JWT: JWTCryptoSecurity : addKeyWithData method doesn't work on iOS 9

Issue Info

Info Value
Platform Name ios
Platform Version 9.0
Xcode Version Xcode 9
Repro rate (100%)

Issue Description and Steps

Hi guys, we are working on react-native codepush plugin and we are using your library to verify JWT signature. Our customers reported that iOS9 is not working correctly when calling this method: https://github.com/Microsoft/react-native-code-push/blob/master/ios/CodePush/CodePushUpdateUtils.m#L327

It appears that JWTCryptoSecurity : addKeyWithData is not working on iOS 8-9 for us. While SecKeyCreateWithData is not available on SDK < 10 we are going on this else switch: https://github.com/yourkarma/JWT/blob/a8829959acd7fbc79bdb47f433e3b9243e1c304f/Core/Algorithms/RSFamily/RSKeys/JWTCryptoSecurity.m#L80

When calling https://github.com/yourkarma/JWT/blob/a8829959acd7fbc79bdb47f433e3b9243e1c304f/Core/Algorithms/RSFamily/RSKeys/JWTCryptoSecurity.m#L111 it always return null for key.

Method params are as follows:

(lldb) po [self dictionaryByCombiningDictionaries:@[attributes, commonAttributes, copyAttributes]]
{
    atag = <65383432 39396261 63616336 34396434 39633463 36626530 32653435 39306463>;
    bsiz = 550;
    class = keys;
    kcls = 0;
    pdmn = ak;
    "r_Ref" = 1;
    type = 42;
}

Probably the issue could be related to this thread: https://forums.developer.apple.com/thread/13748

Public/Private key pair was generated via openssl.

private key (click to expand) 

