objc2_security/generated/

SecKey.rs

//! This file has been automatically generated by `objc2`'s `header-translator`.
//! DO NOT EDIT
use core::ffi::*;
use core::ptr::NonNull;
#[cfg(feature = "objc2")]
use objc2::__framework_prelude::*;
use objc2_core_foundation::*;

use crate::*;

/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeykeyclass?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyKeyClass: c_int = 0;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyprintname?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyPrintName: c_int = 1;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalias?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyAlias: c_int = 2;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeypermanent?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyPermanent: c_int = 3;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyprivate?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyPrivate: c_int = 4;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeymodifiable?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyModifiable: c_int = 5;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeylabel?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyLabel: c_int = 6;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyapplicationtag?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyApplicationTag: c_int = 7;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeykeycreator?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyKeyCreator: c_int = 8;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeykeytype?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyKeyType: c_int = 9;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeykeysizeinbits?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyKeySizeInBits: c_int = 10;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyeffectivekeysize?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyEffectiveKeySize: c_int = 11;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeystartdate?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyStartDate: c_int = 12;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyenddate?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyEndDate: c_int = 13;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeysensitive?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeySensitive: c_int = 14;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalwayssensitive?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyAlwaysSensitive: c_int = 15;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyextractable?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyExtractable: c_int = 16;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyneverextractable?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyNeverExtractable: c_int = 17;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyencrypt?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyEncrypt: c_int = 18;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeydecrypt?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyDecrypt: c_int = 19;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyderive?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyDerive: c_int = 20;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeysign?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeySign: c_int = 21;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyverify?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyVerify: c_int = 22;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeysignrecover?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeySignRecover: c_int = 23;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyverifyrecover?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyVerifyRecover: c_int = 24;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeywrap?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyWrap: c_int = 25;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyunwrap?language=objc)
#[deprecated = "No longer supported"]
pub const kSecKeyUnwrap: c_int = 26;

/// Determines the type of credential returned by SecKeyGetCredentials.
///
/// See also [Apple's documentation](https://developer.apple.com/documentation/security/seccredentialtype?language=objc)
// NS_ENUM
#[cfg(feature = "cssmconfig")]
#[deprecated = "No longer supported"]
#[repr(transparent)]
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord)]
pub struct SecCredentialType(pub uint32);
#[cfg(feature = "cssmconfig")]
impl SecCredentialType {
    #[doc(alias = "kSecCredentialTypeDefault")]
    #[deprecated = "No longer supported"]
    pub const Default: Self = Self(0);
    #[doc(alias = "kSecCredentialTypeWithUI")]
    #[deprecated = "No longer supported"]
    pub const WithUI: Self = Self(1);
    #[doc(alias = "kSecCredentialTypeNoUI")]
    #[deprecated = "No longer supported"]
    pub const NoUI: Self = Self(2);
}

#[cfg(all(feature = "cssmconfig", feature = "objc2"))]
unsafe impl Encode for SecCredentialType {
    const ENCODING: Encoding = uint32::ENCODING;
}

#[cfg(all(feature = "cssmconfig", feature = "objc2"))]
unsafe impl RefEncode for SecCredentialType {
    const ENCODING_REF: Encoding = Encoding::Pointer(&Self::ENCODING);
}

/// Supported padding types.
///
/// See also [Apple's documentation](https://developer.apple.com/documentation/security/secpadding?language=objc)
// NS_OPTIONS
#[deprecated = "Replaced with SecKeyAlgorithm"]
#[repr(transparent)]
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord)]
pub struct SecPadding(pub u32);
bitflags::bitflags! {
    impl SecPadding: u32 {
        #[doc(alias = "kSecPaddingNone")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const None = 0;
        #[doc(alias = "kSecPaddingPKCS1")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const PKCS1 = 1;
        #[doc(alias = "kSecPaddingOAEP")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const OAEP = 2;
        #[doc(alias = "kSecPaddingSigRaw")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const SigRaw = 0x4000;
        #[doc(alias = "kSecPaddingPKCS1MD2")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const PKCS1MD2 = 0x8000;
        #[doc(alias = "kSecPaddingPKCS1MD5")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const PKCS1MD5 = 0x8001;
        #[doc(alias = "kSecPaddingPKCS1SHA1")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const PKCS1SHA1 = 0x8002;
        #[doc(alias = "kSecPaddingPKCS1SHA224")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const PKCS1SHA224 = 0x8003;
        #[doc(alias = "kSecPaddingPKCS1SHA256")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const PKCS1SHA256 = 0x8004;
        #[doc(alias = "kSecPaddingPKCS1SHA384")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const PKCS1SHA384 = 0x8005;
        #[doc(alias = "kSecPaddingPKCS1SHA512")]
#[deprecated = "Replaced with SecKeyAlgorithm"]
        const PKCS1SHA512 = 0x8006;
    }
}

#[cfg(feature = "objc2")]
unsafe impl Encode for SecPadding {
    const ENCODING: Encoding = u32::ENCODING;
}

#[cfg(feature = "objc2")]
unsafe impl RefEncode for SecPadding {
    const ENCODING_REF: Encoding = Encoding::Pointer(&Self::ENCODING);
}

/// Supported key lengths.
///
/// See also [Apple's documentation](https://developer.apple.com/documentation/security/seckeysizes?language=objc)
// NS_ENUM
#[deprecated = "No longer supported"]
#[repr(transparent)]
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord)]
pub struct SecKeySizes(pub u32);
impl SecKeySizes {
    #[doc(alias = "kSecDefaultKeySize")]
    #[deprecated = "No longer supported"]
    pub const SecDefaultKeySize: Self = Self(0);
    #[doc(alias = "kSec3DES192")]
    #[deprecated = "No longer supported"]
    pub const Sec3DES192: Self = Self(192);
    #[doc(alias = "kSecAES128")]
    #[deprecated = "No longer supported"]
    pub const SecAES128: Self = Self(128);
    #[doc(alias = "kSecAES192")]
    #[deprecated = "No longer supported"]
    pub const SecAES192: Self = Self(192);
    #[doc(alias = "kSecAES256")]
    #[deprecated = "No longer supported"]
    pub const SecAES256: Self = Self(256);
    #[doc(alias = "kSecp192r1")]
    #[deprecated = "No longer supported"]
    pub const Secp192r1: Self = Self(192);
    #[doc(alias = "kSecp256r1")]
    #[deprecated = "No longer supported"]
    pub const Secp256r1: Self = Self(256);
    #[doc(alias = "kSecp384r1")]
    #[deprecated = "No longer supported"]
    pub const Secp384r1: Self = Self(384);
    #[doc(alias = "kSecp521r1")]
    #[deprecated = "No longer supported"]
    pub const Secp521r1: Self = Self(521);
    #[doc(alias = "kSecRSAMin")]
    #[deprecated = "No longer supported"]
    pub const SecRSAMin: Self = Self(1024);
    #[doc(alias = "kSecRSAMax")]
    #[deprecated = "No longer supported"]
    pub const SecRSAMax: Self = Self(4096);
}

#[cfg(feature = "objc2")]
unsafe impl Encode for SecKeySizes {
    const ENCODING: Encoding = u32::ENCODING;
}

#[cfg(feature = "objc2")]
unsafe impl RefEncode for SecKeySizes {
    const ENCODING_REF: Encoding = Encoding::Pointer(&Self::ENCODING);
}

extern "C" {
    /// Predefined key constants used to get or set values in a dictionary.
    /// These are used to provide explicit parameters to key generation functions
    /// when non-default values are desired. See the description of the
    /// SecKeyGeneratePair API for usage information.
    ///
    /// containing attributes specific for the private key to be generated.
    ///
    /// containing attributes specific for the public key to be generated.
    ///
    /// See also [Apple's documentation](https://developer.apple.com/documentation/security/ksecprivatekeyattrs?language=objc)
    pub static kSecPrivateKeyAttrs: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/ksecpublickeyattrs?language=objc)
    pub static kSecPublicKeyAttrs: &'static CFString;
}

#[cfg(feature = "SecBase")]
unsafe impl ConcreteType for SecKey {
    /// Returns the type identifier of SecKey instances.
    ///
    /// Returns: The CFTypeID of SecKey instances.
    #[doc(alias = "SecKeyGetTypeID")]
    #[inline]
    fn type_id() -> CFTypeID {
        extern "C-unwind" {
            fn SecKeyGetTypeID() -> CFTypeID;
        }
        unsafe { SecKeyGetTypeID() }
    }
}

#[cfg(feature = "SecBase")]
impl SecKey {
    /// Creates an asymmetric key pair and stores it in a specified keychain.
    ///
    /// Parameter `keychainRef`: A reference to the keychain in which to store the private and public key items. Specify NULL for the default keychain.
    ///
    /// Parameter `algorithm`: An algorithm for the key pair. This parameter is ignored if a valid (non-zero) contextHandle is supplied.
    ///
    /// Parameter `keySizeInBits`: A key size for the key pair. This parameter is ignored if a valid (non-zero) contextHandle is supplied.
    ///
    /// Parameter `contextHandle`: (optional) A CSSM_CC_HANDLE, or 0. If this argument is supplied, the algorithm and keySizeInBits parameters are ignored. If extra parameters are needed to generate a key (some algorithms require this), you should create a context using CSSM_CSP_CreateKeyGenContext, using the CSPHandle obtained by calling SecKeychainGetCSPHandle. Then use CSSM_UpdateContextAttributes to add parameters, and dispose of the context using CSSM_DeleteContext after calling this function.
    ///
    /// Parameter `publicKeyUsage`: A bit mask indicating all permitted uses for the new public key. CSSM_KEYUSE bit mask values are defined in cssmtype.h.
    ///
    /// Parameter `publicKeyAttr`: A bit mask defining attribute values for the new public key. The bit mask values are equivalent to a CSSM_KEYATTR_FLAGS and are defined in cssmtype.h.
    ///
    /// Parameter `privateKeyUsage`: A bit mask indicating all permitted uses for the new private key. CSSM_KEYUSE bit mask values are defined in cssmtype.h.
    ///
    /// Parameter `privateKeyAttr`: A bit mask defining attribute values for the new private key. The bit mask values are equivalent to a CSSM_KEYATTR_FLAGS and are defined in cssmtype.h.
    ///
    /// Parameter `initialAccess`: (optional) A SecAccess object that determines the initial access rights to the private key. The public key is given "any/any" access rights by default.
    ///
    /// Parameter `publicKey`: (optional) On return, the keychain item reference of the generated public key. Use the SecKeyGetCSSMKey function to obtain the CSSM_KEY. The caller must call CFRelease on this value if it is returned. Pass NULL if a reference to this key is not required.
    ///
    /// Parameter `privateKey`: (optional) On return, the keychain item reference of the generated private key. Use the SecKeyGetCSSMKey function to obtain the CSSM_KEY. The caller must call CFRelease on this value if it is returned. Pass NULL if a reference to this key is not required.
    ///
    /// Returns: A result code. See "Security Error Codes" (SecBase.h).
    ///
    /// This API is deprecated for 10.7. Please use the SecKeyGeneratePair API instead.
    #[doc(alias = "SecKeyCreatePair")]
    #[cfg(all(feature = "SecBase", feature = "cssmconfig", feature = "cssmtype"))]
    #[deprecated = "CSSM is not supported"]
    #[inline]
    pub unsafe fn create_pair(
        keychain_ref: Option<&SecKeychain>,
        algorithm: CSSM_ALGORITHMS,
        key_size_in_bits: uint32,
        context_handle: CSSM_CC_HANDLE,
        public_key_usage: CSSM_KEYUSE,
        public_key_attr: uint32,
        private_key_usage: CSSM_KEYUSE,
        private_key_attr: uint32,
        initial_access: Option<&SecAccess>,
        public_key: *mut *mut SecKey,
        private_key: *mut *mut SecKey,
    ) -> OSStatus {
        extern "C-unwind" {
            fn SecKeyCreatePair(
                keychain_ref: Option<&SecKeychain>,
                algorithm: CSSM_ALGORITHMS,
                key_size_in_bits: uint32,
                context_handle: CSSM_CC_HANDLE,
                public_key_usage: CSSM_KEYUSE,
                public_key_attr: uint32,
                private_key_usage: CSSM_KEYUSE,
                private_key_attr: uint32,
                initial_access: Option<&SecAccess>,
                public_key: *mut *mut SecKey,
                private_key: *mut *mut SecKey,
            ) -> OSStatus;
        }
        unsafe {
            SecKeyCreatePair(
                keychain_ref,
                algorithm,
                key_size_in_bits,
                context_handle,
                public_key_usage,
                public_key_attr,
                private_key_usage,
                private_key_attr,
                initial_access,
                public_key,
                private_key,
            )
        }
    }

