The private key ref I got from my physical smart card with below method: SecIdentityRef identity = xxxx; status = SecIdentityCopyPrivateKey(identity, &privKeyRef); and I also check the algorithm with below lines and result is fail also: if (!SecKeyIsAlgorithmSupported(privKeyRef, kSecKeyOperationTypeSign, kSecKeyAlgorithmRSASignatureRaw)) { NSLog(@"Cannot support RSA Signature Algorithm kSecKeyAlgorithmRSASignatureRaw"); } Looks like the CTK on MAC platform not support this algorithm? for I can use the similar code to sign same data on iOS platform.

Could you please point out which algorithm not support when you using the SecKeyCreateSignature API on your mac platform & physical smart card? My situation is when I set the algorithm to kSecKeyAlgorithmRSASignatureRaw, the error "algorithm not supported by the key" will occur. but is OK for other algorithm like kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA256

it is true that I confront the similar issue when using the API SecKeyCreateSignature to sign the raw data based on Apple Security framework. signedDataRef = SecKeyCreateSignature(privKeyRef, kSecKeyAlgorithmRSASignatureRaw, signDataRef, &error); When I choose the algorithm kSecKeyAlgorithmRSASignatureRaw with the same certificate, on iOS platform it works OK. But on MAC platform, this method return "algorithm not support" error. It looks like CTK on mac not support this algorithm. What's about the way to sign the 'raw' data by using the SecTransform API if the algorithm not support on mac?