static void tests(void)
{
CFDataRef attached_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, attached_signed_data_der, attached_signed_data_der_len, kCFAllocatorNull);
CFDataRef detached_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, detached_signed_data_der, detached_signed_data_der_len, kCFAllocatorNull);
CFDataRef attached_no_data_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, attached_no_data_signed_data_der, attached_no_data_signed_data_der_len, kCFAllocatorNull);
CFDataRef detached_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, detached_content, detached_content_len, kCFAllocatorNull);
CFDataRef no_data = CFDataCreate(kCFAllocatorDefault, NULL, 0);
SecPolicyRef policy = SecPolicyCreateBasicX509();
SecTrustRef trust = NULL;
ok_status(SecCMSVerifyCopyDataAndAttributes(attached_signed_data, NULL, policy, &trust, NULL, NULL), "verify attached data");
CFRelease(trust);
ok_status(SecCMSVerifyCopyDataAndAttributes(detached_signed_data, detached_data, policy, &trust, NULL, NULL), "verify detached data");
CFRelease(trust);
ok_status(SecCMSVerifyCopyDataAndAttributes(attached_no_data_signed_data, NULL, policy, &trust, NULL, NULL), "verify attached no data");
CFRelease(trust);
ok_status(SecCMSVerifyCopyDataAndAttributes(attached_no_data_signed_data, no_data, policy, &trust, NULL, NULL), "verify attached no data");
CFRelease(trust);
SecCertificateRef cert = NULL;
SecKeyRef privKey = NULL;
SecIdentityRef identity = NULL;
isnt(cert = SecCertificateCreateWithBytes(NULL, signer_der, signer_der_len), NULL, "create certificate");
isnt(privKey = SecKeyCreateRSAPrivateKey(NULL, privkey_der, privkey_der_len, kSecKeyEncodingPkcs1), NULL, "create private key");
isnt(identity = SecIdentityCreate(NULL, cert, privKey), NULL, "create identity");
CFReleaseSafe(privKey);
CFMutableDataRef cms_data = CFDataCreateMutable(kCFAllocatorDefault, 0);
ok_status(SecCMSCreateSignedData(identity, detached_data, NULL, NULL, cms_data), "create attached data");
//write_data("/var/tmp/attached", cms_data);
CFDataSetLength(cms_data, 0);
CFDictionaryRef detached_cms_dict = CFDictionaryCreate(kCFAllocatorDefault, (const void **)&kSecCMSSignDetached, (const void **)&kCFBooleanTrue, 1, NULL, NULL);
ok_status(SecCMSCreateSignedData(identity, detached_data, detached_cms_dict, NULL, cms_data), "create attached data");
CFRelease(detached_cms_dict);
//write_data("/var/tmp/detached", cms_data);
CFDataSetLength(cms_data, 0);
ok_status(SecCMSCreateSignedData(identity, NULL, NULL, NULL, cms_data), "create attached data");
//write_data("/var/tmp/empty_attached", cms_data);
CFReleaseSafe(cms_data);
CFReleaseSafe(cert);
CFReleaseNull(identity);
CFRelease(attached_signed_data);
CFRelease(detached_signed_data);
CFRelease(attached_no_data_signed_data);
CFRelease(detached_data);
CFRelease(no_data);
CFRelease(policy);
}
CFDataRef SecDigestCreate(CFAllocatorRef allocator,
const SecAsn1Oid *algorithm, const SecAsn1Item *params,
const UInt8 *data, CFIndex length) {
unsigned char *(*digestFcn)(const void *data, CC_LONG len, unsigned char *md);
CFIndex digestLen;
if (length > INT32_MAX)
return NULL;
if (SecAsn1OidCompare(algorithm, &CSSMOID_SHA1)) {
digestFcn = CC_SHA1;
digestLen = CC_SHA1_DIGEST_LENGTH;
} else if (SecAsn1OidCompare(algorithm, &CSSMOID_SHA224)) {
digestFcn = CC_SHA224;
digestLen = CC_SHA224_DIGEST_LENGTH;
} else if (SecAsn1OidCompare(algorithm, &CSSMOID_SHA256)) {
digestFcn = CC_SHA256;
digestLen = CC_SHA256_DIGEST_LENGTH;
} else if (SecAsn1OidCompare(algorithm, &CSSMOID_SHA384)) {
digestFcn = CC_SHA384;
digestLen = CC_SHA384_DIGEST_LENGTH;
} else if (SecAsn1OidCompare(algorithm, &CSSMOID_SHA512)) {
digestFcn = CC_SHA512;
digestLen = CC_SHA512_DIGEST_LENGTH;
} else {
return NULL;
}
CFMutableDataRef digest = CFDataCreateMutable(allocator, digestLen);
CFDataSetLength(digest, digestLen);
digestFcn(data, (CC_LONG)length, CFDataGetMutableBytePtr(digest));
return digest;
}
CFDataRef SOSUserKeyCreateGenerateParameters(CFErrorRef *error) {
size_t saltlen = SALTMAX;
uint8_t salt[saltlen];
size_t iterations = ITERATIONMIN;
size_t keysize = 256;
if(CCRandomCopyBytes(kCCRandomDefault, salt, sizeof(salt)) != kCCSuccess) {
SOSCreateError(kSOSErrorProcessingFailure, CFSTR("CCRandomCopyBytes failed"), NULL, error);
return NULL;
}
CFMutableDataRef result = CFDataCreateMutable(kCFAllocatorDefault, 0);
CFDataSetLength(result, der_sizeof_pbkdf2_params(saltlen, salt, iterations, keysize));
uint8_t * encode = der_encode_pbkdf2_params(saltlen, salt, iterations, keysize,
CFDataGetBytePtr(result),
CFDataGetMutableBytePtr(result) + CFDataGetLength(result));
if (!encode)
CFReleaseNull(result);
if (result) {
secnotice("keygen", "Created new parameters: iterations %zd, keysize %zd: %@", iterations, keysize, result);
}
return result;
}
CFDataRef SecSHA256DigestCreateFromData(CFAllocatorRef allocator, CFDataRef data) {
CFMutableDataRef digest = CFDataCreateMutable(allocator,
