5

Upon trying to implement Security.Framework SecKeyRawVerify iOS function from Apple's example, programm halts with bad pointer error (EXC_BAD_ACCESS code=2). Any help or suggestions would be appreciated.

Here is my code:

- (BOOL)verifySignature:(NSData *)plainText signature:(NSData *)sig {
    size_t signedHashBytesSize = 0;

    OSStatus sanityCheck = noErr;
    SecKeyRef publicKeyA = NULL;

    NSMutableDictionary * queryPublicKeyA = [[NSMutableDictionary alloc] init];
    NSData * publicTag = [NSData dataWithBytes:publicKeyAIdentifier length:strlen((const char *)publicKeyAIdentifier)]; // 

    // Set the public key query dictionary.
    [queryPublicKeyA setObject:(id)kSecClassKey forKey:(id)kSecClass];
    [queryPublicKeyA setObject:publicTag forKey:(id)kSecAttrApplicationTag];
    [queryPublicKeyA setObject:(id)kSecAttrKeyTypeRSA forKey:(id)kSecAttrKeyType];
    [queryPublicKeyA setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecReturnData];

    // Get the key bits.
    sanityCheck = SecItemCopyMatching((CFDictionaryRef)queryPublicKeyA, (CFTypeRef *)&publicKeyA);

    if (sanityCheck == noErr) {       
        // Get the size of the assymetric block.
        signedHashBytesSize = SecKeyGetBlockSize(publicKeyA); // Halts here
        sanityCheck = SecKeyRawVerify(publicKeyA, 
                                  kSecPaddingPKCS1SHA1, 
                                  (const uint8_t *)[[self getHashBytes:plainText] bytes],
                                  CC_SHA1_DIGEST_LENGTH,
                                  (const uint8_t *)[sig bytes],
                                  signedHashBytesSize
                                  ); // And here
    }
    if(publicKeyA) CFRelease(publicKeyA);
    if(queryPublicKeyA) [queryPublicKeyA release]; 

    return (sanityCheck == noErr) ? YES : NO;
}

Link to Apple CryptoExcersize: http://developer.apple.com/library/ios/#samplecode/CryptoExercise/Introduction/Intro.html#//apple_ref/doc/uid/DTS40008019-Intro-DontLinkElementID_2

EZer0
  • 61
  • 1
  • 3
  • 4
    Found my mistake, when setting properties to get public certificate it should be set to get Ref for key not the data of it: so change `[queryPublicKeyA setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecReturnData];` to `[queryPublicKeyA setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecReturnRef];` – EZer0 Jun 12 '12 at 09:32
  • Thanks for this example, it helped me understand that the digest must pre-calculated on plainText before hitting SecKeyRawVerify. – aceofspades Dec 30 '12 at 00:50

0 Answers0