DER to NSString

Hi,


I’m working on certificate based authentication for my application. I can able to get the certificate from keychain, it’s in DER format with CFData type. I need to send the certificate CFData to server for authentication, is it possible to convert the certificate data into NSString format?

Thank you

Replies

There are many different ways that you could translate a DER certificate to a string. Please post an example of the data you have (a hex dump is best) and the string you’re looking for.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Hi Quinn,

Thank you for the response, please find the below attached data you have requested,


Here’s the data I’m trying to convert which has length of 1610:

Printing description of certData:

<30820646 3082052e a0030201 02020a31 12b1a400 00000000 15300d06 092a8648 86f70d01 010b0500 305a3113 3011060a 09922689 93f22c64 01191603 636f6d31 13301106 0a099226 8993f22c 64011916 03617474 31173015 060a0992 268993f2 2c640119 1607696e 742d6361 32311530 13060355 0403130c 696e742d 6361322d 32303038 301e170d 31383035 32313139 33343439 5a170d31 39303532 31313933 3434395a 306c3113 3011060a 09922689 93f22c64 01191603 636f6d31 13301106 0a099226 8993f22c 64011916 03617474 31173015 060a0992 268993f2 2c640119 1607696e 742d6361 32310e30 0c060355 04031305 55736572 73311730 15060355 0403130e 64656e69 73652068 696e7368 61773082 0122300d 06092a86 4886f70d 01010105 00038201 0f003082 010a0282 010100c3 00a369a8 093a3bd7 e22a5d79 77cbee8b 3f9506fb 628d7efc 4b5f932d 82b52226 e7ceacb1 a2fe45aa 57dcb913 4900f17c 416f19e3 1c1e6c7f 3623fc71 1da3d3e4 b9357724 ae38295f 78a47bc3 be8af6b9 d7a8754d d033bae4 20bc7e71 183e359f 698c611a 3a3698b6 d410acc0 54062b64 f5a504bf 6cb88629 cde8254f 4ad59de1 10ca3c1a 432178a3 64b23550 668a1a5d 7dda33bf 3d01da21 54b72e2e 754bcccc 0d1e51a8 c950045a 03b689ab ac20de5e bc8b1a71 c3ecfa61 680d208a 92420e25 c501ad6d dfab1b4f 06eea457 8977c551 9352e72e 1f3a59e3 e2b8786a f3e15d77 65a01e6d 1d963d89 f9c0b5b1 e79bd0e6 7d67fea2 c26287ea 8a8f561d b84de902 03010001 a38202fa 308202f6 301d0603 551d0e04 160414a6 e2c4ce3f 69079f9d 76cf2baa f8448ffd 35511230 1f060355 1d230418 30168014 10572465 a01915ea 3978ed32 b6a2017a 593cdf17 3082011c 0603551d 1f048201 13308201 0f308201 0ba08201 07a08201 038681bf 6c646170 3a2f2f2f 434e3d69 6e742d63 61322d32 3030382c 434e3d32 3030382d 496e7443 612d322c 434e3d43 44502c43 4e3d5075 626c6963 2532304b 65792532 30536572 76696365 732c434e 3d536572 76696365 732c434e 3d436f6e 66696775 72617469 6f6e2c44 433d696e 742d6361 322c4443 3d617474 2c44433d 636f6d3f 63657274 69666963 61746552 65766f63 6174696f 6e4c6973 743f6261 73653f6f 626a6563 74436c61 73733d63 524c4469 73747269 62757469 6f6e506f 696e7486 3f687474 703a2f2f 32303038 2d696e74 63612d32 2e696e74 2d636132 2e617474 2e636f6d 2f436572 74456e72 6f6c6c2f 696e742d 6361322d 32303038 2e63726c 3081c506 082b0601 05050701 010481b8 3081b530 81b20608 2b060105 05073002 8681a56c 6461703a 2f2f2f43 4e3d696e 742d6361 322d3230 30382c43 4e3d4149 412c434e 3d507562 6c696325 32304b65 79253230 53657276 69636573 2c434e3d 53657276 69636573 2c434e3d 436f6e66 69677572 6174696f 6e2c4443 3d696e74 2d636132 2c44433d 6174742c 44433d63 6f6d3f63 41436572 74696669 63617465 3f626173 653f6f62 6a656374 436c6173 733d6365 72746966 69636174 696f6e41 7574686f 72697479 30170609 2b060104 01823714 02040a1e 08005500 73006500 72300e06 03551d0f 0101ff04 04030205 a0302906 03551d25 04223020 060a2b06 01040182 370a0304 06082b06 01050507 03040608 2b060105 05070302 30320603 551d1104 2b3029a0 27060a2b 06010401 82371402 03a0190c 1768696e 73686177 40696e74 2d636132 2e617474 2e636f6d 30440609 2a864886 f70d0109 0f043730 35300e06 082a8648 86f70d03 02020200 80300e06 082a8648 86f70d03 04020200 80300706 052b0e03 0207300a 06082a86 4886f70d 0307300d 06092a86 4886f70d 01010b05 00038201 0100961d 333b8cf5 32d8f217 a8c6c7c6 9dcb3ff3 9595989c 1ce6e570 b61c455c 9380dc56 b41fbc36 670d057a e37fc6cc c6030663 3adb37d3 e8cfcd7e dc084fb3 b7d2b913 829f7b80 17011698 cd47db04 33eeaa9f 52434a2c 574bd9c3 0f4699d2 9e037052 3d7561ab 830b6009 4fa36c39 ada7d8aa f6cff21a eaaf9f36 4bbbb207 3fe14f6c fa9295ac 66831d3c 2bde7132 78dbff95 c224cfd3 0bb26146 7431dde6 bd1b8616 d375d772 1f6f940f 89802761 adce36bb 23aa6bbc fea4d87e 8fa8d7ff bff71d24 a4b8cfec 4768821b 8cde3e4a 04157205 ca509547 62a8f917 6e7ab381 b61d27cd 46e29974 461fd7f4 3c77e61d 9b6576e6 b90c5dd9 d11d25e7 551e99fb 1e97>


