Security-59306.61.1.tar.gz

[apple/security.git] / OSX / libsecurity_keychain / lib / SecFDERecoveryAsymmetricCrypto.cpp

diff --git a/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp b/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp
index c7d2d855e92f214f294494c5403697ffbb4994b0..187ee9c801fca2b9d275c05c69485f3fea6a3a0a 100644 (file)
--- a/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp
+++ b/OSX/libsecurity_keychain/lib/SecFDERecoveryAsymmetricCrypto.cpp
@@ -34,7 +34,7 @@
 #include <Security/SecKey.h>
 
 static void encodePrivateKeyHeader(const CssmData &inBlob, CFDataRef certificate, FVPrivateKeyHeader &outHeader);
 #include <Security/SecKey.h>
 
 static void encodePrivateKeyHeader(const CssmData &inBlob, CFDataRef certificate, FVPrivateKeyHeader &outHeader);

-static CFDataRef decodePrivateKeyHeader(SecKeychainRef keychainName, const FVPrivateKeyHeader &inHeader);
+static CFDataRef CF_RETURNS_RETAINED decodePrivateKeyHeader(SecKeychainRef keychainName, const FVPrivateKeyHeader &inHeader);

 static void throwIfError(CSSM_RETURN rv);
 
 #pragma mark ----- Public SPI -----
 static void throwIfError(CSSM_RETURN rv);
 
 #pragma mark ----- Public SPI -----


@@ -100,9 +100,13 @@ static void encodePrivateKeyHeader(const CssmData &inBlob, CFDataRef certificate
        passThrough(CSSM_APPLECSP_KEYDIGEST, NULL, &outData);
        CssmData *cssmData = reinterpret_cast<CssmData *>(outData);
        
        passThrough(CSSM_APPLECSP_KEYDIGEST, NULL, &outData);
        CssmData *cssmData = reinterpret_cast<CssmData *>(outData);
        

-       assert(cssmData->Length <= sizeof(outHeader.publicKeyHash));

        outHeader.publicKeyHashSize = (uint32_t)cssmData->Length;
        outHeader.publicKeyHashSize = (uint32_t)cssmData->Length;

-       memcpy(outHeader.publicKeyHash, cssmData->Data, cssmData->Length);
+       if (outHeader.publicKeyHashSize > sizeof(outHeader.publicKeyHash)) {
+               secinfo("FDERecovery", "encodePrivateKeyHeader: publicKeyHash too big: %d", outHeader.publicKeyHashSize);
+               outHeader.publicKeyHashSize = 0; /* failed to copy hash value */
+       } else {
+               memcpy(outHeader.publicKeyHash, cssmData->Data, outHeader.publicKeyHashSize);
+       }

        fCSP.allocator().free(cssmData->Data);
        fCSP.allocator().free(cssmData);
        
        fCSP.allocator().free(cssmData->Data);
        fCSP.allocator().free(cssmData);
        


@@ -136,7 +140,7 @@ CFDataRef decodePrivateKeyHeader(SecKeychainRef keychain, const FVPrivateKeyHead
     CSSM_CC_HANDLE cc = 0;
        
        SecKeychainSearchRef _searchRef;
     CSSM_CC_HANDLE cc = 0;
        
        SecKeychainSearchRef _searchRef;

-       throwIfError(SecKeychainSearchCreateFromAttributes(keychain, CSSM_DL_DB_RECORD_PRIVATE_KEY, &attrList, &_searchRef));
+       throwIfError(SecKeychainSearchCreateFromAttributes(keychain, (SecItemClass) CSSM_DL_DB_RECORD_PRIVATE_KEY, &attrList, &_searchRef));

        CFRef<SecKeychainSearchRef> searchRef(_searchRef);
        
        SecKeychainItemRef _item;
        CFRef<SecKeychainSearchRef> searchRef(_searchRef);
        
        SecKeychainItemRef _item;