name+security: Fixing bugs with empty name component comparison and failure handing in OSX tpm implementation
Change-Id: I5105bc87b382d7e515538fef6922f3516afc3bff
diff --git a/src/security/sec-tpm-osx.cpp b/src/security/sec-tpm-osx.cpp
index fc04ba0..de95ef1 100644
--- a/src/security/sec-tpm-osx.cpp
+++ b/src/security/sec-tpm-osx.cpp
@@ -267,11 +267,12 @@
OSStatus res = SecKeyGeneratePair((CFDictionaryRef)attrDict, &publicKey, &privateKey);
- CFRelease(publicKey);
- CFRelease(privateKey);
-
if (res == errSecSuccess)
- return;
+ {
+ CFRelease(publicKey);
+ CFRelease(privateKey);
+ return;
+ }
if (res == errSecAuthFailed && !retry)
{
@@ -360,6 +361,10 @@
0,
NULL,
&exportedKey);
+ if (res != errSecSuccess)
+ {
+ throw Error("Cannot export requested public key from OSX Keychain");
+ }
shared_ptr<PublicKey> key = make_shared<PublicKey>(CFDataGetBytePtr(exportedKey), CFDataGetLength(exportedKey));
CFRelease(exportedKey);
@@ -546,6 +551,9 @@
0,
NULL);
+ if(res != errSecSuccess)
+ return false;
+
CFRelease(importedKey);
return true;
}