| |||
| |||
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
Thanks Tim, that code works well.
The next question is if there is an OID->string attribute type translator in OS X. Or do I have write my own table. If I have to write my own table, where do I get all of the values from? I'm aware of RFC2253, but it only covers CN, O, OU, and a few others.
Thanks again!
Jason
On Jul 18, 2008, at 11:17 AM, Tim Nowaczyk wrote:
Here’s some code that I use to get CN. Tweaking to your specific need is left as an exercise. :)
#define isCSSMOIDtheSame(a, b) (a.Length == b.Length && memcmp(a.Data, b.Data, a.Length) == 0) ? TRUE : FALSE
+ (CSSM_FIELD_PTR) getFieldFromCertificate: (SecCertificateRef) cert matchingOID: (CSSM_OID) OID
{
CSSM_DATA myCSSMData;
if (noErr != SecCertificateGetData(cert, &myCSSMData)) { return NULL; }
uint32 numberOfFields = 0;
CSSM_CL_HANDLE clHandle;
CSSM_FIELD_PTR fields;
if (noErr != SecCertificateGetCLHandle(cert, &clHandle))
return NULL;
if (CSSM_OK != CSSM_CL_CertGetAllFields(clHandle, &myCSSMData, &numberOfFields, &fields))
return NULL;
for (int j = 0; j < numberOfFields; ++j) {
if (isCSSMOIDtheSame(fields[j].FieldOid, OID)) return &fields[j];
}
// OID not found
return NULL;
}
+ (NSString *) getNameOfCertificate: (SecCertificateRef) cert
{
CSSM_FIELD_PTR field = [self getFieldFromCertificate: cert matchingOID: CSSMOID_X509V1SubjectNameCStruct];
if (field == NULL) return NULL;
CSSM_X509_NAME_PTR x509NamePtr = (CSSM_X509_NAME_PTR)field->FieldValue.Data;
for (int k = 0; k < x509NamePtr->numberOfRDNs; k++) {
CSSM_X509_RDN_PTR relDistNamePtr = &x509NamePtr->RelativeDistinguishedName[k];
for (int l = 0; l < relDistNamePtr->numberOfPairs; l++) {
CSSM_X509_TYPE_VALUE_PAIR * thisAttributeTypeAndValue = &relDistNamePtr->AttributeTypeAndValue[l];
if(isCSSMOIDtheSame(thisAttributeTypeAndValue->type, CSSMOID_CommonName)) {
return [NSString stringWithCString:(char *)thisAttributeTypeAndValue->value.Data length:thisAttributeTypeAndValue->value.Length];
}
}
}
return NULL;
}
On 7/18/08 2:57 AM, "Jason Bobier" <email@hidden> wrote:
Hi folks,
I've been reading darwin code, and looking all around for how to get the Subject DN out of a SecCertificateRef and turn it into standard format string "C=US, OU=something, CN=Jason Bobier "
This has to work on 10.4 and 10.5.
Thanks greatly for any help!
Jason
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/apple-cdsa/email@hidden
This email sent to email@hidden
--
Timothy Nowaczyk
Network Systems Engineer
University of Virginia - ITC
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/apple-cdsa/email@hidden
This email sent to email@hidden
_______________________________________________ Do not post admin requests to the list. They will be ignored. Apple-cdsa mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/apple-cdsa/email@hidden This email sent to email@hidden
| References: | |
| >Re: getting Subject DN from cert (From: Jason Bobier <email@hidden>) |
| Home | Archives | FAQ | Terms/Conditions | Contact | RSS | Lists | About |
Visit the Apple Store online or at retail locations.
1-800-MY-APPLE
Contact Apple | Terms of Use | Privacy Policy
Copyright © 2007 Apple Inc. All rights reserved.
