I did understand how the Access with Touch ID's kSecAccessControlTouchIDAny in the framework KeychainAccess works but i couldn't figure out how to do this with Face ID in iOS 11. I couldn't find any documentation for solving it yet (Maybe the docs are not out yet?).
So i am seeking out to stackoverflow and ask: How to write values secured with Face ID to the keychain and how to copy them back?
An minimal example would be nice.
On
Looks like Apple has added Face ID support to the Local Authentication API, but not Keychain ACL yet.
What I'm planning on doing is using Local Authentication to trigger a Face ID prompt, then if that succeeds, access the keychain directly. Not as secure as the proper KeyChain ACL API that we have for Touch ID, but it's the best solution I've come up with so far.
https://developer.apple.com/documentation/localauthentication/localauthentication_constants?changes=latest_minor https://developer.apple.com/documentation/localauthentication/labiometrytype?changes=latest_minor
This appears to now work in Xcode 9.1 (since beta).
Testable with example here:
https://developer.apple.com/library/content/samplecode/KeychainTouchID/Introduction/Intro.html
Even though this example has not been updated for Face ID, it appears to work for storing keychain items protected by Face ID.
As discussed, this does not work in Xcode 9.0 GM.