diff --git a/src/Security/Certificate.cs b/src/Security/Certificate.cs
index 6683f92d15b6..56ea0ae1101a 100644
--- a/src/Security/Certificate.cs
+++ b/src/Security/Certificate.cs
@@ -239,6 +239,7 @@ internal static bool Equals (SecCertificate first, SecCertificate second)
 		[DllImport (Constants.SecurityLibrary)]
 		extern static /* CFDictionaryRef */ IntPtr SecCertificateCopyValues (/* SecCertificateRef */ IntPtr certificate, /* CFArrayRef */ IntPtr keys, /* CFErrorRef _Nullable * */ IntPtr error);
 
+		[Deprecated (PlatformName.MacOSX, 10,14, message: "Use 'GetKey' instead.")]
 		public NSData GetPublicKey ()
 		{
 			if (handle == IntPtr.Zero)
@@ -270,12 +271,26 @@ public NSData GetPublicKey ()
 		static extern /* __nullable SecKeyRef */ IntPtr SecCertificateCopyPublicKey (IntPtr /* SecCertificateRef */ certificate);
 
 		[iOS (10,3)]
+		[Deprecated (PlatformName.iOS, 12,0, message: "Use 'GetKey' instead.")]
+		[Deprecated (PlatformName.TvOS, 12,0, message: "Use 'GetKey' instead.")]
+		[Deprecated (PlatformName.WatchOS, 5,0, message: "Use 'GetKey' instead.")]
 		public SecKey GetPublicKey ()
 		{
 			IntPtr data = SecCertificateCopyPublicKey (handle);
 			return (data == IntPtr.Zero) ? null : new SecKey (data, true);
 		}
 #endif
+		[TV (12,0)][Mac (10,14, onlyOn64: true)][iOS (12,0)][Watch (5,0)]
+		[DllImport (Constants.SecurityLibrary)]
+		static extern IntPtr /* SecKeyRef* */ SecCertificateCopyKey (IntPtr /* SecKeyRef* */ key);
+
+		[TV (12,0)][Mac (10,14, onlyOn64: true)][iOS (12,0)][Watch (5,0)]
+		public SecKey GetKey ()
+		{
+			var key = SecCertificateCopyKey (handle);
+			return key == IntPtr.Zero ? null : new SecKey (key, true);
+		}
+
 		[iOS (10,3)] // [Mac (10,5)]
 		[DllImport (Constants.SecurityLibrary)]
 		static extern /* OSStatus */ int SecCertificateCopyCommonName (IntPtr /* SecCertificateRef */ certificate, out IntPtr /* CFStringRef * __nonnull CF_RETURNS_RETAINED */ commonName);
diff --git a/src/Security/SecTrust.cs b/src/Security/SecTrust.cs
index efe65d92ff3c..fba904ca8dff 100644
--- a/src/Security/SecTrust.cs
+++ b/src/Security/SecTrust.cs
@@ -142,6 +142,18 @@ public SecTrustResult GetTrustResult ()
 			return trust_result;
 		}
 
+		[Watch (5,0)][TV (12,0)][Mac (10,14, onlyOn64: true)][iOS (12,0)]
+		[DllImport (Constants.SecurityLibrary)]
+		static extern bool SecTrustEvaluateWithError (/* SecTrustRef */ IntPtr trust, out /* CFErrorRef** */ IntPtr error);
+
+		[Watch (5,0)][TV (12,0)][Mac (10,14, onlyOn64: true)][iOS (12,0)]
+		public bool Evaluate (out NSError error)
+		{
+			var result = SecTrustEvaluateWithError (handle, out var err);
+			error = err == IntPtr.Zero ? null : new NSError (err);
+			return result;
+		}
+
 		[iOS (7,0)][Mac (10,9)]
 		[DllImport (Constants.SecurityLibrary)]
 		extern static IntPtr /* CFDictionaryRef */ SecTrustCopyResult (IntPtr /* SecTrustRef */ trust);
diff --git a/tests/monotouch-test/Security/CertificateTest.cs b/tests/monotouch-test/Security/CertificateTest.cs
index 8255217c35ec..1119608a960a 100644
--- a/tests/monotouch-test/Security/CertificateTest.cs
+++ b/tests/monotouch-test/Security/CertificateTest.cs
@@ -530,6 +530,9 @@ void CheckMailGoogleCom (SecCertificate cert, int expectedRetainCount)
 				Assert.That (cert.GetSerialNumber (out err).Description, Is.EqualTo ("<2b9f7ee5 ca25a625 14204782 753a9bb9>"), "GetSerialNumber/NSError");
 				Assert.Null (err, "err") ;
 			}
+			if (TestRuntime.CheckXcodeVersion (10,0)) {
+				Assert.NotNull (cert.GetKey (), "GetKey");
+			}
 		}
 
