Equivalent of OBJ_obj2txt?

What is the equivalent of the OBJ_obj2txt function in the Security Framework?


Let's say I have the kSecOIDCommonName const string and I want to get its text equivalent (i.e. "commonName"), which API should I use?



Searching via Google, the funny forum search engine or reading the headers has not provided a solution so far.

Accepted Reply

Let's say I have the kSecOIDCommonName const string and I want to get its text equivalent (i.e. "commonName"), which API should I use?

AFAICT macOS’s Security framework does not have a table that maps OIDs to ASN.1-style names (like “commonName”). There is a table that maps OIDs to localised user-visible names (like “Common Name”) — you’ll see that in action in various places, like SFCertificateView and even

SecCertificateCopyValues
— but that’s not what you’re looking for.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Replies

What platform are you working on? The macOS Security framework is very different from that found on iOS and its related platforms.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

I'm working on macOS (with a 10.8 min deployment target).

Let's say I have the kSecOIDCommonName const string and I want to get its text equivalent (i.e. "commonName"), which API should I use?

AFAICT macOS’s Security framework does not have a table that maps OIDs to ASN.1-style names (like “commonName”). There is a table that maps OIDs to localised user-visible names (like “Common Name”) — you’ll see that in action in various places, like SFCertificateView and even

SecCertificateCopyValues
— but that’s not what you’re looking for.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

OK. Thanks.


So creating the table on our side - to convert the "s.o.m.e.t.h.i.n.g" string to the string obtained by the deprecated OID API - looks less like a bad workaround.