hello world.
first of all, sorry for my english.
I try to implement PKI using keychain
as far as I know, secure enclave only accepts 256bit EC (kSecAttrKeyTypeEC).
and I found comments that said keystore component had been moved from the kernel into secure enclave from wwdc 2015 session 706 (ANDREW WHALLEY)
https://developer.apple.com/videos/play/wwdc2015/706/?time=2092
I generated RSA 2048bit key pair using SecKeyGeneratePair and I set ACL as lines below:
SecAccessControlRef accessControlRef = SecAccessControlCreateWithFlags(kCFAllocatorDefault,
kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
kSecAccessControlApplicationPassword,
&accessControlError);in this case, I am wondering if the key pair is stored in secure enclave instead of normal keychain area when user use secure enclave supported device (A7 or later with ios9+)