Converting to string with encoding type ‘NSASCIIStringEncoding’

NSString *str = [[NSString alloc] initWithData:certData encoding:NSASCIIStringEncoding];


After conversion I can see small string on description.

Printing description of str:

0‚F0‚.

1±¤

(lldb) po str

0‚F0‚.

1±¤


Converted the same string to unsigned char type with UTF8String, getting below format string with length 78.

(lldb) po [str UTF8String]

"0\xffffffc2\xffffff82\x06F0\xffffffc2\xffffff82\x05.\xffffffc2\xffffffa0\x03\x02\x01\x02\x02\n1\x12\xffffffc2\xffffffb1\xffffffc2\xffffffa4"


but actual string length showing same as data length.

(lldb) po [str length]

1610

Hi Quinn,


Just following up with you regarding my earilier post, it just gone over a month, Please let me know if you need any additional information.


Thank you,

Ganesh.

Just following up with you regarding my earilier post, it just gone over a month

Indeed. Sorry about that. I’m not sure how I missed your earlier response.

However, please note that DevForums is not an official support service. If you want official support, open a DTS tech support incident. Providing such support is my day job.

You wrote:

Printing description of certData:

This is a DER encoding certificate. There’s isn’t a ‘one true way’ of converting this to text. Earlier you wrote:

I need to send the certificate CFData to server for authentication

What format is your server expecting to receive this as? Can you post an example of that?

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Hi Quinn, Thank you for the response....!


Server expecting the data in Hex format like below


B9134900 F17C416F 19E31C1E 6C7F3623

FC711DA3 D3E4B935 7724AE38 295F78A4

7BC3BE8A F6B9D7A8 754DD033 BAE420BC

7E71183E 359F698C 611A3A36 98B6D410

ACC05406 2B64F5A5 04BF6CB8 8629CDE8

254F4AD5 9DE110CA 3C1A4321 78A364B2

3550668A 1A5D7DDA 33BF3D01 DA2154B7

2E2E754B CCCC0D1E 51A8C950 045A03B6

89ABAC20 DE5EBC8B 1A71C3EC FA61680D

208A9242 0E25C501 AD6DDFAB 1B4F06EE

A4578977 C5519352 E72E1F3A 59E3E2B8

786AF3E1 5D7765A0 1E6D1D96 3D89F9C0

B5B1E79B D0E67D67 FEA2C262 87EA8A8F

561DB84D E9020301 0001A382 02FA3082

02F6301D 0603551D 0E041604 14A6E2C4



Thank you,

Ganesh.

Server expecting the data in Hex format like below

Does that data correspond to the certificate you posted on 7 Apr? Or is it from some other certificate?

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Hi, Quinn,


Yes, the data corresponds to the certificate I have posted earlier. I have not shared the entire data here. Please let me know if you are expecting complete data.


Thank you,

Ganesh.

the data corresponds to the certificate I have posted earlier.

Hmmm, I can’t see any way to derive the data from your 20 May post from the certificate in your 7 Apr post. None of the obvious things — for example, the raw bytes of the public key sealed by the certificate — line up. You will need to talk with your server folks to get more details on how they expect you derive one from the other.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"