My goal is:
Generate a public and private key pair
Add the private key to the keychain and protect it with the secure enclave
Create a self-signed certificate with the public key and send it to a server
Add the certificate to the keychain
When I communicate with the server I want to create a SecIdentity during the client challenge which is basically a SecCertificate + SecKey combo.
For the certificate generation I would like to use the swift-certificates library to not have to compose manually the certificate fields and signature.
My problem is that the swift-certificates during the Certificate initialisation needs a SecureEnclave.P256.Signing.PrivateKey private key and to add a key to the keychain we need a SecKey object. And unfortunately there is no clean way to create from one of them the other one. I read several threads here about this, but I haven't found a clean solution for it.
I tried to approach the problem from two directions:
First:
Create the key with the SecKeyCreateRandomKey, mark in the attributes that I want to protect the key with secure enclave and also mark that I want the private key to be kSecAttrIsPermanent so it is automatically saved in the keychain
The SecKeyCreateRandomKey returns a SecKey which is a reference to the private key from the keychain
(!) Unfortunately I haven't found a clean way to convert a SecKey to a -> SecureEnclave.P256.Signing.PrivateKey
There is a workaround to SecKeyCopyAttributes of the private key and to extract the bytes from the attributes["toid"], but I guess it's not safe to use an undocumented key ("toid") if there is no constant defined to it (the name could be changed in future releases)
Second approach:
Create a SecureEnclave.P256.Signing.PrivateKey
Create the Certificate using the swift-certificates
The created private key is protected by the secure enclave but it's not added automatically to the keychain so we should add it to can query after that the SecIdentity
(!) Unfortunately I haven't found a way to convert the SecureEnclave.P256.Signing.PrivateKey to -> SecKey.
There are threads which say that the SecKeyCreateWithData(...) helps us, but unfortunately if we set the kSecAttrTokenIDSecureEnclave in the attribute dictionary, the method creates a brand new key for us, regardless the passed data. So the initial key will never be the same as the newly created SecKey. This we can see in the method's implementation.
So I got stuck with both approaches because seemingly there is no clean way to switch between SecureEnclave.P256.Signing.PrivateKey and SecKey.
One solution would be to compose manually the certificate, without swift-certificates because like that we would not need a SecureEnclave.P256.Signing.PrivateKey object. But I would like to avoid the manual composition and signature calculation...
Anybody has any idea?
Prioritize user privacy and data security in your app. Discuss best practices for data handling, user consent, and security measures to protect user information.
Post
Replies
Boosts
Views
Activity
Hi, I want to support client certifcate authentication for a URL loaded in WKWebView. Certificate is in the smartcard that is connected to iOS device through lightning port smart card reader. For USB-C type reader, iOS supports this out of the box. But for the lightning port reader, I thought of writing a CTK extension to access smartcard and read the certificate. I have a smart card sdk to access the smartcard. Could you please let me know which is the extension that should be used for this purpose. There are 2 types of extensions available in Xcode. Smartcard extension and Persistent Token extension. Which one should be used for this case? When I tried persistent token extension, it seems to hit sign function inside Tokensession class but with smartcard extension it is not getting called when I try to access the URL in WKWebView after certificate selection. Also the smartcard sdk has EAAccessory framework dependency. Is EAAccessory allowed to be used in CTK extension? https://developer.apple.com/forums/thread/111691?answerId=342707022 says EAAccessory is not working inside app extension. Thanks in advance.
// Example configuration: com.apple.configuration.security.passkey.attestation
{
"Type": "com.apple.configuration.security.passkey.attestation",
"Identifier": "B1DC0125-D380-433C-913A-89D98D68BA9C",
"ServerToken": "8EAB1785-6FC4-4B4D-BD63-1D1D2A085106",
"Payload": {
"AttestationIdentityAssetReference": "88999A94-B8D6-481A-8323-BF2F029F4EF9",
"RelyingParties": [
"www.example.com"
]
}
}
I have an app that is getting rejected from TestFlight because of this error:
ITMS-90683: Missing purpose string in Info.plist - Your app’s code references one or more APIs that access sensitive user data, or the app has one or more entitlements that permit such access. The Info.plist file for the “TurtleTuner.app” bundle should contain a NSCameraUsageDescription key with a user-facing purpose string explaining clearly and completely why your app needs the data. If you’re using external libraries or SDKs, they may reference APIs that require a purpose string. While your app might not use these APIs, a purpose string is still required. For details, visit: https://developer.apple.com/documentation/uikit/protecting_the_user_s_privacy/requesting_access_to_protected_resources.
