ACME

I'm trying to implement ACME managed device attestation, I have ACME server code written in C# and I've been able to get all of the steps working except for the very last one - issuing the certificate. I so far have not been able to get the device to accept the certificate, the device logs show: Got certificate {length = ......} ACME request flow failed at step 9: Error Domain=NSOSStatusErrorDomain Code=-67673 failed to obtain certificate UserInfo={NSLocalizedDescription=failed to obtain certificate} The certificate is issued by an internal CA and the correct root certificate is in the device's trusted certs. I have tried returning the certificate chain as a file response or content response to the device as a application/pem-certificate-chain mime type (as outlined as the default in the ACME RFC), returning just the leaf certificate as PEM, returning the leaf certificate as DER with mime type application/pkix-cert, application/pkcs7-mime, application/x-pkcs12 or applicatio

This is my entitlements.plist: com.apple.security.app-sandbox com.apple.security.device.usb Check signing result, I run codesign -d --entitlements :- ./dist/My.app codesign -vv ./dist/My.app and I get this Executable=/dist/My.app/Contents/MacOS/main Warning: Specifying ':' in the path is deprecated and will not work in a future release com.apple.security.app-sandboxcom.apple.security.device.usbcom.apple.security.network.clientcom.apple.security.network.servercom.apple.security.temporary-exception.files.absolute-path.read-only/private/etc/apache2/mime.types ./dist/My.app: valid on disk ./dist/My.app: satisfies its Designated Requirement But when I run my app, I got ['/dev/cu.Bluetooth-Incoming-Port', 'n/a', 'n/a'] ['/dev/cu.usbmodem23401', 'GD32 USB CDC ACM in FS Mode', 'USB VID:PID=28E9:018A SER=GD32F30X-3.0.0-7z8x9yer LOCATION=2-3.4'] (1, could not open port /dev/cu.usbmodem23401: [Errno 1] Operation not permitted: '/dev/cu.usbmodem23401') My app can't access to my usb device, how can I solve this

I am sending DeclarativeManagement with the MDM command, but it seems that it is not valid even if I send it to declaration-items What can you think of? iOS 16 MDM Command Command Data eyJTeW5jVG9rZW5zIjp7IlRpbWVzdGFtcCI6IjIwMjMtMTAtMThUMTE6MDY6MDJaIiwi RGVjbGFyYXRpb25zVG9rZW4iOiJiNjU0NDAyN2EzMTVjZDAwODVkNGNmMDgxNzQ2MjRj MmQxNDI0NDQ4MDQzMGE4N2IxNzZhMjcyN2U3MzY2MDA5In19 RequestType DeclarativeManagement CommandUUID 3398d0c0-8b36-4647-86ab-6a63f26d1576 UDID XXXXXXX-ZZZZZZZZZZZZZz declaration-items Rersponse(json) { DeclarationsToken: 1429e356-c51a-42a3-aff2-22963df30202, Declarations: { Assets: [ ], Management: [ { Type: com.apple.management.organization-info, Identifier: e07d18d6-4ec6-432a-b474-9b8816d029a2, ServerToken: 4922d69c-c231-426d-9598-c3acb612069e, Payload: { Email: email@example.com, Name: Acme Inc, URL: https://www.example.com } } ], Configurations: [ { Type: com.apple.configuration.legacy, Identifier: 84fe24b1-ac21-4a29-b279-70f715b3ac82, ServerToken: 0283b145-5791-4d7a-8a8e-769

The WWDC23 video on deploying passkeys at Work (https://developer.apple.com/videos/play/wwdc2023/10263/?time=633) talks about a Corporate CA Server signing the Identity Certificate for the passkey, which can be further used during registration with the relying party. Where can I find more information on what protocol and specification this Corporate CA should follow here ? Is this based on protocols such as SCEP/ ACME (or) something else ? Also, where I can find information on what verification this Corporate Server can follow before signing that Identity Cert?

