Function

SecItemExport

Exports one or more certificates, keys, or identities.

Declaration

OSStatus SecItemExport(CFTypeRef secItemOrArray, SecExternalFormat outputFormat, SecItemImportExportFlags flags, const SecItemImportExportKeyParameters *keyParams, CFDataRef  _Nullable *exportedData);

Parameters

secItemOrArray

The keychain item or items to export. You can export only the following types of keychain items: SecCertificateRef, SecKeyRef, and SecIdentityRef. If you are exporting exactly one item, you can specify a SecKeychainItemRef object. Otherwise this parameter is a CFArrayRef object containing a number of items of type SecKeychainItemRef.

outputFormat

The format of the desired external representation for the item. Set this parameter to kSecFormatUnknown to use the default for that item type. Possible values for this parameter and default values are enumerated in SecExternalFormat.

flags

A flag field indicating whether the exported item should have PEM armor. PEM armor refers to a way of expressing binary data as an ASCII string so that it can be transferred over text-only channels such as email. Set this flag to kSecItemPemArmour if you want PEM armoring.

keyParams

A pointer to a structure containing a set of input parameters for the function. If no key items are being exported, these parameters are optional and you can set the keyParams parameter to NULL. For more information, see SecItemImportExportKeyParameters.

exportedData

On return, the variable referenced by this argument is overwritten with a CFDataRef object containing the external representation of the keychain item or items. You are responsible for releasing this object by calling CFRelease.

Return Value

Discussion

This function works only with keys, certificates, and identities. An identity is the combination of a certificate and its associated private key. Although public keys are commonly stored in certificates, they can be stored separately in the keychain as well; for example, when you call the SecKeyCreatePair function to create a key pair, both the public and private keys are stored in the keychain. Use the SecKeychainSearchCopyNext function to find a key or certificate. Use the SecIdentitySearchCopyNext function in the Certificate, Key, and Trust API to find an identity.

See Also

Import and Export

SecItemImport

Imports one or more certificates, keys, or identities and optionally adds them to a keychain.

SecExternalFormat

The external format of a keychain item.

SecExternalItemType

The import item type.

SecItemImportExportFlags

The import and export function flags.

SecItemImportExportKeyParameters

The import/export parameter structure.

SecKeyImportExportFlags

The import/export parameter structure flags.

SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION

The import/export parameter structure version.

SecKeychainItemImport

Imports one or more certificates, keys, or identities and adds them to a keychain.

Deprecated
SecKeychainItemExport

Exports one or more certificates, keys, or identities.

Deprecated
SecKeyImportExportParameters

The legacy import/export parameter structure.