SecKeyCreateRandomKey return error code -25300?

Question

I use the security api SecKeyCreateRandomKey to create key pair in keychain, sometimes it works well, but sometimes it return error code -25300, which means 'The specified item could not be found in the keychain.', but what is missing? How to solve this problem?

I can understand this error code when it comes to SecItemCopyMatching, which means the key pair not exists.

The code looks like:

@autoreleasepool {
  const auto* application_tag =
      [@(identity.c_str()) dataUsingEncoding:NSUTF8StringEncoding];

  NSMutableDictionary* attributes = [@{
    (id)kSecAttrKeyType : (__bridge id)kSecAttrKeyTypeECSECPrimeRandom,
    (id)kSecAttrKeySizeInBits : @256,
    (id)kSecAttrAccessible : (__bridge id)kSecAttrAccessibleAfterFirstUnlock,
    (id)kSecPrivateKeyAttrs : @{
      (id)kSecAttrIsPermanent : @YES,
      (id)kSecAttrApplicationTag : application_tag,
      (id)kSecAttrAccessGroup : @(GetAccessGroup().c_str()),
    },
  } mutableCopy];

  [attributes setObject:(__bridge id)kSecAttrTokenIDSecureEnclave
                 forKey:(id)kSecAttrTokenID];

  SecAccessControlRef access = SecAccessControlCreateWithFlags(
      kCFAllocatorDefault, kSecAttrAccessibleAfterFirstUnlock,
      kSecAccessControlPrivateKeyUsage, nullptr);
  [attributes setObject:(__bridge id)access
                 forKey:(id)kSecAttrAccessControl];

  CFErrorRef err = nullptr;
  SecKeyRef pvt_key =
      SecKeyCreateRandomKey((__bridge CFDictionaryRef)attributes, &err);
  if (err || !pvt_key) {
    const auto error_code = CFErrorGetCode(err); // ================> get -25300 here
  }
}

It does not appear on every computer, so I'd like to ask if there is some specific reason will cause this issue?