Returns the identities and certificates in a PKCS #12-formatted blob.


func SecPKCS12Import(_ pkcs12_data: CFData, _ options: CFDictionary, _ items: UnsafeMutablePointer<CFArray?>) -> OSStatus



The PKCS #12 data you wish to decode.


A dictionary of key-value pairs specifying options for the function. See Keychain Import and Export Options for a list of valid keys.


On return, an array of CFDictionary key-value dictionaries. The function returns one dictionary for each item (identity or certificate) in the PKCS #12 blob. For a list of dictionary keys, see PKCS #12 Import Item Keys.

Return Value

A result code. See Security Framework Result Codes. The function returns errSecSuccess if there were no errors, errSecDecode if the blob can't be read or is malformed, and errSecAuthFailed if the password was not correct or data in the blob was damaged.


Your application can import a PKCS #12–formatted blob (a file with extension .p12) containing certificates and identities, where an identity is a digital certificate together with its associated private key. You can use the SecPKCS12Import function to obtain SecIdentityRef objects (including SecCertificateRef and SecKeyRef objects) for the identities in the blob, together with SecCertificateRef objects for the certificates in the blob needed to validate the identity, and SecTrustRef trust management objects needed to evaluate trust for the identities. You can then use the Keychain Services API (see Keychain Services) to put the identities and associated certificates in the keychain.

See Also

Identity Import

Importing an Identity

Learn how to import an identity from file.

Keychain Import and Export Options

Use these constants when you pass dictionary-based arguments to import and export functions.

PKCS #12 Import Item Keys

Recognized the dictionary keys returned by an import operation.