SecKeyGenerateSymmetric(_:_:)

Declaration

func SecKeyGenerateSymmetric(_ parameters: CFDictionary, _ error: UnsafeMutablePointer<Unmanaged<CFError>?>?) -> SecKey?

Parameters

• parameters:

  A key generation parameter dictionary. At minimum, this must contain Ksecattrkeytype and Ksecattrkeysizeinbits. In addition, this function assumes default values for the following keys:

  • Ksecattrlabel defaults to NULL.

  • Ksecattrispermanent if this key is present and has a value of Kcfbooleantrue, the key or key pair will be added to the default keychain.

  • Ksecattrapplicationtag defaults to NULL.

  • Ksecattreffectivekeysize defaults to NULL, which means the effective key size is the same as the key size (Ksecattrkeysizeinbits).

  • Ksecattrcanencrypt defaults to Kcfbooleanfalse for private keys, Kcfbooleantrue for public keys.

  • Ksecattrcandecrypt defaults to Kcfbooleantrue for private keys, Kcfbooleanfalse for public keys.

  • Ksecattrcanderive defaults to Kcfbooleantrue.

  • Ksecattrcansign defaults to Kcfbooleantrue for private keys, Kcfbooleanfalse for public keys.

  • Ksecattrcanverify defaults to Kcfbooleanfalse for private keys, Kcfbooleantrue for public keys.

  • Ksecattrcanwrap defaults to Kcfbooleanfalse for private keys, Kcfbooleantrue for public keys.

  • Ksecattrcanunwrap defaults to Kcfbooleantrue for private keys, Kcfbooleanfalse for public keys.

  These default values can be overridden by adding a value for the associated key in the parameter dictionary.

  When used as a replacement for Seckeygenerate, set the Ksecusekeychain key to the keychain (Seckeychain) into which the key should be stored, Ksecattrlabel to a user-visible label for the key, and Ksecattrapplicationlabel to an identifier defined by your application, for subsequent use in calls to Secitemcopymatching(_:_:). Additionally, you can specify keychain access controls for the key by setting Ksecattraccess to a Secaccess object.

• error:

  A pointer to a Cferror variable where an error object is stored upon failure. If not NULL, the caller is responsible for checking this variable and releasing the resulting object if it exists.

Return Value

A newly generated symmetric key, or NULL on failure. In Objective-C, call the CFRelease function to free the key’s memory when you are done with it.