private SecKey GetDataEncryptionKey() { var query = new SecRecord(SecKind.Key) { ApplicationTag = APPLICATION_TAG, }; var keys = SecKeyChain.QueryAsReference(query, 2, out var code); if (code == SecStatusCode.Success) { return(keys[0] as SecKey); } SecKeyChain.Remove(query); var key = SecKey.CreateRandomKey(SecKeyType.RSA, 2048, null, out var e); if (e != null) { return(null); } var rec = new SecRecord(key) { ApplicationTag = APPLICATION_TAG, KeyType = SecKeyType.RSA, KeyClass = SecKeyClass.Private, Accessible = SecAccessible.AfterFirstUnlock }; var r = SecKeyChain.Add(rec); if (r != SecStatusCode.Success) { System.Diagnostics.Debug.WriteLine($"CryptoImpl.cs: Could not add a new key pair to KeyChain. status = \"{r}\"\n" + " Please make sure \"Entitlements.plist\" is set for custom entitlements in project property page."); return(null); } System.Diagnostics.Debug.WriteLine("CryptoImpl.cs: A new key encryption key pair was generated."); return(key); }