After the iOS16 upgrade, the IDFV changes?

After users upgraded iOS16 beta, some users' sandbox database cannot opening. After checking code logic, it is found that the encrypted key of the database has changed after upgraded iOS16. The code logic of the generated key is as follows:

  • (NSString *)mtdxSHA256DatabaseBinaryKeyFromnNSString:(NSString *)string

{   NSString *IDFV = [[[UIDevice currentDevice] identifierForVendor] UUIDString];   NSString *clearString = [IDFV stringByAppendingString:string];   const char *cstr = [clearString cStringUsingEncoding:NSUTF8StringEncoding];   NSData data = [NSData dataWithBytes:cstr length:clearString.length];   uint8_t digest[CC_SHA256_DIGEST_LENGTH];   CC_SHA256(data.bytes, (uint32_t)data.length, digest);   NSMutableString result = [NSMutableString stringWithCapacity:CC_SHA256_DIGEST_LENGTH * 2];   for(int i = 0; i < CC_SHA256_DIGEST_LENGTH; i++) {     [result appendFormat:@"%02x", digest[i]];   }   NSString *key = [NSString stringWithFormat:@"x'%@'",[result uppercaseString]];   return [key copy]; }

This method contains identifierForVendor. I wonder if the IDFV has changed after the iOS16 upgrade? Could apple official help to confirm and reply?

Not an official APP Store package, but the bundle ID has not changed

Up vote post of SFly_M Down vote post of SFly_M
131 views
Posted by
SFly_M
Reply
Add a Comment

Replies

Please file a Feedback Report as soon as possible, and include a sysdiagnose. It would be best if you can create the sysdiagnose as soon after installing iOS 16 beta as possible.

Posted by
Gualtier Malde
Up vote reply of Gualtier Malde Down vote reply of Gualtier Malde
Add a Comment

While Gualtier Malde is correct that this shouldn’t have changed during the iOS 16 beta upgrade, I want to caution you about this:

After users upgraded iOS16 beta, some users' sandbox database cannot opening. After checking code logic, it is found that the encrypted key of the database has changed after upgraded iOS 16.

Do not store valuable user data such that identifierForVendor is the only way to recover that data. The exact handling of identifierForVendor has changed in the past and it’s possible that it might change in the future. If you use it as the only encryption key for your user’s data, you open yourself up to problems like this.

I’ve worked with other developers in the past who’ve had exactly this problem, and the end result was that all their users lost all their data )-: I’m hoping that this won’t happen here, but your current design makes you extremely vulnerable to such problems and I strongly recommend that you change your design.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment