Håvard Fossli

Does it work on device?

Private keys can not be migrates. Public keys can. In this case you need to recreate the key pair. Also you should configure the public key to not be possible...

Sorry, I meant protection id. You select one of the protection id's that fits your needs from here https://developer.apple.com/documentation/security/keychain_services/keychain_items/item_attribute_keys_and_values?language=objc#1679100 For example you can choose this one https://developer.apple.com/documentation/security/ksecattraccessibleafterfirstunlockthisdeviceonly?language=objc Example with `kSecAttrAccessibleAlwaysThisDeviceOnly`...

In the event of an itunes backup and you get this error > Found public key, but couldn't find or access private key. The errSecItemNotFound error is sometimes wrongfully reported...

Awesome. Then you may choose to not store the public key and instead just derive it from the private key when needed using `SecKeyCopyPublicKey`. Some modifications to the library is...

You need to regenerate the entire keypair

It is not possible to restore a private key stored in the secure enclave

I am not an expert, but thankfully @dschuetz is! Here’s an awesome writeup he did which will give you answers! :) https://darthnull.org/security/2018/05/31/secure-enclave-ecies/ Hopefully we get to merge instructions or point...

I have given it an attempt at line by line porting @dschuetz's code. https://gist.github.com/hfossli/6763c2ceeba0f03ce45cc630bbbec7b0 Maybe you are able to finish it?

Awesome! Thanks! Really helpful. Just one small step away. The reason I want to be able to do this with openssl cli is just because it is so universal. It...