CC_SHA256_DIGEST_LENGTH);
CFDataSetLength(digest, CC_SHA256_DIGEST_LENGTH);
CCDigest(kCCDigestSHA256, CFDataGetBytePtr(data), CFDataGetLength(data), CFDataGetMutableBytePtr(digest));
return digest;
}
static CFDataRef SecRSAPublicKeyCreatePKCS1(CFAllocatorRef allocator, ccrsa_pub_ctx_t pubkey)
{
size_t m_size = ccn_write_int_size(ccrsa_ctx_n(pubkey), ccrsa_ctx_m(pubkey));
size_t e_size = ccn_write_int_size(ccrsa_ctx_n(pubkey), ccrsa_ctx_e(pubkey));
const size_t seq_size = DERLengthOfItem(ASN1_INTEGER, m_size) +
DERLengthOfItem(ASN1_INTEGER, e_size);
const size_t result_size = DERLengthOfItem(ASN1_SEQUENCE, seq_size);
CFMutableDataRef pkcs1 = CFDataCreateMutable(allocator, result_size);
if (pkcs1 == NULL)
return NULL;
CFDataSetLength(pkcs1, result_size);
uint8_t *bytes = CFDataGetMutableBytePtr(pkcs1);
*bytes++ = ASN1_CONSTR_SEQUENCE;
DERSize itemLength = 4;
DEREncodeLength(seq_size, bytes, &itemLength);
bytes += itemLength;
ccasn_encode_int(ccrsa_ctx_n(pubkey), ccrsa_ctx_m(pubkey), m_size, &bytes);
ccasn_encode_int(ccrsa_ctx_n(pubkey), ccrsa_ctx_e(pubkey), e_size, &bytes);
return pkcs1;
}
void
CFDataIncreaseLength (CFMutableDataRef d, CFIndex length)
{
CF_OBJC_FUNCDISPATCH1(_kCFDataTypeID, void, d, "increaseLengthBy:", length);
CFDataSetLength (d, d->_length + length);
}
CFDataRef SecSHA256DigestCreate(CFAllocatorRef allocator,
const UInt8 *data, CFIndex length) {
CFMutableDataRef digest = CFDataCreateMutable(allocator,
CC_SHA256_DIGEST_LENGTH);
CFDataSetLength(digest, CC_SHA256_DIGEST_LENGTH);
CCDigest(kCCDigestSHA256, data, length, CFDataGetMutableBytePtr(digest));
return digest;
}
STATIC CFDataRef
my_CFDataCreateWithRandomBytes(CFIndex size)
{
CFMutableDataRef data;
data = CFDataCreateMutable(NULL, size);
CFDataSetLength(data, size);
fill_with_random(CFDataGetMutableBytePtr(data), (int)size);
return (data);
}
/* Encode the public key and return it in a newly allocated CFDataRef. */
static CFDataRef SecECPublicKeyExport(CFAllocatorRef allocator,
ccec_pub_ctx_t pubkey) {
size_t pub_size = ccec_export_pub_size(pubkey);
CFMutableDataRef blob = CFDataCreateMutable(allocator, pub_size);
if (blob) {
CFDataSetLength(blob, pub_size);
ccec_export_pub(pubkey, CFDataGetMutableBytePtr(blob));
}
return blob;
}
// Add 1000 items on each device. Then delete 1000 items on each device.
static void test_engine_views(void) {
__block int iteration=0;
__block int objectix=0;
__block CFMutableArrayRef objectNames = CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks);
const size_t itemDataSize = 1024;
const int peerCount = 4;
const int edgeCount = peerCount * (peerCount - 1);
const int itemsPerPeer = 1000;
const int itemsPerIteration = 100;
const int itemChunkCount = (itemsPerPeer / itemsPerIteration);
const int deleteIteration = edgeCount * (itemChunkCount + 30);
const int idleIteration = 616; //deleteIteration + edgeCount * (itemChunkCount + 10);
CFMutableDataRef itemData = CFDataCreateMutable(kCFAllocatorDefault, itemDataSize);
CFDataSetLength(itemData, itemDataSize);
const char *name = "engine_views";
//const char *test_directive
//const char *test_reason
CFIndex version = 0;
bool(^pre)(SOSTestDeviceRef source, SOSTestDeviceRef dest) = ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest) {
bool result = false;
if (iteration <= edgeCount * itemChunkCount) {
if (iteration % (peerCount - 1) == 0) {
for (int j = 0; j < itemsPerIteration; ++j) {
CFStringRef name = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@-pre-%d"), SOSTestDeviceGetID(source), objectix++);
CFArrayAppendValue(objectNames, name);
SOSTestDeviceAddGenericItemWithData(source, name, name, itemData);
CFReleaseNull(name);
}
}
result = true;
} else if (iteration == deleteIteration) {
//diag("deletion starting");
} else if (deleteIteration < iteration && iteration <= deleteIteration + edgeCount * itemChunkCount) {
if (iteration % (peerCount - 1) == 0) {
for (int j = 0; j < itemsPerIteration; ++j) {
CFStringRef name = CFArrayGetValueAtIndex(objectNames, --objectix);
SOSTestDeviceAddGenericItemTombstone(source, name, name);
}
result = true;
}
} else if (idleIteration == iteration) {
//diag("idle starting");
} else if (617 == iteration) {
//diag("interesting");
}
iteration++;
return result || iteration < deleteIteration;
};
static CFDataRef SecECPPrivateKeyExport(CFAllocatorRef allocator,
ccec_full_ctx_t fullkey) {
size_t prime_size = ccec_cp_prime_size(ccec_ctx_cp(fullkey));
size_t key_size = ccec_export_pub_size(fullkey) + prime_size;
CFMutableDataRef blob = CFDataCreateMutable(allocator, key_size);
if (blob) {
CFDataSetLength(blob, key_size);
ccec_export_pub(fullkey, CFDataGetMutableBytePtr(blob));
UInt8 *dest = CFDataGetMutableBytePtr(blob) + ccec_export_pub_size(fullkey);
const cc_unit *k = ccec_ctx_k(fullkey);
ccn_write_uint_padded(ccec_ctx_n(fullkey), k, prime_size, dest);
}
return blob;
}
/*
* Opens a configuration file and returns a CFArrayRef consisting
* of a CFStringRef for each line.
