Post

Replies

Boosts

Views

Activity

Reply to kSecAttrAccessibleAlwaysThisDeviceOnly icloud restore vs transfer directly from iphone
"If that doesn’t yield the results you need, open a DTS tech support incident, which will allow me to allocate the time to dig into this properly." I opened up the incident so that you can "allocate time" to dig into this. Now you're asking for more info, its pretty straight forward, all apps are behaving like this , install any app with registration and login process in it, and then move it to another phone, i don't know what further help does apple need from me. It is pretty straight forward process, you want me to simulate this as well!!!!????
Apr ’21
Reply to kSecAttrAccessibleAlwaysThisDeviceOnly icloud restore vs transfer directly from iphone
Its your wish, if you want to solve it then solve it. otherwise leave it. I am not going to spoon feed everything to you. It's quite evident that apple clearly doesn't care about its own bugs, why should i raise a DTS incident or a feedback or post on its forum or whatever else you have enabled to simply waste our time. You're acting as if we have all the time in the world!! You think i have the time to do these things on your behalf?
Apr ’21
Reply to Fatal Exception: NSInvalidArgumentException SecKeyGetAlgorithmId called with NULL SecKeyRef on ios 15 only
SecKeyRef tmpprivatekeyref = [KeyInterface lookupPrivateKeyRef];      OSStatus signStatus = SecKeyRawSign(tmpprivatekeyref,                       kSecPaddingNone,                       [digest bytes],                       [digest length],                       [signature mutableBytes],                       &signatureLength); if tmpprivatekeyref is nil then on older versions of the OS signStatus used to return success or failure, on OS 15 it is crashing with the error mentioned in the post's heading. This is the bug. Why tmpprivatekeyref is nil you ask? because we store device id in a keychain to uniquely identify a device, so when an app gets transferred from one iphone to another keychain gets replicated even if we set thisiphoneonly flag (not through icloud), but the privatekey reference for SecKeyRef doesn'te get transferred to the new iphone. I have mentioned this before as well, but apple keeps insisting on providing a sample code, how can i provide a sample code for an issue that occurs when an app is transferred from one device to another?
Sep ’21
Reply to Fatal Exception: NSInvalidArgumentException SecKeyGetAlgorithmId called with NULL SecKeyRef on ios 15 only
There is this app, which is a financial app, we use UUID to uniquely identify the app, since there no way of extracting IMEI etc on apple to identify a device. We store this UUID in a keychain, because in one instance of apple OS upgrade the UUID changed after the OS upgrade, this I think is well documented. Hence we cannot rely on this if it happens again, because honestly I can’t explain these things to our clients (who don’t understand the technical aspect of things) .  So our servers uniquely identify each device/user based on this UUID, and redirects him/her to either the login page or to the registration page. We also have enabled biometric , we ask the Secure enclave to generate a public and a private key and we store the public key in our servers. So once server stores this public key it assumes the user has enabled biometric login. On launch of the app our server generate a token and sends it to the device. User then tries to login using face/Touch ID, we request the private key reference from the secure enclave (upon which biometric gets launched) get the private key reference , sign the token and send it to server , which will use the public key to check if the token is valid and that is our biometric authentication process.  Now the same user now buys a new iPhone, and then transfer his data from the old iPhone using iphone to iPhone transfer, guess what happens, the UUID in the Keychain gets transferred to the new iPhone even though I have specifically stated not to. i.e via kSecAttrAccessibleAlwaysThisDeviceOnly. Now the Secure enclave doesn’t gets transferred to the new iPhone. Now the user tries to access the app on his new phone, it directly goes to the login page instead of registration page because our server gets the original UUID that was used on the old iPhone. Then server assumes the user has already enrolled in biometric sends the token and then the device tries to access the private key reference ,it returns nil and our app crashes only on iOS 15. Used to return failure now it doesn’t.  Now there are other users who transfer (using the above same app which is in store by the way) their data via iCloud for them the UUID (Stored in keychain) doesn’t get transferred because of kSecAttrAccessibleAlwaysThisDeviceOnly, so all is well, it behaves as expected. Now is my approach wrong? Or is it a bug at apple’s end?
Sep ’21
Reply to Fatal Exception: NSInvalidArgumentException SecKeyGetAlgorithmId called with NULL SecKeyRef on ios 15 only
Not sure what you mean by API contract? By definition a contract shouldn't change willy-nilly, why was it working till now!! prior to ios 15 , i can see examples created by other programmers who were passing nil, its a bug , let's just leave it at there. And as far as either item is missing, i need to rollback, how will i come to know if a secure enclave is erased without prompting the user to do a biometric authentication, this is not an elegant solution, i don't think anyone should design apps in such fashion., this is like going into a rabbit hole, end user will get confused, prompting user to use face id, and then informing him his app will get deregistered! . why have you proposed this specific key kSecAttrApplicationTag i am not sure, i am storing the UUID as kSecClassGenericPassword. Also if possible make it clear as to why that on icloud restore the keychain gets erased but on iphone to iphone transfer it doesn't, i have witnessed this in multiple apps , designed by other companies. So clearly i am not the only one who is designing apps this way. Am i doing something wrong? is it a mistake to store it as kSecClassGenericPassword?
Sep ’21
Reply to Can't create new app version on App Store Connect
Asset validation failed Invalid Version. The build with the version “1.9” can’t be imported because a later version has been closed for new build submissions. Choose a different version number. (ID: 0cb9ef1a-e4af-48ed-9279-f31686169f20) Asset validation failed Invalid Pre-Release Train. The train version '1.3' is closed for new build submissions (ID: 67f71f7f-e21c-4495-8a3a-38f7ccf0222f) Asset validation failed This bundle is invalid. The value for key CFBundleShortVersionString [1.3.0] in the Info.plist file must contain a higher version than that of the previously approved version [1.20]. Please find more information about CFBundleShortVersionString at https://developer.apple.com/documentation/bundleresources/information_property_list/cfbundleshortversionstring (ID: 8cb5cafe-f932-4dc5-a9a7-eca59fbe4137) Getting this error now!!!!! the app itself was invisibile, dont know what is 1.9? it is not mentioned anywhere, we have given it as 1.3
Feb ’24