CrImperator
commented
3 years ago I have try this code but when i use kSecUseAuthenticationUISkip to check of the Keychain has or not an entry i receve -25300 even when i sure there is an entry
Open utterances-bot opened 3 years ago
CrImperator
commented
3 years ago I have try this code but when i use kSecUseAuthenticationUISkip to check of the Keychain has or not an entry i receve -25300 even when i sure there is an entry
ncharniauski
commented
2 years ago I am questioning this statement -- "The system is smart enough to prompt for the biometrics when it finds an item that was created with a given access control." I am setting access control to .devicePasscode or .biometricCurrentSet on one kSecClassGenericPassword item, but after that when I try to access any item of kSecClassGenericPassword class (no access control set), I get prompted for verification. Scratching my head over this, any additional flags needed?
CyberMew
commented
2 years ago How does one prevent accessing it if it detects a new fingerprint has been added, to prevent attacker adding their own fingerprint and accessing the data?
AndyIbanez
commented
2 years ago How does one prevent accessing it if it detects a new fingerprint has been added, to prevent attacker adding their own fingerprint and accessing the data?
Adding a fingerprint requires your passcode. If someone else has your password, it's already game over.
Maxon1198
commented
2 years ago Andy, u can change policy .userPresence to .biometryCurrentSet. This means that the system will use the fingerprints that are on the device at the time the Keychain item was created.
sauravgarg65
commented
2 years ago Hi Andy, thank you for the solution, but how can we test this thing on real device, whether it is working or not, do we have to have a jailbreak device or any other way?
Using the iOS Keychain with Biometrics • Andy Ibanez
https://www.andyibanez.com/posts/ios-keychain-touch-id-face-id/