How can I use a keychain item with access control ".userPresence" in a VPN Network extension

App & System Services Networking
oschlueter OP
Created Oct ’24
Replies 2
Boosts 0
Views 200
Participants 2

I am building a NEPacketTunnelProvider, and in its configuration I set a SecIdentity persistent reference. That reference is passed to the tunnel provider but when I try to use it there, I get an errSecInteractionNotAllowed error. The private key for that identity is protected by .userPresence. If I remove the protection, the network extension can access the identity and the private key.

Is there any way that a VPN network extension can use a keychain item protected by .userPresence?

Replies  2
Boosts  0
Views  200
Participants  2
DTS Engineer OP
Apple
Oct ’24

Platform? And if it’s macOS, are you using appex or sysex packaging?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
oschlueter OP
4w

That's on iOS.

0
How can I use a keychain item with access control ".userPresence" in a VPN Network extension
First post date Last post date
 
 
Q