Post not yet marked as solved
Click to stop watching this thread.
You have stopped watching this post. Click to start watching again.
contentPostList.repliesup-voted.tooltip
Replied In
Keychain write errSecNotAvailable
I have logs for that case. We have a problem in that area.Some users are complaining that their FaceID unlock does not work.We store a password in the keychain using the secure enclave with FaceID.When we want to read the value in the keychain, FaceID normally shows up. But now an error pops up with the following OSStatus:-25291The user sent us console logs. I narrowed the logs down to the relevant block of logs for this issue, I think. Looks like this:standard12:13:34.435678+0100securitydAuthentication is needed for genp,rowid=20311 (-25330): Error Domain=NSOSStatusErrorDomain Code=-25330 "(null)"standard12:13:34.435857+0100securitydAuthentication is needed <OURAPP>[5905]/1#6 LF=0 copy_matching Error Domain=NSOSStatusErrorDomain Code=-25330 "(null)"standard12:13:34.437637+0100coreauthd-[Daemon connectToExistingContext:callback:processId:userId:auditSessionId:auditToken:cApiOrigin:checkEntitlementBlock:invalidationBlock:connectionHash:reply:] 0, 5905, 501, 0, 0, 6e355c0 on <private>standard12:13:34.437690+0100coreauthd-[ContextManager loadModule:error:] 1 on <private>standard12:13:34.438297+0100<OURAPP>-[LAContext initWithExternalizedContext:userSession:] 0, (null), <LAClient: 0x28357f420> on <private>standard12:13:34.438374+0100<OURAPP>-[LAClient externalizedContext] on <private>standard12:13:34.438457+0100<OURAPP>-[LAClient externalizedContextWithReply:] on <private>standard12:13:34.438580+0100coreauthd-[ContextProxy externalizedContextWithReply:] on <private>standard12:13:34.438631+0100coreauthd-[ContextPluginACM externalizedContextWithReply:] on <private>standard12:13:34.438791+0100coreauthd-[ContextProxy externalizedContextWithReply:]_block_invoke -> 63171931, (null) on <private>standard12:13:34.438889+0100<OURAPP>-[LAClient externalizedContextWithReply:]_block_invoke -> 63171931, (null) on <private>standard12:13:34.444027+0100duetexpertd{"msg":"CLLocationManager", "event":"activity", "_cmd":"location", "self":"0x102d2d590"}standard12:13:34.446501+0100locationd{"msg":"client getting effective client name", "bundleId":"", "bundlePath":"\/System\/Library\/PrivateFrameworks\/CoreParsec.framework"}standard12:13:34.446783+0100kernelAppleKeyStore: operation failed (pid: 96 sel: 43 ret: e007c007 '-536363001')standard12:13:34.447005+0100securityddecode genp,rowid=20311 failed (-25291): Error Domain=NSOSStatusErrorDomain Code=-25291 "aks_ref_key: e007c007 failed to 'decrypt' item (class 0, bag: 0)" UserInfo={NSDescription=aks_ref_key: e007c007 failed to 'decrypt' item (class 0, bag: 0)}standard12:13:34.447068+0100securityd<OURAPP>[5905]/1#6 LF=0 copy_matching Error Domain=NSOSStatusErrorDomain Code=-25291 "aks_ref_key: e007c007 failed to 'decrypt' item (class 0, bag: 0)" UserInfo={NSDescription=aks_ref_key: e007c007 failed to 'decrypt' item (class 0, bag: 0)}standard12:13:34.447149+0100<OURAPP>-[LAContext dealloc] , <LAClient: 0x28357f420> on <private>standard12:13:34.449052+0100coreauthdConnection invalidated: <NSXPCConnection: 0x106e355c0> connection on mach service named com.apple.CoreAuthentication.daemon from pid 5905 hash: 6e355c0standard12:13:34.449284+0100coreauthd-[ContextProxy dealloc] on <private>Logs shouldn't contain personal data, right? This is just a contiuous cutout of logs around the issue. I didn't modify the logs itself as I didn't see the need because no personal data is visible as far as I can tell.@gc or @eskimo, can you help us here?