CFDataRef SignWithSEKey()

in macos/macos.c [218:245]

• 25 lines of code
• 4 McCabe index (conditional complexity)

CFDataRef SignWithSEKey(
    const char* label,
    const char* tag,
    unsigned char* hash,
    CFDataRef data,
    CFStringRef* errorStr) {
  SecKeyRef key = NULL;
  OSStatus status = FetchSEPrivKeyRef(label, tag, hash, &key);
  if (status != errSecSuccess) {
    *errorStr = SecCopyErrorMessageString(status, NULL);
    return NULL;
  }
  if (!key)
    return NULL;

  CFErrorRef error = NULL;
  CFDataRef res = SecKeyCreateSignature(
      key, kSecKeyAlgorithmECDSASignatureDigestX962, data, &error);
  CFRelease((CFTypeRef)key);

  if (error) {
    *errorStr = CFErrorCopyDescription(error);
    CFRelease((CFTypeRef)error);
    return NULL;
  }

  return res;
}