Hello,
I have a use case where I want to get the client certificate from my smartcard and use it to make att HTTPS request. In dotnet you can do something like this:
/// ...
X509Certificate2 cert;
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
cert = store.Certificates.Find(
X509FindType.FindByThumbprint,
thumbprint,
false).First<X509Certificate2>();
var handler = new HttpClientHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Manual;
handler.ClientCertificates.Add(cert);
var client = new HttpClient(handler);
var result = client.GetAsync("https://example.com").GetAwaiter().GetResult();
/// ...
The above code will get a certificate from Windows certificate store (the certificate on the smart card is visible in the certificate store on Windows) and make a request using the certificate for authentication. However, in MacOS the certificate is not visible in the Keychain. It is visible through security list-smartcards.
From what I have read I must use the CryptoTokenKit-api to be able to use the Smartcard's certificate. Being an absolute beginner to Swift I have only managed to produce the following piece of code so far:
let getquery: [String: Any] = [kSecClass as String: kSecClassKey,
kSecAttrTokenID as String: "com.company.client:xxxxxx",
kSecReturnPersistentRef as String: true]
It seems to find the token from my SmartCard, but I have no idea how to use it for a HTTPS request or if it is even possible. Is it and how would you make such a request?