 		[Test]
diff --git a/tests/monotouch-test/Security/TrustTest.cs b/tests/monotouch-test/Security/TrustTest.cs
index 36149b5f3137..120cf10029ef 100644
--- a/tests/monotouch-test/Security/TrustTest.cs
+++ b/tests/monotouch-test/Security/TrustTest.cs
@@ -282,6 +282,10 @@ void Trust_NoRoot (SecTrust trust, SecPolicy policy)
 			using (SecKey pkey = trust.GetPublicKey ()) {
 				Assert.That (CFGetRetainCount (pkey.Handle), Is.GreaterThanOrEqualTo ((nint) 1), "RetainCount(pkey)");
 			}
+			if (TestRuntime.CheckXcodeVersion (10,0)) {
+				Assert.False (trust.Evaluate (out var error), "Evaluate");
+				Assert.NotNull (error, "error");
+			}
 		}
 
 		[Test]
@@ -358,6 +362,10 @@ void Trust_FullChain (SecTrust trust, SecPolicy policy, X509CertificateCollectio
 				// since we modified the `trust` instance it's result was invalidated (marked as unspecified on iOS 11)
 				Assert.That (trust.GetTrustResult (), Is.EqualTo (trust_result), "GetTrustResult-2");
 			}
+			if (TestRuntime.CheckXcodeVersion (10,0)) {
+				Assert.True (trust.Evaluate (out var error), "Evaluate");
+				Assert.Null (error, "error");
+			}
 		}
 
 		[Test]
diff --git a/tests/xtro-sharpie/iOS-Security.todo b/tests/xtro-sharpie/iOS-Security.todo
index a27cee1c2617..25acb6f4aaeb 100644
--- a/tests/xtro-sharpie/iOS-Security.todo
+++ b/tests/xtro-sharpie/iOS-Security.todo
@@ -2,5 +2,3 @@
 !missing-pinvoke! sec_protocol_metadata_create_secret_with_context is not bound
 !missing-pinvoke! sec_protocol_options_set_challenge_block is not bound
 !missing-pinvoke! sec_protocol_options_set_verify_block is not bound
-!missing-pinvoke! SecCertificateCopyKey is not bound
-!missing-pinvoke! SecTrustEvaluateWithError is not bound
diff --git a/tests/xtro-sharpie/macOS-Security.todo b/tests/xtro-sharpie/macOS-Security.todo
index 6d1568461ca0..978d92ab7c7d 100644
--- a/tests/xtro-sharpie/macOS-Security.todo
+++ b/tests/xtro-sharpie/macOS-Security.todo
@@ -3,5 +3,3 @@
 !missing-pinvoke! sec_protocol_metadata_create_secret_with_context is not bound
 !missing-pinvoke! sec_protocol_options_set_challenge_block is not bound
 !missing-pinvoke! sec_protocol_options_set_verify_block is not bound
-!missing-pinvoke! SecCertificateCopyKey is not bound
-!missing-pinvoke! SecTrustEvaluateWithError is not bound
diff --git a/tests/xtro-sharpie/tvOS-Security.todo b/tests/xtro-sharpie/tvOS-Security.todo
index a27cee1c2617..25acb6f4aaeb 100644
--- a/tests/xtro-sharpie/tvOS-Security.todo
+++ b/tests/xtro-sharpie/tvOS-Security.todo
@@ -2,5 +2,3 @@
 !missing-pinvoke! sec_protocol_metadata_create_secret_with_context is not bound
 !missing-pinvoke! sec_protocol_options_set_challenge_block is not bound
 !missing-pinvoke! sec_protocol_options_set_verify_block is not bound
-!missing-pinvoke! SecCertificateCopyKey is not bound
-!missing-pinvoke! SecTrustEvaluateWithError is not bound
diff --git a/tests/xtro-sharpie/watchOS-Security.todo b/tests/xtro-sharpie/watchOS-Security.todo
index a27cee1c2617..25acb6f4aaeb 100644
--- a/tests/xtro-sharpie/watchOS-Security.todo
+++ b/tests/xtro-sharpie/watchOS-Security.todo
@@ -2,5 +2,3 @@
 !missing-pinvoke! sec_protocol_metadata_create_secret_with_context is not bound
 !missing-pinvoke! sec_protocol_options_set_challenge_block is not bound
 !missing-pinvoke! sec_protocol_options_set_verify_block is not bound
-!missing-pinvoke! SecCertificateCopyKey is not bound
-!missing-pinvoke! SecTrustEvaluateWithError is not bound