Security-59306.61.1.tar.gz

[apple/security.git] / OSX / libsecurity_keychain / lib / SecImportExport.c

diff --git a/OSX/libsecurity_keychain/lib/SecImportExport.c b/OSX/libsecurity_keychain/lib/SecImportExport.c
index 197a094884e875e0033971578a8d8fd6dc50d436..2b8f820d1c64f660369f9e8141eef992453f3e17 100644 (file)
--- a/OSX/libsecurity_keychain/lib/SecImportExport.c
+++ b/OSX/libsecurity_keychain/lib/SecImportExport.c
@@ -24,20 +24,22 @@
 #include <Security/SecBase.h>
 #include <Security/SecBasePriv.h>
 #include <Security/SecItem.h>
-//#include <Security/SecRSAKey.h>
 #include <Security/SecCertificate.h>
+#include <Security/SecCertificatePriv.h>
 #include <Security/SecIdentity.h>
 #include <Security/SecIdentityPriv.h>
 #include <Security/SecPolicy.h>
 #include <Security/SecTrust.h>
 #include <Security/SecKeyPriv.h>
-#include "SecInternal.h"
+#include <Security/SecInternal.h>
 
 //#include <AssertMacros.h>
 #include <CommonCrypto/CommonDigest.h>
 
 //#include "p12import.h"
-#include "SecImportExport.h"
+#include <Security/SecImportExportPriv.h>
+
+#include <CoreFoundation/CFPriv.h>
 
 const CFStringRef __nonnull kSecImportExportPassphrase = CFSTR("passphrase");
 const CFStringRef __nonnull kSecImportExportKeychain = CFSTR("keychain");
@@ -139,6 +141,9 @@ out:
 
 OSStatus SecPKCS12Import(CFDataRef pkcs12_data, CFDictionaryRef options, CFArrayRef *items)
 {
+       if (_CFMZEnabled()) {
+               return SecPKCS12Import_ios(pkcs12_data, options, items);
+       }
        // SecPKCS12Import is implemented on Mac OS X in terms of the existing
        // SecKeychainItemImport API, which supports importing items into a
        // specified keychain with initial access control settings for keys.
@@ -227,21 +232,10 @@ OSStatus SecPKCS12Import(CFDataRef pkcs12_data, CFDictionaryRef options, CFArray
 
                                // key ID
                                if (!status) {
-                                       SecKeyRef itemKey = NULL;
-                                       status = SecCertificateCopyPublicKey(itemCert, &itemKey);
-                                       if (!status) {
-                                               const CSSM_KEY *cssmKey;
-                                               status = SecKeyGetCSSMKey(itemKey, &cssmKey);
-                                               if (!status) {
-                                                       unsigned char hash[CC_SHA1_DIGEST_LENGTH];
-                                                       CC_SHA1(cssmKey->KeyData.Data, (CC_LONG)cssmKey->KeyData.Length, &hash[0]);
-                                                       CFDataRef digest = CFDataCreate(NULL, (const UInt8 *)hash, CC_SHA1_DIGEST_LENGTH);
-                                                       if (digest) {
-                                                               CFDictionaryAddValue(itemDict, kSecImportItemKeyID, digest);
-                                                               CFRelease(digest);
-                                                       }
-                                               }
-                                               CFRelease(itemKey);
+                                       CFDataRef digest = SecCertificateCopyPublicKeySHA1Digest(itemCert);
+                                       if (digest) {
+                                               CFDictionaryAddValue(itemDict, kSecImportItemKeyID, digest);
+                                               CFRelease(digest);
                                        }
                                }