Keychain Services

Keychain Services is a programming interface that enables you to find, add, modify, and delete keychain items.

Overview

If you want to look at some code that uses this API, you can find the source code for the security command-line tool in the Security​Tool project on http://opensource.apple.com/.

Symbols

Using Keychain Item Search Dictionaries

For this interface, keychain items are found or defined by a CFDictionary of key-value pairs. Each key in the dictionary identifies one attribute of the keychain item, or a search option. For example, you can use the k​Sec​Class key to specify that the keychain item is an Internet password, that it has a specific creation date, that it is for the HTTPS protocol, and that only the first match found should be returned. The keys that can be used for this purpose and the possible values for each key are listed in the Keychain Services section.

See the discussion section of the Sec​Item​Copy​Matching(_:​_:​) function for information about how to construct a keychain-item search dictionary.

func Sec​Item​Copy​Matching(CFDictionary, Unsafe​Mutable​Pointer<CFType​Ref?>?)

Returns one or more keychain items that match a search query, or copies attributes of specific keychain items.

func Sec​Item​Update(CFDictionary, CFDictionary)

Modifies items that match a search query.

func Sec​Item​Delete(CFDictionary)

Deletes items that match a search query.

Getting Information About Security Result Codes

func Sec​Copy​Error​Message​String(OSStatus, Unsafe​Mutable​Raw​Pointer?)

Returns a string explaining the meaning of a security result code.

Getting Information About Keychain Services and Types

func Sec​Keychain​Get​Version(Unsafe​Mutable​Pointer<UInt32>)

Determines the version of Keychain Services installed on the user’s system.

func Sec​Keychain​Get​Type​ID()

Returns the unique identifier of the opaque type to which a Sec​Keychain​Ref object belongs.

func Sec​Keychain​Item​Get​Type​ID()

Returns the unique identifier of the opaque type to which a Sec​Keychain​Item​Ref object belongs.

func Sec​Access​Get​Type​ID()

Returns the unique identifier of the opaque type to which a Sec​Access​Ref object belongs.

func Sec​ACLGet​Type​ID()

Returns the unique identifier of the opaque type to which a Sec​ACLRef object belongs.

func Sec​Trusted​Application​Get​Type​ID()

Returns the unique identifier of the opaque type to which a Sec​Trusted​Application object belongs.

Creating and Deleting a Keychain

func Sec​Keychain​Delete(Sec​Keychain?)

Deletes one or more keychains from the default keychain search list, and removes the keychain itself if it is a file.

Locking and Unlocking Keychains

Managing User Interaction

func Sec​Keychain​Set​User​Interaction​Allowed(Bool)

Enables or disables the user interface for Keychain Services functions that automatically display a user interface.

func Sec​Keychain​Get​User​Interaction​Allowed(Unsafe​Mutable​Pointer<Darwin​Boolean>)

Indicates whether Keychain Services functions that normally display a user interaction are allowed to do so.

Managing Keychain Access

Searching for Keychain Items

func Sec​Keychain​Set​Search​List(CFArray)

Specifies the list of keychains to use in the default keychain search list.

Managing Keychain Items

func Sec​Keychain​Item​Free​Attributes​And​Data(Unsafe​Mutable​Pointer<Sec​Keychain​Attribute​List>?, Unsafe​Mutable​Raw​Pointer?)

Releases the memory used by the keychain attribute list and/or the keychain data retrieved in a call to Sec​Keychain​Item​Copy​Attributes​And​Data.

func Sec​Keychain​Free​Attribute​Info(Unsafe​Mutable​Pointer<Sec​Keychain​Attribute​Info>)

Releases the memory acquired by calling the Sec​Keychain​Attribute​Info​For​Item​ID function.

Creating Access Control Objects

Managing Access Control List Objects

func Sec​ACLCreate​With​Simple​Contents(Sec​Access, CFArray?, CFString, Sec​Keychain​Prompt​Selector, Unsafe​Mutable​Pointer<Sec​ACL?>)

Creates a new access control list entry from the application list, description, and prompt selector provided and adds it to an item’s access object.

func Sec​ACLRemove(Sec​ACL)

Removes the specified access control list entry.

func Sec​ACLSet​Contents(Sec​ACL, CFArray?, CFString, Sec​Keychain​Prompt​Selector)

Sets the application list, description, and prompt selector for a given access control list entry.

func Sec​ACLCopy​Authorizations(Sec​ACL)

Retrieves the authorization tags of a given access control list entry.

func Sec​ACLUpdate​Authorizations(Sec​ACL, CFArray)

Sets the authorization tags for a given access control list entry.

Callbacks

Sec​Keychain​Callback

Defines a pointer to a customized callback function that Keychain Services calls when a keychain event has occurred.

Data Types

Sec​Access

Identifies a keychain or keychain item’s access information.

Sec​ACL

Represents information about an access control list entry.

Sec​AFPServer​Signature

Represents a 16-byte Apple File Protocol server signature block.

Sec​Keychain​Attribute

Contains keychain attributes.

Sec​Keychain​Attribute​Ptr

Represents a pointer to a keychain attribute structure.

Sec​Keychain​Attribute​Info

Represents an attribute.

Sec​Keychain​Attribute​List

Represents a list of keychain attributes.

Sec​Keychain​Attr​Type

Represents a keychain attribute type.

Sec​Keychain​Callback​Info

Contains information about a keychain event.

Sec​Keychain​Item

Contains information about a keychain item.

Sec​Keychain

Contains information about a keychain.

Sec​Keychain​Search

Contains information about a keychain search.

Sec​Keychain​Settings

Contains information about keychain settings.

Sec​Key​Import​Export​Parameters

Contains input parameters for import and export functions.

Sec​Trusted​Application

Contains information about a trusted application.

Sec​Password

Contains information about a password.

Keychain Services API Constants

Import/Export Parameters Version

Defines the version of an import/export parameters structure.

Sec​Authentication​Type

Defines constants you can use to identify the type of authentication to use for an Internet password.

Sec​Keychain​Event

Defines the keychain-related event.

Sec​Keychain​Event​Mask

Defines bit masks for keychain event constants

Sec​Item​Attr

Specifies a keychain item’s attributes.

Keychain Item Attribute Constants For Keys

Specifies the attributes for a key item in a keychain.

Sec​Item​Class

Specifies a keychain item’s class code.

Sec​Item​Import​Export​Flags

Defines values for import and export flags.

Sec​Key​Import​Export​Flags

Defines values for the flags field of the import/export parameters.

Sec​External​Format

Specifies the format of an item after export from or before import to the keychain.

Sec​External​Item​Type

Specifies the type of keychain item being imported.

Keychain Import/Export Options

Predefined key constants used when passing dictionary-based arguments to import/export functions.

Sec​Preferences​Domain

Defines constants for the keychain preference domains.

Sec​Protocol​Type

Defines the protocol type associated with an AppleShare or Internet password.

Keychain Settings Version

Defines the keychain settings version.

Sec​Keychain​Status

Defines the current status of a keychain.

Sec​Keychain​Prompt​Selector

Bits that define when using a keychain should require a passphrase.

Sec​Access​Owner​Type

Flags used when creating an access control list entry.

Keychain Item Class Keys and Values

Constants used in a search dictionary to specify the class of items in the keychain. See Sec​Item​Copy​Matching(_:​_:​) for a description of a search dictionary.

Item Class Key Constant

Key constant used to set the item class value in a search dictionary.

Item Class Value Constants

Values used with the k​Sec​Class key in a search dictionary.

Attribute Item Keys and Values

You use keys in a search dictionary to specify the keychain items for which to search. You can specify a combination of item attributes and search attributes (see Search Keys) when looking for matching items with the Sec​Item​Copy​Matching(_:​_:​) function. This section lists all the keys that specify keychain item attributes. The description of each item indicates what the possible values are for that key. In a few cases, the programming interface provides a set of constants that you can use as values for a specific key. Those value constants are also in this section, following the descriptions of the keys.

