Security-57740.1.18.tar.gz

[apple/security.git] / OSX / sec / SOSCircle / SecureObjectSync / SOSInternal.c

diff --git a/OSX/sec/SOSCircle/SecureObjectSync/SOSInternal.c b/OSX/sec/SOSCircle/SecureObjectSync/SOSInternal.c
index d8c6323c08888e84485ee25f8f3ad0d59cd190a8..b743f85f6e5492410ed9e0dd7068d92941ca6e8d 100644 (file)
--- a/OSX/sec/SOSCircle/SecureObjectSync/SOSInternal.c
+++ b/OSX/sec/SOSCircle/SecureObjectSync/SOSInternal.c
@@ -67,7 +67,7 @@ bool SOSErrorCreate(CFIndex errorCode, CFErrorRef *error, CFDictionaryRef format
 
 bool SOSCreateError(CFIndex errorCode, CFStringRef descriptionString, CFErrorRef previousError, CFErrorRef *newError) {
     SOSCreateErrorWithFormat(errorCode, previousError, newError, NULL, CFSTR("%@"), descriptionString);
 
 bool SOSCreateError(CFIndex errorCode, CFStringRef descriptionString, CFErrorRef previousError, CFErrorRef *newError) {
     SOSCreateErrorWithFormat(errorCode, previousError, newError, NULL, CFSTR("%@"), descriptionString);

-    return true;
+    return false;

 }
 
 bool SOSCreateErrorWithFormat(CFIndex errorCode, CFErrorRef previousError, CFErrorRef *newError,
 }
 
 bool SOSCreateErrorWithFormat(CFIndex errorCode, CFErrorRef previousError, CFErrorRef *newError,


@@ -81,8 +81,7 @@ bool SOSCreateErrorWithFormat(CFIndex errorCode, CFErrorRef previousError, CFErr
 
 bool SOSCreateErrorWithFormatAndArguments(CFIndex errorCode, CFErrorRef previousError, CFErrorRef *newError,
                                           CFDictionaryRef formatOptions, CFStringRef format, va_list args) {
 
 bool SOSCreateErrorWithFormatAndArguments(CFIndex errorCode, CFErrorRef previousError, CFErrorRef *newError,
                                           CFDictionaryRef formatOptions, CFStringRef format, va_list args) {

-    SecCFCreateErrorWithFormatAndArguments(errorCode, kSOSErrorDomain, previousError, newError, formatOptions, format, args);
-    return true;
+    return SecCFCreateErrorWithFormatAndArguments(errorCode, kSOSErrorDomain, previousError, newError, formatOptions, format, args);

 }
 
 
 }
 
 


@@ -193,6 +192,14 @@ fail:
     return result;
 }
 
     return result;
 }
 

+CFStringRef SOSCopyIDOfKeyWithLength(SecKeyRef key, CFIndex len, CFErrorRef *error) {
+    CFStringRef retval = NULL;
+    CFStringRef tmp = SOSCopyIDOfKey(key, error);
+    if(tmp) retval = CFStringCreateWithSubstring(kCFAllocatorDefault, tmp, CFRangeMake(0, len));
+    CFReleaseNull(tmp);
+    return retval;
+}
+

 CFGiblisGetSingleton(ccec_const_cp_t, SOSGetBackupKeyCurveParameters, sBackupKeyCurveParameters, ^{
     *sBackupKeyCurveParameters = ccec_cp_256();
 });
 CFGiblisGetSingleton(ccec_const_cp_t, SOSGetBackupKeyCurveParameters, sBackupKeyCurveParameters, ^{
     *sBackupKeyCurveParameters = ccec_cp_256();
 });


@@ -205,7 +212,6 @@ CFGiblisGetSingleton(ccec_const_cp_t, SOSGetBackupKeyCurveParameters, sBackupKey
 //
 const int kBackupKeyIterations = 20;
 const uint8_t sBackupKeySalt[] = { 0 };
 //
 const int kBackupKeyIterations = 20;
 const uint8_t sBackupKeySalt[] = { 0 };

-const int kBackupKeyMaxBytes = 256;

 
 bool SOSPerformWithDeviceBackupFullKey(ccec_const_cp_t cp, CFDataRef entropy, CFErrorRef *error, void (^operation)(ccec_full_ctx_t fullKey))
 {
 
 bool SOSPerformWithDeviceBackupFullKey(ccec_const_cp_t cp, CFDataRef entropy, CFErrorRef *error, void (^operation)(ccec_full_ctx_t fullKey))
 {


@@ -229,6 +235,7 @@ bool SOSGenerateDeviceBackupFullKey(ccec_full_ctx_t generatedKey, ccec_const_cp_
     bool result = false;
     int cc_result = 0;
     struct ccrng_pbkdf2_prng_state pbkdf2_prng;
     bool result = false;
     int cc_result = 0;
     struct ccrng_pbkdf2_prng_state pbkdf2_prng;

+    const int kBackupKeyMaxBytes = 1024; // This may be a function of the cp but will be updated when we use a formally deterministic key generation.

 
     cc_result = ccrng_pbkdf2_prng_init(&pbkdf2_prng, kBackupKeyMaxBytes,
                                        CFDataGetLength(entropy), CFDataGetBytePtr(entropy),
 
     cc_result = ccrng_pbkdf2_prng_init(&pbkdf2_prng, kBackupKeyMaxBytes,
                                        CFDataGetLength(entropy), CFDataGetBytePtr(entropy),


@@ -278,3 +285,19 @@ CFDataRef SOSDateCreate(void) {
     return CFDataCreate(NULL, buf, bufsiz);
 }
 
     return CFDataCreate(NULL, buf, bufsiz);
 }
 

+
+CFDataRef CFDataCreateWithDER(CFAllocatorRef allocator, CFIndex size, uint8_t*(^operation)(size_t size, uint8_t *buffer)) {
+    __block CFMutableDataRef result = NULL;
+    if(!size) return NULL;
+    if((result = CFDataCreateMutableWithScratch(allocator, size)) == NULL) return NULL;
+    uint8_t *ptr = CFDataGetMutableBytePtr(result);
+    uint8_t *derptr = operation(size, ptr);
+    if(derptr == ptr) return result; // most probable case
+    if(!derptr || derptr < ptr) { // DER op failed  - or derptr ended up prior to allocated buffer
+        CFReleaseNull(result);
+    } else if(derptr > ptr) { // This is a possible case where we don't end up using the entire allocated buffer
+        size_t diff = derptr - ptr; // The unused space ends up being the beginning of the allocation
+        CFDataDeleteBytes(result, CFRangeMake(0, diff));
+    }
+    return result;
+}