ES256 error :Unable to decode the provided data.

[sshallow]

New Issue Checklist

• I have read and understood the CONTRIBUTING guide
• I have read the Documentation
• I have searched for a similar issue in the project and found none

Issue Info

Info	Value
Platform Name	ios
Platform Version	14.1
CocoaLumberjack Version	3.0.0-beta.12
Integration Method	cocoapods
Xcode Version	Xcode 12
Repro rate	all the time (100%)

Issue Description and Steps

I want to create a jwt token via oc in order to use App Store Connect API.

Error

encode failed, error: Error Domain=NSOSStatusErrorDomain Code=-26275 "Unable to decode the provided data." UserInfo={NSLocalizedDescription=Unable to decode the provided data.}

Code

// fill it
claimsSet.issuer = @"f2a3d6c9-2d1b-488a-afe0-2xxxxxx";
claimsSet.expirationDate = [[NSDate date] initWithTimeIntervalSinceNow: 20 * 60];
claimsSet.audience = @"appstoreconnect-v1";

// encode it
NSString *privateKey = [self pemKeyStringFromFileWithName];
NSString *algorithmName = JWTAlgorithmNameES256;
NSDictionary *headers = @{@"kid":@"C999Sxxxxxx"};

id<JWTAlgorithmDataHolderProtocol>holder = [JWTAlgorithmHSFamilyDataHolder new].algorithmName(algorithmName).secret(privateKey);

JWTCodingResultType *result = [JWTEncodingBuilder encodeClaimsSet:claimsSet].headers(headers).addHolder(holder).result;

NSString *encodedToken = result.successResult.encoded;
if (result.successResult) {
    // handle encoded result
    NSLog(@"encoded result: %@", result.successResult.encoded);
}
else {
    // handle error
    NSLog(@"encode failed, error: %@", result.errorResult.error);
}

ps

This is the corresponding ruby script, it works

require "base64"
require "jwt"
ISSUER_ID = "f2a3d6c9-2d1b-488a-afe0-296xxxxx"
KEY_ID = "C999S5xxx"
private_key = OpenSSL::PKey.read(File.read("/Users/smart/AuthKey_C999xxxxx.p8"))
token = JWT.encode(
   {
    iss: ISSUER_ID,
    exp: Time.now.to_i + 20 * 60 ,
    aud: "appstoreconnect-v1"
   },
   private_key,
   "ES256",
   header_fields={
     kid: KEY_ID }
 )
puts token

[sshallow]

I seem to find the source of the problem:
The privateKey is always empty. By tracking the source code, I found that there was a problem in the process of converting data to key.

JWTCryptoSecurity.h

SecItem.h (framework )

But 'kSecAttrKeyTypeECDSA' is unavailable: not available on iOS

[lolgear]

@sshallow thanks for information!
Have you tried to change key to TypeEC and create private key from your data?

[sshallow]

@lolgear I tried to use kSecAttrKeyTypeEC to create, the result of SecKeyCreateWithData was empty. (Picture 1 is the process of kSecAttrKeyTypeEC)

[lolgear]

@sshallow
Could you share an example project?
I would like to close many bugs before pre-release API V3