Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ES256 error :Unable to decode the provided data. #226

Open
3 tasks done
sshallow opened this issue Nov 6, 2020 · 4 comments
Open
3 tasks done

ES256 error :Unable to decode the provided data. #226

sshallow opened this issue Nov 6, 2020 · 4 comments

Comments

@sshallow
Copy link

sshallow commented Nov 6, 2020
edited
Loading

New Issue Checklist

Issue Info

Info Value
Platform Name ios
Platform Version 14.1
CocoaLumberjack Version 3.0.0-beta.12
Integration Method cocoapods
Xcode Version Xcode 12
Repro rate all the time (100%)

Issue Description and Steps

I want to create a jwt token via oc in order to use App Store Connect API.

Error

encode failed, error: Error Domain=NSOSStatusErrorDomain Code=-26275 "Unable to decode the provided data." UserInfo={NSLocalizedDescription=Unable to decode the provided data.}

Code

// fill it
claimsSet.issuer = @"f2a3d6c9-2d1b-488a-afe0-2xxxxxx";
claimsSet.expirationDate = [[NSDate date] initWithTimeIntervalSinceNow: 20 * 60];
claimsSet.audience = @"appstoreconnect-v1";

// encode it
NSString *privateKey = [self pemKeyStringFromFileWithName];
NSString *algorithmName = JWTAlgorithmNameES256;
NSDictionary *headers = @{@"kid":@"C999Sxxxxxx"};

id<JWTAlgorithmDataHolderProtocol>holder = [JWTAlgorithmHSFamilyDataHolder new].algorithmName(algorithmName).secret(privateKey);

JWTCodingResultType *result = [JWTEncodingBuilder encodeClaimsSet:claimsSet].headers(headers).addHolder(holder).result;

NSString *encodedToken = result.successResult.encoded;
if (result.successResult) {
    // handle encoded result
    NSLog(@"encoded result: %@", result.successResult.encoded);
}
else {
    // handle error
    NSLog(@"encode failed, error: %@", result.errorResult.error);
}

ps

This is the corresponding ruby script, it works

require "base64"
require "jwt"
ISSUER_ID = "f2a3d6c9-2d1b-488a-afe0-296xxxxx"
KEY_ID = "C999S5xxx"
private_key = OpenSSL::PKey.read(File.read("/Users/smart/AuthKey_C999xxxxx.p8"))
token = JWT.encode(
   {
    iss: ISSUER_ID,
    exp: Time.now.to_i + 20 * 60 ,
    aud: "appstoreconnect-v1"
   },
   private_key,
   "ES256",
   header_fields={
     kid: KEY_ID }
 )
puts token
@sshallow sshallow mentioned this issue Nov 6, 2020
Open
@sshallow
Copy link
Author

I seem to find the source of the problem:
The privateKey is always empty. By tracking the source code, I found that there was a problem in the process of converting data to key.

JWTCryptoSecurity.h
QQ20201111-151646@2x

SecItem.h (framework )
es256

But 'kSecAttrKeyTypeECDSA' is unavailable: not available on iOS

@lolgear
Copy link
Collaborator

lolgear commented Nov 11, 2020
edited
Loading

@sshallow thanks for information!
Have you tried to change key to TypeEC and create private key from your data?

@sshallow
Copy link
Author

@lolgear I tried to use kSecAttrKeyTypeEC to create, the result of SecKeyCreateWithData was empty. (Picture 1 is the process of kSecAttrKeyTypeEC)

@lolgear
Copy link
Collaborator

lolgear commented Jun 8, 2021

@sshallow
Could you share an example project?
I would like to close many bugs before pre-release API V3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lolgear @sshallow