X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..refs/heads/master:/OSX/sec/Security/SecServerEncryptionSupport.c?ds=inline

diff --git a/OSX/sec/Security/SecServerEncryptionSupport.c b/OSX/sec/Security/SecServerEncryptionSupport.c
index 1168987b..e43f0f6b 100644
--- a/OSX/sec/Security/SecServerEncryptionSupport.c
+++ b/OSX/sec/Security/SecServerEncryptionSupport.c
@@ -22,8 +22,6 @@
 #include <corecrypto/ccaes.h>
 #include <corecrypto/ccder.h>
 
-#if !(TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
-
 //
 // We assume that SecKey is set up for this to work.
 // Specifically ccrng_seckey needs to be initialized
@@ -43,7 +41,9 @@ static void InitServerECIES(ccecies_gcm_t ecies, const struct ccmode_gcm *gcm_mo
                               gcm_mode,
                               kBlobCipherKeySize,
                               kBlobMacSize,
-                              ECIES_EXPORT_PUB_STANDARD+ECIES_EPH_PUBKEY_IN_SHAREDINFO1);
+                              ECIES_EXPORT_PUB_STANDARD
+                              +ECIES_EPH_PUBKEY_IN_SHAREDINFO1
+                              +ECIES_LEGACY_IV);
 }
 
 //
@@ -191,7 +191,7 @@ fail:
 
 static size_t ccec_x963_pub_export_size(ccec_pub_ctx_t key)
 {
-    return ccec_x963_export_size(0,(ccec_full_ctx_t)key.body); // We lie since the API is broken.
+    return ccec_x963_export_size(0,key);
 }
 
 CFDataRef SecCopyEncryptedToServerKey(SecKeyRef publicKey, CFDataRef dataToEncrypt, CFErrorRef *error)
@@ -228,7 +228,7 @@ CFDataRef SecCopyEncryptedToServerKey(SecKeyRef publicKey, CFDataRef dataToEncry
         size_t tag_size = kBlobMacSize;
         uint8_t *tag = NULL;
 
-        require_action_quiet(public_key_size + ciphertext_size + tag_size == encrypted_size, errout, SecError(errSecInternal, error, CFSTR("Allocation mismatch"), encrypt_result));
+        require_action_quiet(public_key_size + ciphertext_size + tag_size == encrypted_size, errout, SecError(errSecInternal, error, CFSTR("Allocation mismatch")));
 
         encrypted = CreateDataForEncodeEncryptedBlobOf(public_key,
                                                        public_key_size, &public_key_data,
@@ -320,10 +320,14 @@ CFDataRef SecCopyDecryptedForServer(SecKeyRef serverFullKey, CFDataRef blob, CFE
     return result;
 }
 
+#if TARGET_OS_OSX
+#include <Security/SecTrustInternal.h>
+#endif
+
 CFDataRef SecCopyEncryptedToServer(SecTrustRef trustedEvaluation, CFDataRef dataToEncrypt, CFErrorRef *error)
 {
     CFDataRef result = NULL;
-    SecKeyRef trustKey = SecTrustCopyPublicKey(trustedEvaluation);
+    SecKeyRef trustKey = SecTrustCopyKey(trustedEvaluation);
 
     require_action_quiet(trustKey, fail,
                          SecError(errSecInteractionNotAllowed, error, CFSTR("Failed to get key out of trust ref, was it evaluated?")));
@@ -332,24 +336,6 @@ CFDataRef SecCopyEncryptedToServer(SecTrustRef trustedEvaluation, CFDataRef data
     result = SecCopyEncryptedToServerKey(trustKey, dataToEncrypt, error);
 
 fail:
-
+    CFReleaseNull(trustKey);
     return result;
 }
-
-#else
-
-CFDataRef SecCopyDecryptedForServer(SecKeyRef serverFullKey, CFDataRef encryptedData, CFErrorRef* error)
-{
-    SecError(errSecUnimplemented, error, CFSTR("SecCopyDecryptedForServer not implemented on this platform"));
-
-    return NULL;
-}
-
-CFDataRef SecCopyEncryptedToServer(SecTrustRef trustedEvaluation, CFDataRef dataToEncrypt, CFErrorRef *error)
-{
-    SecError(errSecUnimplemented, error, CFSTR("SecCopyEncryptedToServer not implemented on this platform"));
-
-    return NULL;
-}
-
-#endif