    /// Creates a symmetric key and optionally stores it in a specified keychain.
    ///
    /// Parameter `keychainRef`: (optional) A reference to the keychain in which to store the generated key. Specify NULL to generate a transient key.
    ///
    /// Parameter `algorithm`: An algorithm for the symmetric key. This parameter is ignored if a valid (non-zero) contextHandle is supplied.
    ///
    /// Parameter `keySizeInBits`: A key size for the key pair. This parameter is ignored if a valid (non-zero) contextHandle is supplied.
    ///
    /// Parameter `contextHandle`: (optional) A CSSM_CC_HANDLE, or 0. If this argument is supplied, the algorithm and keySizeInBits parameters are ignored. If extra parameters are needed to generate a key (some algorithms require this), you should create a context using CSSM_CSP_CreateKeyGenContext, using the CSPHandle obtained by calling SecKeychainGetCSPHandle. Then use CSSM_UpdateContextAttributes to add parameters, and dispose of the context using CSSM_DeleteContext after calling this function.
    ///
    /// Parameter `keyUsage`: A bit mask indicating all permitted uses for the new key. CSSM_KEYUSE bit mask values are defined in cssmtype.h.
    ///
    /// Parameter `keyAttr`: A bit mask defining attribute values for the new key. The bit mask values are equivalent to a CSSM_KEYATTR_FLAGS and are defined in cssmtype.h.
    ///
    /// Parameter `initialAccess`: (optional) A SecAccess object that determines the initial access rights for the key. This parameter is ignored if the keychainRef is NULL.
    ///
    /// Parameter `keyRef`: On return, a reference to the generated key. Use the SecKeyGetCSSMKey function to obtain the CSSM_KEY. The caller must call CFRelease on this value if it is returned.
    ///
    /// Returns: A result code.  See "Security Error Codes" (SecBase.h).
    ///
    /// This API is deprecated for 10.7.  Please use the SecKeyGenerateSymmetric API instead.
    #[doc(alias = "SecKeyGenerate")]
    #[cfg(all(feature = "SecBase", feature = "cssmconfig", feature = "cssmtype"))]
    #[deprecated = "CSSM is not supported"]
    #[inline]
    pub unsafe fn generate(
        keychain_ref: Option<&SecKeychain>,
        algorithm: CSSM_ALGORITHMS,
        key_size_in_bits: uint32,
        context_handle: CSSM_CC_HANDLE,
        key_usage: CSSM_KEYUSE,
        key_attr: uint32,
        initial_access: Option<&SecAccess>,
        key_ref: *mut *mut SecKey,
    ) -> OSStatus {
        extern "C-unwind" {
            fn SecKeyGenerate(
                keychain_ref: Option<&SecKeychain>,
                algorithm: CSSM_ALGORITHMS,
                key_size_in_bits: uint32,
                context_handle: CSSM_CC_HANDLE,
                key_usage: CSSM_KEYUSE,
                key_attr: uint32,
                initial_access: Option<&SecAccess>,
                key_ref: *mut *mut SecKey,
            ) -> OSStatus;
        }
        unsafe {
            SecKeyGenerate(
                keychain_ref,
                algorithm,
                key_size_in_bits,
                context_handle,
                key_usage,
                key_attr,
                initial_access,
                key_ref,
            )
        }
    }

    /// Returns a pointer to the CSSM_KEY for the given key item reference.
    ///
    /// Parameter `key`: A keychain key item reference. The key item must be of class type kSecPublicKeyItemClass, kSecPrivateKeyItemClass, or kSecSymmetricKeyItemClass.
    ///
    /// Parameter `cssmKey`: On return, a pointer to a CSSM_KEY structure for the given key. This pointer remains valid until the key reference is released. The caller should not attempt to modify or free this data.
    ///
    /// Returns: A result code. See "Security Error Codes" (SecBase.h).
    ///
    /// The CSSM_KEY is valid until the key item reference is released. This API is deprecated in 10.7. Its use should no longer be needed.
    #[doc(alias = "SecKeyGetCSSMKey")]
    #[cfg(all(
        feature = "SecAsn1Types",
        feature = "SecBase",
        feature = "cssmconfig",
        feature = "cssmtype"
    ))]
    #[deprecated]
    #[inline]
    pub unsafe fn cssm_key(self: &SecKey, cssm_key: NonNull<*const CSSM_KEY>) -> OSStatus {
        extern "C-unwind" {
            fn SecKeyGetCSSMKey(key: &SecKey, cssm_key: NonNull<*const CSSM_KEY>) -> OSStatus;
        }
        unsafe { SecKeyGetCSSMKey(self, cssm_key) }
    }

    /// Returns the CSSM_CSP_HANDLE for the given key reference. The handle is valid until the key reference is released.
    ///
    /// Parameter `keyRef`: A key reference.
    ///
    /// Parameter `cspHandle`: On return, the CSSM_CSP_HANDLE for the given keychain.
    ///
    /// Returns: A result code. See "Security Error Codes" (SecBase.h).
    ///
    /// This API is deprecated in 10.7. Its use should no longer be needed.
    #[doc(alias = "SecKeyGetCSPHandle")]
    #[cfg(all(feature = "SecBase", feature = "cssmconfig", feature = "cssmtype"))]
    #[deprecated]
    #[inline]
    pub unsafe fn csp_handle(self: &SecKey, csp_handle: NonNull<CSSM_CSP_HANDLE>) -> OSStatus {
        extern "C-unwind" {
            fn SecKeyGetCSPHandle(
                key_ref: &SecKey,
                csp_handle: NonNull<CSSM_CSP_HANDLE>,
            ) -> OSStatus;
        }
        unsafe { SecKeyGetCSPHandle(self, csp_handle) }
    }

    /// For a given key, return a pointer to a CSSM_ACCESS_CREDENTIALS structure which will allow the key to be used.
    ///
    /// Parameter `keyRef`: The key for which a credential is requested.
    ///
    /// Parameter `operation`: The type of operation to be performed with this key. See "Authorization tag type" for defined operations (cssmtype.h).
    ///
    /// Parameter `credentialType`: The type of credential requested.
    ///
    /// Parameter `outCredentials`: On return, a pointer to a CSSM_ACCESS_CREDENTIALS structure. This pointer remains valid until the key reference is released. The caller should not attempt to modify or free this data.
    ///
    /// Returns: A result code. See "Security Error Codes" (SecBase.h).
    #[doc(alias = "SecKeyGetCredentials")]
    #[cfg(all(
        feature = "SecAsn1Types",
        feature = "SecBase",
        feature = "cssmconfig",
        feature = "cssmtype"
    ))]
    #[deprecated]
    #[inline]
    pub unsafe fn credentials(
        self: &SecKey,
        operation: CSSM_ACL_AUTHORIZATION_TAG,
        credential_type: SecCredentialType,
        out_credentials: NonNull<*const CSSM_ACCESS_CREDENTIALS>,
    ) -> OSStatus {
        extern "C-unwind" {
            fn SecKeyGetCredentials(
                key_ref: &SecKey,
                operation: CSSM_ACL_AUTHORIZATION_TAG,
                credential_type: SecCredentialType,
                out_credentials: NonNull<*const CSSM_ACCESS_CREDENTIALS>,
            ) -> OSStatus;
        }
        unsafe { SecKeyGetCredentials(self, operation, credential_type, out_credentials) }
    }

    /// Generates a random symmetric key with the specified length
    /// and algorithm type.
    ///
    ///
    /// Parameter `parameters`: A dictionary containing one or more key-value pairs.
    /// See the discussion sections below for a complete overview of options.
    ///
    /// Parameter `error`: An optional pointer to a CFErrorRef. This value is set
    /// if an error occurred. If not NULL, the caller is responsible for
    /// releasing the CFErrorRef.
    ///
    /// Returns: On return, a SecKeyRef reference to the symmetric key, or
    /// NULL if the key could not be created.
    ///
    ///
    /// In order to generate a symmetric key, the parameters dictionary
    /// must at least contain the following keys:
    ///
    /// kSecAttrKeyType with a value of kSecAttrKeyTypeAES or any other
    /// kSecAttrKeyType defined in SecItem.h
    /// kSecAttrKeySizeInBits with a value being a CFNumberRef containing
    /// the requested key size in bits.  Example sizes for AES keys are:
    /// 128, 192, 256, 512.
    ///
    /// To store the generated symmetric key in a keychain, set these keys:
    /// kSecUseKeychain (value is a SecKeychainRef)
    /// kSecAttrLabel (a user-visible label whose value is a CFStringRef,
    /// e.g. "My App's Encryption Key")
    /// kSecAttrApplicationLabel (a label defined by your application, whose
    /// value is a CFDataRef and which can be used to find this key in a
    /// subsequent call to SecItemCopyMatching, e.g. "ID-1234567890-9876-0151")
    ///
    /// To specify the generated key's access control settings, set this key:
    /// kSecAttrAccess (value is a SecAccessRef)
    ///
    /// The keys below may be optionally set in the parameters dictionary
    /// (with a CFBooleanRef value) to override the default usage values:
    ///
    /// kSecAttrCanEncrypt (defaults to true if not explicitly specified)
    /// kSecAttrCanDecrypt (defaults to true if not explicitly specified)
    /// kSecAttrCanWrap (defaults to true if not explicitly specified)
    /// kSecAttrCanUnwrap (defaults to true if not explicitly specified)
    #[doc(alias = "SecKeyGenerateSymmetric")]
    #[cfg(feature = "SecBase")]
    #[deprecated = "No longer supported"]
    #[inline]
    pub unsafe fn generate_symmetric(
        parameters: &CFDictionary,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<SecKey>> {
        extern "C-unwind" {
            fn SecKeyGenerateSymmetric(
                parameters: &CFDictionary,
                error: *mut *mut CFError,
            ) -> Option<NonNull<SecKey>>;
        }
        let ret = unsafe { SecKeyGenerateSymmetric(parameters, error) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }

    /// Creates a symmetric key with the given data and sets the
    /// algorithm type specified.
    ///
    ///
    /// Parameter `parameters`: A dictionary containing one or more key-value pairs.
    /// See the discussion sections below for a complete overview of options.
    ///
    /// Returns: On return, a SecKeyRef reference to the symmetric key.
    ///
    ///
    /// In order to generate a symmetric key the parameters dictionary must
    /// at least contain the following keys:
    ///
    /// kSecAttrKeyType with a value of kSecAttrKeyTypeAES or any other
    /// kSecAttrKeyType defined in SecItem.h
    ///
    /// The keys below may be optionally set in the parameters dictionary
    /// (with a CFBooleanRef value) to override the default usage values:
    ///
    /// kSecAttrCanEncrypt (defaults to true if not explicitly specified)
    /// kSecAttrCanDecrypt (defaults to true if not explicitly specified)
    /// kSecAttrCanWrap (defaults to true if not explicitly specified)
    /// kSecAttrCanUnwrap (defaults to true if not explicitly specified)
    #[doc(alias = "SecKeyCreateFromData")]
    #[cfg(feature = "SecBase")]
    #[deprecated = "No longer supported"]
    #[inline]
    pub unsafe fn from_data(
        parameters: &CFDictionary,
        key_data: &CFData,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<SecKey>> {
        extern "C-unwind" {
            fn SecKeyCreateFromData(
                parameters: &CFDictionary,
                key_data: &CFData,
                error: *mut *mut CFError,
            ) -> Option<NonNull<SecKey>>;
        }
        let ret = unsafe { SecKeyCreateFromData(parameters, key_data, error) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }
}

/// Delivers the result from an asynchronous key pair generation.
///
/// Parameter `publicKey`: - the public key generated.   You must retain publicKey if you wish to use it after your block returns.
///
/// Parameter `privateKey`: - the private key generated.  You must retain publicKey if you wish to use it after your block returns.
///
/// Parameter `error`: - Any errors returned.   You must retain error if you wish to use it after your block returns.
///
/// See also [Apple's documentation](https://developer.apple.com/documentation/security/seckeygeneratepairblock?language=objc)
#[cfg(all(feature = "SecBase", feature = "block2"))]
pub type SecKeyGeneratePairBlock =
    *mut block2::DynBlock<dyn Fn(NonNull<SecKey>, NonNull<SecKey>, NonNull<CFError>)>;

#[cfg(feature = "SecBase")]
impl SecKey {
    /// Derives a symmetric key from a password.
    ///
    ///
    /// Parameter `password`: The password from which the keyis to be derived.
    ///
    /// Parameter `parameters`: A dictionary containing one or more key-value pairs.
    ///
    /// Parameter `error`: If the call fails this will contain the error code.
    ///
    ///
    /// In order to derive a key the parameters dictionary must contain at least contain the following keys:
    /// kSecAttrSalt - a CFData for the salt value for mixing in the pseudo-random rounds.
    /// kSecAttrPRF - the algorithm to use for the pseudo-random-function.
    /// If 0, this defaults to kSecAttrPRFHmacAlgSHA1. Possible values are:
    ///
    /// kSecAttrPRFHmacAlgSHA1
    /// kSecAttrPRFHmacAlgSHA224
    /// kSecAttrPRFHmacAlgSHA256
    /// kSecAttrPRFHmacAlgSHA384
    /// kSecAttrPRFHmacAlgSHA512
    ///
    /// kSecAttrRounds - the number of rounds to call the pseudo random function.
    /// If 0, a count will be computed to average 1/10 of a second.
    /// kSecAttrKeySizeInBits with a value being a CFNumberRef
    /// containing the requested key size in bits.  Example sizes for RSA keys are:
    /// 512, 768, 1024, 2048.
    ///
    ///
    /// Returns: On success a SecKeyRef is returned.  On failure this result is NULL and the
    /// error parameter contains the reason.
    #[doc(alias = "SecKeyDeriveFromPassword")]
    #[cfg(feature = "SecBase")]
    #[deprecated = "No longer supported"]
    #[inline]
    pub unsafe fn derive_from_password(
        password: &CFString,
        parameters: &CFDictionary,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<SecKey>> {
        extern "C-unwind" {
            fn SecKeyDeriveFromPassword(
                password: &CFString,
                parameters: &CFDictionary,
                error: *mut *mut CFError,
            ) -> Option<NonNull<SecKey>>;
        }
        let ret = unsafe { SecKeyDeriveFromPassword(password, parameters, error) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }

    /// Wraps a symmetric key with a symmetric key.
    ///
    ///
    /// Parameter `keyToWrap`: The key which is to be wrapped.
    ///
    /// Parameter `wrappingKey`: The key wrapping key.
    ///
    /// Parameter `parameters`: The parameter list to use for wrapping the key.
    ///
    /// Parameter `error`: If the call fails this will contain the error code.
    ///
    ///
    /// Returns: On success a CFDataRef is returned.  On failure this result is NULL and the
    /// error parameter contains the reason.
    ///
    ///
    /// In order to wrap a key the parameters dictionary may contain the following key:
    /// kSecSalt - a CFData for the salt value for the encrypt.
    #[doc(alias = "SecKeyWrapSymmetric")]
    #[cfg(feature = "SecBase")]
    #[deprecated = "No longer supported"]
    #[inline]
    pub unsafe fn wrap_symmetric(
        self: &SecKey,
        wrapping_key: &SecKey,
        parameters: &CFDictionary,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<CFData>> {
        extern "C-unwind" {
            fn SecKeyWrapSymmetric(
                key_to_wrap: &SecKey,
                wrapping_key: &SecKey,
                parameters: &CFDictionary,
                error: *mut *mut CFError,
            ) -> Option<NonNull<CFData>>;
        }
        let ret = unsafe { SecKeyWrapSymmetric(self, wrapping_key, parameters, error) };
        ret.map(|ret| unsafe { CFRetained::retain(ret) })
    }

    /// Unwrap a wrapped symmetric key.
    ///
    ///
    /// Parameter `keyToUnwrap`: The wrapped key to unwrap.
    ///
    /// Parameter `unwrappingKey`: The key unwrapping key.
    ///
    /// Parameter `parameters`: The parameter list to use for unwrapping the key.
    ///
    /// Parameter `error`: If the call fails this will contain the error code.
    ///
    ///
    /// Returns: On success a SecKeyRef is returned.  On failure this result is NULL and the
    /// error parameter contains the reason.
    ///
    ///
    /// In order to unwrap a key the parameters dictionary may contain the following key:
    /// kSecSalt - a CFData for the salt value for the decrypt.
    #[doc(alias = "SecKeyUnwrapSymmetric")]
    #[cfg(feature = "SecBase")]
    #[deprecated = "No longer supported"]
    #[inline]
    pub unsafe fn unwrap_symmetric(
        key_to_unwrap: NonNull<*const CFData>,
        unwrapping_key: &SecKey,
        parameters: &CFDictionary,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<SecKey>> {
        extern "C-unwind" {
            fn SecKeyUnwrapSymmetric(
                key_to_unwrap: NonNull<*const CFData>,
                unwrapping_key: &SecKey,
                parameters: &CFDictionary,
                error: *mut *mut CFError,
            ) -> Option<NonNull<SecKey>>;
        }
        let ret =
            unsafe { SecKeyUnwrapSymmetric(key_to_unwrap, unwrapping_key, parameters, error) };
        ret.map(|ret| unsafe { CFRetained::retain(ret) })
    }

    /// Generate a private/public keypair.
    ///
    /// Parameter `parameters`: A dictionary containing one or more key-value pairs.
    /// See the discussion sections below for a complete overview of options.
    ///
    /// Parameter `publicKey`: On return, a SecKeyRef reference to the public key.
    ///
    /// Parameter `privateKey`: On return, a SecKeyRef reference to the private key.
    ///
    /// Returns: A result code. See "Security Error Codes" (SecBase.h).
    ///
    ///
    /// In order to generate a keypair the parameters dictionary must
    /// at least contain the following keys:
    ///
    /// kSecAttrKeyType with a value of kSecAttrKeyTypeRSA or any other
    /// kSecAttrKeyType defined in SecItem.h
    /// kSecAttrKeySizeInBits with a value being a CFNumberRef containing
    /// the requested key size in bits.  Example sizes for RSA keys are:
    /// 512, 768, 1024, 2048.
    ///
    /// The values below may be set either in the top-level dictionary or in a
    /// dictionary that is the value of the kSecPrivateKeyAttrs or
    /// kSecPublicKeyAttrs key in the top-level dictionary.  Setting these
    /// attributes explicitly will override the defaults below.  See SecItem.h
    /// for detailed information on these attributes including the types of
    /// the values.
    ///
    /// kSecAttrLabel default NULL
    /// kSecUseKeychain default NULL, which specifies the default keychain
    /// kSecAttrIsPermanent default false
    /// if this key is present and has a Boolean value of true, the key or
    /// key pair will be added to the keychain.
    /// kSecAttrTokenID default NULL
    /// The CFStringRef ID of the token to generate the key or keypair on. This
    /// attribute can contain CFStringRef and can be present only in the top-level
    /// parameters dictionary.
    /// kSecAttrApplicationTag default NULL
    /// kSecAttrEffectiveKeySize default NULL same as kSecAttrKeySizeInBits
    /// kSecAttrCanEncrypt default false for private keys, true for public keys
    /// kSecAttrCanDecrypt default true for private keys, false for public keys
    /// kSecAttrCanDerive default true
    /// kSecAttrCanSign default true for private keys, false for public keys
    /// kSecAttrCanVerify default false for private keys, true for public keys
    /// kSecAttrCanWrap default false for private keys, true for public keys
    /// kSecAttrCanUnwrap default true for private keys, false for public keys
    ///
    /// NOTE: The function always saves keys in the keychain on macOS and as such attribute
    /// kSecAttrIsPermanent is ignored. The function respects attribute kSecAttrIsPermanent
    /// on iOS, tvOS and watchOS.
    /// It is recommended to use SecKeyCreateRandomKey() which respects kSecAttrIsPermanent
    /// on all platforms.
    #[doc(alias = "SecKeyGeneratePair")]
    #[cfg(feature = "SecBase")]
    #[deprecated = "Use SecKeyCreateRandomKey"]
    #[inline]
    pub unsafe fn generate_pair(
        parameters: &CFDictionary,
        public_key: *mut *mut SecKey,
        private_key: *mut *mut SecKey,
    ) -> OSStatus {
        extern "C-unwind" {
            fn SecKeyGeneratePair(
                parameters: &CFDictionary,
                public_key: *mut *mut SecKey,
                private_key: *mut *mut SecKey,
            ) -> OSStatus;
        }
        unsafe { SecKeyGeneratePair(parameters, public_key, private_key) }
    }

