Store keys generated on the device in the secure enclave

[nbraud]

The Android version already uses the Android KeyStore to handle RSA keys.
However, as far as I was able to tell, the iOS version currently doesn't use the Secure Enclave, meaning that the private keys are available to the app as plaintext, making them recoverable through a vulnerability either in the app or in iOS.

The Secure Enclave supports generating private keys and only exposing signing/encryption operations; unfortunately, according to Apple's documentation, it is not possible to import an existing key in the secure enclave.

[agrinman]

The iOS Secure Element currently only supports NIST-P-256 elliptic curves, and unfortunately the Cryptography community does not consider this curve safe to use. See here for more information: https://safecurves.cr.yp.to.

Once the iOS Secure Element supports RSA or Ed25519 we will definitely add support for using the Secure Element. We may also add support for NIST-P-256 curves as certain applications depend on them (in which case we will of course use the Secure Element).