switch ACL too .touchIDAny

github · Aug 22, 2017 · e6121ad · e6121ad
1 parent 48686c0
commit e6121ad
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/SoftU2FTool/Keychain.swift b/SoftU2FTool/Keychain.swift
@@ -206,7 +206,7 @@ class Keychain {
 
         if inSEP {
             if #available(OSX 10.12.1, *) {
-                acl = SecAccessControlCreateWithFlags(nil, kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly, [.privateKeyUsage, .touchIDCurrentSet], &err)
+                acl = SecAccessControlCreateWithFlags(nil, kSecAttrAccessibleWhenUnlocked, [.privateKeyUsage, .touchIDAny], &err)
             } else {
                 print("Cannot generate keys in SEP on macOS<10.12.1")
                 return nil
@@ -231,7 +231,8 @@ class Keychain {
                 (kSecPrivateKeyAttrs, makeCFDictionary(
                     (kSecAttrAccessControl, acl!),
                     (kSecAttrLabel, attrLabel),
-                    (kSecAttrIsPermanent, kCFBooleanTrue)
+                    (kSecAttrIsPermanent, kCFBooleanTrue),
+                    (kSecAttrSynchronizable, kCFBooleanFalse)
                 ))
             )
         } else {