CMS_sign crashes w/ Thread 1: EXC_BAD_ACCESS (code=1, address=0x0)

[wxcoder]

I am trying to CMS_sign XML data in an IOS app. I followed the same idea as shown here:

Error validating CMS signature

func signData() {
        let signedCertUrl = getfileData(filename: "finalcert", withExtension: "crt")!
        let privateKeyUrl = getfileData(filename: "finalprivatekey", withExtension: "key")!

        let signCertObject = signedCertUrl.path.withCString { filePtr in
            return fopen(filePtr, "rb")
        }
        defer {
             fclose(signCertObject)
        }
        let privateKeyObject = privateKeyUrl.path.withCString { filePtr in
            return fopen(filePtr, "rb")
        }
        defer {
             fclose(privateKeyObject)
        }

       let key = PEM_read_PrivateKey(privateKeyObject, nil, nil, nil)
       let cert = PEM_read_X509(signCertObject, nil, nil, nil)

        OpenSSL_add_all_ciphers()
        OpenSSL_add_all_digests()
        OpenSSL_add_all_algorithms()

        let textData = xmlData.data(using: .utf8)!
        guard let textBIO = BIO_new(BIO_s_mem()) else {
            print("Unable to create textBIO")
            exit(1)
        }
        defer { BIO_free(textBIO) }

        _ = textData.withUnsafeBytes({ dataBytes in
            BIO_write(textBIO, dataBytes.baseAddress!, Int32(textData.count))

        })

        guard let cms = CMS_sign(cert, key, textBIO, nil, UInt32(CMS_STREAM)) else {
            exit(1)
        }      
}

The code crashes at CMS_sign. Here is some of the thread output:

OpenSSL`CMS_sign:
    0x1016fcbbc <+0>:   stp    x24, x23, [sp, #-0x40]!
    0x1016fcbc0 <+4>:   stp    x22, x21, [sp, #0x10]
    0x1016fcbc4 <+8>:   stp    x20, x19, [sp, #0x20]
    0x1016fcbc8 <+12>:  stp    x29, x30, [sp, #0x30]
    0x1016fcbcc <+16>:  add    x29, sp, #0x30            ; =0x30 
    0x1016fcbd0 <+20>:  mov    x20, x4
    0x1016fcbd4 <+24>:  mov    x21, x3
    0x1016fcbd8 <+28>:  mov    x22, x2
    0x1016fcbdc <+32>:  mov    x23, x1
    0x1016fcbe0 <+36>:  mov    x24, x0
    0x1016fcbe4 <+40>:  bl     0x1016f835c               ; CMS_ContentInfo_new
    0x1016fcbe8 <+44>:  mov    x19, x0
    0x1016fcbec <+48>:  cbz    x0, 0x1016fccb4           ; <+248>
    0x1016fcbf0 <+52>:  mov    x0, x19
    0x1016fcbf4 <+56>:  bl     0x1016fa010               ; CMS_SignedData_init
    0x1016fcbf8 <+60>:  cbz    w0, 0x1016fccb4           ; <+248>
    0x1016fcbfc <+64>:  tbz    w20, #0x13, 0x1016fcc18   ; <+92>
    0x1016fcc00 <+68>:  mov    w0, #0x313
    0x1016fcc04 <+72>:  bl     0x101764dc0               ; OBJ_nid2obj
    0x1016fcc08 <+76>:  mov    x1, x0
    0x1016fcc0c <+80>:  mov    x0, x19
    0x1016fcc10 <+84>:  bl     0x1016f8be0               ; CMS_set1_eContentType
    0x1016fcc14 <+88>:  cbz    w0, 0x1016fccd0           ; <+276>
    0x1016fcc18 <+92>:  cbz    x23, 0x1016fcc38          ; <+124>
    0x1016fcc1c <+96>:  mov    x0, x19
    0x1016fcc20 <+100>: mov    x1, x24
    0x1016fcc24 <+104>: mov    x2, x23
    0x1016fcc28 <+108>: mov    x3, #0x0
    0x1016fcc2c <+112>: mov    x4, x20
    0x1016fcc30 <+116>: bl     0x1016fa1fc               ; CMS_add1_signer
    0x1016fcc34 <+120>: cbz    x0, 0x1016fccf4           ; <+312>
    0x1016fcc38 <+124>: mov    x0, x22
    0x1016fcc3c <+128>: bl     0x10179afe0               ; OPENSSL_sk_num
    0x1016fcc40 <+132>: cmp    w0, #0x1                  ; =0x1 
    0x1016fcc44 <+136>: b.lt   0x1016fcc7c               ; <+192>
    0x1016fcc48 <+140>: mov    w23, #0x0
    0x1016fcc4c <+144>: mov    x0, x22
    0x1016fcc50 <+148>: mov    x1, x23
    0x1016fcc54 <+152>: bl     0x10179aff4               ; OPENSSL_sk_value
->  0x1016fcc58 <+156>: mov    x1, x0

[samanta-ramijan]

Did you find a solution? I'm running against a similar problem, trying to load the .pem certificate file crashes my App.

[krzyzanowskim]

I don't think it's related to what this repository does. It looks like invalid data and/or OpenSSL API misuse.