-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEAw6+tlsxhCX9q51MVqrdde3Nr20ldLoL63ATJjXfPOGDyzuTy
Nx5fMwCzA32y/fL4ThAY6tDtDrxIt9dSldllCq7wFdvUnlB1nKy4g3J9j+6FyZIw
UbJniNw+S51NcKYyU/JVhSqjNlN94N7dLetmtGmHKwqXonI3hS+4LDsA5hrKyXzs
0PmYoJAcp9t+WGL4GlW0gEEJztNzPLa7E0iO8irQTzOmiAwoSt15m6nIPhvMSiT5
hxaqBdNZO8NzGPGD9cpHagQmZaQrTMRZUSuD7laa2/xjvg41p80fdHdsRCLsTthG
1zHdQAjvALMh4E3AEw933Ax9wcGXJ8wDuYw0JGg0qIRH5JpvEKvif5BjrEL+fZh4
6Go8D5emc+mlCHQ+jc3nF7Fhu4Zz5N8uPtySfqH/Yzuwyw0pdR2D2W5rGRshAxCO
GlxTuFWQJCB2NsjiQYGXPxXyKHg2rSQ/SWUP2x6sOiyUEeBUT4JeJjx1tjkQK7Vs
b50amaTuDq0KKFN29Zxls4dQF7K5vhojtwBAWewXjNd4OElbyS6FTsSIblT32fkV
5tktVyHOtMdyD/kJSEabggK3EEbsJH8hDGJZm833SKDBLaI0xwt/O+34tLdKutYW
jbBUrjnMXjUIKJ3VF9IhrbBwKHHJpMo5mRibAqL1RnPN+6rH5j3fR+Px61cCAwEA
AQKCAgEApK/OBNJefDLK0oHfAzyspP+/bt6wWDuNSeuRgMirEcSttCeEHZUnA3J8
Ndzs7cI07OWpQr2wNC2LeYTykQBThAk0LwFCUDZgtQm7g4ywVZik6b5pgegGMG1C
1Do/eSW1x2Z0SM1YbJkZoE2PkVzCo+UIB9YzRViglytQ8ZB6si0sKyRC3aChrcd7
Bl24WER6jxdAAIw759+W5SrYCGORQgd8JpvOdELfChqYhMP/rR2R8XhqtCED2EFF
oQFddUmVCB9DuNpjQjlG46V/kctwjf4++BLSEpo818rOxSLYcAOAIt7rx6HElWav
VkRrpy1oD+J9uiidEZqOTsTpAZgYLG7Ur3wsb912SPu9hKKsnrjlyAh/h0E7AMdC
gAswdYol4ucS/Ob+h9p+htrkwtFsX3hDQ3scRGgRr/WrbrUWVe4sXYjvzqJRo327
P+kK5wCC7AaNafmYS5n401B/QhAulqCqneo2FV8JzjRiLs1QvhWWwDUIc1795eGS
DFLeMChuhP7Zb9DclL2nyOLB6WV6x+BNSzX2xWIyA09L8pBZ81kvyv0COSU4GebW
7E5/cRAnTHxTJCyTPRgGLwc78csv6wBeItYV5yKpYdmFd0YLOCWf5tyreHWS2GZW
pJTegqyuDBsEgluq+1n06vmkJNtjEAJVhb5DbjzmkmXJOOV0+mECggEBAOXWz8LK
fNqQoZqpAZleBZymYnBy2Lzh2bmWLjQVgnXlekIVUDoBipsV5CT86fPxWEl7UIBN
42iOLe+8pGcZFffwIaFl+2D81rlMQWrKgn1XbLT/xWVAxGHdgPnpdcxawoa7Gj/A
n9fh/EvlsZGriZ7Dgfbh70NGlwfUUPzKmfujOehWkqIUbR1m5vNNlI1KxBum+UI6
nZIjuWSM3wSmQOxp3rCEEdLEhkEyJSgiUjyI2QpdEq6uMQia92imaJ8tAtqJDtPX
d1KOJembmGviDI4eIzFuDE8h2P3cD04acize/WSUMcvqNAudeN3bq8vbVL0r4vu3
UF9EgSYcGfCL7LECggEBANn1szYvmaetR1dDD54rWNxu9zKW9arhxg2mtcYxfRRA
8fTBExu8v0vVaYU2UDS/pjvWaMhy11vy2TKZS/Ib0YSRR9GiEqdKXAgvYZnvJ2IH
0sq4GjcZZpCJnTmukspTh1oDq1dx71HKSfmysis8MKFGvwMy/BOM7UBg2nTnnmPw
K2OjmeplrZcBibv0KNRKPm8BXVd0G4MJrVsgXiEQaZM5Ew7XwBz5n9rBPel5VwqJ
dr4I7154rVxCBYDigGrCoccTesQYad5ETDB7AwIx/oVJ2ZKS0xLrOXv6D2/bIo8E
IEfQkLfVap4VFwLLPYxbEt2+xL3D8lTAKzncQkEIOocCggEALdf6+M+Kt83Bbifn
ub+XPvexCtzdfk9OLkZWUO05aGqtSCEYL3m/O8/SAc6wm4e4JHAETpM6mNBDOV5X
LHlEeH/dNWQyD9ZevfcH1VUvUfDuLewWY2vXv+1+nFqEtI4l3tnTEoRJXbYlrL3T
/UpJ2PEGK0hFgRXDajxfKwz+ScL0+fLKrKmGWib8Setfhg8zrpBPh3ZJl6yoffXb
RgIjUQSM9ohhRbkNTlPCNY8i+BATuo11/IGiJiVC1AzdMWK4/v33hymjE0RnK4Ft
lZcxCefY/TMGIYKO1ZPfOaTswSZ5RGaKyDGez/JI+XenfLHy5Qir7alSzq3LVN6m
DeTbAQKCAQA8mF5Wdi1VvIrU68PvyUVPI1p+KhHqjBIvwWVP0HphoxyhWvwg/fyA
7LgFXPA3egCRKi6/a44L9hwEQTIoASvimzFISrK856NmcyXDUgW070/fJAfFwb4N
+PRJEQumTEqY7+Q2z2olZwPh85gtBPLQI4b/MLF8DfX3q/WQAsS6LA8kCFvGGraE
