Platforms to show: All Mac Windows Linux Cross-Platform
Back to KeychainManagerMBS module.
KeychainManagerMBS.kSecClassKey as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Cryptographic key item.
The following attribute types ("Attribute Item Keys and Values") can be used with an item of this type:
kSecAttrAccessible
kSecAttrAccessGroup
kSecAttrKeyClass
kSecAttrLabel
kSecAttrApplicationLabel
kSecAttrIsPermanent
kSecAttrApplicationTag
kSecAttrKeyType
kSecAttrKeySizeInBits
kSecAttrEffectiveKeySize
kSecAttrCanEncrypt
kSecAttrCanDecrypt
kSecAttrCanDerive
kSecAttrCanSign
kSecAttrCanVerify
kSecAttrCanWrap
kSecAttrCanUnwrap
Available in OS X v10.7 and later.
KeychainManagerMBS.kSecMatchCaseInsensitive as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Case sensitivity attribute key.
The corresponding value is of type Boolean. If this value is False, or if this attribute is not provided, then case-sensitive string matching is performed.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecMatchDiacriticInsensitive as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Case sensitivity attribute key.
The corresponding value is of type Boolean. If this value is False, or if this attribute is not provided, then diacritic-sensitive string matching is performed.
Available in OS X v10.7 and later.
KeychainManagerMBS.kSecMatchEmailAddressIfPresent as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Email address attribute key.
The corresponding value is of type string and contains an RFC822 email address. If provided, returned certificates or identities are limited to those that either contain the address or do not contain any email address.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecMatchIssuers as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Issuers attribute key.
The corresponding value is of type array, where the array consists of X.500 names of type Memoryblock. If provided, returned certificates or identities are limited to those whose certificate chain contains one of the issuers provided in this list.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecMatchItemList as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Item list attribute key.
To provide your own set of items to be filtered by a search query rather than searching the keychain, specify this search key in a call to the SecItemCopyMatching function with a value that consists of an object of type array where the array contains either KeychainItemMBS, SecKeyRef, SecCertificateRef, SecIdentityRef, or memoryblock items. The objects in the provided array must all be of the same type.
To convert from persistent item references to normal item references, specify this search key in a call to the CopyMatching function with a value of type array where the array contains one or more CFDataRef elements (the persistent references), and a return-type key of kSecReturnRef whose value is True.
To delete an item identified by a transient reference, specify the kSecMatchItemList search key in a call to the SecItemDelete function with a reference returned by using the kSecReturnRef return type key in a previous call to the CopyMatching or SecItemAdd functions.
To delete an item identified by a persistent reference, specify the kSecMatchItemList search key in a call to the SecItemDelete function with a persistent reference returned by using the kSecReturnPersistentRef return type key to the CopyMatching or SecItemAdd functions.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecMatchLimit as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Match limit attribute key.
The corresponding value is of type Integer. If provided, this value specifies the maximum number of results to return or otherwise act upon. For a single item, specify kSecMatchLimitOne. To specify all matching items, specify kSecMatchLimitAll. The default behavior is function-dependent.
Available in OS X v10.6 and later.
Some examples using this method:
KeychainManagerMBS.kSecMatchLimitAll as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
An unlimited number of results may be returned; used as a value for the kSecMatchLimit attribute key.
Available in OS X v10.6 and later.
Some examples using this method:
KeychainManagerMBS.kSecMatchLimitOne as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Results are limited to the first item found; used as a value for the kSecMatchLimit attribute key.
Available in OS X v10.6 and later.
Some examples using this method:
KeychainManagerMBS.kSecMatchPolicy as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Match policy attribute key.
The corresponding value is of type SecPolicyRef. If provided, returned certificates or identities must verify with this policy.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecMatchSearchList as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecMatchSubjectContains as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Subject attribute key.
The corresponding value is of type string. If provided, returned certificates or identities are limited to those whose subject contains this string.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecMatchSubjectEndsWith as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Subject attribute key.
The corresponding value is of type String. If provided, returned certificates or identities are limited to those whose subject ends with this string.
Available in OS X v10.7 and later.
KeychainManagerMBS.kSecMatchSubjectStartsWith as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Subject attribute key.
The corresponding value is of type String. If provided, returned certificates or identities are limited to those whose subject starts with this string.
Available in OS X v10.7 and later.