*/
CFArrayRef
configRead(const char *path)
{
int fd;
struct stat statBuf;
CFMutableDataRef data;
CFStringRef str;
CFArrayRef config = NULL;
fd = open(path, O_RDONLY, 0644);
if (fd < 0) {
goto done;
}
if (fstat(fd, &statBuf) < 0) {
goto done;
}
if ((statBuf.st_mode & S_IFMT) != S_IFREG) {
goto done;
}
data = CFDataCreateMutable(NULL, statBuf.st_size);
CFDataSetLength(data, statBuf.st_size);
if(read(fd, (void *)CFDataGetMutableBytePtr(data), statBuf.st_size) != statBuf.st_size) {
CFRelease(data);
goto done;
}
str = CFStringCreateFromExternalRepresentation(NULL, data, kCFStringEncodingMacRoman);
CFRelease(data);
config = CFStringCreateArrayBySeparatingStrings(NULL, str, CFSTR("\n"));
CFRelease(str);
done:
if (fd >= 0) {
close(fd);
}
if (config == NULL) {
CFMutableArrayRef emptyConfig;
/* pretend that we found an empty file */
emptyConfig = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
CFArrayAppendValue(emptyConfig, CFSTR(""));
config = (CFArrayRef)emptyConfig;
}
return config;
}
/* Create a URI suitable for use in an http GET request, will return NULL if
the length would exceed 255 bytes. */
static CFURLRef createGetURL(CFURLRef responder, CFDataRef request) {
CFURLRef getURL = NULL;
CFMutableDataRef base64Request = NULL;
CFStringRef base64RequestString = NULL;
CFStringRef peRequest = NULL;
CFIndex base64Len;
base64Len = SecBase64Encode(NULL, CFDataGetLength(request), NULL, 0);
/* Don't bother doing all the work below if we know the end result will
exceed 255 bytes (minus one for the '/' separator makes 254). */
if (base64Len + CFURLGetBytes(responder, NULL, 0) > 254)
return NULL;
require(base64Request = CFDataCreateMutable(kCFAllocatorDefault,
base64Len), errOut);
CFDataSetLength(base64Request, base64Len);
SecBase64Encode(CFDataGetBytePtr(request), CFDataGetLength(request),
(char *)CFDataGetMutableBytePtr(base64Request), base64Len);
require(base64RequestString = CFStringCreateWithBytes(kCFAllocatorDefault,
CFDataGetBytePtr(base64Request), base64Len, kCFStringEncodingUTF8,
false), errOut);
require(peRequest = CFURLCreateStringByAddingPercentEscapes(
kCFAllocatorDefault, base64RequestString, NULL, CFSTR("+/="),
kCFStringEncodingUTF8), errOut);
#if 1
CFStringRef urlString = CFURLGetString(responder);
CFStringRef fullURL;
if (CFStringHasSuffix(urlString, CFSTR("/"))) {
fullURL = CFStringCreateWithFormat(kCFAllocatorDefault, NULL,
CFSTR("%@%@"), urlString, peRequest);
} else {
fullURL = CFStringCreateWithFormat(kCFAllocatorDefault, NULL,
CFSTR("%@/%@"), urlString, peRequest);
}
getURL = CFURLCreateWithString(kCFAllocatorDefault, fullURL, NULL);
CFRelease(fullURL);
#else
getURL = CFURLCreateWithString(kCFAllocatorDefault, peRequest, responder);
#endif
errOut:
CFReleaseSafe(base64Request);
CFReleaseSafe(base64RequestString);
CFReleaseSafe(peRequest);
return getURL;
}
STATIC CFDataRef
make_DUID_LL_data(interface_t * if_p)
{
CFMutableDataRef data;
int duid_len;
DHCPDUID_LLRef ll_p;
duid_len = offsetof(DHCPDUID_LL, linklayer_address) + if_link_length(if_p);
data = CFDataCreateMutable(NULL, duid_len);
CFDataSetLength(data, duid_len);
ll_p = (DHCPDUID_LLRef)CFDataGetMutableBytePtr(data);
DHCPDUIDSetType((DHCPDUIDRef)ll_p, kDHCPDUIDTypeLL);
DHCPDUID_LLSetHardwareType(ll_p, if_link_arptype(if_p));
bcopy(if_link_address(if_p), ll_p->linklayer_address,
if_link_length(if_p));
return (data);
}
CFDataRef SecKeyCopyModulus(SecKeyRef key) {
ccrsa_pub_ctx_t pubkey;
pubkey.pub = key->key;
size_t m_size = ccn_write_uint_size(ccrsa_ctx_n(pubkey), ccrsa_ctx_m(pubkey));
CFAllocatorRef allocator = CFGetAllocator(key);
CFMutableDataRef modulusData = CFDataCreateMutable(allocator, m_size);
if (modulusData == NULL)
return NULL;
CFDataSetLength(modulusData, m_size);
ccn_write_uint(ccrsa_ctx_n(pubkey), ccrsa_ctx_m(pubkey), m_size, CFDataGetMutableBytePtr(modulusData));
return modulusData;
}
CFDataRef SOSCoderCopyDER(SOSCoderRef coder, CFErrorRef* error) {
CFMutableDataRef encoded = NULL;
size_t encoded_size = SOSCoderGetDEREncodedSize(coder, error);
if (encoded_size > 0) {
encoded = CFDataCreateMutable(NULL, encoded_size);
if (encoded) {
CFDataSetLength(encoded, encoded_size);
uint8_t * der = CFDataGetMutableBytePtr(encoded);
uint8_t * der_end = der + encoded_size;
if (!SOSCoderEncodeToDER(coder, error, der, der_end)) {
CFReleaseNull(encoded);
encoded = NULL;
}
}
}
return encoded;
}
CFDataRef SecKeyCopyExponent(SecKeyRef key) {
ccrsa_pub_ctx_t pubkey;
pubkey.pub = key->key;
size_t e_size = ccn_write_uint_size(ccrsa_ctx_n(pubkey), ccrsa_ctx_e(pubkey));
CFAllocatorRef allocator = CFGetAllocator(key);
CFMutableDataRef exponentData = CFDataCreateMutable(allocator, e_size);
if (exponentData == NULL)
return NULL;
CFDataSetLength(exponentData, e_size);
ccn_write_uint(ccrsa_ctx_n(pubkey), ccrsa_ctx_m(pubkey), e_size, CFDataGetMutableBytePtr(exponentData));
return exponentData;
}
CGImageRef CGImageMaskCreateWithImageRef(CGImageRef imageRef) {
size_t maskWidth = CGImageGetWidth(imageRef);
size_t maskHeight = CGImageGetHeight(imageRef);
size_t bytesPerRow = maskWidth;
size_t bufferSize = maskWidth * maskHeight;
CFMutableDataRef dataBuffer = CFDataCreateMutable(kCFAllocatorDefault, 0);
CFDataSetLength(dataBuffer, bufferSize);
CGColorSpaceRef greyColorSpaceRef = CGColorSpaceCreateDeviceGray();
CGContextRef ctx = CGBitmapContextCreate(CFDataGetMutableBytePtr(dataBuffer),
maskWidth,
maskHeight,
8,
bytesPerRow,
greyColorSpaceRef,
kCGImageAlphaNone);
CGContextDrawImage(ctx, CGRectMake(0, 0, maskWidth, maskHeight), imageRef);
CGContextRelease(ctx);
CGDataProviderRef dataProvider = CGDataProviderCreateWithCFData(dataBuffer);
CGImageRef maskImageRef = CGImageMaskCreate(maskWidth,
maskHeight,
8,
8,
bytesPerRow,
dataProvider,
NULL,
FALSE);
CGDataProviderRelease(dataProvider);
CGColorSpaceRelease(greyColorSpaceRef);
CFRelease(dataBuffer);
return maskImageRef;
}
void Blob::setLength(Index length)
{
CFDataSetLength(getStorage(), length);
}
CFDataRef createMkext1ForArch(const NXArchInfo * arch, CFArrayRef archiveKexts,
boolean_t compress)
{
CFMutableDataRef result = NULL;
CFMutableDictionaryRef kextsByIdentifier = NULL;
Mkext1Context context;
mkext1_header * mkextHeader = NULL; // do not free
const uint8_t * adler_point = 0;
CFIndex count, i;
result = CFDataCreateMutable(kCFAllocatorDefault, /* capaacity */ 0);
if (!result || !createCFMutableDictionary(&kextsByIdentifier)) {
OSKextLogMemError();
goto finish;
}
/* mkext1 can only contain 1 kext for a given bundle identifier, so we
* have to pick out the most recent versions.
