The security API's on iOS only seem to cover extracting certain parts of the certificate.
Has anyone used openSSL or开发者_StackOverflow中文版 asn1c to allow the retrieval of Extensions, Policies etc from the certificate bytes?
Yes, you can use openSSL to parse a certificate, but it is not a easy job, since the lack of openSSL iOS docs.
First, you need the openSSL lib for iOS, and use openSSL to generate x509 cert. Then use the method in the openSSL to try to parse it.
Here is an example of how to extract UPN from a certificate extension (I answered myself). It works fine by now. Other element is similar to fetch.
精彩评论