If I create a Secure Enclave key (kSecAccessControlPrivateKeyUsage) in one app can the private key operations be performed by a different app that is from the same developer and that uses same App ID prefix as the app that originally created the key? Or is the usage of keychain items restricted in the case of Secure Enclave keys?
I want to create a Secure Enclave key in app A and perform signing operations on app A and B using the key.
I know private keys never leave the Secure Enclave but I just want to know if performing operations by two different apps is allowed using the same Secure Enclave key item. Eskimo, help!
I want to create a Secure Enclave key in app A and perform signing operations on app A and B using the key.
I know private keys never leave the Secure Enclave but I just want to know if performing operations by two different apps is allowed using the same Secure Enclave key item. Eskimo, help!
That should be feasible. SE keys are ultimately stored in the keychain [1] and you can share keychain items between apps from the same team via the keychain access group mechanism.I want to create a Secure Enclave key in app A and perform signing
operations on app A and B using the key.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
[1] Encrypted in a way such that they can only be used by the SE.