Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

error -9809 when verifying signed string #77

Closed
lohithkorp opened this issue Nov 16, 2018 · 9 comments
Closed

error -9809 when verifying signed string #77

lohithkorp opened this issue Nov 16, 2018 · 9 comments

Comments

@lohithkorp
Copy link

I am using the below code to sign and verify the signature but getting false always! Digging in further, I found out the error code is -9809 - An underlying cryptographic error was encountered.

Need help in getting this solved please.

Below, am pasting my code -

if let heimdall = Heimdall(tagPrefix: "com.something.myapp") {
            
            let testString = "123456"
            
            if let publicKeyDataX509Value = heimdall.publicKeyDataX509() {
                NSLog("Heimdall Public Key \(publicKeyDataX509Value.base64EncodedString())")
            }
            
            if let signature = heimdall.sign(testString, urlEncode: true) {
                NSLog("signature for 123456 \(signature)")

                var verified = heimdall.verify(testString, signatureBase64: signature, urlEncoded: true)
                NSLog("Verification successful \(verified)") // True
                
                // If someone meddles with the message and the signature becomes invalid
                verified = heimdall.verify(testString + "injected false message",
                                           signatureBase64: signature)
                NSLog("Verification failed \(verified)") // False
            }
        }
@henrinormak
Copy link
Owner

Could you specify which line is getting the false?

@lohithkorp
Copy link
Author

lohithkorp commented Nov 16, 2018
edited

@henrinormak - I get a false on both -

var verified = heimdall.verify(testString, signatureBase64: signature, urlEncoded: true)
                NSLog("Verification successful \(verified)") // False
                
                // If someone meddles with the message and the signature becomes invalid
                verified = heimdall.verify(testString + "injected false message",
                                           signatureBase64: signature)
                NSLog("Verification successful \(verified)") // False

Could be an interesting observation, I just found out, it returns false on simulator but on true my test device. (I get true for the first line, and false for the second line on the device. Both false on simulator)

@lohithkorp
Copy link
Author

@henrinormak - any news you have on this?

@henrinormak
Copy link
Owner

No, sorry, I haven't had time to investigate this. I might have some time later this week, but I can't guarantee anything. In general if everything works on the device, it seems like a problem with the entitlements (if you look at some of the other closed issues here, you might get help from those).

@henrinormak
Copy link
Owner

I converted your example into a test case and ran it on the simulator, it passed as expected (verification was successful for original data, whilst failing for corrupted data). As such I'm afraid I can't help as I can't reproduce the behaviour you describe.

@lohithkorp
Copy link
Author

Thank you for your feedback and time @henrinormak !
I am investigating further on this. Could there be a problem if the simulator/device is connected to a restricted network?

@henrinormak
Copy link
Owner

I can't think of a reason why, but the error code is a generic one, so nothing can be completely eliminated as a reason.

@Craz1k0ek
Copy link

Craz1k0ek commented Nov 29, 2018
edited

Error -9809 equals errSSLCrypto. Maybe your KeyChain is broken. Are you perhaps running on a jailbroken iOS device? It does work for me:

Heimdall Public Key MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZNKDO8EkPUKnhj2fj+CGNiZNOoh3+YOWlg/iV7aleeW5vJS+KgaT4/GV1d4weBnFxP3ygjNowwNiPnKua2FDx0hHEJAUTtCtMRYTORkH6aNZhp7AiNtJ4//zn4tg6AaWB67XTpNzwbx5RS3tgXjSU7me6MEEv8HlhMU7aW5mYqxdOZqj7yfz8ZkXHUSvhrujSV4ZXxheNRnXOIqTpoK6yIL00vdkvBqRPihDNpfCuvzhOvityRkaEps4e/4lvp6khKFPDwZAQJi/8y3hgt11OS6zgliGuWXUgXwxd3gG2T/ssi4Qii9yaXvjTGtie+rtIYhRk5Y0pThthOy9Zbk0QIDAQAB
signature for 123456 cxuO0e_J5yRi0eqmqceslHU6kA-qTPIYZuhWGWi7GWwxiFfLasnfN61trMhXGQ8DW5bK5dBfqpCOc9ULJCBJIWgrO8a9uO92SBUQgOizab6xvN5DGEalv11bNNDg7mef0D75TpE7nvOKNP-js1Egwx-kZVuXQeVtyS21QUOGngJivNkjaHp2I1YxDHfn3ToyuSaZ57Og7JsWzNmJa8lIIx-WAO2IA7rShkyP7TwTZqclvMAVwFrOMJrkSBpsImCrLcggwKQFoENoA-ZGG3iGKAcjzpd120DW_-hbt96DxdMMp5b1HZd3mqYov6WS-oV_NQlqh7s7cbnlWgRTuPdj9w==
Verification successful true
Verification failed false

@lohithkorp
Copy link
Author

@henrinormak @Craz1k0ek - thanks for your feedback here. It works now. I am honestly not sure why it didn't work before. I haven't made any changes to implementation.
But like I said before, it was working well on a physical device but not on a simulator. Now it works on both device and simulator

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@henrinormak @lohithkorp @Craz1k0ek