [DDKeychain SSLIdentityAndCertificates]; 
     if([result count] == 0) 
     { 
     [DDKeychain createNewIdentity]; 
     return [DDKeychain SSLIdentityAndCertificates]; 
     } 
     return result; 
    } 

Answer 1

我已经解决了的问题与以下步骤：从您的钥匙串访问控制（MAC OS X）

• 打开钥匙串访问
• 选择证书
  1. 导出证书，点击右键并选择导出...
  2. 以文件格式导出证书：个人信息交换（.p12）
     
  3. 提供用于导出文件的名称和密码。
     文件名：TestCertificate.p12
     密码：test123（*试试你的管理员登录通行证，如果没有工作）
     
     

进口TestCertificate.p12在你的XCode项目。

添加安全框架在您的项目中。

导入Security.h文件在你的代码。

#import <Security/Security.h>

替代和更改sslIdentityAndCertificates方法波纹管。

/** 
    * Overrides HTTPConnection's method 
    * 
    * This method is expected to returns an array appropriate for use in kCFStreamSSLCertificates SSL Settings. 
    * It should be an array of SecCertificateRefs except for the first element in the array, which is a SecIdentityRef. 
    **/ 
    - (NSArray *)sslIdentityAndCertificates 
    {  
     SecIdentityRef identityRef = NULL; 
     SecCertificateRef certificateRef = NULL; 
     SecTrustRef trustRef = NULL; 

     NSString *thePath = [[NSBundle mainBundle] pathForResource:@"TestCertificate" ofType:@"p12"]; 
     NSData *PKCS12Data = [[NSData alloc] initWithContentsOfFile:thePath]; 
     CFDataRef inPKCS12Data = (CFDataRef)PKCS12Data; 
     CFStringRef password = CFSTR("test123"); 
     const void *keys[] = { kSecImportExportPassphrase }; 
     const void *values[] = { password }; 
     CFDictionaryRef optionsDictionary = CFDictionaryCreate(NULL, keys, values, 1, NULL, NULL); 
     CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL); 

     OSStatus securityError = errSecSuccess; 
     securityError = SecPKCS12Import(inPKCS12Data, optionsDictionary, &items); 
     if (securityError == 0) { 
      CFDictionaryRef myIdentityAndTrust = CFArrayGetValueAtIndex (items, 0); 
      const void *tempIdentity = NULL; 
      tempIdentity = CFDictionaryGetValue (myIdentityAndTrust, kSecImportItemIdentity); 
      identityRef = (SecIdentityRef)tempIdentity; 
      const void *tempTrust = NULL; 
      tempTrust = CFDictionaryGetValue (myIdentityAndTrust, kSecImportItemTrust); 
      trustRef = (SecTrustRef)tempTrust; 
     } else { 
      NSLog(@"Failed with error code %d",(int)securityError); 
      return nil; 
     } 

     SecIdentityCopyCertificate(identityRef, &certificateRef); 
     NSArray *result = [[NSArray alloc] initWithObjects:(id)identityRef, (id)certificateRef, nil]; 

     return result;  
    }