User Profile

I'm not a cryptographer so please be patient with me :) I'm trying to figure out how the encryption/decryption happens in some of algorithms in SecKeyAlgorithm (for example kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA256AESGCM). I'm trying to find the answers for these questions: Is the output of the encryption is publickey + ciphertext + tag? (in that respected order) Is the tag in 1) == authentication tag (someone said that is GCM tag instead and I don't know what is the different). What is the expected error throws from Apple API if the tag validation failed in the decryption process? As the input of AES-GCM is 4 params: the secret key, IV (nonce), plain message, additional authentication data (AAD), how can developer supply all the params in the API SecKeyCreateEncryptedData as it's signature is: CFDataRef _Nullable SecKeyCreateEncryptedData(SecKeyRef key, SecKeyAlgorithm algorithm, CFDataRef plaintext,                         CFErrorRef *error) Thank you very much for the help! Hieu.