4 Replies
      Latest reply: Dec 13, 2016 1:50 AM by weichao119 RSS
      weichao119 Level 1 Level 1 (0 points)



        I can get a SecCertificateRef object and SecKeyRef object from signature by below code,


            CFURLRef fmyURL = CFURLCreateFromFileSystemRepresentation(kCFAllocatorDefault, (UInt8 *)url.c_str(), url.length(), false);

            SecStaticCodeRef staticCode = NULL;

            OSStatus ret = SecStaticCodeCreateWithPath(fmyURL, kSecCSDefaultFlags, &staticCode);


            if (errSecSuccess == ret) {

                ret = SecStaticCodeCheckValidity(staticCode, kSecCSDefaultFlags|kSecCSDoNotValidateResources, NULL);

                printf("SecStaticCodeCheckValidity: %d\r\n", (int)ret);

                if (errSecSuccess == ret) {

                    CFDictionaryRef inform = NULL;

                    ret = SecCodeCopySigningInformation(staticCode, kSecCSSigningInformation, &inform);

                    if (errSecSuccess == ret) {


                        CFArrayRef array = (CFArrayRef)CFDictionaryGetValue(inform, kSecCodeInfoCertificates);

                        if (NULL != array) {

                            CFIndex count = CFArrayGetCount(array);

                            for (int j = 0; j < count; j++) {

                                SecCertificateRef certificate = (SecCertificateRef)CFArrayGetValueAtIndex(array, j);

                                SecKeyRef key;

                                SecCertificateCopyPublicKey(certificate, &key);






        but I want to get it's public key's hash, just like kSecPublicKeyHashItemAttr.

        But because this SecCertificateRef object is got from a signed file, it is not in the keychain, I can't use SecKeychainItemCopyAttributesAndData to get it's attributes. And so can't get it's public key's hash.

        Is there any API for me to get it?

        Thank you very much!