Skip to content

Add support for P-384 keys on the secure enclave #904

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
maraino merged 1 commit into from
Dec 2, 2025
Merged

Add support for P-384 keys on the secure enclave #904

maraino merged 1 commit into from
Dec 2, 2025

Conversation

@maraino
Copy link
Contributor

@maraino maraino commented Dec 2, 2025
edited
Loading

This commit enables the creation of NIST P-384 keys on the Secure Enaclave.

See last section of https://support.apple.com/guide/security/managed-device-attestation-security-sec8a37b4cb2/web

To create a hardware-bound key, the ACME configuration needs to use the ECSECPrimeRandom algorithm
with a key size of 256 or 384 bit. This specifies a key pair on the P-256 or P-384 curves as defined 
in NIST SP 800-186.

@maraino
Add support for P-384 keys on the secure enclave
95d1c3c 
This commit enables the creation of NIST P-384 keys on the Secure
Enaclave.
@maraino maraino requested a review from joshdrake December 2, 2025 02:53
@maraino maraino merged commit cd9e473 into master Dec 2, 2025
15 checks passed
@maraino maraino deleted the mariano/mackms-se branch December 2, 2025 19:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joshdrake joshdrake joshdrake approved these changes

@hslatman hslatman hslatman approved these changes

Assignees

No one assigned

Labels

needs triage

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@maraino @joshdrake @hslatman