ACL Authorization Keys

The operations an access control list entry applies to.



let kSecACLAuthorizationAny: CFString

No restrictions. This ACL entry applies to all operations available to the caller.

let kSecACLAuthorizationLogin: CFString

Use for a CSP (smart card) login.

let kSecACLAuthorizationExportWrapped: CFString

Export a wrapped (that is, encrypted) key. This tag is checked on the key being exported; in addition, the CSSM_ACL_AUTHORIZATION_ENCRYPT tag is checked for any key used in the wrapping operation.

let kSecACLAuthorizationImportWrapped: CFString

Import an encrypted key. This tag is checked on the key being imported; in addition, the CSSM_ACL_AUTHORIZATION_DECRYPT tag is checked for any key used in the unwrapping operation.

let kSecACLAuthorizationMAC: CFString

Create or verify a message authentication code.

let kSecACLAuthorizationDerive: CFString

Derive a new key from another key.

let kSecACLAuthorizationChangeACL: CFString

Change an access control list entry.

let kSecACLAuthorizationChangeOwner: CFString

For internal system use only. Use the CSSM_ACL_AUTHORIZATION_CHANGE_ACL tag for changes to owner ACL entries.

See Also

Access Control List Entries

func SecACLRemove(SecACL) -> OSStatus

Removes the specified ACL entry from the access instance that contains it.

struct SecKeychainPromptSelector

Bits that define when a keychain should require a passphrase.

class SecACL

An opaque type that represents information about an ACL entry.

func SecACLGetTypeID() -> CFTypeID

Returns the unique identifier of the opaque type to which an ACL entry belongs.