Attribute Item Keys

Each type of keychain item can have a number of attributes describing that item. For the possible types of keychain item and the attributes that can be specified for each, see Keychain Item Class Keys and Values.

Protocol Values

Values that can be used with the k​Sec​Attr​Protocol attribute key.

Authentication Type Values

Values that can be used with the k​Sec​Attr​Authentication​Type attribute key.

Key Class Values

Values that can be used with the k​Sec​Attr​Key​Class attribute key.

Key Type Values

Values that can be used with the k​Sec​Attr​Key​Type attribute key.

Synchronizable Values

Values that can be used with the k​Sec​Attr​Synchronizable attribute key.

Token ID Values

Values that can be used with the k​Sec​Attr​Token​ID attribute key.

Keychain Item Accessibility Constants

These constants are legal values for k​Sec​Attr​Accessible used for determining when a keychain item should be readable.

Search Keys

Search Attribute Keys

Keys used to set search attributes in a keychain search dictionary. You can specify a combination of search attributes and item attributes (see Attribute Item Keys and Values) when looking for matching items with the Sec​Item​Copy​Matching(_:​_:​) function.

Item List Key

Keys used to control user interaction during a search.

Search Results Constants

Return Type Keys

Keys used to specify the type of results that should be returned by the Sec​Item​Copy​Matching(_:​_:​) or Sec​Item​Add(_:​_:​) function.

Value Type Keys

Keys used in the results dictionary for Sec​Item​Copy​Matching(_:​_:​) or Sec​Item​Add(_:​_:​), indicating the type of values returned. You can specify zero or more of these types depending on the function you are calling.

Authorization Keys

Core-Foundation-based ACL Authorization Keys

Defines constants that specify which operations an access control list entry applies to.

Access Control Create Flags

Result Codes

The most common result codes returned by Keychain Services are listed in the table below. The assigned error space for Keychain Services is discontinuous: –25240 through –25279 and –25290 through –25329. Keychain Item Services may also return no​Err (0) or param​Err (–50), or CSSM result codes (see Common Security: CDSA and CSSM, version 2 (with corrigenda) from The Open Group (http://www.opengroup.org/security/cdsa.htm)).

var err​Sec​Unimplemented:​ OSStatus

Function or operation not implemented.

var err​Sec​Param:​ OSStatus

One or more parameters passed to the function were not valid.

var err​Sec​Allocate:​ OSStatus

Failed to allocate memory.

var err​Sec​Not​Available:​ OSStatus

No trust results are available.

var err​Sec​Auth​Failed:​ OSStatus

Authorization/Authentication failed.

var err​Sec​Duplicate​Keychain:​ OSStatus

A keychain with the same name already exists.

var err​Sec​Duplicate​Callback:​ OSStatus

More than one callback of the same name exists.

var err​Sec​Data​Too​Large:​ OSStatus

The data is too large for the particular data type.

var err​Sec​No​Such​Class:​ OSStatus

The keychain item class does not exist.

var err​Sec​Interaction​Not​Allowed:​ OSStatus

Interaction with the Security Server is not allowed.

var err​Sec​No​Storage​Module:​ OSStatus

There is no storage module available.

var err​Sec​No​Certificate​Module:​ OSStatus

There is no certificate module available.

var err​Sec​No​Policy​Module:​ OSStatus

There is no policy module available.

var err​Sec​Create​Chain​Failed:​ OSStatus

The attempt to create a certificate chain failed.

var err​Sec​Invalid​Prefs​Domain:​ OSStatus

The preference domain specified is invalid. This error is available in macOS 10.3 and later.

var err​Sec​In​Dark​Wake:​ OSStatus

The user interface could not be displayed because the system is in a dark wake state.

var err​Sec​ACLNot​Simple:​ OSStatus

The access control list is not in standard simple form.

var err​Sec​Policy​Not​Found:​ OSStatus

The policy specified cannot be found.

