Returns the public key for a leaf certificate after it has been evaluated.


func SecTrustCopyPublicKey(_ trust: SecTrust) -> SecKey?



The trust management object for the certificate that has been evaluated. Use the SecTrustCreateWithCertificates(_:_:_:) function to create a trust management object.

Return Value

The leaf certificate's public key, or nil if it the public key could not be extracted (this can happen with DSA certificate chains if the parameters in the chain cannot be found).


Call the SecTrustEvaluateWithError(_:_:) function before calling this function.

When you call this function, it attempts to return the public key of the leaf certificate, even if the trust evaluation was unsuccessful. Even if the trust evaluation was successful, this function might still return NULL—for example, if the leaf certificate’s key can’t be extracted for some reason.

See Also

Trust Components

func SecTrustGetCertificateCount(SecTrust) -> CFIndex

Returns the number of certificates in an evaluated certificate chain.

func SecTrustGetCertificateAtIndex(SecTrust, CFIndex) -> SecCertificate?

Returns a specific certificate from the certificate chain used to evaluate trust.

func SecTrustGetVerifyTime(SecTrust) -> CFAbsoluteTime

Gets the absolute time against which the certificates in a trust management object are verified.

func SecTrustCopyAnchorCertificates(UnsafeMutablePointer<CFArray?>) -> OSStatus

Retrieves the anchor (root) certificates stored by macOS.

func SecTrustCopyCustomAnchorCertificates(SecTrust, UnsafeMutablePointer<CFArray?>) -> OSStatus

Retrieves the custom anchor certificates, if any, used by a given trust.

func SecTrustCopyExceptions(SecTrust) -> CFData

Returns an opaque cookie containing exceptions to trust policies that will allow future evaluations of the current certificate to succeed.

func SecTrustCopyPolicies(SecTrust, UnsafeMutablePointer<CFArray?>) -> OSStatus

Retrieves the policies used by a given trust management object.

func SecTrustCopyProperties(SecTrust) -> CFArray?

Returns an array containing the properties of a trust object.