pub unsafe extern "C-unwind" fn SecKeyCreateRandomKey(
parameters: &CFDictionary,
error: *mut *mut CFError,
) -> Option<CFRetained<SecKey>>SecBase and SecKey only.Expand description
Generates a new public/private key pair.
Parameter parameters: A dictionary containing one or more key-value pairs.
See the discussion sections below for a complete overview of options.
Parameter error: On error, will be populated with an error object describing the failure.
See “Security Error Codes” (SecBase.h).
Returns: Newly generated private key. To get associated public key, use SecKeyCopyPublicKey().
In order to generate a keypair the parameters dictionary must at least contain the following keys:
kSecAttrKeyType with a value being kSecAttrKeyTypeRSA or any other kSecAttrKeyType defined in SecItem.h kSecAttrKeySizeInBits with a value being a CFNumberRef or CFStringRef containing the requested key size in bits. Example sizes for RSA keys are: 512, 768, 1024, 2048.
The values below may be set either in the top-level dictionary or in a dictionary that is the value of the kSecPrivateKeyAttrs or kSecPublicKeyAttrs key in the top-level dictionary. Setting these attributes explicitly will override the defaults below. See SecItem.h for detailed information on these attributes including the types of the values.
kSecAttrLabel default NULL kSecAttrIsPermanent if this key is present and has a Boolean value of true, the key or key pair will be added to the default keychain. kSecAttrTokenID if this key should be generated on specified token. This attribute can contain CFStringRef and can be present only in the top-level parameters dictionary. kSecAttrApplicationTag default NULL kSecAttrEffectiveKeySize default NULL same as kSecAttrKeySizeInBits kSecAttrCanEncrypt default false for private keys, true for public keys kSecAttrCanDecrypt default true for private keys, false for public keys kSecAttrCanDerive default true kSecAttrCanSign default true for private keys, false for public keys kSecAttrCanVerify default false for private keys, true for public keys kSecAttrCanWrap default false for private keys, true for public keys kSecAttrCanUnwrap default true for private keys, false for public keys