I am trying to create a private key using SecKeyCreateRandomKey() and every time I attempt to create the key the Security framework returns with an error "-25293" errSecAuthFailed = -25293, /* The user name or passphrase you entered is not correct. */
the code looks like this:
where
keysize = 521
keyid = (unique UUID)
and self.applicationContext returns the valid LAContext with the application password verifiably correctly set.
SecAccessControlCreateFlags sacFlags = kSecAttrAccessibleWhenUnlocked;
sacFlags |= kSecAccessControlAnd;
sacFlags |= kSecAccessControlPrivateKeyUsage;
sacFlags |= kSecAccessControlApplicationPassword;
SecAccessControlRef accessControl = SecAccessControlCreateWithFlags(kCFAllocatorDefault,
self.accessibilityObject,
sacFlags,
&cferror);
if( !accessControl ) {
error = CFBridgingRelease(cferror);<br/> log(@"Security", @"error creating access control: ",[error localizedDescription]);
}
else {
NSData* tag = keyid dataUsingEncoding:NSUTF8StringEncoding;
NSDictionary* attributes = @{ (id)kSecAttrKeyType: (id)kSecAttrKeyTypeECSECPrimeRandom,
(id)kSecAttrKeySizeInBits: @(keysize),
(id)kSecAttrLabel: keyid,
(id)kSecPrivateKeyAttrs:
@{ (id)kSecAttrIsPermanent: @YES,
(id)kSecAttrApplicationTag: tag,
(id)kSecUseAuthenticationContext : self.applicationContext,
(id)kSecAttrAccessControl: (__bridge id)accessControl,
(id)kSecAttrEffectiveKeySize: @(keysize),
(id)kSecAttrCanEncrypt : @NO,
(id)kSecAttrCanDecrypt : @YES,