Obtain a certificate reference and store it in a password protected data vault to use for X.509 certificate authentication.
// Obtain a reference to the certificate store
SUPCertificateStore *certStore = [SUPCertificateStore getDefault];
// Import a certificate from iPhone keychain (into memory)
NSString *label = ...; // ask user to select a label
NSString *password = ...; // ask the user for a password
SUPLoginCertificate *cert = [certStore getSignedCertificate:label withPassword:password];
// Alternate code: import a certificate from the server into memory (server must be specially configured for this):
NSString *windows_username = .... // Windows username for fileshare on server where the password is stored
NSString *windows_password = .... // Windows password
NSString *cert_password = .... // Password to unlock the certificate
SUPLoginCertificate *cert = [certStore getSignedCertificateFromServer:windows_username withServerPassword:windows_password withCertPassword:cert_password];
// Lookup or create data vault
NSString *vaultPassword = ...; // ask user or from O/S protected storage
NSString *vaultName = "..."; // e.g. "SAP.CRM.CertificateVault"
NSString *vaultSalt = "..."; // e.g. a hard-coded random GUID
SUPDataVault *vault;
@try
{
// Get vault, or create it if it doesn't exist
if(![SUPDataVault vaultExists:vaultName])
vault = [SUPDataVault createVault:vaultName withPassword:vaultPassword withSalt:vaultSalt];
else
vault = [SUPDataVault getVault:vaultName];
// Save certificate into data vault
[vault unlock:vaultPassword withSalt:vaultSalt];
[cert save:label withVault:vault];
}
@catch (NSException *ex)
{
// Handle any errors
}
@finally
{
// Make sure vault is locked even if an error occurs
[vault lock];
}