4 Replies
      Latest reply: Dec 13, 2016 1:50 AM by weichao119 RSS
      weichao119 Level 1 Level 1 (0 points)

        Hi,

         

        I can get a SecCertificateRef object and SecKeyRef object from signature by below code,


         

            CFURLRef fmyURL = CFURLCreateFromFileSystemRepresentation(kCFAllocatorDefault, (UInt8 *)url.c_str(), url.length(), false);

            SecStaticCodeRef staticCode = NULL;

            OSStatus ret = SecStaticCodeCreateWithPath(fmyURL, kSecCSDefaultFlags, &staticCode);

         

            if (errSecSuccess == ret) {

                ret = SecStaticCodeCheckValidity(staticCode, kSecCSDefaultFlags|kSecCSDoNotValidateResources, NULL);

                printf("SecStaticCodeCheckValidity: %d\r\n", (int)ret);

                if (errSecSuccess == ret) {

                    CFDictionaryRef inform = NULL;

                    ret = SecCodeCopySigningInformation(staticCode, kSecCSSigningInformation, &inform);

                    if (errSecSuccess == ret) {

                  

                        CFArrayRef array = (CFArrayRef)CFDictionaryGetValue(inform, kSecCodeInfoCertificates);

                        if (NULL != array) {

                            CFIndex count = CFArrayGetCount(array);

                            for (int j = 0; j < count; j++) {

                                SecCertificateRef certificate = (SecCertificateRef)CFArrayGetValueAtIndex(array, j);

                                SecKeyRef key;

                                SecCertificateCopyPublicKey(certificate, &key);

                           }

                       }

                  }

             }

         

        but I want to get it's public key's hash, just like kSecPublicKeyHashItemAttr.


        But because this SecCertificateRef object is got from a signed file, it is not in the keychain, I can't use SecKeychainItemCopyAttributesAndData to get it's attributes. And so can't get it's public key's hash.


        Is there any API for me to get it?


        Thank you very much!