OpenSSL
OpenSSL copied to clipboard
krzyzanowskim
CMS_sign crashes w/ Thread 1: EXC_BAD_ACCESS (code=1, address=0x0)
I am trying to CMS_sign XML data in an IOS app. I followed the same idea as shown here:
Error validating CMS signature
func signData() {
let signedCertUrl = getfileData(filename: "finalcert", withExtension: "crt")!
let privateKeyUrl = getfileData(filename: "finalprivatekey", withExtension: "key")!
let signCertObject = signedCertUrl.path.withCString { filePtr in
return fopen(filePtr, "rb")
}
defer {
fclose(signCertObject)
}
let privateKeyObject = privateKeyUrl.path.withCString { filePtr in
return fopen(filePtr, "rb")
}
defer {
fclose(privateKeyObject)
}
let key = PEM_read_PrivateKey(privateKeyObject, nil, nil, nil)
let cert = PEM_read_X509(signCertObject, nil, nil, nil)
OpenSSL_add_all_ciphers()
OpenSSL_add_all_digests()
OpenSSL_add_all_algorithms()
let textData = xmlData.data(using: .utf8)!
guard let textBIO = BIO_new(BIO_s_mem()) else {
print("Unable to create textBIO")
exit(1)
}
defer { BIO_free(textBIO) }
_ = textData.withUnsafeBytes({ dataBytes in
BIO_write(textBIO, dataBytes.baseAddress!, Int32(textData.count))
})
guard let cms = CMS_sign(cert, key, textBIO, nil, UInt32(CMS_STREAM)) else {
exit(1)
}
}
The code crashes at CMS_sign. Here is some of the thread output:
OpenSSL`CMS_sign:
0x1016fcbbc <+0>: stp x24, x23, [sp, #-0x40]!
0x1016fcbc0 <+4>: stp x22, x21, [sp, #0x10]
0x1016fcbc4 <+8>: stp x20, x19, [sp, #0x20]
0x1016fcbc8 <+12>: stp x29, x30, [sp, #0x30]
0x1016fcbcc <+16>: add x29, sp, #0x30 ; =0x30
0x1016fcbd0 <+20>: mov x20, x4
0x1016fcbd4 <+24>: mov x21, x3
0x1016fcbd8 <+28>: mov x22, x2
0x1016fcbdc <+32>: mov x23, x1
0x1016fcbe0 <+36>: mov x24, x0
0x1016fcbe4 <+40>: bl 0x1016f835c ; CMS_ContentInfo_new
0x1016fcbe8 <+44>: mov x19, x0
0x1016fcbec <+48>: cbz x0, 0x1016fccb4 ; <+248>
0x1016fcbf0 <+52>: mov x0, x19
0x1016fcbf4 <+56>: bl 0x1016fa010 ; CMS_SignedData_init
0x1016fcbf8 <+60>: cbz w0, 0x1016fccb4 ; <+248>
0x1016fcbfc <+64>: tbz w20, #0x13, 0x1016fcc18 ; <+92>
0x1016fcc00 <+68>: mov w0, #0x313
0x1016fcc04 <+72>: bl 0x101764dc0 ; OBJ_nid2obj
0x1016fcc08 <+76>: mov x1, x0
0x1016fcc0c <+80>: mov x0, x19
0x1016fcc10 <+84>: bl 0x1016f8be0 ; CMS_set1_eContentType
0x1016fcc14 <+88>: cbz w0, 0x1016fccd0 ; <+276>
0x1016fcc18 <+92>: cbz x23, 0x1016fcc38 ; <+124>
0x1016fcc1c <+96>: mov x0, x19
0x1016fcc20 <+100>: mov x1, x24
0x1016fcc24 <+104>: mov x2, x23
0x1016fcc28 <+108>: mov x3, #0x0
0x1016fcc2c <+112>: mov x4, x20
0x1016fcc30 <+116>: bl 0x1016fa1fc ; CMS_add1_signer
0x1016fcc34 <+120>: cbz x0, 0x1016fccf4 ; <+312>
0x1016fcc38 <+124>: mov x0, x22
0x1016fcc3c <+128>: bl 0x10179afe0 ; OPENSSL_sk_num
0x1016fcc40 <+132>: cmp w0, #0x1 ; =0x1
0x1016fcc44 <+136>: b.lt 0x1016fcc7c ; <+192>
0x1016fcc48 <+140>: mov w23, #0x0
0x1016fcc4c <+144>: mov x0, x22
0x1016fcc50 <+148>: mov x1, x23
0x1016fcc54 <+152>: bl 0x10179aff4 ; OPENSSL_sk_value
-> 0x1016fcc58 <+156>: mov x1, x0
Did you find a solution? I'm running against a similar problem, trying to load the .pem certificate file crashes my App.
I don't think it's related to what this repository does. It looks like invalid data and/or OpenSSL API misuse.