var err​Sec​No​Access​For​Item:​ OSStatus

The specified item has no access control.

var err​Sec​Invalid​Owner​Edit:​ OSStatus

An invalid attempt to change the owner of an item.

var err​Sec​Unsupported​Format:​ OSStatus

The specified import or export format is not supported.

var err​Sec​Unknown​Format:​ OSStatus

The item you are trying to import has an unknown format.

var err​Sec​Key​Is​Sensitive:​ OSStatus

The key must be wrapped to be exported.

var err​Sec​Multiple​Priv​Keys:​ OSStatus

An attempt was made to import multiple private keys.

var err​Sec​Passphrase​Required:​ OSStatus

A password is required for import or export.

var err​Sec​Invalid​Trust​Settings:​ OSStatus

The trust settings record was corrupted.

var err​Sec​Pkcs12Verify​Failure:​ OSStatus

MAC verification failed during PKCS12 Import.

var err​Sec​Not​Signer:​ OSStatus

The certificate was not signed by its proposed parent.

var err​Sec​Decode:​ OSStatus

Unable to decode the provided data.

var err​Sec​Service​Not​Available:​ OSStatus

The required service is not available.

var err​Sec​Device​Failed:​ OSStatus

A device failure has occurred.

var err​Sec​Apple​Add​App​ACLSubject:​ OSStatus

Adding an application ACL subject failed.

var err​Sec​Apple​Invalid​Key​Start​Date:​ OSStatus

The specified key has an invalid start date.

var err​Sec​Apple​Invalid​Key​End​Date:​ OSStatus

The specified key has an invalid end date.

var err​Sec​Conversion​Error:​ OSStatus

A conversion error has occurred.

var err​Sec​Apple​SSLv2Rollback:​ OSStatus

A SSLv2 rollback error has occurred.

var err​Sec​Invalid​Database​Blob:​ OSStatus

The specified database has an invalid blob.

var err​Sec​Invalid​Key​Blob:​ OSStatus

The specified database has an invalid key blob.

var err​Sec​Incompatible​Database​Blob:​ OSStatus

The specified database has an incompatible blob.

var err​Sec​Incompatible​Key​Blob:​ OSStatus

The specified database has an incompatible key blob.

var err​Sec​Host​Name​Mismatch:​ OSStatus

A host name mismatch has occurred.

var err​Sec​Unknown​Critical​Extension​Flag:​ OSStatus

There is an unknown critical extension flag.

var err​Sec​Invalid​Key​Usage​For​Policy:​ OSStatus

The key usage is not valid for the specified policy.

var err​Sec​Invalid​Root:​ OSStatus

The root or anchor certificate is not valid.

var err​Sec​CRLBad​URI:​ OSStatus

The CRL has a bad Uniform Resource Identifier.

var err​Sec​Unknown​Cert​Extension:​ OSStatus

An unknown certificate extension was encountered.

var err​Sec​Unknown​CRLExtension:​ OSStatus

An unknown CRL extension was encountered.

var err​Sec​IDPFailure:​ OSStatus

The issuing distribution point was not valid.

var err​Sec​SMIMEBad​Extended​Key​Usage:​ OSStatus

The appropriate extended key usage for SMIME was not found.

var err​Sec​SMIMEBad​Key​Usage:​ OSStatus

The key usage is not compatible with SMIME.

var err​Sec​SMIMEKey​Usage​Not​Critical:​ OSStatus

The key usage extension is not marked as critical.

var err​Sec​SMIMENo​Email​Address:​ OSStatus

No email address was found in the certificate.

var err​Sec​SMIMESubj​Alt​Name​Not​Critical:​ OSStatus

The subject alternative name extension is not marked as critical.

var err​Sec​SSLBad​Extended​Key​Usage:​ OSStatus

The appropriate extended key usage for SSL was not found.

var err​Sec​OCSPBad​Response:​ OSStatus

The OCSP response was incorrect or could not be parsed.

