.png) |
Tuya iOS Smart Life App SDK 5.15.0
|
|
Tuya iOS Smart Life App SDK 5.15.0
|
#import <WTLCertificates.h>
Instance Methods | |
| (instancetype) | - NS_UNAVAILABLE |
Definition at line 29 of file WTLCertificates.h.
| + (WTLCertificateDERBytes _Nullable) convertMatterCertificate: | (macos(13.3)) | ||
| (watchos(9.4)) | |||
| (tvos(16.4)) | API_AVAILABLE | ||
Convert the given Matter TLV encoded certificate to the X.509v3 DER encoded format.
Returns nil if the conversion fails (e.g. if the input data cannot be parsed as a Matter TLV encoded certificate, or if the certificate cannot be represented in the X.509v3 DER format).
| + (WTLCertificateTLVBytes _Nullable) convertX509Certificate: | (WTLCertificateDERBytes) | x509Certificate |
Convert the given X.509v3 DER encoded certificate to the Matter certificate format.
Returns nil if the conversion fails (e.g. if the input data cannot be parsed as a DER encoded X.509 certificate, or if the certificate cannot be represented in the Matter certificate format).
| + (WTLCSRDERBytes _Nullable) createCertificateSigningRequest: | (id< WTLKeypair >) | keypair | |
| error: | (NSError *__autoreleasing _Nullable *_Nullable) | error | |
Generate a PKCS#10 certificate signing request from a WTLKeypair. This can then be used to request an operational or ICA certificate from an external certificate authority.
The CSR will have the subject OU DN set to 'CSA', because omitting all identifying information altogether often trips up CSR parsing code. The CA being used should expect this and ignore the request subject, producing a subject that matches the rules for Matter certificates.
On failure returns nil and if "error" is not null sets *error to the relevant error.
| + (WTLCertificateDERBytes _Nullable) createIntermediateCertificate: | (id< WTLKeypair >) | rootKeypair | |
| rootCertificate: | (WTLCertificateDERBytes) | rootCertificate | |
| intermediatePublicKey: | (SecKeyRef) | intermediatePublicKey | |
| issuerID: | (NSNumber *_Nullable) | issuerID | |
| fabricID: | (NSNumber *_Nullable) | fabricID | |
| error: | (macos(13.3)) | ||
| (watchos(9.4)) | |||
| (tvos(16.4)) | API_AVAILABLE | ||
Create an intermediate X.509 DER encoded certificate that has the right fields to be a valid Matter intermediate certificate.
If issuerID is not nil, it's unsignedLongLongValue will be used for the matter-icac-id attribute in the subject distinguished name of the resulting certificate.
If issuerID is nil, a random value will be generated for matter-icac-id.
If fabricID is not nil, it will be included in the subject DN of the certificate. In this case it must be a valid Matter fabric id.
On failure returns nil and if "error" is not null sets *error to the relevant error.
| + (WTLCertificateDERBytes _Nullable) createOperationalCertificate: | (id< WTLKeypair >) | signingKeypair | |
| signingCertificate: | (WTLCertificateDERBytes) | signingCertificate | |
| operationalPublicKey: | (SecKeyRef) | operationalPublicKey | |
| fabricID: | (NSNumber *) | fabricID | |
| nodeID: | (NSNumber *) | nodeID | |
| caseAuthenticatedTags: | (NSSet< NSNumber * > *_Nullable) | caseAuthenticatedTags | |
| error: | (macos(13.3)) | ||
| (watchos(9.4)) | |||
| (tvos(16.4)) | API_AVAILABLE | ||
Create an X.509 DER encoded certificate that has the right fields to be a valid Matter operational certificate.
signingKeypair and signingCertificate are the root or intermediate that is signing the operational certificate.
nodeID and fabricID are expected to be 64-bit unsigned integers.
nodeID must be a valid Matter operational node id.
fabricID must be a valid Matter fabric id.
caseAuthenticatedTags may be nil to indicate no CASE Authenticated Tags should be used. If caseAuthenticatedTags is not nil, it must contain at most 3 numbers, which are expected to be 32-bit unsigned Case Authenticated Tag values.
On failure returns nil and if "error" is not null sets *error to the relevant error.
| + (WTLCertificateDERBytes _Nullable) createRootCertificate: | (id< WTLKeypair >) | keypair | |
| issuerID: | (NSNumber *_Nullable) | issuerID | |
| fabricID: | (NSNumber *_Nullable) | fabricID | |
| error: | (macos(13.3)) | ||
| (watchos(9.4)) | |||
| (tvos(16.4)) | API_AVAILABLE | ||
Create a root (self-signed) X.509 DER encoded certificate that has the right fields to be a valid Matter root certificate.
