Global Variable

kSecMatchTrustedOnly

A key whose value is a Boolean indicating whether untrusted certificates should be returned.

Declaration

const CFStringRef kSecMatchTrustedOnly;

Discussion

The corresponding value is of type CFBooleanRef. If this attribute is provided with a value of kCFBooleanTrue, only certificates that can be verified back to a trusted anchor are returned. If this value is kCFBooleanFalse or the attribute is not provided, then both trusted and untrusted certificates may be returned.

See Also

Item Search Matching Keys

kSecMatchPolicy

A key whose value indicates a policy with which a matching certificate or identity must verify.

kSecMatchItemList

A key whose value indicates a list of items to search.

kSecMatchSearchList

A key whose value indicates a list of items to search.

kSecMatchIssuers

A key whose value is a string to match against a certificate or identity's issuers.

kSecMatchEmailAddressIfPresent

A key whose value is a string to match against a certificate or identity's email address.

kSecMatchSubjectContains

A key whose value is a string to look for in a certificate or identity's subject.

kSecMatchSubjectStartsWith

A key whose value is a string to match against the beginning of a certificate or identity's subject.

kSecMatchSubjectEndsWith

A key whose value is a string to match against the end of a certificate or identity's subject.

kSecMatchSubjectWholeString

A key whose value is a string to exactly match a certificate or identity's subject.

kSecMatchCaseInsensitive

A key whose value is a Boolean indicating whether case-insensitive matching is performed.

kSecMatchDiacriticInsensitive

A key whose value is a Boolean indicating whether diacritic-insensitive matching is performed.

kSecMatchWidthInsensitive

A key whose value is a Boolean indicating whether width-insensitive matching is performed.

kSecMatchValidOnDate

A key whose value indicates the validity date.

kSecMatchLimit

A key whose value indicates the match limit.