Search code examples
iossecuritysecure-element

How to check either secure enclave is available in device or not


As we know that secure Enclave is a coprocessor fabricated in the Apple A7 and its available in A7 and later on but its use publicly in iOS 9 kSecAttrTokenIDSecureEnclave but how do we check either some device support secure enclave or not ? Thanks


Solution

  • I didnt find any so I made my own check:

    + (BOOL) isDeviceOkForSecureEnclave
    {
    
        double OSVersionNumber                  = floor(NSFoundationVersionNumber);
        UIUserInterfaceIdiom deviceType         = [[UIDevice currentDevice] userInterfaceIdiom];
    
        BOOL isOSForSecureEnclave               = OSVersionNumber > NSFoundationVersionNumber_iOS_8_4 ? YES:NO;
        //iOS 9 and up are ready for SE
    
    
        BOOL isDeviceModelForSecureEnclave  = NO;
    
        switch (deviceType) {
    
            case UIUserInterfaceIdiomPhone:
                //iPhone
                isDeviceModelForSecureEnclave = [self isPhoneForSE];
                break;
            case UIUserInterfaceIdiomPad:
                //iPad
                isDeviceModelForSecureEnclave = [self isPadForSE];
    
                break;
            default:
                isDeviceModelForSecureEnclave = false;
                break;
        }
    
        return (isOSForSecureEnclave && isDeviceModelForSecureEnclave) ? YES:NO;
    }
    
    
    /**
     The arrays are models that we know not having SE in hardware, so if the current device is on the list it means it dosent have SE
     */
    
    + (BOOL) isPhoneForSE
    {
        NSString *thisPlatform = [self platform];
        NSArray * oldModels = [NSArray arrayWithObjects:
                               @"x86_64",
                               @"iPhone1,1",
                               @"iPhone1,2",
                               @"iPhone2,1",
                               @"iPhone3,1",
                               @"iPhone3,3",
                               @"iPhone4,1",
                               @"iPhone5,1",
                               @"iPhone5,2",
                               @"iPhone5,3",
                               @"iPhone5,4", nil];
    
        BOOL isInList = [oldModels containsObject: thisPlatform];
        return !isInList;
    }
    
    
    + (BOOL) isPadForSE
    {
        //iPad Mini 2 is the earliest with SE // "iPad4,4"
        NSString *thisPlatform = [self platform];
    
        NSArray * oldModels = [NSArray arrayWithObjects:
                               @"x86_64",
                               @"@iPad",
                               @"@iPad1,0",
                               @"@iPad1,1",
                               @"iPad2,1",
                               @"iPad2,2",
                               @"iPad2,3",
                               @"iPad2,4",
                               @"iPad2,5",
                               @"iPad2,6",
                               @"iPad2,7",
                               @"iPad3,1",
                               @"iPad3,2",
                               @"iPad3,3",
                               @"iPad3,4",
                               @"iPad3,5",
                               @"iPad3,6",nil];
    
        BOOL isInList = [oldModels containsObject: thisPlatform];
    
        return !isInList;
    
    }
    
    
    + (NSString *)platform
    {
        size_t size;
        sysctlbyname("hw.machine", NULL, &size, NULL, 0);
        char *machine = malloc(size);
        sysctlbyname("hw.machine", machine, &size, NULL, 0);
        NSString *platform = [NSString stringWithUTF8String:machine];
        free(machine);
    
        return platform;
    
    }
    
    @end
    

    TO Check Touch ID

    - (BOOL)canAuthenticateByTouchId {
    if ([LAContext class]) {
        return [[[LAContext alloc] init] canEvaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics error:nil];
    }
    return YES;
    }
    

    You can also find for detecting Secure Enclave here you find