Closed lohithkorp closed 5 years ago
Could you specify which line is getting the false?
@henrinormak - I get a false on both -
var verified = heimdall.verify(testString, signatureBase64: signature, urlEncoded: true)
NSLog("Verification successful \(verified)") // False
// If someone meddles with the message and the signature becomes invalid
verified = heimdall.verify(testString + "injected false message",
signatureBase64: signature)
NSLog("Verification successful \(verified)") // False
Could be an interesting observation, I just found out, it returns false on simulator but on true my test device. (I get true for the first line, and false for the second line on the device. Both false on simulator)
@henrinormak - any news you have on this?
No, sorry, I haven't had time to investigate this. I might have some time later this week, but I can't guarantee anything. In general if everything works on the device, it seems like a problem with the entitlements (if you look at some of the other closed issues here, you might get help from those).
I converted your example into a test case and ran it on the simulator, it passed as expected (verification was successful for original data, whilst failing for corrupted data). As such I'm afraid I can't help as I can't reproduce the behaviour you describe.
Thank you for your feedback and time @henrinormak ! I am investigating further on this. Could there be a problem if the simulator/device is connected to a restricted network?
I can't think of a reason why, but the error code is a generic one, so nothing can be completely eliminated as a reason.
Error -9809 equals errSSLCrypto. Maybe your KeyChain is broken. Are you perhaps running on a jailbroken iOS device? It does work for me:
Heimdall Public Key MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZNKDO8EkPUKnhj2fj+CGNiZNOoh3+YOWlg/iV7aleeW5vJS+KgaT4/GV1d4weBnFxP3ygjNowwNiPnKua2FDx0hHEJAUTtCtMRYTORkH6aNZhp7AiNtJ4//zn4tg6AaWB67XTpNzwbx5RS3tgXjSU7me6MEEv8HlhMU7aW5mYqxdOZqj7yfz8ZkXHUSvhrujSV4ZXxheNRnXOIqTpoK6yIL00vdkvBqRPihDNpfCuvzhOvityRkaEps4e/4lvp6khKFPDwZAQJi/8y3hgt11OS6zgliGuWXUgXwxd3gG2T/ssi4Qii9yaXvjTGtie+rtIYhRk5Y0pThthOy9Zbk0QIDAQAB
signature for 123456 cxuO0e_J5yRi0eqmqceslHU6kA-qTPIYZuhWGWi7GWwxiFfLasnfN61trMhXGQ8DW5bK5dBfqpCOc9ULJCBJIWgrO8a9uO92SBUQgOizab6xvN5DGEalv11bNNDg7mef0D75TpE7nvOKNP-js1Egwx-kZVuXQeVtyS21QUOGngJivNkjaHp2I1YxDHfn3ToyuSaZ57Og7JsWzNmJa8lIIx-WAO2IA7rShkyP7TwTZqclvMAVwFrOMJrkSBpsImCrLcggwKQFoENoA-ZGG3iGKAcjzpd120DW_-hbt96DxdMMp5b1HZd3mqYov6WS-oV_NQlqh7s7cbnlWgRTuPdj9w==
Verification successful true
Verification failed false
@henrinormak @Craz1k0ek - thanks for your feedback here. It works now. I am honestly not sure why it didn't work before. I haven't made any changes to implementation. But like I said before, it was working well on a physical device but not on a simulator. Now it works on both device and simulator
I am using the below code to sign and verify the signature but getting
false
always! Digging in further, I found out the error code is -9809 - An underlying cryptographic error was encountered.Need help in getting this solved please.
Below, am pasting my code -