License Verification Segmentation Fault only on x86 MacOS

Audio Plugins
1

Hello! I’ve been working on the x86 port of my plugin that uses crypto++/libcryptopp (static full-fat arm64/x86 library) to perform license validation. However, my verifyMessage function triggers a segmentation fault deep within the call stack, but only when testing on x86/Rosetta 2. It also triggers when testing on a hardware Intel mac. I took a look at the addresses, the data, and everything looks standard. I added #ifs to confirm it’s running the x86 code, so it’s not just a mis-match.

I’m on XCode, and the plugin is also a single universal binary, so it uses the same one regardless architecture.

I know a couple of people have used CryptoPP as well, so wanted to see if anyone has seen something like this. Alternatively any suggestions on helping debug this issue would be appreciated, even if it’s to reach out somewhere else. Thank you!

Relevant code and error logs below:

RSASS<PSS, CryptoPP::SHA256>::Verifier verifier(publicKey);
std::string decodedSig;
    StringSource ss2(hexSignature, true,
        new HexDecoder(new StringSink(decodedSig)));
string license_string = "relevantLicenseInfo"; // This is filled out properly on the actual code
bool result = verifier.VerifyMessage((const CryptoPP::byte*)license_string.c_str(),
            license_string.length(), (const CryptoPP::byte*)decodedSig.c_str(), decodedSig.length());
    updateLicenseStatus(result);
    return result;

// Segfault call stack sourced from error logs

Crashed Thread:        0  MainThread  Dispatch queue: com.apple.main-thread

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x0000000000000010
Exception Codes:       0x0000000000000001, 0x0000000000000010

Termination Reason:    Namespace SIGNAL, Code 11 Segmentation fault: 11
Terminating Process:   exc handler [2836]

Thread 0 Crashed:: MainThread Dispatch queue: com.apple.main-thread
0   PluginName                      	       0x19d0d6231 CryptoPP::(anonymous namespace)::SHA256_HashBlock_CXX(unsigned int*, unsigned int const*) + 17 (sha.cpp:424)
1   PluginName                      	       0x19d0d710d CryptoPP::SHA256::HashMultipleBlocks(unsigned int const*, unsigned long) + 253 (sha.cpp:982)
2   PluginName                      	       0x19d09c5f3 CryptoPP::IteratedHashBase<unsigned int, CryptoPP::HashTransformation>::HashBlock(unsigned int const*) + 26 (iterhash.h:109) [inlined]
... Ultimately called from verify_message()
2

Just to follow up- I was able to solve this issue. The underlying problem, as I had originally theorized, was that my universal library was built incorrectly. All of the code for arm64 had compiled, but the code for x86 had not due to some flags getting overridden, and it had raised no errors. Essentially crypto++ does not support building universal binaries out of the box in one step. You have to build them separately, then lipo them together. Hope this helps anyone else trying to do offline licensing with crypto++!