SecKeyGetBlockSize() returns wrong value in 10.8/12A239

Originator:wiml
Number:rdar://11765613 Date Originated:27-Jun-2012
Status:Closed/Behaves Correctly Resolved:18-Apr-2013 07:59 AM
Product:OS X Product Version:10.8/12A239
Classification: Reproducible:Always
 
27-Jun-2012 06:23 PM W Lewis:
Summary:

The behavior of the SecKeyGetBlockSize() has changed between 12A154q and 12A239; it no longer returns a useful value for asymmetric keys.

Steps to Reproduce:

Compile and run attached program. (Or just call SecKeyGetBlockSize() on the asymmetric key refs of your choice.)

Expected Results:

For asymmetric keys, SecKeyGetBlockSize() has previously returned the key "size" in bits (for algorithms based on a discrete-logarithm style problem, this is the number of bits needed to count the members of the group). This information is necessary in order to implement some cryptographic formats, which is presumably why there's an API to get it.

Actual Results:

Starting with 12A239, SecKeyGetBlockSize() returns a different number. For RSA and DSA keys, the new number is 1/8 the old number. For ECDSA keys, the new number is slightly more than 1/4 the old number.

Regression:

I compiled the test program on 10.6.8/10K549, 10.7.4/11E53, 10.8/12A154q, and 10.8/12A239, with various target OS settings, and ran the resulting executables on the four OSes; in all cases, running on 12A239 resulted in failure and 12A154q and earlier resulted in correct behavior.

 Compiled   Targeting   Run   Results
   10.6       10.6      10.6   OK
   10.7       10.6      10.6   OK

   10.8a      10.6      10.6   OK
   10.6       10.6      10.7   OK
   10.7       10.6      10.7   OK
   10.7       10.7      10.7   OK
   10.6       10.6      10.8a  OK
   10.7       10.6      10.8a  OK
   10.7       10.7      10.8a  OK
   10.8a      10.6      10.8a  OK
   10.8a      10.7      10.8a  OK
   10.8a      10.8      10.8a  OK
   10.6       10.6      10.8b  FAIL
   10.7       10.6      10.8b  FAIL
   10.7       10.7      10.8b  FAIL
   10.8a      10.6      10.8b  FAIL
   10.8a      10.7      10.8b  FAIL
   10.8a      10.8      10.8b  FAIL


(In this table 10.8a is 12A154q and 10.8b is 12A239.)

An example of correct output is:

<SecKey 0x100428360 [0x7fff703faee0]>   RSA-2048 [EDRSVWU] perm  SecKeyGetBlockSize=2048
<SecKey 0x102f006a0 [0x7fff703faee0]>   RSA-2048 [EDRSVWU] perm  SecKeyGetBlockSize=2048
<SecKey 0x102f007f0 [0x7fff703faee0]>   RSA-2048 [EDRSVWU] perm  SecKeyGetBlockSize=2048
<SecKey 0x102f00640 [0x7fff703faee0]>   ECDSA-256 [EDRSVWU] perm  SecKeyGetBlockSize=256
<SecKey 0x102f0cb80 [0x7fff703faee0]>   ECDSA-384 [EDRSVWU] perm  SecKeyGetBlockSize=384
<SecKey 0x10040ddd0 [0x7fff703faee0]>   ECDSA-384 [EDRSVWU] perm  SecKeyGetBlockSize=384
<SecKey 0x10041c9f0 [0x7fff703faee0]>   RSA-1024 [EdrsVWu] perm  SecKeyGetBlockSize=1024
<SecKey 0x102e00580 [0x7fff703faee0]>   RSA-1024 [EdrsVWu] perm  SecKeyGetBlockSize=1024


An example of incorrect output is:

<SecKey 0x7f947d813080 [0x7fff79503190]>   RSA-2048 [EDRSVWU] perm  SecKeyGetBlockSize=256
<SecKey 0x7f947be06560 [0x7fff79503190]>   RSA-2048 [EDRSVWU] perm  SecKeyGetBlockSize=256
<SecKey 0x7f947dc01460 [0x7fff79503190]>   RSA-2048 [EDRSVWU] perm  SecKeyGetBlockSize=256
<SecKey 0x7f947be06560 [0x7fff79503190]>   ECDSA-256 [EDRSVWU] perm  SecKeyGetBlockSize=72
<SecKey 0x7f947dc012b0 [0x7fff79503190]>   DSA-1024 [EDRSVWU] perm  SecKeyGetBlockSize=128
<SecKey 0x7f947dd12ca0 [0x7fff79503190]>   ECDSA-384 [EDRSVWU] perm  SecKeyGetBlockSize=104
<SecKey 0x7f947de141f0 [0x7fff79503190]>   ECDSA-384 [EDRSVWU] perm  SecKeyGetBlockSize=104
<SecKey 0x7f947dc0df70 [0x7fff79503190]>   RSA-1024 [EdrsVWu] perm  SecKeyGetBlockSize=128
<SecKey 0x7f947d809220 [0x7fff79503190]>   RSA-1024 [EdrsVWu] perm  SecKeyGetBlockSize=128
<SecKey 0x7f947be06720 [0x7fff79503190]>   RSA-1024 [EdrsVWu] perm  SecKeyGetBlockSize=128


Notes:

There doesn't seem to be another way to get the key size using the post-10.7 APIs. (The 10.6 APIs still work, fortunately.)

Comments

Apple Developer Relations

Engineering has determined that this issue behaves as intended based on the following information:

This function returns its result in bytes, not bits. (Note that the 10.8 output now matches the output produced by this function on all versions of iOS.)

The documentation for SecKeyGetBlockSize states: 

@result The block length of the key in bytes.
@discussion If for example key is an RSA key the value returned by this function is the size of the modulus.

The block size for a symmetric key is not the size of the key, but rather the size of the block which can be encrypted by the key.

By wiml at Oct. 7, 2013, 6:28 p.m. (reply...)

Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!