I have an app that uses SecCopyCertificateValues and have noticed that the values for certain properties have changed starting in the 10.13.4 betas. For example, if I have a certificate and call SecCopyCertificateValues on it, the public key algorithm attribute kSecOIDX509V1SubjectPublicKeyAlgorithm has a value that is no longer an OID. In previous macOS versions, for RSA encryption, the value would be the RSA OID "1.2.840.113549.1.1.1" but on 10.13.4 betas, the value is now "RSA Encryption".
Our code specifically compares the value with the RSA OID to determine if RSA is being used and with this change, that is now broken. Is this a bug or this the expected behavior? Do I need to check for both the OID and the "RSA Encryption" string? If this is expected, is there a list of constants somewhere for what the possible string values are that can be compared?