    /// Generates a new public/private key pair.
    ///
    /// Parameter `parameters`: A dictionary containing one or more key-value pairs.
    /// See the discussion sections below for a complete overview of options.
    ///
    /// Parameter `error`: On error, will be populated with an error object describing the failure.
    /// See "Security Error Codes" (SecBase.h).
    ///
    /// Returns: Newly generated private key.  To get associated public key, use SecKeyCopyPublicKey().
    ///
    /// In order to generate a keypair the parameters dictionary must
    /// at least contain the following keys:
    ///
    /// kSecAttrKeyType with a value being kSecAttrKeyTypeRSA or any other
    /// kSecAttrKeyType defined in SecItem.h
    /// kSecAttrKeySizeInBits with a value being a CFNumberRef or CFStringRef
    /// containing the requested key size in bits.  Example sizes for RSA
    /// keys are: 512, 768, 1024, 2048.
    ///
    /// The values below may be set either in the top-level dictionary or in a
    /// dictionary that is the value of the kSecPrivateKeyAttrs or
    /// kSecPublicKeyAttrs key in the top-level dictionary.  Setting these
    /// attributes explicitly will override the defaults below.  See SecItem.h
    /// for detailed information on these attributes including the types of
    /// the values.
    ///
    /// kSecAttrLabel default NULL
    /// kSecAttrIsPermanent if this key is present and has a Boolean value of true,
    /// the key or key pair will be added to the default keychain.
    /// kSecAttrTokenID if this key should be generated on specified token.  This
    /// attribute can contain CFStringRef and can be present only in the top-level
    /// parameters dictionary.
    /// kSecAttrApplicationTag default NULL
    /// kSecAttrEffectiveKeySize default NULL same as kSecAttrKeySizeInBits
    /// kSecAttrCanEncrypt default false for private keys, true for public keys
    /// kSecAttrCanDecrypt default true for private keys, false for public keys
    /// kSecAttrCanDerive default true
    /// kSecAttrCanSign default true for private keys, false for public keys
    /// kSecAttrCanVerify default false for private keys, true for public keys
    /// kSecAttrCanWrap default false for private keys, true for public keys
    /// kSecAttrCanUnwrap default true for private keys, false for public keys
    #[doc(alias = "SecKeyCreateRandomKey")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn new_random_key(
        parameters: &CFDictionary,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<SecKey>> {
        extern "C-unwind" {
            fn SecKeyCreateRandomKey(
                parameters: &CFDictionary,
                error: *mut *mut CFError,
            ) -> Option<NonNull<SecKey>>;
        }
        let ret = unsafe { SecKeyCreateRandomKey(parameters, error) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }

    /// Create a SecKey from a well-defined external representation.
    ///
    /// Parameter `keyData`: CFData representing the key. The format of the data depends on the type of key being created.
    ///
    /// Parameter `attributes`: Dictionary containing attributes describing the key to be imported. The keys in this dictionary
    /// are kSecAttr* constants from SecItem.h.  Mandatory attributes are:
    /// kSecAttrKeyType
    /// kSecAttrKeyClass
    ///
    /// Parameter `error`: On error, will be populated with an error object describing the failure.
    /// See "Security Error Codes" (SecBase.h).
    ///
    /// Returns: A SecKey object representing the key, or NULL on failure.
    ///
    /// This function does not add keys to any keychain, but the SecKey object it returns can be added
    /// to keychain using the SecItemAdd function.
    /// The requested data format depend on the type of key (kSecAttrKeyType) being created:
    /// kSecAttrKeyTypeRSA               PKCS#1 format, public key can be also in x509 public key format
    /// kSecAttrKeyTypeECSECPrimeRandom  ANSI X9.63 format (04 || X || Y [ || K])
    #[doc(alias = "SecKeyCreateWithData")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn with_data(
        key_data: &CFData,
        attributes: &CFDictionary,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<SecKey>> {
        extern "C-unwind" {
            fn SecKeyCreateWithData(
                key_data: &CFData,
                attributes: &CFDictionary,
                error: *mut *mut CFError,
            ) -> Option<NonNull<SecKey>>;
        }
        let ret = unsafe { SecKeyCreateWithData(key_data, attributes, error) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }

    /// Returns block length of the key in bytes.
    ///
    /// Parameter `key`: The key for which the block length is requested.
    ///
    /// Returns: The block length of the key in bytes.
    ///
    /// If for example key is an RSA key the value returned by
    /// this function is the size of the modulus.
    #[doc(alias = "SecKeyGetBlockSize")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn block_size(self: &SecKey) -> usize {
        extern "C-unwind" {
            fn SecKeyGetBlockSize(key: &SecKey) -> usize;
        }
        unsafe { SecKeyGetBlockSize(self) }
    }

    /// Create an external representation for the given key suitable for the key's type.
    ///
    /// Parameter `key`: The key to be exported.
    ///
    /// Parameter `error`: On error, will be populated with an error object describing the failure.
    /// See "Security Error Codes" (SecBase.h).
    ///
    /// Returns: A CFData representing the key in a format suitable for that key type.
    ///
    /// This function may fail if the key is not exportable (e.g., bound to a smart card or Secure Enclave).
    /// The format in which the key will be exported depends on the type of key:
    /// kSecAttrKeyTypeRSA               PKCS#1 format
    /// kSecAttrKeyTypeECSECPrimeRandom  ANSI X9.63 format (04 || X || Y [ || K])
    #[doc(alias = "SecKeyCopyExternalRepresentation")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn external_representation(
        self: &SecKey,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<CFData>> {
        extern "C-unwind" {
            fn SecKeyCopyExternalRepresentation(
                key: &SecKey,
                error: *mut *mut CFError,
            ) -> Option<NonNull<CFData>>;
        }
        let ret = unsafe { SecKeyCopyExternalRepresentation(self, error) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }

    /// Retrieve keychain attributes of a key.
    ///
    /// Parameter `key`: The key whose attributes are to be retrieved.
    ///
    /// Returns: Dictionary containing attributes of the key. The keys that populate this dictionary are defined
    /// and discussed in SecItem.h.
    ///
    /// The attributes provided by this function are:
    /// kSecAttrCanEncrypt
    /// kSecAttrCanDecrypt
    /// kSecAttrCanDerive
    /// kSecAttrCanSign
    /// kSecAttrCanVerify
    /// kSecAttrKeyClass
    /// kSecAttrKeyType
    /// kSecAttrKeySizeInBits
    /// kSecAttrTokenID
    /// kSecAttrApplicationLabel
    /// The set of values is not fixed. Future versions may return more values in this dictionary.
    #[doc(alias = "SecKeyCopyAttributes")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn attributes(self: &SecKey) -> Option<CFRetained<CFDictionary>> {
        extern "C-unwind" {
            fn SecKeyCopyAttributes(key: &SecKey) -> Option<NonNull<CFDictionary>>;
        }
        let ret = unsafe { SecKeyCopyAttributes(self) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }

    /// Retrieve the public key from a key pair or private key.
    ///
    /// Parameter `key`: The key from which to retrieve a public key.
    ///
    /// Returns: The public key or NULL if public key is not available for specified key.
    ///
    /// Fails if key does not contain a public key or no public key can be computed from it.
    #[doc(alias = "SecKeyCopyPublicKey")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn public_key(self: &SecKey) -> Option<CFRetained<SecKey>> {
        extern "C-unwind" {
            fn SecKeyCopyPublicKey(key: &SecKey) -> Option<NonNull<SecKey>>;
        }
        let ret = unsafe { SecKeyCopyPublicKey(self) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }
}

