Function

SecKeyEncrypt

Encrypts a block of plaintext.

Declaration

OSStatus SecKeyEncrypt(SecKeyRef key, SecPadding padding, const uint8_t *plainText, size_t plainTextLen, uint8_t *cipherText, size_t *cipherTextLen);

Parameters

key

Public key with which to encrypt the data.

padding

The type of padding to use. Possible values are listed in SecPadding. Typically, kSecPaddingPKCS1 is used, which adds PKCS1 padding before encryption. If you specify kSecPaddingNone, the data is encrypted as-is.

plainText

The data to encrypt.

plainTextLen

Length in bytes of the data in the plainText buffer. This must be less than or equal to the value returned by the SecKeyGetBlockSize function. When PKCS1 padding is performed, the maximum length of data that can be encrypted is 11 bytes less than the value returned by the SecKeyGetBlockSize function (secKeyGetBlockSize() - 11).

cipherText

On return, the encrypted text.

cipherTextLen

On entry, the size of the buffer provided in the cipherText parameter. On return, the amount of data actually placed in the buffer.

Return Value

Discussion

The input buffer (plainText) can be the same as the output buffer (cipherText) to reduce the amount of memory used by the function.

See Also

Legacy iOS Key Operations

SecKeyGeneratePair

Creates an asymmetric key pair.

SecKeyDecrypt

Decrypts a block of ciphertext.

SecKeyRawSign

Generates a digital signature for a block of data.

SecKeyRawVerify

Verifies a digital signature.

SecPadding

The types of padding to use when you create or verify a digital signature.