Podcast episode 3 stuff

I promised to write about some bugs in Apple’s iPhone security sample application. The ones I noticed are in this file, in the routine getHashBytes:.

For a start, the output of the SHA-1 algorithm is always exactly 160 bits, or 20 bytes. So you can change:

uint8_t * hashBytes = NULL;

to:

uint8_t hashBytes[20];

then also delete the malloc/memset/free which appear later in the routine and change:

hash = [NSData dataWithBytes: (const void *)hashBytes length: (NSUInteger)kChosenDigestLength];

to:

hash = [NSData dataWithBytes:hashBytes length:sizeof hashBytes];

Secondly, and far more importantly for security, the routine does not hash all of the bytes in the input: it is limited to just the first kChosenDigestLength bytes. I cannot think of a good reason for that. To hash everything, change:

CC_SHA1_Update(&ctx, (void *)[plainText bytes], kChosenDigestLength);

to:

CC_SHA1_Update(&ctx, [plainText bytes], [plainText length]);

After these changes the routine is acceptably secure for the moment. It would be better to use one of the later SHA variants such as SHA-256 or SHA-512 if you want longer-term assurance as there are indications of a possible weakness in SHA-1.

About these ads

~ by Phil Willoughby on February 7, 2009.

Posted in Uncategorized
Tags: , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

 
Follow

Get every new post delivered to your Inbox.

%d bloggers like this: