[Mono-osx] extending the SecRecords that can be found on OS X

[Andrew Patterson]

Hi,

I have recently been tasked with created a Mac OS X
application that shares about 25% of its code with a
similar already existing c# Windows app. So I have been
using MonoDevelop with Monomac for a month or so and getting some
success - so firstly a big thanks to all who helped develop
Mono and Monomac!

The current feature I am working on involves some
web service calls using mutual authentication. So I can
load the X509 certs manually from files and that all works
ok - but I was hoping to use the certificates in Mac OS X
keyring (for other reasons the certs/private keys are going to have
to be in keyring anyway)

However, the keyring API binding seems to be
incomplete (as I understand it the iphone keyring API
is much simpler and so it may not be tested as much
under os x)

For one thing, the kinds of SecRecord that can be created
seem to be deliberately limited for Monomac. So the only
one supported is SecKind.InternetPassword. I am happy to
hack around in Monomac to add support for others but was
wondering why the enum was limited in the first place? Obviously
there must be some other wrinkles there but I couldn't
tell from the source what they were.

Also, the API calls that return multiple results seem to be broken.

Whereas this works fine

var rec = SecKeyChain.QueryAsRecord(query, out statusResult);

This seemingly equivalent

var recs = SecKeyChain.QueryAsRecord(query, 50, out statusResult);

generates errors

-[NSCFDictionary objectAtIndex:]: unrecognized selector sent to
instance 0x159187b0
-[NSCFDictionary objectAtIndex:]: unrecognized selector sent to
instance 0x159187b0
.sdef error: every 'parameter' element must have a 'cocoa' subelement
that has a 'key' attribute.
line number: 8

Thanks for any help

Andrew