kSecAttrTokenIDSecureEnclave
Specifies an item should be stored in the device’s Secure Enclave.
Declaration
let kSecAttrTokenIDSecureEnclave: CFStringMentioned in
Discussion
The only keychain items supported by the Secure Enclave are 256-bit elliptic curve private keys (those that have key type kSecAttrKeyTypeEC). Such keys must be generated directly on the Secure Enclave using the SecKeyGeneratePair(_:_:_:) function with the kSecAttrTokenID key set to kSecAttrTokenIDSecureEnclave in the parameters dictionary.