Our app creates ECDSA signatures by calling SecKeyCreateSignature() using a private key that is protected by the secure enclave. On iOS 17 beta our backend rejects some of those signatures as invalid while on previous iOS versions everything is fine. Did anything change in the security framework in iOS 17 that I missed in the release notes or the API diffs?
iOS 17 beta is a major OS release, which means lots of things have changed. It’s not feasible to map from a high-level description of an issue like this to a specific change. For example, you’re assuming that the problem is with the signature generation, but what if there’s a networking issue that’s corrupting the data you send to your server? You’ll need to do some debugging to isolate the issue.
My favourite trick to debug problems like this is to verify the signature on iOS before sending it to your server. That’ll tell you whether iOS itself thinks the signature is valid.
If so, the next step is to confirm that the data and its signature made it to your server intact. On both the iOS and server side, generate an independent hash of the data and the signature and check that they match.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
I had the same issue, same code runs on both iOS 16 and iOS 17 Beta 5. My server is able to verify signatures created by iOS 16 successfully, yet fails to verify signatures made from same code on iOS 17.
to verify it is not a network issue I created a signature using iOS 16, and used it with iOS 17, alongside signature created by iOS 17. the server was able to verify the signature that was created by iOS 16 and sent using iOS 17, but failed to verify the Signature Created by iOS 17. then,
further more, iOS 17 SecKeyVerifySignature fails to verify the valid signature created by iOS 16, and iOS 16 fails to verify the (invalid?) signature created by iOS 17.
@ohadshulz were you able to do anything about it? As prompted by @eskimo I started looking into this in more detail and so far found that on the device the offending signatures seem to check out fine, but the server nevertheless complains.
I am not really getting anywhere with this so far
What I’m suggesting is something like the process we went through in this thread.
Would it be helpful if I opened a DTS incident for this?
Sure. But it’s likely that that conversation will start with exactly the suggestions I’m making here.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
FWIW:
If so, the next step is to confirm that the data and its signature made it to your server intact. On both the iOS and server side, generate an independent hash of the data and the signature and check that they match.
Turns out this was the issue, the cause being the same as the one discussed in this thread. But thanks anyway.
Thanks for closing the loop.
