Security-58286.20.16.tar.gz

[apple/security.git] / OSX / libsecurity_keychain / lib / SecFDERecoveryAsymmetricCrypto.cpp

diff --git a/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp b/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp
index 8dfb57f8b2f63ae1060f51a049283526055a1a4c..8d341bf2c3f671c567e4dc24ee3d8c361e4a4198 100644 (file)
--- a/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp
+++ b/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp
@@ -34,7 +34,7 @@
 #include <Security/SecKey.h>
 
 static void encodePrivateKeyHeader(const CssmData &inBlob, CFDataRef certificate, FVPrivateKeyHeader &outHeader);
-static CFDataRef decodePrivateKeyHeader(SecKeychainRef keychainName, const FVPrivateKeyHeader &inHeader);
+static CFDataRef CF_RETURNS_RETAINED decodePrivateKeyHeader(SecKeychainRef keychainName, const FVPrivateKeyHeader &inHeader);
 static void throwIfError(CSSM_RETURN rv);
 
 #pragma mark ----- Public SPI -----
@@ -65,7 +65,7 @@ CFDataRef SecFDERecoveryUnwrapCRSKWithPrivKey(SecKeychainRef keychain, const FVP
        catch (const CommonError &err) { __secapiresult=SecKeychainErrFromOSStatus(err.osStatus()); }
        catch (const std::bad_alloc &) { __secapiresult=errSecAllocate; }
        catch (...) { __secapiresult=errSecInternalComponent; }
-       secdebug("FDERecovery", "SecFDERecoveryUnwrapCRSKWithPrivKey: %d", (int)__secapiresult);
+       secinfo("FDERecovery", "SecFDERecoveryUnwrapCRSKWithPrivKey: %d", (int)__secapiresult);
        return result;
 }
 
@@ -115,7 +115,7 @@ static void encodePrivateKeyHeader(const CssmData &inBlob, CFDataRef certificate
        
        outHeader.encryptedBlobSize = (uint32_t)encrypt.encrypt(inBlob, clearBuf, remData.get());
        if (outHeader.encryptedBlobSize > sizeof(outHeader.encryptedBlob))
-               secdebug("FDERecovery", "encodePrivateKeyHeader: encrypted blob too big: %d", outHeader.encryptedBlobSize);
+               secinfo("FDERecovery", "encodePrivateKeyHeader: encrypted blob too big: %d", outHeader.encryptedBlobSize);
 }
 
 CFDataRef decodePrivateKeyHeader(SecKeychainRef keychain, const FVPrivateKeyHeader &inHeader)
@@ -136,12 +136,13 @@ CFDataRef decodePrivateKeyHeader(SecKeychainRef keychain, const FVPrivateKeyHead
     CSSM_CC_HANDLE cc = 0;
        
        SecKeychainSearchRef _searchRef;
-       throwIfError(SecKeychainSearchCreateFromAttributes(keychain, CSSM_DL_DB_RECORD_PRIVATE_KEY, &attrList, &_searchRef));
+       throwIfError(SecKeychainSearchCreateFromAttributes(keychain, (SecItemClass) CSSM_DL_DB_RECORD_PRIVATE_KEY, &attrList, &_searchRef));
        CFRef<SecKeychainSearchRef> searchRef(_searchRef);
        
        SecKeychainItemRef _item;
-       if (SecKeychainSearchCopyNext(searchRef, &_item))
-               return false;
+    if (SecKeychainSearchCopyNext(searchRef, &_item) != 0) {
+               return NULL;  // XXX possibly should throw here?
+    }
        
        CFRef<SecKeyRef> keyItem(reinterpret_cast<SecKeyRef>(_item));
        throwIfError(SecKeyGetCSPHandle(keyItem, &cspHandle));
@@ -161,7 +162,7 @@ CFDataRef decodePrivateKeyHeader(SecKeychainRef keychain, const FVPrivateKeyHead
                CssmAutoData remData(allocator);
                size_t bytesDecrypted;
                CSSM_RETURN crx = CSSM_DecryptData(cc, &cipherBuf, 1, &clearBuf.get(), 1, &bytesDecrypted, &remData.get());
-               secdebug("FDERecovery", "decodePrivateKeyHeader: CSSM_DecryptData result: %d", crx);
+               secinfo("FDERecovery", "decodePrivateKeyHeader: CSSM_DecryptData result: %d", crx);
                throwIfError(crx);
 //             throwIfError(CSSM_DecryptData(cc, &cipherBuf, 1, &clearBuf.get(), 1, &bytesDecrypted, &remData.get()));
                clearBuf.length(bytesDecrypted);