I am working on a macOS application written on Swift 5, where the user can login using a smartcard. When user enters the smartcard and selects this way of authentication, we display the certificates on the card for the user to select. Once selected, the user enters the PIN and logs in.
I am able to show the certificates using the SecItemCopyMatching
call mentioned in this answer. But along with the PIN, I need to send the following information for successfully logging in.
- Card's name -> for example,
Identity Device (NIST SP 800-73 [PIV])
- Crypto service provider's name -> for example,
Microsoft Base Smart Card Crypto Provider
- Container name -> in the format
aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
Questions:
- I want to understand how to get this information from the certificate present on the smartcard.
- (not important) When I run the
SecItemCopyMatching
call, I get 8 objects in an array but I know that there are only 2 certs on it. Currently, I cast it into a set and see just 2 SecCertificate objects that I need. Is there a better solution to this?