Podcast episode 3 stuff

I promised to write about some bugs in Apple’s iPhone security sample application. The ones I noticed are in this file, in the routine getHashBytes:.

For a start, the output of the SHA-1 algorithm is always exactly 160 bits, or 20 bytes. So you can change:

uint8_t * hashBytes = NULL;

to:

uint8_t hashBytes[20];

then also delete the malloc/memset/free which appear later in the routine and change:

hash = [NSData dataWithBytes: (const void *)hashBytes length: (NSUInteger)kChosenDigestLength];

to:

hash = [NSData dataWithBytes:hashBytes length:sizeof hashBytes];

Secondly, and far more importantly for security, the routine does not hash all of the bytes in the input: it is limited to just the first kChosenDigestLength bytes. I cannot think of a good reason for that. To hash everything, change:

CC_SHA1_Update(&ctx, (void *)[plainText bytes], kChosenDigestLength);

to:

CC_SHA1_Update(&ctx, [plainText bytes], [plainText length]);

After these changes the routine is acceptably secure for the moment. It would be better to use one of the later SHA variants such as SHA-256 or SHA-512 if you want longer-term assurance as there are indications of a possible weakness in SHA-1.

Leave a Reply

  • (will not be published)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>