*/
count = CFArrayGetCount(archiveKexts);
for (i = 0; i < count; i++) {
OSKextRef theKext = (OSKextRef)CFArrayGetValueAtIndex(archiveKexts, i);
CFStringRef bundleIdentifier = OSKextGetIdentifier(theKext);
OSKextRef savedKext = (OSKextRef)CFDictionaryGetValue(kextsByIdentifier,
bundleIdentifier);
OSKextVersion thisVersion, savedVersion;
if (!OSKextSupportsArchitecture(theKext, arch)) {
continue;
}
if (!savedKext) {
CFDictionarySetValue(kextsByIdentifier, bundleIdentifier, theKext);
continue;
}
thisVersion = OSKextGetVersion(theKext);
savedVersion = OSKextGetVersion(savedKext);
if (thisVersion > savedVersion) {
CFDictionarySetValue(kextsByIdentifier, bundleIdentifier, theKext);
}
}
/* Add room for the mkext header and kext descriptors.
*/
CFDataSetLength(result, sizeof(mkext1_header) +
CFDictionaryGetCount(kextsByIdentifier) * sizeof(mkext_kext));
context.mkext = result;
context.kextIndex = 0;
context.compressOffset = (uint32_t)CFDataGetLength(result);
context.arch = arch;
context.fatal = false;
context.compress = compress;
CFDictionaryApplyFunction(kextsByIdentifier, addToMkext1, &context);
if (context.fatal) {
SAFE_RELEASE_NULL(result);
goto finish;
}
mkextHeader = (mkext1_header *)CFDataGetBytePtr(result);
mkextHeader->magic = OSSwapHostToBigInt32(MKEXT_MAGIC);
mkextHeader->signature = OSSwapHostToBigInt32(MKEXT_SIGN);
mkextHeader->version = OSSwapHostToBigInt32(0x01008000); // 'vers' 1.0.0
mkextHeader->numkexts =
OSSwapHostToBigInt32((__uint32_t)CFDictionaryGetCount(kextsByIdentifier));
mkextHeader->cputype = OSSwapHostToBigInt32(arch->cputype);
mkextHeader->cpusubtype = OSSwapHostToBigInt32(arch->cpusubtype);
mkextHeader->length = OSSwapHostToBigInt32((__uint32_t)CFDataGetLength(result));
adler_point = (UInt8 *)&mkextHeader->version;
mkextHeader->adler32 = OSSwapHostToBigInt32(local_adler32(
(UInt8 *)&mkextHeader->version,
(int)(CFDataGetLength(result) - (adler_point - (uint8_t *)mkextHeader))));
OSKextLog(/* kext */ NULL, kOSKextLogProgressLevel | kOSKextLogArchiveFlag,
"Created mkext for %s containing %lu kexts.",
arch->name,
CFDictionaryGetCount(kextsByIdentifier));
finish:
SAFE_RELEASE(kextsByIdentifier);
return result;
}
CFMutableDictionaryRef decrypt_data_ios5(const uint8_t* datab, uint32_t len, uint32_t* pclass)
{
CFMutableDictionaryRef plist = NULL;
CFErrorRef err = NULL;
uint8_t aes_key[48];
uint32_t version, protection_class, wrapped_length, item_length;
CCCryptorStatus cs = 0;
IOReturn ret;
int taglen = 16;
char tag[16];
if (len < 68)
{
fprintf(stderr, "decrypt_data_ios5 : keychain item len < 68\n");
return NULL;
}
version = ((uint32_t*) datab)[0];
protection_class = ((uint32_t*) datab)[1];
if (pclass != NULL)
*pclass = protection_class;
wrapped_length = ((uint32_t*) datab)[2];
item_length = len - 48 - 4 - 16;
if (version != 2 && version != 3)
{
fprintf(stderr, "decrypt_data_ios5 : version = %d\n", version);
return NULL;
}
if (wrapped_length != 40)
{
fprintf(stderr, "decrypt_data_ios5 : wrapped_length != 0x28\n");
return NULL;
}
if((ret = AppleKeyStore_keyUnwrap(protection_class, &datab[12], 40, aes_key)))
{
fprintf(stderr, "decrypt_data_ios5 : AppleKeyStore_keyUnwrap = %x\n", ret);
return NULL;
}
CFMutableDataRef item = CFDataCreateMutable(kCFAllocatorDefault, item_length);
if (item == NULL)
{
memset(aes_key, 0, 48);
return NULL;
}
CFDataSetLength(item, item_length);
if (CCCryptorGCM == NULL)
getCCCryptorGCM();
if (CCCryptorGCM != NULL)
cs = CCCryptorGCM(kCCDecrypt,
kCCAlgorithmAES128,
aes_key,
32,
0,
0,
0,
0,
&datab[52],
item_length,
(void*) CFDataGetBytePtr(item),
tag,
&taglen);
memset(aes_key, 0, 48);
if (cs != 0)
{
fprintf(stderr, "decrypt_data_ios5 : CCCryptorGCM failed, CCCryptorStatus = %x\n", cs);
CFRelease(item);
return NULL;
}
if (version == 3)
{
der_decode_plist(kCFAllocatorDefault, 1,
(CFPropertyListRef*) &plist, &err,
(const uint8_t*) CFDataGetBytePtr(item),
(const uint8_t*) CFDataGetBytePtr(item) + item_length);
}
else
{
plist = (CFMutableDictionaryRef) CFPropertyListCreateFromXMLData(NULL, item, kCFPropertyListMutableContainersAndLeaves, NULL);
}
CFRelease(item);
if (plist != NULL && CFGetTypeID(plist) != CFDictionaryGetTypeID())
{
fprintf(stderr, "decrypt_data_ios5 : CFPropertyListCreateFromXMLData did not return a dictionary\n");
CFRelease(plist);
return NULL;
}
return plist;
}
size_t der_sizeof_dictionary(CFDictionaryRef dict, CFErrorRef *error)
{
struct size_context context = { .success = true, .size = 0, .error = error };
CFDictionaryApplyFunction(dict, add_key_value_size, &context);
if (!context.success)
return 0;
return ccder_sizeof(CCDER_CONSTRUCTED_SET, context.size);
}
static uint8_t* der_encode_key_value(CFPropertyListRef key, CFPropertyListRef value, CFErrorRef *error,
const uint8_t* der, uint8_t *der_end)
{
return ccder_encode_constructed_tl(CCDER_CONSTRUCTED_SEQUENCE, der_end, der,