The app does not use the camera, only the microphone. I cannot find references to the camera in any of the third party libraries I'm using.
What are some ways to troubleshoot this beyond looking for "camera" in the few dependencies?
For context, this commit allows the app to get through successfully to TestFlight: https://github.com/tsargent/turtle-tuner/commit/67d4a52e62839ad6c2a49848bea9c408d983f17a
While this following commit, which reverts the commit, fails on TestFlight with the mentioned camera permission error: https://github.com/tsargent/turtle-tuner/commit/c95b0b16c4e85d77e625d36b816ed53faa826cf5
Hello Everyone,
Is there any method or callback event to obtain the current time and date mode (Automatic or Manual) in Swift?
In Android, Settings.Global.AUTO_TIME is used for the same.
Could anyone advise on the equivalent functionality or approach for iOS development?
Thanks in advance!
Hello, according to this doc Apple will begin blocking app store submissions in Spring 2024 when an application or one of its 3rd-party SDKs calls certain iOS/iPadOS system APIs without declaring a reason for doing so via a privacy manifest.
It seems that for framework and app targets, adding a privacy manifest is relatively straightforward: Add the xcprivacy file to the project and make it a member of the appropriate build target. For apps and fameworks, this will cause the privacy manifest to be copied into the root directory of the .app or .framework bundle at build time.
I work on a SDK which ships to application developers as a static library (.a) bundled within a xcframework. It seems that Xcode will not allow a privacy manifest file to be added as a member of a static library target. Which I assume is because when compiled, a static library build target does not produce a bundle like a ".app" or ".framework" which you'd get when compiling an app or framework target. Just a standalone (.a) file. What is the recommended way for developers of static libraries to provide application developers with a privacy manifest for their SDK? Is there a mechanism for including the privacy manifest somewhere within the xcframework bundle at the time it is created for the static lib, so that it automatically gets copied into an application which may link to it? If not, can the privacy manifest be included in a resource bundle which we already provide to our partners along with the static lib? Or does the manifest need to exist within the root directory of the application bundle since the contents of the static lib will ultimately get embedded into the app binary? If that is the case, do we need to provide our app partners with a separate standalone xcprivacy file, which they would need to incorporate into their project?
Current situation.
I'm using third-party sdk make by myself with my app.
my app use UserDefaults api, and My sdk(framework) too
Recently,
apple store policy changed, apple says If you use "Userdefaults API", Include Privacy Manifest.
As a result My app including two Privacy manifest
If I create 10 SDKs, and all of these SDKs use "Userdefaults API", and one app itself also uses the "Userdefaults API", is it correct to include 11 "Privacy manifests" in this app?
Hello,
I am developing a smartcard CTK extension for macOS.
I have trouble to smartcard logon the first time after a reboot or a logout (e.g. when there is the text "Your password is required to enable touch id"). Trouble = I'm not asked for the PIN.
But time to time after a logout (from whatever account), I can login with the smartcard. After a lockscreen I can always login with the smartcard.
Is there an easy way to debug the logon process ?
Regards,
++dom
Hi!
In the team I work with, we develop an sdk for iOS which has support for two internal variations, one with basic capabilities and another with full ones, embedded in the same xcframework.
The thing is with the privacy manifest change in the horizon, we are wondering if the sdk in the basic version can have a manifest with some values and the manifest in the sdk full version can have a different value, since the capabilities enabled in one may have different nutrition label types values than the other.
Is that scenario feasible, or there is a different way for this situation?
Thanks
What is the difference between ASPasskeyCredentialIdentity.userName and ASPasskeyCredentialIdentity.user ?
From https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialuserentity-displayname there should be only displayName.
