There are many questions on the forum that concern members' difficulties with the SecPKCS12Import function, however after browsing all I find none that exactly share my struggles. With the code below and using the private.p12 file from the example project from the Apple developer library (https://developer.apple.com/library/content/samplecode/CryptoCompatibility/CryptoCompatibility.zip), I always get the errSecAuthFailed result. I cannot see why.
Relevant info: iOS 10.1.x, certificates to be used with NSStream as kCFStreamSSLCertificates for client certificate authentication, (as stated in title) Swift 3, to be used with self-signed certificates whose private key is password protected and a non-null export passphrase for the pkcs12 file.
Please help 😟
Many thanks!
let pkcsFilePath = Bundle.main.path(forResource: "private", ofType: "p12")
let pkcsData = NSData(contentsOfFile: pkcsFilePath!)
var clientCertificates: CFArray? = nil
let keys = [kSecImportExportPassphrase]
let keysPointer = UnsafeMutablePointer<UnsafeRawPointer?>.allocate(capacity: 1)
keysPointer.initialize(to: keys)
let values: [CFString] = ["test" as CFString]
let valuesPointer = UnsafeMutablePointer<UnsafeRawPointer?>.allocate(capacity: 1)
valuesPointer.initialize(to: values)
let pkcs12ImportOptions = CFDictionaryCreate(kCFAllocatorDefault, keysPointer, valuesPointer, 1, nil, nil)
let importResult: OSStatus = SecPKCS12Import(pkcsData!, pkcs12ImportOptions!, &clientCertificates)
switch importResult {
case noErr:
NSLog("noErr: Success \(clientCertificates)")
case errSecAuthFailed:
NSLog("errSecAuthFailed: Authorization/Authentication failed. \(clientCertificates)")
default:
NSLog("Unspecified OSStatus error: \(importResult)")
}