var err​Sec​OCSPBad​Request:​ OSStatus

The OCSP request was incorrect or could not be parsed.

var err​Sec​OCSPStatus​Unrecognized:​ OSStatus

The OCSP server did not recognize this certificate.

var err​Sec​Incomplete​Cert​Revocation​Check:​ OSStatus

An incomplete certificate revocation check occurred.

var err​Sec​OCSPNot​Trusted​To​Anchor:​ OSStatus

The OCSP response was not trusted to a root or anchor certificate.

var err​Sec​OCSPSignature​Error:​ OSStatus

The OCSP response had an invalid signature.

var err​Sec​OCSPNo​Signer:​ OSStatus

The OCSP response had no signer.

var err​Sec​OCSPResponder​Malformed​Req:​ OSStatus

The OCSP responder was given a malformed request.

var err​Sec​OCSPResponder​Internal​Error:​ OSStatus

The OCSP responder encountered an internal error.

var err​Sec​OCSPResponder​Try​Later:​ OSStatus

The OCSP responder is busy, try again later.

var err​Sec​OCSPResponder​Unauthorized:​ OSStatus

The OCSP responder rejected this request as unauthorized.

var err​Sec​OCSPResponse​Nonce​Mismatch:​ OSStatus

The OCSP response nonce did not match the request.

var err​Sec​Code​Signing​Bad​Cert​Chain​Length:​ OSStatus

Code signing encountered an incorrect certificate chain length.

var err​Sec​Code​Signing​Bad​Path​Length​Constraint:​ OSStatus

Code signing encountered an incorrect path length constraint.

var err​Sec​Code​Signing​Development:​ OSStatus

Code signing indicated use of a development-only certificate.

var err​Sec​Resource​Sign​Bad​Cert​Chain​Length:​ OSStatus

Resource signing has encountered an incorrect certificate chain length.

var err​Sec​Resource​Sign​Bad​Ext​Key​Usage:​ OSStatus

Resource signing has encountered an error in the extended key usage.

var err​Sec​Trust​Setting​Deny:​ OSStatus

The trust setting for this policy was set to Deny.

var err​Sec​Invalid​Subject​Name:​ OSStatus

An invalid certificate subject name was encountered.

var err​Sec​Unknown​Qualified​Cert​Statement:​ OSStatus

An unknown qualified certificate statement was encountered.

var err​Sec​Mobile​Me​Request​Queued:​ OSStatus

The MobileMe request will be sent during the next connection.

var err​Sec​Mobile​Me​Server​Already​Exists:​ OSStatus

The MobileMe server reported that the item already exists.

var err​Sec​Mobile​Me​CSRVerify​Failure:​ OSStatus

A MobileMe CSR verification failure has occurred.

var err​Sec​Not​Initialized:​ OSStatus

A function was called without initializing CSSM.

var err​Sec​Invalid​Handle​Usage:​ OSStatus

The CSSM handle does not match with the service type.

var err​Sec​PVCReferent​Not​Found:​ OSStatus

A reference to the calling module was not found in the list of authorized callers.

var err​Sec​Function​Integrity​Fail:​ OSStatus

A function address was not within the verified module.

var err​Sec​Internal​Error:​ OSStatus

An internal error has occurred.

var err​Sec​Invalid​Data:​ OSStatus

Invalid data was encountered.

var err​Sec​MDSError:​ OSStatus

A Module Directory Service error has occurred.

var err​Sec​Invalid​Pointer:​ OSStatus

An invalid pointer was encountered.

var err​Sec​Module​Manifest​Verify​Failed:​ OSStatus

A module manifest verification failure has occurred.

var err​Sec​Invalid​GUID:​ OSStatus

An invalid GUID was encountered.

var err​Sec​Invalid​Handle:​ OSStatus

An invalid handle was encountered.

var err​Sec​Invalid​DBList:​ OSStatus

An invalid DB list was encountered.

var err​Sec​Invalid​Passthrough​ID:​ OSStatus

An invalid passthrough ID was encountered.