KeychainManagerMBS.kSecMatchSubjectWholeString as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Subject attribute key.
The corresponding value is of type String. If provided, returned certificates or identities are limited to those whose subject is exactly equal to this string.
Available in OS X v10.7 and later.
KeychainManagerMBS.kSecMatchTrustedOnly as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Trusted anchor attribute key.
The corresponding value is of type Boolean. If this attribute is provided with A value of True, only certificates that can be verified back to a trusted anchor are returned. If this value is False or the attribute is not provided, then both trusted and untrusted certificates may be returned.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecMatchValidOnDate as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Valid-on-date attribute key.
The corresponding value is of type Date. If provided, returned keys, certificates or identities are limited to those that are valid for the given date. Pass a value of nil to indicate the current date.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecMatchWidthInsensitive as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Case sensitivity attribute key.
The corresponding value is of type Boolean. If this value is False, or if this attribute is not provided, then width-sensitive string matching is performed (for example, the ASCII character a does not match the UTF-8 full-width letter a (U+FF41).
Available in OS X v10.7 and later.
KeychainManagerMBS.kSecReturnAttributes as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Return attributes attribute key.
The corresponding value is of type Boolean. A value of True indicates that a dictionary of the (unencrypted) attributes of an item should be returned in the form of a Dictionary.
Available in OS X v10.6 and later.
Some examples using this method:
KeychainManagerMBS.kSecReturnData as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Return data attribute key.
The corresponding value is of type Boolean. A value of True indicates that the data of an item should be returned in the form of a Memoryblock. For keys and password items, data is secret (encrypted) and may require the user to enter a password for access.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecReturnPersistentRef as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Return persistent reference attribute key. A persistent reference to a credential can be stored on disk for later use or passed to other processes.
The corresponding value is of type Boolean. A value of True indicates that a persistent reference to an item (Memoryblock) should be returned.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecReturnRef as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Return reference attribute key.
The corresponding value is of type Boolean. A value of True indicates that a reference should be returned. Depending on the item class requested, the returned references may be of type KeychainItemMBS, SecKeyRef, SecCertificateRef, SecIdentityRef, or Memoryblock.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecUseAuthenticationContext as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 18.5 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
As LAContext is 64-bit only for Mac, this will do nothing in 32-bit.
- If the item requires authentication and this key is omitted, a new context will be created just for the purpose of the single call.
- If the specified context has been previously authenticated, the operation will succeed without asking user for authentication.
- If the specified context has not been previously authenticated, the new authentication will be started on this context, allowing caller to eventually reuse the sucessfully authenticated context in subsequent keychain operations.
KeychainManagerMBS.kSecUseAuthenticationUI as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 18.5 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Value can be one of kSecUseAuthenticationUIAllow, kSecUseAuthenticationUIFail, kSecUseAuthenticationUISkip.
KeychainManagerMBS.kSecUseAuthenticationUIAllow as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 18.5 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
KeychainManagerMBS.kSecUseAuthenticationUIFail as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 18.5 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
KeychainManagerMBS.kSecUseAuthenticationUISkip as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 18.5 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
KeychainManagerMBS.kSecUseItemList as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Item list key.
The corresponding value is of type CFArrayRef, where the array contains either KeychainItemMBS, SecKeyRef, SecCertificateRef, SecIdentityRef, or (for persistent item references) Memoryblock items. If provided, this array is treated as the set of all possible items to search (or to add if the function being called is AddItem). The items in the array must all be of the same type.
Available in OS X v10.6 and later.
KeychainManagerMBS.kSecUseKeychain as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 13.1 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
Keychain reference key.
Specifies a SecKeychainRef object that references the keychain to which AddItem should add the provided items.
Available in OS X v10.7 and later.
KeychainManagerMBS.kSecUseNoAuthenticationUI as string
Type | Topic | Plugin | Version | macOS | Windows | Linux | iOS | Targets |
method | Keychain | MBS MacClassic Plugin | 18.5 | ✅ Yes | ❌ No | ❌ No | ✅ Yes | All |
OS X only. Specifies a dictionary key whose value is a boolean. If provided with a value of true, the error errSecInteractionNotAllowed will be returned if the item is attempting to authenticate with UI.
Available in macOS 10.10 or newer and deprecated in 10.11 in favor of kSecUseAuthenticationUI.
The items on this page are in the following plugins: MBS MacClassic Plugin.