der_encode_plist(key, error, der,
der_encode_plist(value, error, der, der_end)));
}
struct encode_context {
bool success;
CFErrorRef * error;
CFMutableArrayRef list;
CFAllocatorRef allocator;
};
static void add_sequence_to_array(const void *key_void, const void *value_void, void *context_void)
{
struct encode_context *context = (struct encode_context *) context_void;
if (context->success) {
CFTypeRef key = (CFTypeRef) key_void;
CFTypeRef value = (CFTypeRef) value_void;
size_t der_size = der_sizeof_key_value(key, value, context->error);
if (der_size == 0) {
context-> success = false;
} else {
CFMutableDataRef encoded_kv = CFDataCreateMutable(context->allocator, der_size);
CFDataSetLength(encoded_kv, der_size);
uint8_t* const encode_begin = CFDataGetMutableBytePtr(encoded_kv);
uint8_t* encode_end = encode_begin + der_size;
encode_end = der_encode_key_value(key, value, context->error, encode_begin, encode_end);
if (encode_end != NULL) {
CFDataDeleteBytes(encoded_kv, CFRangeMake(0, (encode_end - encode_begin)));
CFArrayAppendValue(context->list, encoded_kv);
} else {
context-> success = false;
}
CFReleaseNull(encoded_kv);
}
}
}
static CFComparisonResult cfdata_compare_contents(const void *val1, const void *val2, void *context __unused)
{
return CFDataCompare((CFDataRef) val1, (CFDataRef) val2);
}
uint8_t* der_encode_dictionary(CFDictionaryRef dictionary, CFErrorRef *error,
const uint8_t *der, uint8_t *der_end)
{
CFMutableArrayRef elements = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
struct encode_context context = { .success = true, .error = error, .list = elements };
CFDictionaryApplyFunction(dictionary, add_sequence_to_array, &context);
if (!context.success) {
CFReleaseNull(elements);
return NULL;
}
CFRange allOfThem = CFRangeMake(0, CFArrayGetCount(elements));
CFArraySortValues(elements, allOfThem, cfdata_compare_contents, NULL);
uint8_t* original_der_end = der_end;
for(CFIndex position = CFArrayGetCount(elements); position > 0;) {
--position;
CFDataRef data = CFArrayGetValueAtIndex(elements, position);
der_end = ccder_encode_body(CFDataGetLength(data), CFDataGetBytePtr(data), der, der_end);
}
CFReleaseNull(elements);
return ccder_encode_constructed_tl(CCDER_CONSTRUCTED_SET, original_der_end, der, der_end);
}
static CFArrayRef
getTargets(CFBundleRef bundle)
{
int fd;
Boolean ok;
struct stat statBuf;
CFArrayRef targets; /* The array of dictionaries
representing targets with
a "kick me" sign posted on
their backs. */
char targetPath[MAXPATHLEN];
CFURLRef url;
CFStringRef xmlError;
CFMutableDataRef xmlTargets;
/* locate the Kicker targets */
url = CFBundleCopyResourceURL(bundle, CFSTR("Kicker"), CFSTR("xml"), NULL);
if (!url) {
return NULL;
}
ok = CFURLGetFileSystemRepresentation(url,
TRUE,
(UInt8 *)&targetPath,
sizeof(targetPath));
CFRelease(url);
if (!ok) {
return NULL;
}
/* open the file */
if ((fd = open(targetPath, O_RDONLY, 0)) == -1) {
SCLog(TRUE, LOG_NOTICE,
CFSTR("%@ load(): %s not found"),
CFBundleGetIdentifier(bundle),
targetPath);
return NULL;
}
/* get the type and size of the XML data file */
if (fstat(fd, &statBuf) < 0) {
(void) close(fd);
return NULL;
}
/* check that its a regular file */
if ((statBuf.st_mode & S_IFMT) != S_IFREG) {
(void) close(fd);
return NULL;
}
/* load the file contents */
xmlTargets = CFDataCreateMutable(NULL, statBuf.st_size);
CFDataSetLength(xmlTargets, statBuf.st_size);
if (read(fd, (void *)CFDataGetMutableBytePtr(xmlTargets), statBuf.st_size) != statBuf.st_size) {
CFRelease(xmlTargets);
(void) close(fd);
return NULL;
}
(void) close(fd);
/* convert the XML data into a property list */
targets = CFPropertyListCreateFromXMLData(NULL,
xmlTargets,
kCFPropertyListImmutable,
&xmlError);
CFRelease(xmlTargets);
if (!targets) {
if (xmlError) {
SCLog(TRUE, LOG_DEBUG,
CFSTR("CFPropertyListCreateFromXMLData() start: %@"),
xmlError);
CFRelease(xmlError);
}
return NULL;
}
if (!isA_CFArray(targets)) {
CFRelease(targets);
targets = NULL;
}
return targets;
}
__private_extern__
void
do_dictSetKey(int argc, char **argv)
{
CFMutableArrayRef array = NULL;
Boolean doArray = FALSE;
Boolean doBoolean = FALSE;
Boolean doData = FALSE;
Boolean doNumeric = FALSE;
CFStringRef key;
CFMutableDictionaryRef newValue;
CFTypeRef val = NULL;
if (value == NULL) {
SCPrint(TRUE, stdout, CFSTR("d.add: dictionary must be initialized.\n"));
return;
}
if (!isA_CFDictionary(value)) {
SCPrint(TRUE, stdout, CFSTR("d.add: data (fetched from configuration server) is not a dictionary.\n"));
return;
}
key = CFStringCreateWithCString(NULL, argv[0], kCFStringEncodingUTF8);
argv++; argc--;
while (argc > 0) {
if (strcmp(argv[0], "*") == 0) {
/* if array requested */
doArray = TRUE;
} else if (strcmp(argv[0], "-") == 0) {
/* if string values requested */
} else if (strcmp(argv[0], "?") == 0) {