If issuerID is not nil, it's unsignedLongLongValue will be used for the matter-rcac-id attribute in the subject distinguished name of the resulting certificate.
If issuerID is nil, a random value will be generated for matter-rcac-id.
If fabricID is not nil, it will be included in the subject DN of the certificate. In this case it must be a valid Matter fabric id.
On failure returns nil and if "error" is not null sets *error to the relevant error.
| + (nullable NSData *) generateCertificateSigningRequest: | (id< WTLKeypair >) | keypair | |
| error: | ("Please use createCertificateSigningRequest:error:") | ||
| (macos(13.0, 13.3)) | |||
| (watchos(9.1, 9.4)) | |||
| (tvos(16.1, 16.4)) | WTL_DEPRECATED | ||
Provided by category WTLCertificates(Deprecated).
| + (nullable NSData *) generateIntermediateCertificate: | (id< WTLKeypair >) | rootKeypair | |
| rootCertificate: | (NSData *) | rootCertificate | |
| intermediatePublicKey: | (SecKeyRef) | intermediatePublicKey | |
| issuerId: | (nullable NSNumber *) | issuerId | |
| fabricId: | (nullable NSNumber *) | fabricId | |
| error: | ("Please use createIntermediateCertificate:rootCertificate:intermediatePublicKey:issuerID:fabricID:error:") | ||
| (macos(13.0, 13.3)) | |||
| (watchos(9.1, 9.4)) | |||
| (tvos(16.1, 16.4)) | WTL_DEPRECATED | ||
Provided by category WTLCertificates(Deprecated).
| + (nullable NSData *) generateOperationalCertificate: | (id< WTLKeypair >) | signingKeypair | |
| signingCertificate: | (NSData *) | signingCertificate | |
| operationalPublicKey: | (SecKeyRef) | operationalPublicKey | |
| fabricId: | (NSNumber *) | fabricId | |
| nodeId: | (NSNumber *) | nodeId | |
| caseAuthenticatedTags: | (NSArray< NSNumber * > *_Nullable) | caseAuthenticatedTags | |
| error: | ("Plase use " "createOperationalCertificate:signingCertificate:operationalPublicKey:fabricID:nodeID:caseAuthenticatedTags:error:") | ||
| (macos(13.0, 13.3)) | |||
| (watchos(9.1, 9.4)) | |||
| (tvos(16.1, 16.4)) | WTL_DEPRECATED | ||
Provided by category WTLCertificates(Deprecated).
| + (nullable NSData *) generateRootCertificate: | (id< WTLKeypair >) | keypair | |
| issuerId: | (nullable NSNumber *) | issuerId | |
| fabricId: | (nullable NSNumber *) | fabricId | |
| error: | ("Please use createRootCertificate:issuerID:fabricID:error:") | ||
| (macos(13.0, 13.3)) | |||
| (watchos(9.1, 9.4)) | |||
| (tvos(16.1, 16.4)) | WTL_DEPRECATED | ||
Provided by category WTLCertificates(Deprecated).
| + (BOOL) isCertificate: | (WTLCertificateDERBytes) | certificate1 | |
| equalTo: | (WTLCertificateDERBytes) | certificate2 | |
Check whether two X.509 DER encoded certificates are equivalent, in the sense of having the same public key and the same subject DN. Returns NO if public keys or subject DNs cannot be extracted from the certificates.
| + (BOOL) keypair: | (id< WTLKeypair >) | keypair | |
| matchesCertificate: | (NSData *) | certificate | |
Check whether the given keypair's public key matches the given certificate's public key. The certificate is expected to be an X.509 DER encoded certificate.
Will return NO on failures to extract public keys from the objects.
| - (instancetype) NS_UNAVAILABLE |
| + (instancetype) NS_UNAVAILABLE |
| + (NSData *_Nullable) publicKeyFromCSR: | (WTLCSRDERBytes) | csr | |
| error: | (macos(13.3)) | ||
| (watchos(9.4)) | |||
| (tvos(16.4)) | API_AVAILABLE | ||
Extract the public key from the given PKCS#10 certificate signing request. This is the public key that a certificate issued in response to the request would need to have.
1.9.4