X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..07691282a056c4efea71e1e505527601e8cc166b:/OSX/libsecurity_transform/lib/CEncryptDecrypt.c diff --git a/OSX/libsecurity_transform/lib/CEncryptDecrypt.c b/OSX/libsecurity_transform/lib/CEncryptDecrypt.c index 458831c3..dace9859 100644 --- a/OSX/libsecurity_transform/lib/CEncryptDecrypt.c +++ b/OSX/libsecurity_transform/lib/CEncryptDecrypt.c @@ -29,15 +29,21 @@ #include "corecrypto/ccn.h" #include "stdio.h" #include "misc.h" +#include "Utilities.h" // corecrypto headers don't like C++ (on a deaper level then extern "C" {} can fix // so we need a C "shim" for all our corecrypto use. CFDataRef oaep_padding_via_c(int desired_message_length, CFDataRef dataValue); -CFDataRef oaep_padding_via_c(int desired_message_length, CFDataRef dataValue) +CFDataRef oaep_padding_via_c(int desired_message_length, CFDataRef dataValue) CF_RETURNS_RETAINED { - cc_unit paddingBuffer[ccn_nof_size(desired_message_length)]; - bzero(paddingBuffer, sizeof(cc_unit) * ccn_nof_size(desired_message_length)); // XXX needed?? + size_t pBufferSize = ccn_sizeof_size(desired_message_length); + cc_unit *paddingBuffer = malloc(pBufferSize); + if (paddingBuffer == NULL){ + return (void*)GetNoMemoryErrorAndRetain(); + } + + bzero(paddingBuffer, pBufferSize); // XXX needed?? static dispatch_once_t randomNumberGenneratorInitialzed; static struct ccrng_system_state rng; dispatch_once(&randomNumberGenneratorInitialzed, ^{ @@ -46,30 +52,45 @@ CFDataRef oaep_padding_via_c(int desired_message_length, CFDataRef dataValue) ccrsa_oaep_encode(ccsha1_di(), (struct ccrng_state*)&rng, - sizeof(paddingBuffer), (cc_unit*)paddingBuffer, + pBufferSize, (cc_unit*)paddingBuffer, CFDataGetLength(dataValue), CFDataGetBytePtr(dataValue)); - ccn_swap(ccn_nof_size(sizeof(paddingBuffer)), (cc_unit*)paddingBuffer); + ccn_swap(ccn_nof_size(pBufferSize), (cc_unit*)paddingBuffer); CFDataRef paddedValue = CFDataCreate(NULL, (UInt8*)paddingBuffer, desired_message_length); - return paddedValue ? paddedValue : (void*)GetNoMemoryErrorAndRetain(); + free(paddingBuffer); + return paddedValue ? paddedValue : (void*)GetNoMemoryErrorAndRetain(); } CFDataRef oaep_unpadding_via_c(CFDataRef encodedMessage); -CFDataRef oaep_unpadding_via_c(CFDataRef encodedMessage) +CFDataRef oaep_unpadding_via_c(CFDataRef encodedMessage) CF_RETURNS_RETAINED { size_t mlen = CFDataGetLength(encodedMessage); - cc_size n = ccn_nof_size(mlen); - cc_unit paddingBuffer[n]; - UInt8 plainText[mlen]; + size_t pBufferSize = ccn_sizeof_size(mlen); + cc_unit *paddingBuffer = malloc(pBufferSize); + UInt8 *plainText = malloc(mlen); + if (plainText == NULL || paddingBuffer == NULL) { + free(plainText); + free(paddingBuffer); + return (void*)GetNoMemoryErrorAndRetain(); + } - ccn_read_uint(n, paddingBuffer, mlen, CFDataGetBytePtr(encodedMessage)); + ccn_read_uint(ccn_nof_size(mlen), paddingBuffer, mlen, CFDataGetBytePtr(encodedMessage)); size_t plainTextLength = mlen; int err = ccrsa_oaep_decode(ccsha1_di(), &plainTextLength, plainText, mlen, paddingBuffer); if (err) { // XXX should make a CFError or something. - return (void*)fancy_error(CFSTR("CoreCrypto"), err, CFSTR("OAEP decode error")); + CFErrorRef error = fancy_error(CFSTR("CoreCrypto"), err, CFSTR("OAEP decode error")); + CFRetainSafe(error); + free(plainText); + free(paddingBuffer); + return (void*)error; } - CFDataRef result = CFDataCreate(NULL, (UInt8*)plainText, plainTextLength); - return result; + + CFDataRef result = CFDataCreate(NULL, (UInt8*)plainText, plainTextLength); + + free(plainText); + free(paddingBuffer); + + return result; }