Hi Quinn,
I followed your suggestion to print the kSecAttrAccessControl values before removing the device passcode. Here are the results:
Before removing the passcode:
Private key kSecAttrAccessControl:
<SecAccessControlRef: akpu;ock(cbio(pbioc(738EDECBFBFD16EE6F202F9C04FA428E)pbioh(7E070B37258FE14790D46687D0094CD04C20A7FC06CC69E89272313665956602)));odel(true);osgn(cbio(pbioc(738EDECBFBFD16EE6F202F9C04FA428E)pbioh(7E070B37258FE14790D46687D0094CD04C20A7FC06CC69E89272313665956602)));oa(true)>
Public key kSecAttrAccessControl:
<SecAccessControlRef: akpu>
Behavior after disabling biometrics (Touch ID):
The key pair remains accessible.
Behavior after disabling the device passcode:
The private key is still accessible.
The public key results in errSecItemNotFound.
This behavior is indeed puzzling.
Any insights you can share about this inconsistency would be greatly appreciated!
yiliev
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Post
Replies
Boosts
Views
Activity
I'm experiencing the same issue with our Enterprise account. With a regular account, it works fine.
Did you find a solution to this issue, or maybe a confirmation that it doesn't work with Enterprise accounts?