Returns an external representation of the given key suitable for the key's type.


CFDataRef SecKeyCopyExternalRepresentation(SecKeyRef key, CFErrorRef  _Nullable *error);



The key to export.


The address of a CFErrorRef object. If an error occurs, this is set to point at an error instance that describes the failure.

Return Value

A data object representing the key in a format suitable for the key type or NULL on error. Call the CFRelease function to free the key's memory when you are done with it.


The operation fails if the key is not exportable, for example if it is bound to a smart card or to the Secure Enclave. It also fails in macOS if the key has the attribute kSecKeyExtractable set to NO.

The method returns data in the PKCS #1 format for an RSA key. For an elliptic curve public key, the format follows the ANSI X9.63 standard using a byte string of 04 || X || Y. For an elliptic curve private key, the output is formatted as the public key concatenated with the big endian encoding of the secret scalar, or 04 || X || Y || K. All of these representations use constant size integers, including leading zeros as needed.

See Also

Import and Export

Storing Keys as Data

Create an external representation of a key for transmission.


Restores a key from an external representation of that key.