feat: private key without biometrics

Signed-off-by: Timo Glastra <[email protected]>

example/app.json

@@ -13,7 +13,10 @@
     },
     "ios": {
       "supportsTablet": true,
-      "bundleIdentifier": "id.animo.secure.environment.example"
+      "bundleIdentifier": "id.animo.secure.environment.example",
+      "infoPlist": {
+        "NSFaceIDUsageDescription": "FaceID is used to securely sign data"
+      }
     },
     "android": {
       "adaptiveIcon": {
@@ -26,4 +29,4 @@
       "favicon": "./assets/favicon.png"
     }
   }
-}
+}

ios/SecureEnvironment.swift

@@ -15,18 +15,19 @@ struct SecureEnvironment {
           kSecAttrApplicationTag as String: Bundle.main.bundleIdentifier.unsafelyUnwrapped,
         ],
     ]
-
+
+    var flags: SecAccessControlCreateFlags = [.privateKeyUsage]
     if biometricsBacked {
-      let accessControl = SecAccessControlCreateWithFlags(
-        kCFAllocatorDefault,
-        kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
-        [.privateKeyUsage, .biometryCurrentSet],
-        nil
-      )
-
-      attributes[kSecAttrAccessControl as String] = accessControl
+      flags.insert(.biometryCurrentSet)
     }
 
+    attributes[kSecAttrAccessControl as String] = SecAccessControlCreateWithFlags(
+      kCFAllocatorDefault,
+      kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
+      flags,
+      nil
+    )
+
     var error: Unmanaged<CFError>?
     guard SecKeyCreateRandomKey(attributes as CFDictionary, &error) != nil else {
       throw error!.takeRetainedValue() as Error