Fix Native Login.

[brandonpage]

This change appears entirely pointless but is a critical bugfix.

The issue:

Under certain compiler conditions Native Login would consistently fail PKCE (and therefore login). The exact same source code running on the same device would yield a successful login when run from Xcode but fail if the build was produced with CI.

Testing against a local server uncovered strange client side behavior when generating code challenge. Repeated attempts generated similar looking challenges that didn't even appear to be hashed properly, such as:
LAAAAAAAAACQqzNrAQAAACAAAAAAAAAAAAAAAAAAAAA
LAAAAAAAAACQKØVrAQAAACAAAAAAAAAAAAAAAAAAAAA
...

I was eventually able to reproduce the issue by simply building the release scheme of our template in Xcode.

Explanation of Fix:

Looking at the pre-fix code:

   private func generateChallenge(codeVerifier: String) -> String? {
        guard let data = codeVerifier.data(using: .utf8) else { return nil }
        let hash = SHA256.hash(data: data)
        return urlSafeBase64Encode(data: hash.dataRepresentation)
   }

SHA256.hash(data:) returns a SHA256Digest struct that stores the 32 hash bytes inline on the stack. The .dataRepresentation computed property creates a Data from those stack bytes. Depending on optimization, the compiler may reuse the stack slot occupied by hash before base64EncodedString() actually reads the bytes from the Data. As a result the Data points to stack memory that's been partially overwritten.

Why web login is unaffected:

From SFOAuthCoordinator.m

  NSMutableData *sha256Data = [NSMutableData dataWithLength:CC_SHA256_DIGEST_LENGTH];
  CC_SHA256(self.bytes, (CC_LONG)self.length, sha256Data.mutableBytes);

CommonCrypto CC_SHA256 writes directly into a heap-allocated NSMutableData buffer. The Objective-C code does not use CryptoKit or SHA256Digest.dataRepresentation.

[wmathurin]

Fantastic !!

[github-actions]

	Tests	Passed ☑️	Skipped	Failed ❌️
SalesforceSDKCore iOS ^26 Test Results	594 ran	590 ✅		4 ❌

Test	Result
SalesforceSDKCore iOS ^26 Test Results
DomainDiscoveryCoordinatorTests.testMissingMyDomain()	❌ failure
RestClientTests.testRefreshWithSuccesfulRequests() (failure 1/2)	❌ failure
RestClientTests.testRefreshWithSuccesfulRequests() (failure 2/2)	❌ failure
SalesforceRestAPITests.testCreateQuerySearchDelete	❌ failure
SalesforceRestAPITests.testUploadOwnedFilesDelete (failure 1/3)	❌ failure
SalesforceRestAPITests.testUploadOwnedFilesDelete (failure 2/3)	❌ failure
SalesforceRestAPITests.testUploadOwnedFilesDelete (failure 3/3)	❌ failure

• View SalesforceSDKCore iOS ^26 Test Results

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 65.48%. Comparing base (281ab17) to head (2b16f60).
⚠️ Report is 2 commits behind head on dev.

Additional details and impacted files

@@            Coverage Diff             @@
##              dev    #3999      +/-   ##
==========================================
- Coverage   68.86%   65.48%   -3.38%     
==========================================
  Files         253      253              
  Lines       22288    22289       +1     
==========================================
- Hits        15348    14597     -751     
- Misses       6940     7692     +752     

Components	Coverage Δ
Analytics	70.78% <ø> (ø)
Common	69.76% <ø> (ø)
Core	57.38% <100.00%> (-5.29%)	⬇️
SmartStore	74.59% <ø> (ø)
MobileSync	87.41% <ø> (ø)

Files with missing lines	Coverage Δ
...Login/NativeLogin/NativeLoginManagerInternal.swift	27.83% <100.00%> (-0.06%)	⬇️

... and 32 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

	Tests	Passed ☑️	Skipped	Failed ❌️
SalesforceSDKCore iOS ^18 Test Results	594 ran	592 ✅		2 ❌

Test	Result
SalesforceSDKCore iOS ^18 Test Results
DomainDiscoveryCoordinatorTests.testMissingLoginHint()	❌ failure
SalesforceRestAPITests.testCreateQuerySearchDelete	❌ failure

• View SalesforceSDKCore iOS ^18 Test Results