/* if boolean values requested */
doBoolean = TRUE;
} else if (strcmp(argv[0], "%") == 0) {
/* if [hex] data values requested */
doData = TRUE;
} else if (strcmp(argv[0], "#") == 0) {
/* if numeric values requested */
doNumeric = TRUE;
} else {
/* it's not a special flag */
break;
}
argv++; argc--;
}
if (argc > 1) {
doArray = TRUE;
} else if (!doArray && (argc == 0)) {
SCPrint(TRUE, stdout, CFSTR("d.add: no values.\n"));
CFRelease(key);
return;
}
if (doArray) {
array = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
}
while (argc > 0) {
if (doBoolean) {
if ((strcasecmp(argv[0], "true") == 0) ||
(strcasecmp(argv[0], "t" ) == 0) ||
(strcasecmp(argv[0], "yes" ) == 0) ||
(strcasecmp(argv[0], "y" ) == 0) ||
(strcmp (argv[0], "1" ) == 0)) {
val = CFRetain(kCFBooleanTrue);
} else if ((strcasecmp(argv[0], "false") == 0) ||
(strcasecmp(argv[0], "f" ) == 0) ||
(strcasecmp(argv[0], "no" ) == 0) ||
(strcasecmp(argv[0], "n" ) == 0) ||
(strcmp (argv[0], "0" ) == 0)) {
val = CFRetain(kCFBooleanFalse);
} else {
SCPrint(TRUE, stdout, CFSTR("d.add: invalid data.\n"));
if (doArray) CFRelease(array);
CFRelease(key);
return;
}
} else if (doData) {
uint8_t *bytes;
CFMutableDataRef data;
int i;
int j;
int n;
n = strlen(argv[0]);
if ((n % 2) == 1) {
SCPrint(TRUE, stdout, CFSTR("d.add: not enough bytes.\n"));
if (doArray) CFRelease(array);
CFRelease(key);
return;
}
data = CFDataCreateMutable(NULL, (n / 2));
CFDataSetLength(data, (n / 2));
bytes = (uint8_t *)CFDataGetBytePtr(data);
for (i = 0, j = 0; i < n; i += 2, j++) {
unsigned long byte;
char *end;
char str[3] = { 0 };
str[0] = argv[0][i];
str[1] = argv[0][i + 1];
errno = 0;
byte = strtoul(str, &end, 16);
if ((*end != '\0') || (errno != 0)) {
CFRelease(data);
data = NULL;
break;
}
bytes[j] = byte;
}
if (data == NULL) {
SCPrint(TRUE, stdout, CFSTR("d.add: invalid data.\n"));
if (doArray) CFRelease(array);
CFRelease(key);
return;
}
val = data;
} else if (doNumeric) {
int intValue;
if (sscanf(argv[0], "%d", &intValue) == 1) {
val = CFNumberCreate(NULL, kCFNumberIntType, &intValue);
} else {
SCPrint(TRUE, stdout, CFSTR("d.add: invalid data.\n"));
if (doArray) CFRelease(array);
CFRelease(key);
return;
}
} else {
val = (CFPropertyListRef)CFStringCreateWithCString(NULL, argv[0], kCFStringEncodingUTF8);
}
if (doArray) {
CFArrayAppendValue(array, val);
CFRelease(val);
argv++; argc--;
} else {
break;
}
}
newValue = CFDictionaryCreateMutableCopy(NULL, 0, value);
if (doArray) {
CFDictionarySetValue(newValue, key, array);
CFRelease(array);
} else if (val != NULL) {
CFDictionarySetValue(newValue, key, val);
CFRelease(val);
}
CFRelease(key);
CFRelease(value);
value = newValue;
return;
}
__private_extern__ void
__SCPreferencesAccess(SCPreferencesRef prefs)
{
CFAllocatorRef allocator = CFGetAllocator(prefs);
int fd = -1;
SCPreferencesPrivateRef prefsPrivate = (SCPreferencesPrivateRef)prefs;
struct stat statBuf;
if (prefsPrivate->accessed) {
// if preference data has already been accessed
return;
}
if (!prefsPrivate->authorizationRequired) {
if (access(prefsPrivate->path, R_OK) == 0) {
fd = open(prefsPrivate->path, O_RDONLY, 0644);
} else {
fd = -1;
}
} else {
errno = EACCES;
}
if (fd != -1) {
// create signature
if (fstat(fd, &statBuf) == -1) {
SCLog(TRUE, LOG_ERR, CFSTR("__SCPreferencesAccess fstat() failed: %s"), strerror(errno));
bzero(&statBuf, sizeof(statBuf));
}
} else {
switch (errno) {
case ENOENT :
/* no preference data, start fresh */
break;
case EPERM :
case EACCES :
if (prefsPrivate->authorizationData != NULL) {
if (__SCPreferencesAccess_helper(prefs)) {
goto done;
} else {
SCLog(TRUE, LOG_ERR,
CFSTR("__SCPreferencesAccess_helper() failed: %s"),
SCErrorString(SCError()));
}
break;
}
// fall through
default :
SCLog(TRUE, LOG_ERR, CFSTR("__SCPreferencesAccess open() failed: %s"), strerror(errno));
break;
}
bzero(&statBuf, sizeof(statBuf));
}
if (prefsPrivate->signature != NULL) CFRelease(prefsPrivate->signature);
prefsPrivate->signature = __SCPSignatureFromStatbuf(&statBuf);
if (statBuf.st_size > 0) {
CFDictionaryRef dict;
CFErrorRef error = NULL;
CFMutableDataRef xmlData;
/*
* extract property list
*/
xmlData = CFDataCreateMutable(allocator, (CFIndex)statBuf.st_size);
CFDataSetLength(xmlData, (CFIndex)statBuf.st_size);
if (read(fd, (void *)CFDataGetBytePtr(xmlData), (CFIndex)statBuf.st_size) != (CFIndex)statBuf.st_size) {
/* corrupt prefs file, start fresh */
SCLog(_sc_verbose, LOG_DEBUG, CFSTR("__SCPreferencesAccess read(): could not load preference data."));
CFRelease(xmlData);
xmlData = NULL;
goto done;
}
/*
* load preferences
*/
dict = CFPropertyListCreateWithData(allocator, xmlData, kCFPropertyListImmutable, NULL, &error);
CFRelease(xmlData);
if (dict == NULL) {
/* corrupt prefs file, start fresh */
if (error != NULL) {
SCLog(TRUE, LOG_ERR,
