CODEWITHSUNDEEP
swiftxcodeunit-testingkeychain
Tiago Chaves
Tiago Chaves

Reputation: 78

Error trying to generate a random key pair when unit testing on a real device iOS Swift

When i try to run my unit test on a real device it fails.

The returned error is

-25293 ("The user name or passphrase you entered is not correct.").

Here is my failing code:

let accessControl = SecAccessControlCreateWithFlags(
  kCFAllocatorDefault,
  kSecAttrAccessibleAfterFirstUnlock,
  [.privateKeyUsage],
  nil)

let privateKeyAttrs = [
  kSecAttrIsPermanent as String    : true,
  kSecAttrApplicationTag as String : tag,
  kSecAttrAccessControl as String  : accessControl
  ] as [String : Any]

let generationQuery: [String: Any] = [
  kSecAttrKeyType as String       : kSecAttrKeyTypeRSA,
  kSecAttrKeySizeInBits as String : 2048,
  kSecPrivateKeyAttrs as String   : privateKeyAttrs]

var error: Unmanaged<CFError>?
    guard let privateKey = SecKeyCreateRandomKey(generationQuery as CFDictionary, &error) else {
        throw <MyError>
    }

The SecKeyCreateRandomKey fails even if I change my Accessible protection to kSecAttrAccessibleAlways or kSecAttrAccessibleWhenUnlocked and my test pass if I just remove kSecAttrAccessControl from my privateKeyAttrs.

More details: If I run my tests on a simulator it pass; I'm using Xcode 11.6 and swift 5.

Upvotes: 2

Views: 636

Answers (1)

Rob Napier
Rob Napier

Reputation: 299265

.privateKeyUsage is specifically for creating keypairs that are stored in the Secure Enclave:

An attempt to use this constraint while generating a key pair outside the Secure Enclave fails.

Drop that option. You don't need it (and can't use it) if you're just trying to create a keypair in the keychain.

Upvotes: 5

Related Questions