]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_codesigning/lib/codedirectory.cpp
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-59306.61.1.tar.gz
[apple/security.git] / OSX / libsecurity_codesigning / lib / codedirectory.cpp
diff --git a/OSX/libsecurity_codesigning/lib/codedirectory.cpp b/OSX/libsecurity_codesigning/lib/codedirectory.cpp
index 33ae72ca4edfb1e1d0b77ce369690ab4581442bf..4d3c1c80015884dcc02a2837b9ade80189e8310b 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/codedirectory.cpp
+++ b/OSX/libsecurity_codesigning/lib/codedirectory.cpp
@@ -111,6 +111,8 @@ unsigned CodeDirectory::slotAttributes(SpecialSlot slot)
                return cdComponentIsBlob; // global
        case cdIdentificationSlot:
                return cdComponentPerArchitecture; // raw
+       case cdTicketSlot:
+               return 0; // global, raw
        default:
                return 0; // global, raw
        }
@@ -209,9 +211,9 @@ bool CodeDirectory::validateSlot(const void *data, size_t length, Slot slot, boo
 {
        secinfo("codedir", "%p validating slot %d", this, int(slot));
        MakeHash<CodeDirectory> hasher(this);
-       Hashing::Byte digest[hasher->digestLength()];
-       generateHash(hasher, data, length, digest);
-       return memcmp(digest, getSlot(slot, preEncrypt), hasher->digestLength()) == 0;
+       vector<Hashing::Byte> digest_vector(hasher->digestLength());
+       generateHash(hasher, data, length, digest_vector.data());
+       return memcmp(digest_vector.data(), getSlot(slot, preEncrypt), hasher->digestLength()) == 0;
 }
 
 
@@ -222,9 +224,9 @@ bool CodeDirectory::validateSlot(const void *data, size_t length, Slot slot, boo
 bool CodeDirectory::validateSlot(FileDesc fd, size_t length, Slot slot, bool preEncrypt) const
 {
        MakeHash<CodeDirectory> hasher(this);
-       Hashing::Byte digest[hasher->digestLength()];
-       generateHash(hasher, fd, digest, length);
-       return memcmp(digest, getSlot(slot, preEncrypt), hasher->digestLength()) == 0;
+       vector<Hashing::Byte> digest_vector(hasher->digestLength());
+       generateHash(hasher, fd, digest_vector.data(), length);
+       return memcmp(digest_vector.data(), getSlot(slot, preEncrypt), hasher->digestLength()) == 0;
 }
 
 
@@ -335,10 +337,10 @@ bool CodeDirectory::verifyMemoryContent(CFDataRef data, const Byte* digest) cons
 CFDataRef CodeDirectory::cdhash(bool truncate) const
 {
        MakeHash<CodeDirectory> hash(this);
-       Hashing::Byte digest[hash->digestLength()];
+       vector<Hashing::Byte> digest_vector(hash->digestLength());
        hash->update(this, this->length());
-       hash->finish(digest);
-       return makeCFData(digest,
+       hash->finish(digest_vector.data());
+       return makeCFData(digest_vector.data(),
                                          truncate ? min(hash->digestLength(), size_t(kSecCodeCDHashLength)) :
                                          hash->digestLength());
 }
mirror of Security