/// Available algorithms for performing cryptographic operations with SecKey object.  String representation
/// of constant can be used for logging or debugging purposes, because they contain human readable names of the algorithm.
///
///
/// Raw RSA sign/verify operation, size of input data must be the same as value returned by SecKeyGetBlockSize().
///
///
/// RSA sign/verify operation, assumes that input data is digest and OID and digest algorithm as specified in PKCS# v1.5.
/// This algorithm is typically not used directly, instead use algorithm with specified digest, like
/// kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA256.
///
///
/// RSA signature with PKCS#1 padding, input data must be SHA-1 generated digest.
///
///
/// RSA signature with PKCS#1 padding, input data must be SHA-224 generated digest.
///
///
/// RSA signature with PKCS#1 padding, input data must be SHA-256 generated digest.
///
///
/// RSA signature with PKCS#1 padding, input data must be SHA-384 generated digest.
///
///
/// RSA signature with PKCS#1 padding, input data must be SHA-512 generated digest.
///
///
/// RSA signature with PKCS#1 padding, SHA-1 digest is generated by called function automatically from input data of any size.
///
///
/// RSA signature with PKCS#1 padding, SHA-224 digest is generated by called function automatically from input data of any size.
///
///
/// RSA signature with PKCS#1 padding, SHA-256 digest is generated by called function automatically from input data of any size.
///
///
/// RSA signature with PKCS#1 padding, SHA-384 digest is generated by called function automatically from input data of any size.
///
///
/// RSA signature with PKCS#1 padding, SHA-512 digest is generated by called function automatically from input data of any size.
///
///
/// RSA signature with RSASSA-PSS padding according to PKCS#1 v2.1, input data must be SHA-1 generated digest.
/// PSS padding is calculated using MGF1 with SHA1 and saltLength parameter is set to 20 (SHA-1 output size).
///
///
/// RSA signature with RSASSA-PSS padding according to PKCS#1 v2.1, input data must be SHA-224 generated digest.
/// PSS padding is calculated using MGF1 with SHA224 and saltLength parameter is set to 28 (SHA-224 output size).
///
///
/// RSA signature with RSASSA-PSS padding according to PKCS#1 v2.1, input data must be SHA-256 generated digest.
/// PSS padding is calculated using MGF1 with SHA256 and saltLength parameter is set to 32 (SHA-256 output size).
///
///
/// RSA signature with RSASSA-PSS padding according to PKCS#1 v2.1, input data must be SHA-384 generated digest.
/// PSS padding is calculated using MGF1 with SHA384 and saltLength parameter is set to 48 (SHA-384 output size).
///
///
/// RSA signature with RSASSA-PSS padding according to PKCS#1 v2.1, input data must be SHA-512 generated digest.
/// PSS padding is calculated using MGF1 with SHA512 and saltLength parameter is set to 64 (SHA-512 output size).
///
///
/// RSA signature with RSASSA-PSS padding according to PKCS#1 v2.1, SHA-1 digest is generated by called function automatically from input data of any size.
/// PSS padding is calculated using MGF1 with SHA1 and saltLength parameter is set to 20 (SHA-1 output size).
///
///
/// RSA signature with RSASSA-PSS padding according to PKCS#1 v2.1, SHA-224 digest is generated by called function automatically from input data of any size.
/// PSS padding is calculated using MGF1 with SHA224 and saltLength parameter is set to 28 (SHA-224 output size).
///
///
/// RSA signature with RSASSA-PSS padding according to PKCS#1 v2.1, SHA-256 digest is generated by called function automatically from input data of any size.
/// PSS padding is calculated using MGF1 with SHA256 and saltLength parameter is set to 32 (SHA-256 output size).
///
///
/// RSA signature with RSASSA-PSS padding according to PKCS#1 v2.1, SHA-384 digest is generated by called function automatically from input data of any size.
/// PSS padding is calculated using MGF1 with SHA384 and saltLength parameter is set to 48 (SHA-384 output size).
///
///
/// RSA signature with RSASSA-PSS padding according to PKCS#1 v2.1, SHA-512 digest is generated by called function automatically from input data of any size.
/// PSS padding is calculated using MGF1 with SHA512 and saltLength parameter is set to 64 (SHA-512 output size).
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, input data must be message digest generated by some hash functions.
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, input data must be message digest created by SHA1 algorithm.
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, input data must be message digest created by SHA224 algorithm.
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, input data must be message digest created by SHA256 algorithm.
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, input data must be message digest created by SHA384 algorithm.
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, input data must be message digest created by SHA512 algorithm.
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, SHA-1 digest is generated by called function automatically from input data of any size.
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, SHA-224 digest is generated by called function automatically from input data of any size.
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, SHA-256 digest is generated by called function automatically from input data of any size.
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, SHA-384 digest is generated by called function automatically from input data of any size.
///
///
/// ECDSA algorithm, signature is in DER x9.62 encoding, SHA-512 digest is generated by called function automatically from input data of any size.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, input data must be message digest generated by some hash functions.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, input data must be message digest created by SHA1 algorithm.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, input data must be message digest created by SHA224 algorithm.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, input data must be message digest created by SHA256 algorithm.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, input data must be message digest created by SHA384 algorithm.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, input data must be message digest created by SHA512 algorithm.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, SHA-1 digest is generated by called function automatically from input data of any size.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, SHA-224 digest is generated by called function automatically from input data of any size.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, SHA-256 digest is generated by called function automatically from input data of any size.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, SHA-384 digest is generated by called function automatically from input data of any size.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, SHA-512 digest is generated by called function automatically from input data of any size.
///
///
/// ECDSA algorithm, signature is concatenated r and s, big endian, input data must be message digest generated by some hash function.
/// This is deprecated algorithm, replaced by kSecKeyAlgorithmECDSASignatureDigestRFC4754
///
///
/// Raw RSA encryption or decryption, size of data must match RSA key modulus size.  Note that direct
/// use of this algorithm without padding is cryptographically very weak, it is important to always introduce
/// some kind of padding.  Input data size must be less or equal to the key block size and returned block has always
/// the same size as block size, as returned by SecKeyGetBlockSize().
///
///
/// RSA encryption or decryption, data is padded using PKCS#1 padding scheme.  This algorithm should be used only for
/// backward compatibility with existing protocols and data. New implementations should choose cryptographically
/// stronger algorithm instead (see kSecKeyAlgorithmRSAEncryptionOAEP).  Input data must be at most
/// "key block size - 11" bytes long and returned block has always the same size as block size, as returned
/// by SecKeyGetBlockSize().
///
///
/// RSA encryption or decryption, data is padded using OAEP padding scheme internally using SHA1. Input data must be at most
/// "key block size - 42" bytes long and returned block has always the same size as block size, as returned
/// by SecKeyGetBlockSize().  Use kSecKeyAlgorithmRSAEncryptionOAEPSHA1AESGCM to be able to encrypt and decrypt arbitrary long data.
///
///
/// RSA encryption or decryption, data is padded using OAEP padding scheme internally using SHA224. Input data must be at most
/// "key block size - 58" bytes long and returned block has always the same size as block size, as returned
/// by SecKeyGetBlockSize().  Use kSecKeyAlgorithmRSAEncryptionOAEPSHA224AESGCM to be able to encrypt and decrypt arbitrary long data.
///
///
/// RSA encryption or decryption, data is padded using OAEP padding scheme internally using SHA256. Input data must be at most
/// "key block size - 66" bytes long and returned block has always the same size as block size, as returned
/// by SecKeyGetBlockSize().  Use kSecKeyAlgorithmRSAEncryptionOAEPSHA256AESGCM to be able to encrypt and decrypt arbitrary long data.
///
///
/// RSA encryption or decryption, data is padded using OAEP padding scheme internally using SHA384. Input data must be at most
/// "key block size - 98" bytes long and returned block has always the same size as block size, as returned
/// by SecKeyGetBlockSize().  Use kSecKeyAlgorithmRSAEncryptionOAEPSHA384AESGCM to be able to encrypt and decrypt arbitrary long data.
///
///
/// RSA encryption or decryption, data is padded using OAEP padding scheme internally using SHA512. Input data must be at most
/// "key block size - 130" bytes long and returned block has always the same size as block size, as returned
/// by SecKeyGetBlockSize().  Use kSecKeyAlgorithmRSAEncryptionOAEPSHA512AESGCM to be able to encrypt and decrypt arbitrary long data.
///
///
/// Randomly generated AES session key is encrypted by RSA with OAEP padding.  User data are encrypted using session key in GCM
/// mode with all-zero 16 bytes long IV (initialization vector).  Finally 16 byte AES-GCM tag is appended to ciphertext.
/// 256bit AES key is used if RSA key is 4096bit or bigger, otherwise 128bit AES key is used.  Raw public key data is used
/// as authentication data for AES-GCM encryption.
///
///
/// Randomly generated AES session key is encrypted by RSA with OAEP padding.  User data are encrypted using session key in GCM
/// mode with all-zero 16 bytes long IV (initialization vector).  Finally 16 byte AES-GCM tag is appended to ciphertext.
/// 256bit AES key is used if RSA key is 4096bit or bigger, otherwise 128bit AES key is used.  Raw public key data is used
/// as authentication data for AES-GCM encryption.
///
///
/// Randomly generated AES session key is encrypted by RSA with OAEP padding.  User data are encrypted using session key in GCM
/// mode with all-zero 16 bytes long IV (initialization vector).  Finally 16 byte AES-GCM tag is appended to ciphertext.
/// 256bit AES key is used if RSA key is 4096bit or bigger, otherwise 128bit AES key is used.  Raw public key data is used
/// as authentication data for AES-GCM encryption.
///
///
/// Randomly generated AES session key is encrypted by RSA with OAEP padding.  User data are encrypted using session key in GCM
/// mode with all-zero 16 bytes long IV (initialization vector).  Finally 16 byte AES-GCM tag is appended to ciphertext.
/// 256bit AES key is used if RSA key is 4096bit or bigger, otherwise 128bit AES key is used.  Raw public key data is used
/// as authentication data for AES-GCM encryption.
///
///
/// Randomly generated AES session key is encrypted by RSA with OAEP padding.  User data are encrypted using session key in GCM
/// mode with all-zero 16 bytes long IV (initialization vector).  Finally 16 byte AES-GCM tag is appended to ciphertext.
/// 256bit AES key is used if RSA key is 4096bit or bigger, otherwise 128bit AES key is used.  Raw public key data is used
/// as authentication data for AES-GCM encryption.
///
///
/// Legacy ECIES encryption or decryption, use kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA256AESGCM in new code.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA1.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG and all-zero 16 byte long IV (initialization vector).
///
///
/// Legacy ECIES encryption or decryption, use kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA224AESGCM in new code.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA224.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG and all-zero 16 byte long IV (initialization vector).
///
///
/// Legacy ECIES encryption or decryption, use kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA256AESGCM in new code.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA256.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG and all-zero 16 byte long IV (initialization vector).
///
///
/// Legacy ECIES encryption or decryption, use kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA384AESGCM in new code.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA384.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG and all-zero 16 byte long IV (initialization vector).
///
///
/// Legacy ECIES encryption or decryption, use kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA512AESGCM in new code.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA512.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG and all-zero 16 byte long IV (initialization vector).
///
///
/// Legacy ECIES encryption or decryption, use kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA256AESGCM in new code.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA1.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG and all-zero 16 byte long IV (initialization vector).
///
///
/// Legacy ECIES encryption or decryption, use kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA224AESGCM in new code.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA224.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG and all-zero 16 byte long IV (initialization vector).
///
///
/// Legacy ECIES encryption or decryption, use kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA256AESGCM in new code.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA256.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG and all-zero 16 byte long IV (initialization vector).
///
///
/// Legacy ECIES encryption or decryption, use kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA384AESGCM in new code.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA384.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG and all-zero 16 byte long IV (initialization vector).
///
///
/// Legacy ECIES encryption or decryption, use kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA512AESGCM in new code.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA512.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG and all-zero 16 byte long IV (initialization vector).
///
///
/// ECIES encryption or decryption.  This algorithm does not limit the size of the message to be encrypted or decrypted.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA224.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG, AES key is first half of KDF output and 16 byte long IV (initialization vector) is second half
/// of KDF output.
///
///
/// ECIES encryption or decryption.  This algorithm does not limit the size of the message to be encrypted or decrypted.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA256.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG, AES key is first half of KDF output and 16 byte long IV (initialization vector) is second half
/// of KDF output.
///
///
/// ECIES encryption or decryption.  This algorithm does not limit the size of the message to be encrypted or decrypted.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA384.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG, AES key is first half of KDF output and 16 byte long IV (initialization vector) is second half
/// of KDF output.
///
///
/// ECIES encryption or decryption.  This algorithm does not limit the size of the message to be encrypted or decrypted.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA512.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG, AES key is first half of KDF output and 16 byte long IV (initialization vector) is second half
/// of KDF output.
///
///
/// ECIES encryption or decryption.  This algorithm does not limit the size of the message to be encrypted or decrypted.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA224.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG, AES key is first half of KDF output and 16 byte long IV (initialization vector) is second half
/// of KDF output.
///
///
/// ECIES encryption or decryption.  This algorithm does not limit the size of the message to be encrypted or decrypted.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA256.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG, AES key is first half of KDF output and 16 byte long IV (initialization vector) is second half
/// of KDF output.
///
///
/// ECIES encryption or decryption.  This algorithm does not limit the size of the message to be encrypted or decrypted.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA384.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG, AES key is first half of KDF output and 16 byte long IV (initialization vector) is second half
/// of KDF output.
///
///
/// ECIES encryption or decryption.  This algorithm does not limit the size of the message to be encrypted or decrypted.
/// Encryption is done using AES-GCM with key negotiated by kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA512.  AES Key size
/// is 128bit for EC keys
/// <
/// =256bit and 256bit for bigger EC keys. Ephemeral public key data is used as sharedInfo for KDF.
/// AES-GCM uses 16 bytes long TAG, AES key is first half of KDF output and 16 byte long IV (initialization vector) is second half
/// of KDF output.
///
///
/// Compute shared secret using ECDH cofactor algorithm, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys.
/// This algorithm does not accept any parameters, length of output raw shared secret is given by the length of the key.
///
///
/// Compute shared secret using ECDH cofactor algorithm, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys
/// and apply ANSI X9.63 KDF with SHA1 as hashing function.  Requires kSecKeyKeyExchangeParameterRequestedSize and allows
/// kSecKeyKeyExchangeParameterSharedInfo parameters to be used.
///
///
/// Compute shared secret using ECDH cofactor algorithm, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys
/// and apply ANSI X9.63 KDF with SHA224 as hashing function.  Requires kSecKeyKeyExchangeParameterRequestedSize and allows
/// kSecKeyKeyExchangeParameterSharedInfo parameters to be used.
///
///
/// Compute shared secret using ECDH cofactor algorithm, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys
/// and apply ANSI X9.63 KDF with SHA256 as hashing function.  Requires kSecKeyKeyExchangeParameterRequestedSize and allows
/// kSecKeyKeyExchangeParameterSharedInfo parameters to be used.
///
///
/// Compute shared secret using ECDH cofactor algorithm, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys
/// and apply ANSI X9.63 KDF with SHA384 as hashing function.  Requires kSecKeyKeyExchangeParameterRequestedSize and allows
/// kSecKeyKeyExchangeParameterSharedInfo parameters to be used.
///
///
/// Compute shared secret using ECDH cofactor algorithm, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys
/// and apply ANSI X9.63 KDF with SHA512 as hashing function.  Requires kSecKeyKeyExchangeParameterRequestedSize and allows
/// kSecKeyKeyExchangeParameterSharedInfo parameters to be used.
///
///
/// Compute shared secret using ECDH algorithm without cofactor, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys.
/// This algorithm does not accept any parameters, length of output raw shared secret is given by the length of the key.
///
///
/// Compute shared secret using ECDH algorithm without cofactor, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys
/// and apply ANSI X9.63 KDF with SHA1 as hashing function.  Requires kSecKeyKeyExchangeParameterRequestedSize and allows
/// kSecKeyKeyExchangeParameterSharedInfo parameters to be used.
///
///
/// Compute shared secret using ECDH algorithm without cofactor, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys
/// and apply ANSI X9.63 KDF with SHA224 as hashing function.  Requires kSecKeyKeyExchangeParameterRequestedSize and allows
/// kSecKeyKeyExchangeParameterSharedInfo parameters to be used.
///
///
/// Compute shared secret using ECDH algorithm without cofactor, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys
/// and apply ANSI X9.63 KDF with SHA256 as hashing function.  Requires kSecKeyKeyExchangeParameterRequestedSize and allows
/// kSecKeyKeyExchangeParameterSharedInfo parameters to be used.
///
///
/// Compute shared secret using ECDH algorithm without cofactor, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys
/// and apply ANSI X9.63 KDF with SHA384 as hashing function.  Requires kSecKeyKeyExchangeParameterRequestedSize and allows
/// kSecKeyKeyExchangeParameterSharedInfo parameters to be used.
///
///
/// Compute shared secret using ECDH algorithm without cofactor, suitable only for kSecAttrKeyTypeECSECPrimeRandom keys
/// and apply ANSI X9.63 KDF with SHA512 as hashing function.  Requires kSecKeyKeyExchangeParameterRequestedSize and allows
/// kSecKeyKeyExchangeParameterSharedInfo parameters to be used.
///
/// See also [Apple's documentation](https://developer.apple.com/documentation/security/seckeyalgorithm?language=objc)
// NS_TYPED_ENUM
pub type SecKeyAlgorithm = CFString;

