in macos/midtier.c [58:95]
size_t genKeyPair(
const char* label,
const char* tag,
int useBiometrics,
int accessibleWhenUnlockedOnly,
unsigned char** ret,
char** error) {
CFBooleanRef biometrics = kCFBooleanFalse;
CFBooleanRef keyProtection = kCFBooleanFalse;
if (useBiometrics)
biometrics = kCFBooleanTrue;
if (accessibleWhenUnlockedOnly)
keyProtection = kCFBooleanTrue;
CFDataRef pubKey = NULL;
CFStringRef errStr = NULL;
CFBooleanRef success =
CreateSEKey(label, tag, biometrics, keyProtection, &pubKey, &errStr);
if ((errStr) || (!success)) {
if (!errStr) {
errStr = CFSTR("error generating key pair");
}
*error = CFStringToCString(errStr);
CFRelease((CFTypeRef)errStr);
return 0;
}
if (!pubKey)
return 0;
*ret = CFDataToUint8(pubKey);
CFIndex size = CFDataGetLength(pubKey);
CFRelease((CFTypeRef)pubKey);
return (size_t)size;
}