最近看了一下chromium瀏覽器代碼，想找到 ios平臺有關讀證書和驗證證書的接口，最終沒有找到，但有發現一些證書相關的接口，不知道以后會不會用到，在這里做一下筆記。

如果你看到這篇文章，知道在ios平臺有關讀證書和驗證證書的一些信息，希望分享一下！

chromium瀏覽器證書操作公用部分路徑：?../src/net/cert/

此路徑下cert_status_flags_list.h 頭文件定義了證書狀態：

// This is the list of CertStatus flags and their values. // // Defines the values using a macro CERT_STATUS_FLAG, // so it can be expanded differently in some places// The possible status bits for CertStatus. // Bits 0 to 15 are for errors. CERT_STATUS_FLAG(COMMON_NAME_INVALID, 1 << 0) CERT_STATUS_FLAG(DATE_INVALID, 1 << 1) CERT_STATUS_FLAG(AUTHORITY_INVALID, 1 << 2) // 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP). CERT_STATUS_FLAG(NO_REVOCATION_MECHANISM, 1 << 4) CERT_STATUS_FLAG(UNABLE_TO_CHECK_REVOCATION, 1 << 5) CERT_STATUS_FLAG(REVOKED, 1 << 6) CERT_STATUS_FLAG(INVALID, 1 << 7) CERT_STATUS_FLAG(WEAK_SIGNATURE_ALGORITHM, 1 << 8) // 1 << 9 was used for CERT_STATUS_NOT_IN_DNS CERT_STATUS_FLAG(NON_UNIQUE_NAME, 1 << 10) CERT_STATUS_FLAG(WEAK_KEY, 1 << 11) // 1 << 12 was used for CERT_STATUS_WEAK_DH_KEY CERT_STATUS_FLAG(PINNED_KEY_MISSING, 1 << 13) CERT_STATUS_FLAG(NAME_CONSTRAINT_VIOLATION, 1 << 14) CERT_STATUS_FLAG(VALIDITY_TOO_LONG, 1 << 15)// Bits 16 to 23 are for non-error statuses. CERT_STATUS_FLAG(IS_EV, 1 << 16) CERT_STATUS_FLAG(REV_CHECKING_ENABLED, 1 << 17) // Bit 18 was CERT_STATUS_IS_DNSSEC CERT_STATUS_FLAG(SHA1_SIGNATURE_PRESENT, 1 << 19) CERT_STATUS_FLAG(CT_COMPLIANCE_FAILED, 1 << 20)// Bits 24 - 31 are for errors. CERT_STATUS_FLAG(CERTIFICATE_TRANSPARENCY_REQUIRED, 1 << 24)
ios證書相關的操作路徑：../src/ios/web/net/
相關文件：
crw_cert_verification_controller.h
crw_cert_verification_controller.mm
crw_cert_verification_controller_unittest.mm

crw_cert_verification_controller.h 頭文件定義：

證書下載策略：

// Accept policy for valid or invalid SSL cert. typedef NS_ENUM(NSInteger, CertAcceptPolicy) {// Cert status can't be determined due to an error. Caller should reject the// load and show a net error page.CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR = 0,// The cert is not valid. Caller may present an SSL warning and ask the user// if they want to proceed or reject the load.CERT_ACCEPT_POLICY_RECOVERABLE_ERROR_UNDECIDED_BY_USER,// The cert is not valid. However, the caller should proceed with the load// because the user has decided to proceed with this invalid cert.CERT_ACCEPT_POLICY_RECOVERABLE_ERROR_ACCEPTED_BY_USER,// The cert is valid. Caller should proceed with the load.CERT_ACCEPT_POLICY_ALLOW, };

此函數根據trust和host決定證書下載策略

- (void)decideLoadPolicyForTrust:(base::ScopedCFTypeRef<SecTrustRef>)trusthost:(NSString*)hostcompletionHandler:(web::PolicyDecisionHandler)completionHandler;
此函數根據trust和host決定證書的狀態

- (void)querySSLStatusForTrust:(base::ScopedCFTypeRef<SecTrustRef>)trusthost:(NSString*)hostcompletionHandler:(web::StatusQueryHandler)completionHandler;
此函數記錄證書被允許用于host 在以后decideLoadPolicyForTrust調用中

- (void)allowCert:(scoped_refptr<net::X509Certificate>)certforHost:(NSString*)hoststatus:(net::CertStatus)status;
僅做一下記錄，如有新的發現再更新...?

總結

以上是生活随笔為你收集整理的有关chromium浏览器 ios 读证书 验证证书 （注没有找到方法），在这里做一下笔记的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。