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignatureraw?language=objc)
    pub static kSecKeyAlgorithmRSASignatureRaw: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpkcs1v15raw?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPKCS1v15Raw: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpkcs1v15sha1?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpkcs1v15sha224?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpkcs1v15sha256?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpkcs1v15sha384?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpkcs1v15sha512?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA512: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturemessagepkcs1v15sha1?language=objc)
    pub static kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturemessagepkcs1v15sha224?language=objc)
    pub static kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturemessagepkcs1v15sha256?language=objc)
    pub static kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturemessagepkcs1v15sha384?language=objc)
    pub static kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturemessagepkcs1v15sha512?language=objc)
    pub static kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA512: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpsssha1?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPSSSHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpsssha224?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPSSSHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpsssha256?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPSSSHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpsssha384?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPSSSHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturedigestpsssha512?language=objc)
    pub static kSecKeyAlgorithmRSASignatureDigestPSSSHA512: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturemessagepsssha1?language=objc)
    pub static kSecKeyAlgorithmRSASignatureMessagePSSSHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturemessagepsssha224?language=objc)
    pub static kSecKeyAlgorithmRSASignatureMessagePSSSHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturemessagepsssha256?language=objc)
    pub static kSecKeyAlgorithmRSASignatureMessagePSSSHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturemessagepsssha384?language=objc)
    pub static kSecKeyAlgorithmRSASignatureMessagePSSSHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsasignaturemessagepsssha512?language=objc)
    pub static kSecKeyAlgorithmRSASignatureMessagePSSSHA512: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestx962?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestX962: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestx962sha1?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestX962SHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestx962sha224?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestX962SHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestx962sha256?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestX962SHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestx962sha384?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestX962SHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestx962sha512?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestX962SHA512: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturemessagex962sha1?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureMessageX962SHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturemessagex962sha224?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureMessageX962SHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturemessagex962sha256?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureMessageX962SHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturemessagex962sha384?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureMessageX962SHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturemessagex962sha512?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureMessageX962SHA512: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestrfc4754?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestRFC4754: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestrfc4754sha1?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestRFC4754SHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestrfc4754sha224?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestRFC4754SHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestrfc4754sha256?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestRFC4754SHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestrfc4754sha384?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestRFC4754SHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturedigestrfc4754sha512?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureDigestRFC4754SHA512: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturemessagerfc4754sha1?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureMessageRFC4754SHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturemessagerfc4754sha224?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureMessageRFC4754SHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturemessagerfc4754sha256?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureMessageRFC4754SHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturemessagerfc4754sha384?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureMessageRFC4754SHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturemessagerfc4754sha512?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureMessageRFC4754SHA512: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdsasignaturerfc4754?language=objc)
    pub static kSecKeyAlgorithmECDSASignatureRFC4754: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionraw?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionRaw: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionpkcs1?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionPKCS1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionoaepsha1?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionOAEPSHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionoaepsha224?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionOAEPSHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionoaepsha256?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionOAEPSHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionoaepsha384?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionOAEPSHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionoaepsha512?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionOAEPSHA512: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionoaepsha1aesgcm?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionOAEPSHA1AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionoaepsha224aesgcm?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionOAEPSHA224AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionoaepsha256aesgcm?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionOAEPSHA256AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionoaepsha384aesgcm?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionOAEPSHA384AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmrsaencryptionoaepsha512aesgcm?language=objc)
    pub static kSecKeyAlgorithmRSAEncryptionOAEPSHA512AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptionstandardx963sha1aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionStandardX963SHA1AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptionstandardx963sha224aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionStandardX963SHA224AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptionstandardx963sha256aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionStandardX963SHA256AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptionstandardx963sha384aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionStandardX963SHA384AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptionstandardx963sha512aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionStandardX963SHA512AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptioncofactorx963sha1aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionCofactorX963SHA1AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptioncofactorx963sha224aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionCofactorX963SHA224AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptioncofactorx963sha256aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionCofactorX963SHA256AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptioncofactorx963sha384aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionCofactorX963SHA384AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptioncofactorx963sha512aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionCofactorX963SHA512AESGCM: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptionstandardvariableivx963sha224aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA224AESGCM:
        &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptionstandardvariableivx963sha256aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA256AESGCM:
        &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptionstandardvariableivx963sha384aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA384AESGCM:
        &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptionstandardvariableivx963sha512aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA512AESGCM:
        &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptioncofactorvariableivx963sha224aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA224AESGCM:
        &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptioncofactorvariableivx963sha256aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA256AESGCM:
        &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptioncofactorvariableivx963sha384aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA384AESGCM:
        &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmeciesencryptioncofactorvariableivx963sha512aesgcm?language=objc)
    pub static kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA512AESGCM:
        &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangestandard?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeStandard: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangestandardx963sha1?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangestandardx963sha224?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangestandardx963sha256?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangestandardx963sha384?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangestandardx963sha512?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA512: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangecofactor?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeCofactor: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangecofactorx963sha1?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA1: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangecofactorx963sha224?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA224: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangecofactorx963sha256?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA256: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangecofactorx963sha384?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA384: &'static SecKeyAlgorithm;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeyalgorithmecdhkeyexchangecofactorx963sha512?language=objc)
    pub static kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA512: &'static SecKeyAlgorithm;
}

#[cfg(feature = "SecBase")]
impl SecKey {
    /// Given a private key and data to sign, generate a digital signature.
    ///
    /// Parameter `key`: Private key with which to sign.
    ///
    /// Parameter `algorithm`: One of SecKeyAlgorithm constants suitable to generate signature with this key.
    ///
    /// Parameter `dataToSign`: The data to be signed, typically the digest of the actual data.
    ///
    /// Parameter `error`: On error, will be populated with an error object describing the failure.
    /// See "Security Error Codes" (SecBase.h).
    ///
    /// Returns: The signature over dataToSign represented as a CFData, or NULL on failure.
    ///
    /// Computes digital signature using specified key over input data.  The operation algorithm
    /// further defines the exact format of input data, operation to be performed and output signature.
    #[doc(alias = "SecKeyCreateSignature")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn signature(
        self: &SecKey,
        algorithm: &SecKeyAlgorithm,
        data_to_sign: &CFData,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<CFData>> {
        extern "C-unwind" {
            fn SecKeyCreateSignature(
                key: &SecKey,
                algorithm: &SecKeyAlgorithm,
                data_to_sign: &CFData,
                error: *mut *mut CFError,
            ) -> Option<NonNull<CFData>>;
        }
        let ret = unsafe { SecKeyCreateSignature(self, algorithm, data_to_sign, error) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }

