SecRandomCopyBytes in Sign with Apple

[jesus-mg-ios]

Hi:

I am reviewing sign with apple, and I notice that SecRandomCopyBytes is called multiple times (1 per byte) instead of fill the nonce bytes length at once. Is this related to something about the strength of the nonce?

Thanks in advance for the clarification

Extracted from https://firebase.google.com/docs/auth/ios/apple :

let randoms: [UInt8] = (0 ..< 16).map { _ in
      var random: UInt8 = 0
      let errorCode = SecRandomCopyBytes(kSecRandomDefault, 1, &random)
      if errorCode != errSecSuccess {
        fatalError(
          "Unable to generate nonce. SecRandomCopyBytes failed with OSStatus \(errorCode)"
        )
      }
      return random
    }

What I think that can be done

 let length = 32
 let randomBytes = [Int8](repeating: 0, count: length)
 let errorCode = SecRandomCopyBytes(kSecRandomDefault, length, &random) 
 if errorCode != errSecSuccess {
        fatalError(
          "Unable to generate nonce. SecRandomCopyBytes failed with OSStatus \(errorCode)"
        )
 }

[ncooke3]

Hi @jesus-mg-ios, thanks for pointing that out. I can't find any documentation that specifies that calling SecRandomCopyBytes multiple times (1 per byte) instead of once (with multiple bytes) results in nonces with different cryptographic strengths.

In your simplified code snippet, I think the length should be 16 to match that of the original snippet's number of bytes, right?

[jesus-mg-ios]

@ncooke3, is "review the sample" on the backlog?

[ncooke3]

yes, sorry @jesus-mg-ios, thanks for the ping. I will see about getting this updated this upcoming week.

[jesus-mg-ios]

Nice, thanks for your hard work!

[ncooke3]

I played around with it again and was trying to figure out if there was a good way to avoid the while loop. I came up with the below snippet. I think this should be cryptographically equivalent with the current snippet hosted on the docs. I chose to throw an error for the failure case just to see what that looks like.

enum NonceGenerationError: Error {
    case generationFailure(status: OSStatus)
}

private func randomNonce(length: Int = 32) throws -> String {
    var randomBytes = [UInt8](repeating: 0, count: length)
    let errorCode = SecRandomCopyBytes(kSecRandomDefault, randomBytes.count, &randomBytes)
    if errorCode != errSecSuccess {
        throw NonceGenerationError.generationFailure(status: errorCode)
    }

    let charset: [Character] =
      Array("0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvwxyz-._")

    let nonce = randomBytes.map { byte in
        // Pick a random character from the set, wrapping around if needed.
        return charset[Int(byte) % charset.count]
    }

    return String(nonce)
}

[jesus-mg-ios]

Yas! LGTM