CFSTR("__SCPreferencesAccess CFPropertyListCreateWithData(): %@"),
error);
CFRelease(error);
}
goto done;
}
/*
* make sure that we've got a dictionary
*/
if (!isA_CFDictionary(dict)) {
/* corrupt prefs file, start fresh */
SCLog(_sc_verbose, LOG_DEBUG, CFSTR("__SCPreferencesAccess CFGetTypeID(): not a dictionary."));
CFRelease(dict);
goto done;
}
prefsPrivate->prefs = CFDictionaryCreateMutableCopy(allocator, 0, dict);
CFRelease(dict);
}
done :
if (fd != -1) {
(void) close(fd);
}
if (prefsPrivate->prefs == NULL) {
/*
* new file, create empty preferences
*/
// SCLog(_sc_verbose, LOG_DEBUG, CFSTR("__SCPreferencesAccess(): creating new preferences file."));
prefsPrivate->prefs = CFDictionaryCreateMutable(allocator,
0,
&kCFTypeDictionaryKeyCallBacks,
&kCFTypeDictionaryValueCallBacks);
prefsPrivate->changed = TRUE;
}
prefsPrivate->accessed = TRUE;
return;
}
CFDataRef
TSystemUtils::ReadDataFromURL ( CFURLRef url )
{
CFMutableDataRef data = NULL;
Boolean result = false;
CFNumberRef fileSizeNumber = NULL;
CFIndex fileSize = 0;
UInt8 * dataPtr = NULL;
UInt8 * endPtr = NULL;
CFReadStreamRef readStream = NULL;
CFIndex bytesRead = 0;
result = CFURLCopyResourcePropertyForKey ( url, kCFURLFileSizeKey, &fileSizeNumber, NULL );
require ( result, ErrorExit );
result = CFNumberGetValue ( fileSizeNumber, kCFNumberCFIndexType, &fileSize );
require ( result, ReleaseNumber );
data = CFDataCreateMutable ( kCFAllocatorDefault, fileSize );
require ( data, ReleaseNumber );
CFDataSetLength ( data, fileSize );
dataPtr = CFDataGetMutableBytePtr ( data );
require ( dataPtr, ReleaseNumber );
readStream = CFReadStreamCreateWithFile ( kCFAllocatorDefault, url );
require ( readStream, ErrorExit );
result = CFReadStreamOpen ( readStream );
require ( result, ReleaseStream );
endPtr = ( UInt8 * ) dataPtr + fileSize;
while ( dataPtr < endPtr )
{
bytesRead = CFReadStreamRead ( readStream, dataPtr, endPtr - dataPtr );
if ( bytesRead > 0 )
{
dataPtr += bytesRead;
}
}
CFReadStreamClose ( readStream );
ReleaseStream:
CFRelease ( readStream );
readStream = NULL;
ReleaseNumber:
CFRelease ( fileSizeNumber );
fileSizeNumber = NULL;
ErrorExit:
return data;
}
static CFDataRef SecRSAPrivateKeyCreatePKCS1(CFAllocatorRef allocator, ccrsa_full_ctx_t fullkey)
{
ccrsa_priv_ctx_t privkey = ccrsa_ctx_private(fullkey);
const cc_size np = cczp_n(ccrsa_ctx_private_zp(privkey));
const cc_size nq = cczp_n(ccrsa_ctx_private_zq(privkey));
size_t m_size = ccn_write_int_size(ccrsa_ctx_n(fullkey), ccrsa_ctx_m(fullkey));
size_t e_size = ccn_write_int_size(ccrsa_ctx_n(fullkey), ccrsa_ctx_e(fullkey));
size_t d_size = ccn_write_int_size(ccrsa_ctx_n(fullkey), ccrsa_ctx_d(fullkey));
size_t p_size = ccn_write_int_size(np, cczp_prime(ccrsa_ctx_private_zp(privkey)));
size_t q_size = ccn_write_int_size(nq, cczp_prime(ccrsa_ctx_private_zq(privkey)));
size_t dp_size = ccn_write_int_size(np, ccrsa_ctx_private_dp(privkey));
size_t dq_size = ccn_write_int_size(nq, ccrsa_ctx_private_dq(privkey));
size_t qinv_size = ccn_write_int_size(np, ccrsa_ctx_private_qinv(privkey));
const size_t seq_size = 3 +
DERLengthOfItem(ASN1_INTEGER, m_size) +
DERLengthOfItem(ASN1_INTEGER, e_size) +
DERLengthOfItem(ASN1_INTEGER, d_size) +
DERLengthOfItem(ASN1_INTEGER, p_size) +
DERLengthOfItem(ASN1_INTEGER, q_size) +
DERLengthOfItem(ASN1_INTEGER, dp_size) +
DERLengthOfItem(ASN1_INTEGER, dq_size) +
DERLengthOfItem(ASN1_INTEGER, qinv_size);
const size_t result_size = DERLengthOfItem(ASN1_SEQUENCE, seq_size);
CFMutableDataRef pkcs1 = CFDataCreateMutable(allocator, result_size);
if (pkcs1 == NULL)
return NULL;
CFDataSetLength(pkcs1, result_size);
uint8_t *bytes = CFDataGetMutableBytePtr(pkcs1);
*bytes++ = ASN1_CONSTR_SEQUENCE;
DERSize itemLength = 4;
DEREncodeLength(seq_size, bytes, &itemLength);
bytes += itemLength;
*bytes++ = ASN1_INTEGER;
*bytes++ = 0x01;
*bytes++ = 0x00;
ccasn_encode_int(ccrsa_ctx_n(fullkey), ccrsa_ctx_m(fullkey), m_size, &bytes);
ccasn_encode_int(ccrsa_ctx_n(fullkey), ccrsa_ctx_e(fullkey), e_size, &bytes);
ccasn_encode_int(ccrsa_ctx_n(fullkey), ccrsa_ctx_d(fullkey), d_size, &bytes);
ccasn_encode_int(np, cczp_prime(ccrsa_ctx_private_zp(privkey)), p_size, &bytes);
ccasn_encode_int(nq, cczp_prime(ccrsa_ctx_private_zq(privkey)), q_size, &bytes);
ccasn_encode_int(np, ccrsa_ctx_private_dp(privkey), dp_size, &bytes);
ccasn_encode_int(nq, ccrsa_ctx_private_dq(privkey), dq_size, &bytes);
ccasn_encode_int(np, ccrsa_ctx_private_qinv(privkey), qinv_size, &bytes);
return pkcs1;
}
void CFDataIncreaseLength(CFMutableDataRef data, CFIndex extraLength) {
CF_OBJC_FUNCDISPATCHV(__kCFDataTypeID, void, (NSMutableData *)data, increaseLengthBy:(NSUInteger)extraLength);
CFAssert1(__CFDataIsMutable(data), __kCFLogAssertion, "%s(): data is immutable", __PRETTY_FUNCTION__);
if (extraLength < 0) HALT; // Avoid integer overflow.