    /// Given a public key, data which has been signed, and a signature, verify the signature.
    ///
    /// Parameter `key`: Public key with which to verify the signature.
    ///
    /// Parameter `algorithm`: One of SecKeyAlgorithm constants suitable to verify signature with this key.
    ///
    /// Parameter `signedData`: The data over which sig is being verified, typically the digest of the actual data.
    ///
    /// Parameter `signature`: The signature to verify.
    ///
    /// Parameter `error`: On error, will be populated with an error object describing the failure.
    /// See "Security Error Codes" (SecBase.h).
    ///
    /// Returns: True if the signature was valid, False otherwise.
    ///
    /// Verifies digital signature operation using specified key and signed data.  The operation algorithm
    /// further defines the exact format of input data, signature and operation to be performed.
    #[doc(alias = "SecKeyVerifySignature")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn verify_signature(
        self: &SecKey,
        algorithm: &SecKeyAlgorithm,
        signed_data: &CFData,
        signature: &CFData,
        error: *mut *mut CFError,
    ) -> bool {
        extern "C-unwind" {
            fn SecKeyVerifySignature(
                key: &SecKey,
                algorithm: &SecKeyAlgorithm,
                signed_data: &CFData,
                signature: &CFData,
                error: *mut *mut CFError,
            ) -> Boolean;
        }
        let ret = unsafe { SecKeyVerifySignature(self, algorithm, signed_data, signature, error) };
        ret != 0
    }

    /// Encrypt a block of plaintext.
    ///
    /// Parameter `key`: Public key with which to encrypt the data.
    ///
    /// Parameter `algorithm`: One of SecKeyAlgorithm constants suitable to perform encryption with this key.
    ///
    /// Parameter `plaintext`: The data to encrypt. The length and format of the data must conform to chosen algorithm,
    /// typically be less or equal to the value returned by SecKeyGetBlockSize().
    ///
    /// Parameter `error`: On error, will be populated with an error object describing the failure.
    /// See "Security Error Codes" (SecBase.h).
    ///
    /// Returns: The ciphertext represented as a CFData, or NULL on failure.
    ///
    /// Encrypts plaintext data using specified key.  The exact type of the operation including the format
    /// of input and output data is specified by encryption algorithm.
    #[doc(alias = "SecKeyCreateEncryptedData")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn encrypted_data(
        self: &SecKey,
        algorithm: &SecKeyAlgorithm,
        plaintext: &CFData,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<CFData>> {
        extern "C-unwind" {
            fn SecKeyCreateEncryptedData(
                key: &SecKey,
                algorithm: &SecKeyAlgorithm,
                plaintext: &CFData,
                error: *mut *mut CFError,
            ) -> Option<NonNull<CFData>>;
        }
        let ret = unsafe { SecKeyCreateEncryptedData(self, algorithm, plaintext, error) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }

    /// Decrypt a block of ciphertext.
    ///
    /// Parameter `key`: Private key with which to decrypt the data.
    ///
    /// Parameter `algorithm`: One of SecKeyAlgorithm constants suitable to perform decryption with this key.
    ///
    /// Parameter `ciphertext`: The data to decrypt. The length and format of the data must conform to chosen algorithm,
    /// typically be less or equal to the value returned by SecKeyGetBlockSize().
    ///
    /// Parameter `error`: On error, will be populated with an error object describing the failure.
    /// See "Security Error Codes" (SecBase.h).
    ///
    /// Returns: The plaintext represented as a CFData, or NULL on failure.
    ///
    /// Decrypts ciphertext data using specified key.  The exact type of the operation including the format
    /// of input and output data is specified by decryption algorithm.
    #[doc(alias = "SecKeyCreateDecryptedData")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn decrypted_data(
        self: &SecKey,
        algorithm: &SecKeyAlgorithm,
        ciphertext: &CFData,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<CFData>> {
        extern "C-unwind" {
            fn SecKeyCreateDecryptedData(
                key: &SecKey,
                algorithm: &SecKeyAlgorithm,
                ciphertext: &CFData,
                error: *mut *mut CFError,
            ) -> Option<NonNull<CFData>>;
        }
        let ret = unsafe { SecKeyCreateDecryptedData(self, algorithm, ciphertext, error) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }
}

/// for KDF (key derivation function).
///
/// See also [Apple's documentation](https://developer.apple.com/documentation/security/seckeykeyexchangeparameter?language=objc)
// NS_TYPED_ENUM
pub type SecKeyKeyExchangeParameter = CFString;

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeykeyexchangeparameterrequestedsize?language=objc)
    pub static kSecKeyKeyExchangeParameterRequestedSize: &'static SecKeyKeyExchangeParameter;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseckeykeyexchangeparametersharedinfo?language=objc)
    pub static kSecKeyKeyExchangeParameterSharedInfo: &'static SecKeyKeyExchangeParameter;
}

#[cfg(feature = "SecBase")]
impl SecKey {
    /// Perform Diffie-Hellman style of key exchange operation, optionally with additional key-derivation steps.
    ///
    /// Parameter `algorithm`: One of SecKeyAlgorithm constants suitable to perform this operation.
    ///
    /// Parameter `publicKey`: Remote party's public key.
    ///
    /// Parameter `parameters`: Dictionary with parameters, see SecKeyKeyExchangeParameter constants.  Used algorithm
    /// determines the set of required and optional parameters to be used.
    ///
    /// Parameter `error`: Pointer to an error object on failure.
    /// See "Security Error Codes" (SecBase.h).
    ///
    /// Returns: Result of key exchange operation as a CFDataRef, or NULL on failure.
    #[doc(alias = "SecKeyCopyKeyExchangeResult")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn key_exchange_result(
        self: &SecKey,
        algorithm: &SecKeyAlgorithm,
        public_key: &SecKey,
        parameters: &CFDictionary,
        error: *mut *mut CFError,
    ) -> Option<CFRetained<CFData>> {
        extern "C-unwind" {
            fn SecKeyCopyKeyExchangeResult(
                private_key: &SecKey,
                algorithm: &SecKeyAlgorithm,
                public_key: &SecKey,
                parameters: &CFDictionary,
                error: *mut *mut CFError,
            ) -> Option<NonNull<CFData>>;
        }
        let ret =
            unsafe { SecKeyCopyKeyExchangeResult(self, algorithm, public_key, parameters, error) };
        ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
    }
}

/// Defines types of cryptographic operations available with SecKey instance.
///
///
/// Represents SecKeyCreateSignature()
///
///
/// Represents SecKeyVerifySignature()
///
///
/// Represents SecKeyCreateEncryptedData()
///
///
/// Represents SecKeyCreateDecryptedData()
///
///
/// Represents SecKeyCopyKeyExchangeResult()
///
/// See also [Apple's documentation](https://developer.apple.com/documentation/security/seckeyoperationtype?language=objc)
// NS_ENUM
#[repr(transparent)]
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord)]
pub struct SecKeyOperationType(pub CFIndex);
impl SecKeyOperationType {
    #[doc(alias = "kSecKeyOperationTypeSign")]
    pub const Sign: Self = Self(0);
    #[doc(alias = "kSecKeyOperationTypeVerify")]
    pub const Verify: Self = Self(1);
    #[doc(alias = "kSecKeyOperationTypeEncrypt")]
    pub const Encrypt: Self = Self(2);
    #[doc(alias = "kSecKeyOperationTypeDecrypt")]
    pub const Decrypt: Self = Self(3);
    #[doc(alias = "kSecKeyOperationTypeKeyExchange")]
    pub const KeyExchange: Self = Self(4);
}

#[cfg(feature = "objc2")]
unsafe impl Encode for SecKeyOperationType {
    const ENCODING: Encoding = CFIndex::ENCODING;
}

#[cfg(feature = "objc2")]
unsafe impl RefEncode for SecKeyOperationType {
    const ENCODING_REF: Encoding = Encoding::Pointer(&Self::ENCODING);
}

#[cfg(feature = "SecBase")]
impl SecKey {
    /// Checks whether key supports specified algorithm for specified operation.
    ///
    /// Parameter `key`: Key to query
    ///
    /// Parameter `operation`: Operation type for which the key is queried
    ///
    /// Parameter `algorithm`: Algorithm which is queried
    ///
    /// Returns: True if key supports specified algorithm for specified operation, False otherwise.
    #[doc(alias = "SecKeyIsAlgorithmSupported")]
    #[cfg(feature = "SecBase")]
    #[inline]
    pub unsafe fn is_algorithm_supported(
        self: &SecKey,
        operation: SecKeyOperationType,
        algorithm: &SecKeyAlgorithm,
    ) -> bool {
        extern "C-unwind" {
            fn SecKeyIsAlgorithmSupported(
                key: &SecKey,
                operation: SecKeyOperationType,
                algorithm: &SecKeyAlgorithm,
            ) -> Boolean;
        }
        let ret = unsafe { SecKeyIsAlgorithmSupported(self, operation, algorithm) };
        ret != 0
    }
}

extern "C-unwind" {
    #[cfg(all(feature = "SecBase", feature = "cssmconfig", feature = "cssmtype"))]
    #[deprecated = "renamed to `SecKey::create_pair`"]
    pub fn SecKeyCreatePair(
        keychain_ref: Option<&SecKeychain>,
        algorithm: CSSM_ALGORITHMS,
        key_size_in_bits: uint32,
        context_handle: CSSM_CC_HANDLE,
        public_key_usage: CSSM_KEYUSE,
        public_key_attr: uint32,
        private_key_usage: CSSM_KEYUSE,
        private_key_attr: uint32,
        initial_access: Option<&SecAccess>,
        public_key: *mut *mut SecKey,
        private_key: *mut *mut SecKey,
    ) -> OSStatus;
}

extern "C-unwind" {
    #[cfg(all(feature = "SecBase", feature = "cssmconfig", feature = "cssmtype"))]
    #[deprecated = "renamed to `SecKey::generate`"]
    pub fn SecKeyGenerate(
        keychain_ref: Option<&SecKeychain>,
        algorithm: CSSM_ALGORITHMS,
        key_size_in_bits: uint32,
        context_handle: CSSM_CC_HANDLE,
        key_usage: CSSM_KEYUSE,
        key_attr: uint32,
        initial_access: Option<&SecAccess>,
        key_ref: *mut *mut SecKey,
    ) -> OSStatus;
}

