DCAppAttestService generateAssertion invalidInput

App & System Services General
beetlab OP
Created Feb ’22
Replies 2
Boosts 0
Views 1.8k
Participants 2

Hi!

Sometimes when calling

DCAppAttestService.shared.generateAssertion(key.id, clientDataHash: hash)

I'm getting DCError.Code.invalidInput. I am formatting clientDataHash usingSHA256.hash - so it is always 32 bytes long.

As I found out - this error depends on hash that I pass to generateAssertion method. But I could not find any system - which hashes are good and which are not.

Keys are always correct, otherwise invalidKey error would be risen. What can cause the issue? I'm testing on iPhone 11, iOS 15.2.1

Replies  2
Boosts  0
Views  1.8k
Participants  2
beetlab OP
Feb ’22

I've tested assertion with random keyId and it's invalidKey error, so the problem is definitely in clientDataHash. Please, help, Apple Engineering!

Here are the examples of hashes, that running into issue:

uqQ2OEoaFGyzYarDffqkJxeBIumSfIMYmdb/LWkmCvI= XAJ048L6kuYbFclShqDhFaw8L4qhyznusyg4ZQd/qFY= QASl9kEHRGFNw9rHfW3nk8r+1OXy014mJI+7Z//dyEo= hCF1dlIpa/jp4P6KQUT1CuWordnSJSNL/03+HOYrJHk= 90y0Y1UiIpyEY4jbAF/9SPj70rFooD4dzvnbn1s4WrM=

Here are successful hashes:

FIBEpdhRUX92mLLqSfaTl45cwePuCKFYyyp3zI0j5g4= GJ8qc3EPK+o8mqo9AssnUMhbqf6xZmJETFLDHJ+mdao= xTeQF2d5Qr4n3iJa+ECRTrpBclZdYatQUNHv0cQPYKE= Tn20+JzM3FWQtVEk+EWALEfJrMIN1FR+y7FoeJIALeY= NGK8gPiaIPI4W37MEY8B9aGhhEpgcFZj09qOd4LHmnM= vFQzqndMCvG2wdNHCD95CJu4QIX1IXxrYvWczp4wXWQ=

Looks like it's a bug - if a hash contains / than generateAssertion method will fail with DCError.Code.invalidInput

0
parthv21 OP
Sep ’22

Did you figure out what causes this issue or how to fix it? I tried to reproduce the issue with one of your hashes and did not get the error.

  let assertion = try await DCAppAttestService.shared.generateAssertion(key, clientDataHash: Data(base64Encoded: "uqQ2OEoaFGyzYarDffqkJxeBIumSfIMYmdb/LWkmCvI=")!)
0
DCAppAttestService generateAssertion invalidInput
First post date Last post date
 
 
Q