X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/6b200bc335dc93c5516ccb52f14bd896d8c7fad7..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurity_keychain/lib/SecImportExport.c?ds=sidebyside

diff --git a/OSX/libsecurity_keychain/lib/SecImportExport.c b/OSX/libsecurity_keychain/lib/SecImportExport.c
index 4ef8cd77..2b8f820d 100644
--- a/OSX/libsecurity_keychain/lib/SecImportExport.c
+++ b/OSX/libsecurity_keychain/lib/SecImportExport.c
@@ -24,20 +24,22 @@
 #include <Security/SecBase.h>
 #include <Security/SecBasePriv.h>
 #include <Security/SecItem.h>
-//#include <Security/SecRSAKey.h>
 #include <Security/SecCertificate.h>
+#include <Security/SecCertificatePriv.h>
 #include <Security/SecIdentity.h>
 #include <Security/SecIdentityPriv.h>
 #include <Security/SecPolicy.h>
 #include <Security/SecTrust.h>
 #include <Security/SecKeyPriv.h>
-#include "SecInternal.h"
+#include <Security/SecInternal.h>
 
 //#include <AssertMacros.h>
 #include <CommonCrypto/CommonDigest.h>
 
 //#include "p12import.h"
-#include <Security/SecImportExport.h>
+#include <Security/SecImportExportPriv.h>
+
+#include <CoreFoundation/CFPriv.h>
 
 const CFStringRef __nonnull kSecImportExportPassphrase = CFSTR("passphrase");
 const CFStringRef __nonnull kSecImportExportKeychain = CFSTR("keychain");
@@ -139,6 +141,9 @@ out:
 
 OSStatus SecPKCS12Import(CFDataRef pkcs12_data, CFDictionaryRef options, CFArrayRef *items)
 {
+	if (_CFMZEnabled()) {
+		return SecPKCS12Import_ios(pkcs12_data, options, items);
+	}
 	// SecPKCS12Import is implemented on Mac OS X in terms of the existing
 	// SecKeychainItemImport API, which supports importing items into a
 	// specified keychain with initial access control settings for keys.
@@ -227,21 +232,10 @@ OSStatus SecPKCS12Import(CFDataRef pkcs12_data, CFDictionaryRef options, CFArray
 
 				// key ID
 				if (!status) {
-					SecKeyRef itemKey = NULL;
-					status = SecCertificateCopyPublicKey(itemCert, &itemKey);
-					if (!status) {
-						const CSSM_KEY *cssmKey;
-						status = SecKeyGetCSSMKey(itemKey, &cssmKey);
-						if (!status) {
-							unsigned char hash[CC_SHA1_DIGEST_LENGTH];
-							CC_SHA1(cssmKey->KeyData.Data, (CC_LONG)cssmKey->KeyData.Length, &hash[0]);
-							CFDataRef digest = CFDataCreate(NULL, (const UInt8 *)hash, CC_SHA1_DIGEST_LENGTH);
-							if (digest) {
-								CFDictionaryAddValue(itemDict, kSecImportItemKeyID, digest);
-								CFRelease(digest);
-							}
-						}
-						CFRelease(itemKey);
+					CFDataRef digest = SecCertificateCopyPublicKeySHA1Digest(itemCert);
+					if (digest) {
+						CFDictionaryAddValue(itemDict, kSecImportItemKeyID, digest);
+						CFRelease(digest);
 					}
 				}