替换 iOS 15 中已弃用的“SecTrustGetCertificateAtIndex”?
Replace deprecated `SecTrustGetCertificateAtIndex` in iOS 15?
我在 iOS 15 SDK 中收到弃用警告,但建议的替换不是一对一的替换。这是我用于评估 SSL 信任链的内容:
func valid(_ trust: SecTrust, forHost host: String) -> Bool {
guard valid(trust, for: [SecPolicyCreateSSL(true, nil)]),
valid(trust, for: [SecPolicyCreateSSL(true, host as CFString)]) else {
return false
}
let serverCertificatesData = Set(
(0..<SecTrustGetCertificateCount(trust))
.compactMap { SecTrustGetCertificateAtIndex(trust, [=11=]) }
.map { SecCertificateCopyData([=11=]) as Data }
)
let pinnedCertificatesData = Set(
certificates.map { SecCertificateCopyData([=11=]) as Data }
)
return !serverCertificatesData.isDisjoint(with: pinnedCertificatesData)
}
我在 Xcode 13 beta 中收到的警告是:
'SecTrustGetCertificateAtIndex' was deprecated in iOS 15.0: renamed to 'SecTrustCopyCertificateChain(_:)'.
Use 'SecTrustCopyCertificateChain(_:)' instead.
不过,SecTrustGetCertificateAtIndex(docs) returns SecCertificate where SecTrustCopyCertificateChain (docs)returns一个CFArray。如何在我提供的用法中正确更新?
iOS 14.5 => iOS 15 SDK Diff 表示唯一的添加是这些 (as of Xcode 13 Beta 1)
SecBase.h
Added errSecInvalidCRLAuthority
Added errSecInvalidTupleCredentials
Added errSecCertificateDuplicateExtension
SecTrust.h
Added SecTrustCopyCertificateChain()
他们没有向 SecCertificate 添加任何新的兄弟类型。正如您已经注意到的,它 return 是 CFArray。
func SecTrustCopyCertificateChain(_ trust: SecTrust) -> CFArray?
因此对于您的这部分代码 -
let serverCertificatesData = Set(
(0..<SecTrustGetCertificateCount(trust))
.compactMap { SecTrustGetCertificateAtIndex(trust, [=12=]) }
.map { SecCertificateCopyData([=12=]) as Data }
)
似乎值得一试 SecTrustCopyCertificateChain 可能 return CFArray 个 SecCertificate 个实例?不幸的是,我现在无法调试它。
也许试试这样的东西 -
if let certificates = SecTrustCopyCertificateChain(trust) as? [SecCertificate] {
let serverCertificatesData = Set(
certificates.map { SecCertificateCopyData([=13=]) as Data }
)
}
我在 iOS 15 SDK 中收到弃用警告,但建议的替换不是一对一的替换。这是我用于评估 SSL 信任链的内容:
func valid(_ trust: SecTrust, forHost host: String) -> Bool {
guard valid(trust, for: [SecPolicyCreateSSL(true, nil)]),
valid(trust, for: [SecPolicyCreateSSL(true, host as CFString)]) else {
return false
}
let serverCertificatesData = Set(
(0..<SecTrustGetCertificateCount(trust))
.compactMap { SecTrustGetCertificateAtIndex(trust, [=11=]) }
.map { SecCertificateCopyData([=11=]) as Data }
)
let pinnedCertificatesData = Set(
certificates.map { SecCertificateCopyData([=11=]) as Data }
)
return !serverCertificatesData.isDisjoint(with: pinnedCertificatesData)
}
我在 Xcode 13 beta 中收到的警告是:
'SecTrustGetCertificateAtIndex' was deprecated in iOS 15.0: renamed to 'SecTrustCopyCertificateChain(_:)'.
Use 'SecTrustCopyCertificateChain(_:)' instead.
不过,SecTrustGetCertificateAtIndex(docs) returns SecCertificate where SecTrustCopyCertificateChain (docs)returns一个CFArray。如何在我提供的用法中正确更新?
iOS 14.5 => iOS 15 SDK Diff 表示唯一的添加是这些 (as of Xcode 13 Beta 1)
SecBase.h
Added errSecInvalidCRLAuthority
Added errSecInvalidTupleCredentials
Added errSecCertificateDuplicateExtension
SecTrust.h
Added SecTrustCopyCertificateChain()
他们没有向 SecCertificate 添加任何新的兄弟类型。正如您已经注意到的,它 return 是 CFArray。
func SecTrustCopyCertificateChain(_ trust: SecTrust) -> CFArray?
因此对于您的这部分代码 -
let serverCertificatesData = Set(
(0..<SecTrustGetCertificateCount(trust))
.compactMap { SecTrustGetCertificateAtIndex(trust, [=12=]) }
.map { SecCertificateCopyData([=12=]) as Data }
)
似乎值得一试 SecTrustCopyCertificateChain 可能 return CFArray 个 SecCertificate 个实例?不幸的是,我现在无法调试它。
也许试试这样的东西 -
if let certificates = SecTrustCopyCertificateChain(trust) as? [SecCertificate] {
let serverCertificatesData = Set(
certificates.map { SecCertificateCopyData([=13=]) as Data }
)
}