extern "C-unwind" {
    #[cfg(all(
        feature = "SecAsn1Types",
        feature = "SecBase",
        feature = "cssmconfig",
        feature = "cssmtype"
    ))]
    #[deprecated = "renamed to `SecKey::cssm_key`"]
    pub fn SecKeyGetCSSMKey(key: &SecKey, cssm_key: NonNull<*const CSSM_KEY>) -> OSStatus;
}

extern "C-unwind" {
    #[cfg(all(feature = "SecBase", feature = "cssmconfig", feature = "cssmtype"))]
    #[deprecated = "renamed to `SecKey::csp_handle`"]
    pub fn SecKeyGetCSPHandle(key_ref: &SecKey, csp_handle: NonNull<CSSM_CSP_HANDLE>) -> OSStatus;
}

extern "C-unwind" {
    #[cfg(all(
        feature = "SecAsn1Types",
        feature = "SecBase",
        feature = "cssmconfig",
        feature = "cssmtype"
    ))]
    #[deprecated = "renamed to `SecKey::credentials`"]
    pub fn SecKeyGetCredentials(
        key_ref: &SecKey,
        operation: CSSM_ACL_AUTHORIZATION_TAG,
        credential_type: SecCredentialType,
        out_credentials: NonNull<*const CSSM_ACCESS_CREDENTIALS>,
    ) -> OSStatus;
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::generate_symmetric`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyGenerateSymmetric(
    parameters: &CFDictionary,
    error: *mut *mut CFError,
) -> Option<CFRetained<SecKey>> {
    extern "C-unwind" {
        fn SecKeyGenerateSymmetric(
            parameters: &CFDictionary,
            error: *mut *mut CFError,
        ) -> Option<NonNull<SecKey>>;
    }
    let ret = unsafe { SecKeyGenerateSymmetric(parameters, error) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::from_data`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyCreateFromData(
    parameters: &CFDictionary,
    key_data: &CFData,
    error: *mut *mut CFError,
) -> Option<CFRetained<SecKey>> {
    extern "C-unwind" {
        fn SecKeyCreateFromData(
            parameters: &CFDictionary,
            key_data: &CFData,
            error: *mut *mut CFError,
        ) -> Option<NonNull<SecKey>>;
    }
    let ret = unsafe { SecKeyCreateFromData(parameters, key_data, error) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::derive_from_password`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyDeriveFromPassword(
    password: &CFString,
    parameters: &CFDictionary,
    error: *mut *mut CFError,
) -> Option<CFRetained<SecKey>> {
    extern "C-unwind" {
        fn SecKeyDeriveFromPassword(
            password: &CFString,
            parameters: &CFDictionary,
            error: *mut *mut CFError,
        ) -> Option<NonNull<SecKey>>;
    }
    let ret = unsafe { SecKeyDeriveFromPassword(password, parameters, error) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::wrap_symmetric`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyWrapSymmetric(
    key_to_wrap: &SecKey,
    wrapping_key: &SecKey,
    parameters: &CFDictionary,
    error: *mut *mut CFError,
) -> Option<CFRetained<CFData>> {
    extern "C-unwind" {
        fn SecKeyWrapSymmetric(
            key_to_wrap: &SecKey,
            wrapping_key: &SecKey,
            parameters: &CFDictionary,
            error: *mut *mut CFError,
        ) -> Option<NonNull<CFData>>;
    }
    let ret = unsafe { SecKeyWrapSymmetric(key_to_wrap, wrapping_key, parameters, error) };
    ret.map(|ret| unsafe { CFRetained::retain(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::unwrap_symmetric`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyUnwrapSymmetric(
    key_to_unwrap: NonNull<*const CFData>,
    unwrapping_key: &SecKey,
    parameters: &CFDictionary,
    error: *mut *mut CFError,
) -> Option<CFRetained<SecKey>> {
    extern "C-unwind" {
        fn SecKeyUnwrapSymmetric(
            key_to_unwrap: NonNull<*const CFData>,
            unwrapping_key: &SecKey,
            parameters: &CFDictionary,
            error: *mut *mut CFError,
        ) -> Option<NonNull<SecKey>>;
    }
    let ret = unsafe { SecKeyUnwrapSymmetric(key_to_unwrap, unwrapping_key, parameters, error) };
    ret.map(|ret| unsafe { CFRetained::retain(ret) })
}

extern "C-unwind" {
    #[cfg(feature = "SecBase")]
    #[deprecated = "renamed to `SecKey::generate_pair`"]
    pub fn SecKeyGeneratePair(
        parameters: &CFDictionary,
        public_key: *mut *mut SecKey,
        private_key: *mut *mut SecKey,
    ) -> OSStatus;
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::new_random_key`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyCreateRandomKey(
    parameters: &CFDictionary,
    error: *mut *mut CFError,
) -> Option<CFRetained<SecKey>> {
    extern "C-unwind" {
        fn SecKeyCreateRandomKey(
            parameters: &CFDictionary,
            error: *mut *mut CFError,
        ) -> Option<NonNull<SecKey>>;
    }
    let ret = unsafe { SecKeyCreateRandomKey(parameters, error) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::with_data`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyCreateWithData(
    key_data: &CFData,
    attributes: &CFDictionary,
    error: *mut *mut CFError,
) -> Option<CFRetained<SecKey>> {
    extern "C-unwind" {
        fn SecKeyCreateWithData(
            key_data: &CFData,
            attributes: &CFDictionary,
            error: *mut *mut CFError,
        ) -> Option<NonNull<SecKey>>;
    }
    let ret = unsafe { SecKeyCreateWithData(key_data, attributes, error) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

extern "C-unwind" {
    #[cfg(feature = "SecBase")]
    #[deprecated = "renamed to `SecKey::block_size`"]
    pub fn SecKeyGetBlockSize(key: &SecKey) -> usize;
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::external_representation`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyCopyExternalRepresentation(
    key: &SecKey,
    error: *mut *mut CFError,
) -> Option<CFRetained<CFData>> {
    extern "C-unwind" {
        fn SecKeyCopyExternalRepresentation(
            key: &SecKey,
            error: *mut *mut CFError,
        ) -> Option<NonNull<CFData>>;
    }
    let ret = unsafe { SecKeyCopyExternalRepresentation(key, error) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::attributes`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyCopyAttributes(
    key: &SecKey,
) -> Option<CFRetained<CFDictionary>> {
    extern "C-unwind" {
        fn SecKeyCopyAttributes(key: &SecKey) -> Option<NonNull<CFDictionary>>;
    }
    let ret = unsafe { SecKeyCopyAttributes(key) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::public_key`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyCopyPublicKey(key: &SecKey) -> Option<CFRetained<SecKey>> {
    extern "C-unwind" {
        fn SecKeyCopyPublicKey(key: &SecKey) -> Option<NonNull<SecKey>>;
    }
    let ret = unsafe { SecKeyCopyPublicKey(key) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::signature`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyCreateSignature(
    key: &SecKey,
    algorithm: &SecKeyAlgorithm,
    data_to_sign: &CFData,
    error: *mut *mut CFError,
) -> Option<CFRetained<CFData>> {
    extern "C-unwind" {
        fn SecKeyCreateSignature(
            key: &SecKey,
            algorithm: &SecKeyAlgorithm,
            data_to_sign: &CFData,
            error: *mut *mut CFError,
        ) -> Option<NonNull<CFData>>;
    }
    let ret = unsafe { SecKeyCreateSignature(key, algorithm, data_to_sign, error) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::verify_signature`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyVerifySignature(
    key: &SecKey,
    algorithm: &SecKeyAlgorithm,
    signed_data: &CFData,
    signature: &CFData,
    error: *mut *mut CFError,
) -> bool {
    extern "C-unwind" {
        fn SecKeyVerifySignature(
            key: &SecKey,
            algorithm: &SecKeyAlgorithm,
            signed_data: &CFData,
            signature: &CFData,
            error: *mut *mut CFError,
        ) -> Boolean;
    }
    let ret = unsafe { SecKeyVerifySignature(key, algorithm, signed_data, signature, error) };
    ret != 0
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::encrypted_data`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyCreateEncryptedData(
    key: &SecKey,
    algorithm: &SecKeyAlgorithm,
    plaintext: &CFData,
    error: *mut *mut CFError,
) -> Option<CFRetained<CFData>> {
    extern "C-unwind" {
        fn SecKeyCreateEncryptedData(
            key: &SecKey,
            algorithm: &SecKeyAlgorithm,
            plaintext: &CFData,
            error: *mut *mut CFError,
        ) -> Option<NonNull<CFData>>;
    }
    let ret = unsafe { SecKeyCreateEncryptedData(key, algorithm, plaintext, error) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::decrypted_data`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyCreateDecryptedData(
    key: &SecKey,
    algorithm: &SecKeyAlgorithm,
    ciphertext: &CFData,
    error: *mut *mut CFError,
) -> Option<CFRetained<CFData>> {
    extern "C-unwind" {
        fn SecKeyCreateDecryptedData(
            key: &SecKey,
            algorithm: &SecKeyAlgorithm,
            ciphertext: &CFData,
            error: *mut *mut CFError,
        ) -> Option<NonNull<CFData>>;
    }
    let ret = unsafe { SecKeyCreateDecryptedData(key, algorithm, ciphertext, error) };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::key_exchange_result`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyCopyKeyExchangeResult(
    private_key: &SecKey,
    algorithm: &SecKeyAlgorithm,
    public_key: &SecKey,
    parameters: &CFDictionary,
    error: *mut *mut CFError,
) -> Option<CFRetained<CFData>> {
    extern "C-unwind" {
        fn SecKeyCopyKeyExchangeResult(
            private_key: &SecKey,
            algorithm: &SecKeyAlgorithm,
            public_key: &SecKey,
            parameters: &CFDictionary,
            error: *mut *mut CFError,
        ) -> Option<NonNull<CFData>>;
    }
    let ret = unsafe {
        SecKeyCopyKeyExchangeResult(private_key, algorithm, public_key, parameters, error)
    };
    ret.map(|ret| unsafe { CFRetained::from_raw(ret) })
}

#[cfg(feature = "SecBase")]
#[deprecated = "renamed to `SecKey::is_algorithm_supported`"]
#[inline]
pub unsafe extern "C-unwind" fn SecKeyIsAlgorithmSupported(
    key: &SecKey,
    operation: SecKeyOperationType,
    algorithm: &SecKeyAlgorithm,
) -> bool {
    extern "C-unwind" {
        fn SecKeyIsAlgorithmSupported(
            key: &SecKey,
            operation: SecKeyOperationType,
            algorithm: &SecKeyAlgorithm,
        ) -> Boolean;
    }
    let ret = unsafe { SecKeyIsAlgorithmSupported(key, operation, algorithm) };
    ret != 0
}