identifierForVendor API bug which changes values between updates still persists.
| Originator: | epitomebar | ||
| Number: | rdar://22961038 | Date Originated: | October 13, 2015 |
| Status: | Open | Resolved: | |
| Product: | iOS SDK | Product Version: | Various |
| Classification: | Serious Bug | Reproducible: | Sometimes |
Summary: First version was published in May. An update was published on 28 Aug and went live on 31st August. This is following the recommendation that the apps should be updated in order to correct the identifierForVendor value. Users were advised to re-enrol. Another update was submitted and went live on 30th Sept. The identifierForVendor is still incorrect. Prompting the users to re-enrol the second second or more time. identifierForVendor value was used as part of encryption in our app as a means to bind the data to the device. However, with different values, we won't be able to decrypt them. Steps to Reproduce: 1. Install the app. 2. Enroll. User would need a registration code from the bank. 3. At this point a secret data is received from the bank server and gets encrypted with a set of keys. Among which is the value of identifierForVendor in order to bind the data to the device. 4. Perform app update. 5. The app becomes unusable because the data does not get decrypted correctly due to different value of identifierForVendor now. Expected Results: The app should be able to decrypt the data correctly. Actual Results: Unable to decrypt the data. Version: Xcode version 6.2. Configuration: iPhone with iOS version 7 and above. --------------------- Marked duplicate of issue 22584428 but didn't give details about it. Related to: https://openradar.appspot.com/22677034
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!