Hi,
Our application predominantly uses the keychain and the secure enclave to generate asymmetric keys and decrypt using the secure enclave.
When testing our application against iOS 13 beta for any compatibilty issues, we encounted a problem while decrypting using the Secure Enclave.
We use SecAccessControlCreateFlags.biometryAny constraint to restrict accessing the private key only with a valid biometric registered on the device, and, this is what is actually causing the problem. When SecAccessControlCreateFlags.biometryAny is not set, the decryption succeeds.
Below is the error that is thrown:
Error Domain=CryptoTokenKit Code=-3 "setoken: unable to compute shared secret" UserInfo={NSLocalizedDescription=setoken: unable to compute shared secret}
keyType: kSecAttrKeyTypeECSECPrimeRandom
accessibilityProtection: kSecAttrAccessibleWhenUnlockedThisDeviceOnly
accessControlFlags: SecAccessControlCreateFlags.biometryAny.rawValue
Decryption Algorithm: eciesEncryptionCofactorX963SHA256AESGCM
This whole feature works perfectly on all other versions of iOS below 13.0.
Please let us know if this is a known issue, or, if you have any suggestions to overcome this.
Thanks,
Aravind Vaidhyanathan