2

I have added the FIPS compliant openssl module to our iOS app. After which we submitted to apple and it kept getting rejected for an instant crash that we were unable to duplicate with our enterprise build.

After much trial and error we found that it came down to the fips_premain.c file and having Include bitcode. checked when creating ad-hoc builds or submitting to apple. When Include bitcode is checked, the app will crash with the fips_premain.c file added to the Compile Sources phase.

I have tried adding the -fembed-bitcode flag into the fips_premain.c compiler flags but that doesn't seem to resolve the issue.

Is there a way to Include bitcode for fips_premain.c and send it to apple or a way to bypass fips_premain.c from bitcode so the app stops crashing during apple review or ad-hoc usage?

Bot
  • 11,868
  • 11
  • 75
  • 131
  • I'm fairly certain Apple cannot transform the code like that. Otherwise, it invalidates the validation. The resulting object code is sequestered; it cannot be modified and/or tampered. I'm guessing you cannot add switches like `-fembed-bitcode` without breaking the validation. – jww Sep 01 '16 at 02:08
  • @jww Is there a way to make that specific file not have bitcode? – Bot Sep 01 '16 at 15:05
  • @jww the odd part is just having fips_premain.c compiled and included in bitcode without any references in code is what causes the crash – Bot Sep 01 '16 at 15:07

0 Answers0