Re: Searching for different types of certificates.

Subject: Re: Searching for different types of certificates.
From: Perry The Cynic <email@hidden>
Date: Tue, 27 Jun 2006 12:52:59 -0700
Delivered-to: email@hidden
Delivered-to: email@hidden
Organization: Apple Computer

--On June 27, 2006 2:05:53 PM -0500 Cole Barnes <email@hidden> wrote:

I am searching through my default keystore attempting to
differientiate between different types of certificates.  I'm wanting
to separate [intermediate] CA certificates from end entity certs.

Is there a way to create a search based on the certificate's critical
extensions with the Apple Security framework.  For example, can I
create a search for certificates where the "isCA" flag is true in the
certificate's basicConstraints extension using the Sec* calls (like
SecKeychainSearchCreateFromAttributes() )?  Can I do this with
KeychainItemAttributes or will I need to go down into a lower level to
accomplish what I want to do?

You can directly search a keychain only for combinations of item attributes. If you're looking for something that isn't represented in an attribute, you'll have to iterate through all certificates and check each one compliance with your conditions.

Be careful when you do this - it's possible to set up network sources as keychains. Iterating over all certificates on an LDAP server may be very, very slow. Whenever possible, perform a keychain search for some attributes and then further check the returns.

Cheers
 -- perry
---------------------------------------------------------------------------
Perry The Cynic                                             email@hidden
To a blind optimist, an optimistic realist must seem like an Accursed Cynic.
---------------------------------------------------------------------------

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden



References:  
  >Searching for different types of certificates. (From: "Cole Barnes" <email@hidden>)




Prev by Date:
Searching for different types of certificates.

Next by Date:
Re: Keychain and Smart card

Previous by thread:
Searching for different types of certificates.

Next by thread:
Re: Keychain and Smart card

Index(es):

Date
Thread













  
   Home
   Archives
   Terms/Conditions
   Contact
   RSS
   Lists
   About
 






Visit the Apple Store online or at retail locations.

1-800-MY-APPLE
Contact Apple | Terms of Use | Privacy Policy
Copyright © 2011 Apple Inc. All rights reserved.

References:
	>Searching for different types of certificates. (From: "Cole Barnes" <email@hidden>)