CFDataSetLength(data, __CFDataLength(data) + extraLength);
}
uint32_t AMAuthInstallCryptoRegisterKeysFromPEMBuffer(CFDictionaryRef dict, CFStringRef key, CFTypeRef value, void* context) {
LODWORD(r14) = LODWORD(rcx);
r12 = rdx;
rbx = rsi;
r13 = rdi;
uint32_t result = AMAuthInstallCryptoGetKeyIdType(key);
if ((result & 0x8) == 0x0) {
// loc_428fc;
if ((result & 0x4) == 0x0) {
// loc_4291d;
CFStringRef pub_key_name = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("%@.public"), key);
LODWORD(r15) = 0x2;
if (!pub_key_name) {
// loc_42cf2;
LODWORD(r13) = 0x0;
LODWORD(rbx) = 0x0;
var_24 = 0x0;
LODWORD(r14) = 0x0;
LODWORD(r12) = 0x0;
// loc_42c0d;
// goto exit
}
// loc_4295c;
CFStringRef private_key_name = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("%@.private"), key);
if (!private_key_name) {
// loc_42d0d;
LODWORD(r13) = 0x0;
var_24 = 0x0;
// loc_42bc9:
LODWORD(r14) = 0x0;
LODWORD(r12) = 0x0;
rbx = var_40;
// loc_42c0d;
// goto exit
}
// loc_4298e;
LOBYTE(r15) = 0x1;
var_16 = 0x1;
}
else {
// loc_42900;
var_40 = CFRetain(rbx);
LOBYTE(r15) = 0x0;
var_16 = 0x1;
LODWORD(rax) = 0x0;
// loc_42998;
}
}
else {
// loc_428da;
rax = CFRetain(rbx);
LOBYTE(r15) = 0x1;
var_16 = 0x0;
var_40 = 0x0;
}
// loc_42998;
var_8 = r13;
var_24 = rax;
rbx = BIO_new_mem_buf(r12, LODWORD(r14));
if (rbx == 0x0) {
// loc_42be7;
var_32 = 0x0;
LODWORD(r13) = 0x0;
LODWORD(r14) = 0x0;
// loc_42bf8:
LODWORD(r12) = 0x0;
// loc_42c00:
rbx = var_40;
LODWORD(r15) = 0x2;
// loc_42c0d;
// goto exit
}
// loc_429bd;
rdi = rbx;
if (LOBYTE(r15) != 0x0) {
rax = PEM_read_bio_RSAPrivateKey(rdi, 0x0, 0x0, 0x0);
}
else {
rax = PEM_read_bio_RSA_PUBKEY(rdi, 0x0, 0x0, 0x0);
}
r13 = rax;
var_32 = rbx;
if (r13 == 0x0) {
// loc_42b77;
rax = ERR_get_error();
rbx = &var_64;
ERR_error_string(rax, rbx);
if (LOBYTE(r15) != 0x0) {
}
_AMAuthInstallLog(0x3, "AMAuthInstallCryptoRegisterKeysFromPEMBuffer", "PEM_read_bio_RSA%sKey() failed: %s");
LODWORD(r15) = 0x6;
LODWORD(r13) = 0x0;
// loc_42bc9;
LODWORD(r14) = 0x0;
LODWORD(r12) = 0x0;
rbx = var_40;
// loc_42c0d;
// goto exit
}
else {
// loc_429ea;
LODWORD(r14) = 0x0;
uint32_t private_key_length = i2d_RSAPrivateKey(r13, NULL);
CFDataRef private_key = CFDataCreateMutable(kCFAllocatorDefault, private_key_length);
if (private_key) {
// loc_42a2c;
CFDataSetLength(private_key, private_key_length);
UInt8 *data_ptr = CFDataGetMutableBytePtr(private_key);
i2d_RSAPrivateKey(r13, data_ptr);
CFDictionarySetValue(*(r15 + 0x140), private_key_name, private_key);
// loc_42a6b;
}
if (LOBYTE(r15) == 0x0 || private_key) {
// loc_42a6b;
if (var_16 == 0x0) {
// loc_42bd8;
LODWORD(r12) = 0x0;
LODWORD(r15) = 0x0;
rbx = var_40;
// loc_42c0d;
// goto exit
}
else {
// loc_42a78;
uint32_t pub_key_length = i2d_RSAPublicKey(r13, NULL);
CFDataRef pub_key = CFDataCreateMutable(kCFAllocatorDefault, pub_key_length);
if (pub_key == 0x0) {
// loc_42bf8;
LODWORD(r12) = 0x0;
// loc_42c00:
rbx = var_40;
LODWORD(r15) = 0x2;
// loc_42c0d;
// goto exit
}
var_0 = r14;
CFDataSetLength(pub_key, pub_key_length);
UInt8 *pub_key_ptr = CFDataGetMutableBytePtr(pub_key);
i2d_RSAPublicKey(r13, pub_key_ptr);
CFDictionarySetValue(dict, pub_key_name, pub_key);
Pointer digest = NULL;
LODWORD(r15) = AMAuthInstallCryptoCreateDigestForKey(dict, pub_key_name, &digest));
if (LODWORD(r15) == 0x0) {
var_16 = r13;
if (var_64 != 0x0) {
CFDictionarySetValue(install->ivars.digests, var_64, rbx);
LODWORD(r13) = 0x0;
}
else {
_AMAuthInstallLog(0x3, "_AMAuthInstallCryptoRegisterKeyHash", "keyHashData is NULL");
LODWORD(r13) = 0x0;
LODWORD(r15) = 0x0;
}
}
else {
var_16 = r13;
AMAuthInstallLog(0x3, "_AMAuthInstallCryptoRegisterKeyHash", "AMAuthInstallCryptoCreateDigestForKey(%@) failed", rbx);
LODWORD(r13) = LODWORD(r15);
r15 = var_64;
}
_SafeRelease(r15);
LODWORD(r15) = LODWORD(r13);
r14 = var_0;
if (LODWORD(r13) == 0x0) {
LODWORD(r15) = 0x0;
}
else {
AMAuthInstallLog(0x3, "AMAuthInstallCryptoRegisterKeysFromPEMBuffer", "AMAuthInstallCryptoRegisterKeyHash(%@) failed", rbx);
}
r13 = var_16;
// loc_42c0d;
// goto exit
}
}
}
// loc_42c0d:
_SafeRelease(rbx);
_SafeRelease(var_24);
_SafeRelease(r14);
_SafeRelease(r12);
if (r13 != 0x0) {
RSA_free(r13);
}
rdi = var_32;
if (rdi != 0x0) {
BIO_free(rdi);
}
return result;
}