AN11749aVbm9yrdUlOcBKzOS3hDNSG7Ri1CNE9ZJN+0FOCwqOJ3GRClK89j4frxT
pdc52b6x76JiYjwDQHZOYNZ9s/VGKvgDvmBKq58a52J34TFhe57D+/WtgYJ6WU7m
3B4lnLNjzf4Uv/CagVthzHs3/tA8nDkJAoIBAQDIUDuDkSlDMeOL7Xwqhf3QXQKy
opFgvNnTdCv/VjxaOpAxeLAw/QY4tKilyroNTvxf4APR+wKfp+G2ePiAdWVraLa7
zwXHg/ry+da0VOsGUwnzPql33NpL8CROSG1uYh/0A0t6gL9S3VIUToKbJ9PVZ0jK
SQPiagIlgADIG26kZ0qCAADiBJYWRg9ntbqKkAyvgOS1wgLfBbop5ap68LOex+qr
yXQ3y+5S5dzRCSwcIgKCFohnlMAlCQN/A8m8EQr66TwUSbGkQKBCf0fx00ltQ0CQ
9O0UsG8S6nCQjuevVSK/kCe0LoQlKMswxq5jyOpJz2I6Yyq+ZnSA2bSOuT5R
-----END RSA PRIVATE KEY-----
public key (click to expand) 
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAw6+tlsxhCX9q51MVqrdd
e3Nr20ldLoL63ATJjXfPOGDyzuTyNx5fMwCzA32y/fL4ThAY6tDtDrxIt9dSldll
Cq7wFdvUnlB1nKy4g3J9j+6FyZIwUbJniNw+S51NcKYyU/JVhSqjNlN94N7dLetm
tGmHKwqXonI3hS+4LDsA5hrKyXzs0PmYoJAcp9t+WGL4GlW0gEEJztNzPLa7E0iO
8irQTzOmiAwoSt15m6nIPhvMSiT5hxaqBdNZO8NzGPGD9cpHagQmZaQrTMRZUSuD
7laa2/xjvg41p80fdHdsRCLsTthG1zHdQAjvALMh4E3AEw933Ax9wcGXJ8wDuYw0
JGg0qIRH5JpvEKvif5BjrEL+fZh46Go8D5emc+mlCHQ+jc3nF7Fhu4Zz5N8uPtyS
fqH/Yzuwyw0pdR2D2W5rGRshAxCOGlxTuFWQJCB2NsjiQYGXPxXyKHg2rSQ/SWUP
2x6sOiyUEeBUT4JeJjx1tjkQK7Vsb50amaTuDq0KKFN29Zxls4dQF7K5vhojtwBA
WewXjNd4OElbyS6FTsSIblT32fkV5tktVyHOtMdyD/kJSEabggK3EEbsJH8hDGJZ
m833SKDBLaI0xwt/O+34tLdKutYWjbBUrjnMXjUIKJ3VF9IhrbBwKHHJpMo5mRib
AqL1RnPN+6rH5j3fR+Px61cCAwEAAQ==
-----END PUBLIC KEY-----
JWT 
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGFpbVZlcnNpb24iOiIxLjAuMCIsImNvbnRlbnRIYXNoIjoiMTRkOWJlM2U2MTYyMzIwZjQzYTk4MWExNWY1N2ZmNDFhNDM1ODQ4ZWM3NjZjODVmZTUwY2RkZTc0ODY4YTYyMyIsImlhdCI6MTUwNjYwMzMzNX0.lIKQuSnBjarZ9nSZVYhIuGFpshATzmCg6V15W_ALTz-f8ZipyyFZQV6Hwc9zrfx9g83io9fZwlt5iSxOqUMjMsMnkYSKD1OckX0MjOAzGyvHnND-4JxHj7Lo5H1uhFQw4rMAHCwBC5tvb8P5xQfS7-lX3fEhLCXz5s_Bf0uzNtq2CzuAtVOTvHmAAZ5sp_nR41IjEjWln1M6mcGKqDcrYXdraUICDOgM1Amy7QL8kCADjL1X6P2e5TOrUzgDpYbRJnmcFz9lbjyOwELMX7UH_4iVWP3NljdMkx7dpGqHYX9DFT4jR_yeYSGStMSqN3IpZRpizlQbM01FHIAE_Yrc6E2nwuQAwDB26K_HUUm-XLU7kfglyaGUDEGt1P9hpDskUJM8rPtcKaKkprg0OIibndL8WwcpWW9XDGpvWJUOeGaeB_oAV7BbqDmP83BR7nFSKAbQcBNqhe43KMqFnKLnuYamZRGqfT2RJzNN6ZDUtx41UKrkSNMON4W4VGvbpuyWh_MwSy6TlJ6pREcQF6S8sufNDAWPYfg_l9S_8x64D1g0n9YMVaMQqj3PSWTWU8Qt8wvjo4KL4JWmiAJv1SyfGkciBBNU7xdEM--TUdkQoY829e0nqxqkHndheDQKtfTUo3n4q3Wj9LPL_LYqD9iBwn9bcIUfaHklyE_K9h9z-ZE

Please let me know if you have any ideas on how to fix this or if you need more info regarding this.

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 15 (7 by maintainers)

Most upvoted comments

@max-mironov nice work! let’s merge it!

+1
lolgear on Oct 3, 2017
Read more comments on GitHub
← ExpandableCell: Cells randomly disappearing and titleLabel.text displays wrong text
JWT: Manual installed JWT lib breaks application during RSA signed jwt verification →