var err​Sec​Invalid​Network​Address:​ OSStatus

An invalid network address was encountered.

var err​Sec​CRLAlready​Signed:​ OSStatus

The certificate revocation list is already signed.

var err​Sec​Invalid​Number​Of​Fields:​ OSStatus

An invalid number of fields were encountered.

var err​Sec​Unknown​Tag:​ OSStatus

An unknown tag was encountered.

var err​Sec​Invalid​Signature:​ OSStatus

An invalid signature was encountered.

var err​Sec​Invalid​Name:​ OSStatus

An invalid name was encountered.

var err​Sec​Invalid​Certificate​Ref:​ OSStatus

An invalid certificate reference was encountered.

var err​Sec​Invalid​Certificate​Group:​ OSStatus

An invalid certificate group was encountered.

var err​Sec​Tag​Not​Found:​ OSStatus

The specified tag was not found.

var err​Sec​Invalid​Query:​ OSStatus

The specified query was not valid.

var err​Sec​Invalid​Value:​ OSStatus

An invalid value was detected.

var err​Sec​ACLDelete​Failed:​ OSStatus

An ACL delete operation has failed.

var err​Sec​ACLReplace​Failed:​ OSStatus

An ACL replace operation has failed.

var err​Sec​ACLAdd​Failed:​ OSStatus

An ACL add operation has failed.

var err​Sec​ACLChange​Failed:​ OSStatus

An ACL change operation has failed.

var err​Sec​Invalid​Access​Credentials:​ OSStatus

Invalid access credentials were encountered.

var err​Sec​Invalid​Record:​ OSStatus

An invalid record was encountered.

var err​Sec​Invalid​ACL:​ OSStatus

An invalid ACL was encountered.

var err​Sec​Invalid​Sample​Value:​ OSStatus

An invalid sample value was encountered.

var err​Sec​Incompatible​Version:​ OSStatus

An incompatible version was encountered.

var err​Sec​Invalid​Scope:​ OSStatus

An invalid scope was encountered.

var err​Sec​Invalid​PVC:​ OSStatus

An invalid PVC was encountered.

var err​Sec​Addin​Load​Failed:​ OSStatus

The add-in load operation has failed.

var err​Sec​Invalid​Key​Hierarchy:​ OSStatus

An invalid key hierarchy was encountered.

var err​Sec​Addin​Unload​Failed:​ OSStatus

The add-in unload operation has failed.

var err​Sec​Invalid​Addin​Function​Table:​ OSStatus

An invalid add-in function table was encountered.

var err​Sec​Invalid​Service​Mask:​ OSStatus

An invalid service mask was encountered.

var err​Sec​Invalid​Sub​Service​ID:​ OSStatus

An invalid sub-service ID was encountered.

var err​Sec​Input​Length​Error:​ OSStatus

An input length error was encountered.

var err​Sec​Output​Length​Error:​ OSStatus

An output length error was encountered.

var err​Sec​Device​Error:​ OSStatus

A device error was encountered.

var err​Sec​Algorithm​Mismatch:​ OSStatus

An algorithm mismatch was encountered.

var err​Sec​Unsupported​Key​Format:​ OSStatus

The key header format is not supported.

var err​Sec​Invalid​Context:​ OSStatus

An invalid context was encountered.

var err​Sec​Invalid​Algorithm:​ OSStatus

An invalid algorithm was encountered.

var err​Sec​Invalid​Attribute​Random:​ OSStatus

A random number attribute was not valid.

var err​Sec​Missing​Attribute​Random:​ OSStatus

A random number attribute was missing.

var err​Sec​Invalid​Attribute​Rounds:​ OSStatus

The number of rounds attribute was not valid.

var err​Sec​Missing​Attribute​Rounds:​ OSStatus

The number of rounds attribute was missing.

var err​Sec​Invalid​Algorithm​Parms:​ OSStatus

An algorithm parameters attribute was not valid.