I have an existing ScrollView view with a Picker. Upon selection of a picker value, and user pressing the details button, I want to append a view to the bottom of the existing view. I call detailsView. But it does not seem to work. @Environment(.managedObjectContext) private var viewContext @Environment(.dismiss) var dismiss @Environment(.presentationMode) var presentationMode @Binding var chosenProvider: Provider? @State var selectedLocation: Location? @State private var vendorNames: [String] = [] @State private var selectedVendor:String? = nil @State private var showingSheet = false @State var state: String? @State var zip: String? var body: some View { ScrollView { VStack { HStack { Text(Select Vendor) Picker(Provider, selection: $selectedVendor , content: { ForEach(vendorNames,id: .self, content: { name in Text(name) }) }) .pickerStyle(MenuPickerStyle()) .onTapGesture { self.getVendorNames() { providers, status in if (status) { vendorNames = providers } } } } .onChange(of: selectedVendor, perform: { newVa

Hello I'm seeing a 100% reproducible issue with macOS keychain when dealing with items protected with kSecAccessControlApplicationPassword. Creating, accessing the item works fine unless the user is running on macOS 12 (Monterey) and the system has been sleeping for at least 15 minutes (based on testing). I've seen the exact same behavior on an iMac and a Macbook (both running on the latest Monterey version). After sleeping for at least 15 minutes, trying to get an existing keychain item will fail with .errSecAuthFailed. From the Console I can see various messages like this: default 12:03:11.395081+0100 KeychainAppPasswordDemo LAContext[3506:10] created new cid:88 default 12:03:11.395231+0100 coreauthd setCredential:5621 type:0 on ContextProxy[398:287:387] rid:829 default 12:03:11.395261+0100 coreauthd Replacing ACM passphrase credential with purpose 0 on ACMContext 387 default 12:03:11.395395+0100 KeychainAppPasswordDemo setCredential:5621 type:0 on LAContext[3506:10] cid:89 returned success default

Run the sample code as doc https://developer.apple.com/documentation/mattersupport?changes=latest_minor import MatterSupport let request = MatterAddDeviceRequest( topology: .init(ecosystemName: Acme SmartHome, homes: [ .init(displayName: Default Acme Home), ]) ) do { try await request.perform() print(Successfully set up a device!) } catch { print(Failed to set up a device with error: (error)) } it runs but stuck in the scene below, never get the callback. Another issue about MatterSupport, when integrated with objective-c the bridge file(eg xx-Swift.h) turn out to show error: Cannot find interface declaration for 'MatterAddDeviceExtensionRequestHandler', superclass of 'MatterAddDeviceHandler' Xcode Version 14.2 (14C18) My code: // // MatterHelper.swift // xx // // Created by Robin on 2023/3/21. // import Foundation import MatterSupport @available(iOS 16.1, *) class MatterHelper: NSObject { @objc class func commission() { let request = MatterAddDeviceRequest( topology: .init(ecosystemName: RR

We are testing the ACMECertificate payload in Mac 13.1 beta and getting this error. The same payload when sent to iOS works fine. Any help on this would be appreciated. Thanks. FB Raised: FB11736586 PayloadVersion 1 PayloadUUID 70e4b45e3c1e PayloadType Configuration PayloadOrganization NewComp PayloadIdentifier 4565353a3a84 PayloadDisplayName ACME PayloadRemovalDisallowed PayloadContent PayloadVersion 1 PayloadUUID f84ef110e39b PayloadType com.apple.security.acme PayloadOrganization NewComp PayloadIdentifier f84ef110e39b PayloadDisplayName ACME Configuration DirectoryURL https://acmeserver/acme/acme/directory ClientIdentifier test HardwareBound KeyType ECSECPrimeRandom KeySize 384 Subject 1.2.840.113549.1.9.1 test@test.com SubjectAltName KeyUsage 5 Attest