[英]Replace deprecated `SecTrustGetCertificateAtIndex` in iOS 15?
I'm getting a deprecation warning in iOS 15
SDK, but the suggested replacement is not a one-to-one replacement.我在iOS 15
SDK 中收到弃用警告,但建议的替换不是一对一的替换。 This is what I have for evaluating the SSL trust chain:这是我用于评估 SSL 信任链的内容:
func valid(_ trust: SecTrust, forHost host: String) -> Bool {
guard valid(trust, for: [SecPolicyCreateSSL(true, nil)]),
valid(trust, for: [SecPolicyCreateSSL(true, host as CFString)]) else {
return false
}
let serverCertificatesData = Set(
(0..<SecTrustGetCertificateCount(trust))
.compactMap { SecTrustGetCertificateAtIndex(trust, $0) }
.map { SecCertificateCopyData($0) as Data }
)
let pinnedCertificatesData = Set(
certificates.map { SecCertificateCopyData($0) as Data }
)
return !serverCertificatesData.isDisjoint(with: pinnedCertificatesData)
}
The warning I get in Xcode 13 beta is:我在 Xcode 13 beta 中收到的警告是:
'SecTrustGetCertificateAtIndex' was deprecated in iOS 15.0: renamed to 'SecTrustCopyCertificateChain(_:)'.
Use 'SecTrustCopyCertificateChain(_:)' instead.
However, SecTrustGetCertificateAtIndex
( docs ) returns SecCertificate
where SecTrustCopyCertificateChain
( docs ) returns a CFArray
.但是, SecTrustGetCertificateAtIndex
( docs ) 返回SecCertificate
,其中SecTrustCopyCertificateChain
( docs ) 返回CFArray
。 How can this properly be updated in the usage I provided?如何在我提供的用法中正确更新?
iOS 14.5 => iOS 15 SDK Diff indicates that the only additions are these ( as of Xcode 13 Beta 1 ) iOS 14.5 => iOS 15 SDK Diff表明唯一的添加是这些(从 Xcode 13 Beta 1 开始)
SecBase.h
Added errSecInvalidCRLAuthority
Added errSecInvalidTupleCredentials
Added errSecCertificateDuplicateExtension
SecTrust.h
Added SecTrustCopyCertificateChain()
They didn't add any new sibling type to SecCertificate
.他们没有向SecCertificate
添加任何新的兄弟类型。 As you already noted that it returns a CFArray
.正如您已经注意到的,它返回一个CFArray
。
func SecTrustCopyCertificateChain(_ trust: SecTrust) -> CFArray?
So for this part of your code -所以对于这部分代码 -
let serverCertificatesData = Set(
(0..<SecTrustGetCertificateCount(trust))
.compactMap { SecTrustGetCertificateAtIndex(trust, $0) }
.map { SecCertificateCopyData($0) as Data }
)
It seems worth a try that SecTrustCopyCertificateChain
might return a CFArray
of SecCertificate
instances? SecTrustCopyCertificateChain
可能会返回一个SecCertificate
实例的CFArray
似乎值得一试? Unfortunately I can't debug this right now.不幸的是,我现在无法调试它。
Maybe try something like this -也许尝试这样的事情 -
if let certificates = SecTrustCopyCertificateChain(trust) as? [SecCertificate] {
let serverCertificatesData = Set(
certificates.map { SecCertificateCopyData($0) as Data }
)
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.