For a security product, I wonder if security extension has a capability to catch a file during copy operation (I guess it's composed out of multiple basic ops like file read and file write).
I'd like to store the file in some quarantined temporal (let's say when someone copy file from external file system like usb/network location and copy it back once the file has properly scanned.
So far, i've used the authorization capabilities of the security extension. I wonder if there's also an option to change the target location of a file being copied ?
Thanks.
Hey all, so I currently have a passkey provider application on iOS that works for every RP except for google.
I found this post here saying the AttestationObject needs to be an ordered dictionary and can confirm on https://webauthn.me/debugger that my object is an ordered dictionary in the correct format.
However, google fails to create the key every time saying generically the passkey can't be saved at this time.
I'm just curious if there is something unique about google, like are they maybe whitelisting providers? Or do they require something extra that I need to send?
I can't find any other information for why google wouldn't work while everyone else does.
Thanks in advance for any help!
We develop SDKs that are distributed as XCFramework to our clients. We seek clarification regarding the necessity of attaching a Privacy Manifest, especially in instances where our SDK does not interact with data that would typically be covered under such a manifest.
Additionally, in the scenario where our SDK's primary function is the transmission and reception of data, which may potentially include personal data, are we required to declare in the Privacy Manifest that we handle personal information? This query persists even when all personal data processing is executed on the server side.
From our current understanding, based on the information available at https://developer.apple.com/support/third-party-SDK-requirements/, it appears that SDKs are only obligated to have a signature, and incorporating a Privacy Manifest may not be compulsory. We would appreciate further insight or confirmation on this matter.
For example my app is using Firebase and Alamofire.
Still I could find the Manifest files for the above SDKs.
What would be impact on app if the above api's is not updated with their Manifests.
Hi Team,
I am developing a sample authPluggin which should connect to a mobile app via bluetooth connection,
So here are the scenario
Authplugin with Bluetooth connection shoould work on lockscreen+login
I have created mechanism- prepared:privillaged, main, clean:Privilaged
Calling corebluetoothmanager initiation at the time of prepared:privilaged mechanism
I have to add my auth plugin’s mechanism before loginwindow:success mechanism
But I always gets unauthorized = 3, from power state of bluetooth
Note: With App, bluetooth connection is working fine, Its giving error with authPlugin
How to achieve my ultimate goal, is this the right way?
Hello, I am creating this post to ask if there is any plan for bringing the Attestation Service support for macOS or any plans for supporting it in macOS.
We implemented it in iOS and it increased the security for our users and partners but we are evaluating deprecated macOS and keeping only Windows and linux because of this restriction on the Attestation Service...
if you recommend any other provider to attest the device please bring me some recommendations.
Are a privacy manifest and signature required for any SDKs other than those listed on the following page?
https://developer.apple.com/jp/support/third-party-SDK-requirements/
We integrate the LINE SDK for Unity (https://developers.line.biz/ja/docs/line-login-sdks/unity-sdk/overview/) in our apps.
LINE SDK for Unity uses an API corresponding to the Required Reason API on the following page.
https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api
Can you please let us know whether a privacy manifest and signature are required for this third-party SDK as well?
Thank you in advance for your attention to this matter.
Our company has a library that can be used internally.
This is being used as a .a file.
The languages are in C and C++.
C code contains stat. Is this the same stat as Apple refers to??
How do you solve this??
I am encountering an issue with accessing the system keychain on macOS [macOS 13.6.3]. When running our product, the following error message is logged:
[com.apple.securityd:secitemratelimit] Not internal release, disabling SIRL
[com.apple.securityd:keychain] System Keychain Always Supported set via feature flag to disabled
As a result, our product is unable to access the system keychain, which is impacting functionality.
Note: In many other devices this issue is not seen.
Steps to Reproduce:
The moment pkg is installed it creates a key in keychain.
For an affected device SecItemCopyMatching is returning errSecInteractionNotAllowed
Question:
Is there a way to enable the system keychain access or address the issue with the feature flag being disabled?
Are there any suggestions or recommendations for handling this case?
Any assistance or guidance on resolving this issue would be greatly appreciated. Thank you in advance for your help.
How to make an APP offer to save access credentials in the iCloud keychain