The items are written to the older macOS filesystem keychain, not the data protection keychain. LAContext is being used as a user presence check, unrelated to protection of the keychain items. The XPC service is vended by a launch agent. While we're trying to wrap it inside a bundle, it won't be contained within an application. The bundle is intended to get an app icon to show on the LAContext-driven system dialog, nothing more.

Why are you trying to do this? I'm trying to do something similar. My ultimate goal is to interface the C-level SecKey API with some Go code, but I'm trying to validate that I'm doing things correctly by round-tripping some simple sign and verify tasks with CryptoKit and Secure Enclave keys. You seem to be mixing CryptoKit and the older SecKey API, which can be done but it’s a little weird. What would it look like? I'm getting the dataRepresentation from a SecureEnclave.P256.Signing.PrivateKey, then trying to recreate it for use by the SecKey APIs with this: bool verify(const UInt8 *privateKey, size_t privateKeyLength, const UInt8 *data, size_t dataLength, const UInt8 *signature, size_t signatureLength) {     CFDataRef keyData = CFDataCreate(NULL, privateKey, privateKeyLength);     void *attributeKeys[] = {         (void *)kSecAttrKeyType,         (void *)kSecAttrKeyClass,         (void *)kSecAttrTokenID     };     void *attributeValues[] = {         (void *)kSecAttrKeyTypeEC,         (void *)kSecAttrKeyClassPrivate,         (void *)kSecAttrTokenIDSecureEnclave     };     CFDictionaryRef attributes = CFDictionaryCreate(NULL, (const void **)attributeKeys, (const void **)attributeValues, sizeof(attributeKeys) / sizeof(attributeKeys[0]), NULL, NULL);     CFErrorRef error;     SecKeyRef privateKeyRef = SecKeyCreateWithData(keyData, attributes, &error); // ... } This "works" insofar as I am not getting any errors, but signature validation always fails.

I'm seeing this exact behavior with the latest Xcode that was released today, 11.3.1. Have you learned anything these past few months?The only non-system frameworks I link with are Sentry and a simple one for logging.