#import <corecrypto/cchkdf.h>
#import <corecrypto/ccsha2.h>
#import <corecrypto/ccec.h>
+#import <corecrypto/ccrng.h>
#import <utilities/SecCFWrappers.h>
-#import <CommonCrypto/CommonRandomSPI.h>
#import <AssertMacros.h>
#import <Security/SecureObjectSync/SOSCloudCircle.h>
-#import <Security/SecureObjectSync/SOSInternal.h>
+#import "keychain/SecureObjectSync/SOSInternal.h"
#if !TARGET_OS_BRIDGE
#include <dlfcn.h>
static uint8_t backupPublicKey[] = { 'B', 'a', 'c', 'k', 'u', ' ', 'P', 'u', 'b', 'l', 'i', 'c', 'k', 'e', 'y' };
static uint8_t passwordInfoKey[] = { 'p', 'a', 's', 's', 'w', 'o', 'r', 'd', ' ', 's', 'e', 'c', 'r', 'e', 't' };
-#if !(defined(__i386__) || TARGET_IPHONE_SIMULATOR || TARGET_OS_BRIDGE)
+#if !(defined(__i386__) || TARGET_OS_SIMULATOR || TARGET_OS_BRIDGE)
static uint8_t masterkeyIDSalt[] = { 'M', 'a', 's', 't', 'e', 'r', ' ', 'K', 'e', 'y', ' ', 'I', 'd', 'e', 't' };
#endif
return res;
}
-
NSString *
SecRKCreateRecoveryKeyString(NSError **error)
{
CFRelease(recoveryKey);
return NULL;
}
-
return (__bridge NSString *)recoveryKey;
}
CFRelease(rk);
return NULL;
}
-
- return (__bridge SecRecoveryKey *)rk;
+ return (SecRecoveryKey *) CFBridgingRelease(rk);
}
static CFDataRef
CFStringRef password,
CFErrorRef *error);
-#if !(defined(__i386__) || TARGET_IPHONE_SIMULATOR)
+#if !(defined(__i386__) || TARGET_OS_SIMULATOR)
static CFStringRef getdlsymforString(void *framework, const char *symbol) {
CFStringRef retval = NULL;
void *tmpptr = dlsym(framework, symbol);
SecRKCopyAccountRecoveryVerifier(NSString *recoveryKey,
NSError **error) {
-#if defined(__i386__) || TARGET_IPHONE_SIMULATOR || TARGET_OS_BRIDGE
+#if defined(__i386__) || TARGET_OS_SIMULATOR || TARGET_OS_BRIDGE
abort();
return NULL;
#else
}
+// This recreates the key pair using the recovery key string.
static NSData *
-RKBackupCreateECKey(SecRecoveryKey *rk, bool fullkey)
+RKBackupCreateECKey(SecRecoveryKey *rk, bool returnFullkey)
{
- CFMutableDataRef publicKeyData = NULL;
+ CFMutableDataRef keyData = NULL;
CFDataRef derivedSecret = NULL;
ccec_const_cp_t cp = ccec_cp_256();
CFDataRef result = NULL;
status = ccec_generate_key_deterministic(cp,
CFDataGetLength(derivedSecret), CFDataGetBytePtr(derivedSecret),
- ccDRBGGetRngState(),
+ ccrng(NULL),
CCEC_GENKEY_DETERMINISTIC_COMPACT,
fullKey);
require_noerr(status, fail);
- size_t space = ccec_compact_export_size(fullkey, ccec_ctx_pub(fullKey));
- publicKeyData = CFDataCreateMutableWithScratch(SecCFAllocatorZeroize(), space);
- require_quiet(publicKeyData, fail);
+ size_t space = ccec_compact_export_size(returnFullkey, ccec_ctx_pub(fullKey));
+ keyData = CFDataCreateMutableWithScratch(SecCFAllocatorZeroize(), space);
+ require_quiet(keyData, fail);
- ccec_compact_export(fullkey, CFDataGetMutableBytePtr(publicKeyData), fullKey);
+ ccec_compact_export(returnFullkey, CFDataGetMutableBytePtr(keyData), fullKey);
- CFTransferRetained(result, publicKeyData);
+ CFTransferRetained(result, keyData);
fail:
CFReleaseNull(derivedSecret);
- CFReleaseNull(publicKeyData);
+ CFReleaseNull(keyData);
return (__bridge NSData *)result;
}
CFDataRef backupKey = (__bridge CFDataRef)SecRKCopyBackupPublicKey(rk);
bool res = false;
- require(backupKey, fail);
+ require_action_quiet(backupKey, fail, SOSCreateError(kSOSErrorBadKey, CFSTR("Failed to create key from rk"), NULL, error));
res = SOSCCRegisterRecoveryPublicKey(backupKey, error);
projects / apple / security.git / blobdiff