A call to the API SecKeyGeneratePair in SecureEnclave for iOS18 returns an OSStatus 0 but the SecKeyRef is not present.
Understand that this API is currently deprecated and there are plans to move to the new APIs, but I believe this API should still work in iOS18 as expected for now.
The API works as expected on iPadOS 18.
// Create SE key
let sacRef = SecAccessControlCreateWithFlags(kCFAllocatorDefault,
kSecAttrAccessibleAfterFirstUnlock,
.privateKeyUsage, nil)!
let privKeyAttr = [
kSecAttrAccessControl: sacRef,
kSecAttrIsPermanent: true,
] as NSDictionary
os_log("Priv key params: %{public}@", log: osLogger, privKeyAttr)
let keygenAttr = [
kSecAttrApplicationLabel: attrApplicationLabelSeKey,
kSecAttrTokenID: kSecAttrTokenIDSecureEnclave,
kSecPrivateKeyAttrs: privKeyAttr,
kSecAttrKeyType: kSecAttrKeyTypeEC,
kSecAttrKeySizeInBits: 256
] as NSDictionary
var error: Unmanaged<CFError>?
os_log("keygen params: %{public}@", log: osLogger, keygenAttr)
var keyRef: SecKey?
let status = SecKeyGeneratePair(keygenAttr,
&keyRef,
nil)
os_log("SecKeyGeneratePair osStatus: %{public}d, keyRef: %{public}@", log: osLogger, status, keyRef == nil ? "null" : "ref present")