var err​Sec​Missing​Algorithm​Parms:​ OSStatus

An algorithm parameters attribute was missing.

var err​Sec​Invalid​Attribute​DLDBHandle:​ OSStatus

A database handle attribute was not valid.

var err​Sec​Verify​Failed:​ OSStatus

A cryptographic verification failure has occurred.

var err​Sec​Device​Verify​Failed:​ OSStatus

A device verification failure has occurred.

var err​Sec​Invalid​Login​Name:​ OSStatus

An invalid login name was detected.

var err​Sec​Invalid​Digest​Algorithm:​ OSStatus

An invalid digest algorithm was detected.

var err​Sec​Invalid​CRLGroup:​ OSStatus

An invalid CRL group was detected.

var err​Sec​Certificate​Expired:​ OSStatus

An expired certificate was detected.

var err​Sec​Insufficient​Credentials:​ OSStatus

Insufficient credentials were detected.

var err​Sec​Invalid​Cert​Authority:​ OSStatus

The certificate authority was not valid.

var err​Sec​Invalid​Reason:​ OSStatus

The trust policy reason was not valid.

var err​Sec​Not​Trusted:​ OSStatus

The trust policy was not trusted.

var err​Sec​Rejected​Form:​ OSStatus

The trust policy had a rejected form.

var err​Sec​Request​Descriptor:​ OSStatus

The request descriptor was not valid.

var err​Sec​Invalid​Bundle​Info:​ OSStatus

The bundle information was not valid.

var err​Sec​Unsupported​Index​Info:​ OSStatus

The index information is not supported.

var err​Sec​Unsupported​Num​Attributes:​ OSStatus

The number of attributes is not supported.

var err​Sec​Unsupported​Num​Indexes:​ OSStatus

The number of indexes is not supported.

var err​Sec​Unsupported​Num​Record​Types:​ OSStatus

The number of record types is not supported.

var err​Sec​Unsupported​Num​Selection​Preds:​ OSStatus

The number of selection predicates is not supported.

var err​Sec​Invalid​DBLocation:​ OSStatus

The database location is not valid.

var err​Sec​Invalid​Index​Info:​ OSStatus

The index information is not valid.

var err​Sec​Missing​Required​Extension:​ OSStatus

A required certificate extension is missing.

var err​Sec​Extended​Key​Usage​Not​Critical:​ OSStatus

The extended key usage extension was not marked critical.

var err​Sec​Timestamp​Missing:​ OSStatus

A timestamp was expected but was not found.

var err​Sec​Timestamp​Bad​Alg:​ OSStatus

Found an unrecognized or unsupported algorithm identifier (AI) in timestamp.

var err​Sec​Timestamp​Bad​Request:​ OSStatus

The timestamp transaction is not permitted or supported.

var err​Sec​Timestamp​Bad​Data​Format:​ OSStatus

The timestamp data submitted has the wrong format.

var err​Sec​Timestamp​Time​Not​Available:​ OSStatus

The time source for the timestamp authority is not available.

var err​Sec​Timestamp​Unaccepted​Policy:​ OSStatus

The requested policy is not supported by the timestamp authority.

var err​Sec​Timestamp​Unaccepted​Extension:​ OSStatus

The requested extension is not supported by the timestamp authority.

var err​Sec​Timestamp​Add​Info​Not​Available:​ OSStatus

The additional information requested is not available.

var err​Sec​Timestamp​System​Failure:​ OSStatus

The timestamp request cannot be handled due to a system failure .

var err​Sec​Signing​Time​Missing:​ OSStatus

A signing time was expected but was not found.

var err​Sec​Timestamp​Rejection:​ OSStatus

A timestamp transaction was rejected.

var err​Sec​Timestamp​Waiting:​ OSStatus

A timestamp transaction is waiting.

var err​Sec​Timestamp​Revocation​Warning:​ OSStatus

A timestamp authority revocation warning was issued.

var err​Sec​Timestamp​Revocation​Notification:​ OSStatus

A timestamp authority revocation notification was issued.

See Also