Hi,
I can get a SecCertificateRef object and SecKeyRef object from signature by below code,
CFURLRef fmyURL = CFURLCreateFromFileSystemRepresentation(kCFAllocatorDefault, (UInt8 *)url.c_str(), url.length(), false);
SecStaticCodeRef staticCode = NULL;
OSStatus ret = SecStaticCodeCreateWithPath(fmyURL, kSecCSDefaultFlags, &staticCode);
if (errSecSuccess == ret) {
ret = SecStaticCodeCheckValidity(staticCode, kSecCSDefaultFlags|kSecCSDoNotValidateResources, NULL);
printf("SecStaticCodeCheckValidity: %d\r\n", (int)ret);
if (errSecSuccess == ret) {
CFDictionaryRef inform = NULL;
ret = SecCodeCopySigningInformation(staticCode, kSecCSSigningInformation, &inform);
if (errSecSuccess == ret) {
CFArrayRef array = (CFArrayRef)CFDictionaryGetValue(inform, kSecCodeInfoCertificates);
if (NULL != array) {
CFIndex count = CFArrayGetCount(array);
for (int j = 0; j < count; j++) {
SecCertificateRef certificate = (SecCertificateRef)CFArrayGetValueAtIndex(array, j);
SecKeyRef key;
SecCertificateCopyPublicKey(certificate, &key);
}
}
}
}
but I want to get it's public key's hash, just like kSecPublicKeyHashItemAttr.
But because this SecCertificateRef object is got from a signed file, it is not in the keychain, I can't use SecKeychainItemCopyAttributesAndData to get it's attributes. And so can't get it's public key's hash.
Is there any API for me to get it?
Thank you very much!