commit 60c86817da4ce70d6df5a178b0dc93d177786847
author Alexander Afanasyev <alexander.afanasyev@ucla.edu> Thu Feb 20 15:19:33 2014 -0800
committer Alexander Afanasyev <alexander.afanasyev@ucla.edu> Thu Feb 20 15:37:26 2014 -0800
tree 13c67224034a8ea2427ccfdc1b3df622b1de287c
parent 37bb1906bff25f971e0b89e13fc8f0fa23453bcd

name+security: Fixing bugs with empty name component comparison and failure handing in OSX tpm implementation

Change-Id: I5105bc87b382d7e515538fef6922f3516afc3bff

src/security/sec-tpm-osx.cpp

diff --git a/src/security/sec-tpm-osx.cpp b/src/security/sec-tpm-osx.cpp
index fc04ba0..de95ef1 100644
--- a/src/security/sec-tpm-osx.cpp
+++ b/src/security/sec-tpm-osx.cpp
@@ -267,11 +267,12 @@
 
   OSStatus res = SecKeyGeneratePair((CFDictionaryRef)attrDict, &publicKey, &privateKey);
 
-  CFRelease(publicKey);
-  CFRelease(privateKey);
-
   if (res == errSecSuccess)
-    return;
+    {
+      CFRelease(publicKey);
+      CFRelease(privateKey);
+      return;
+    }
   
   if (res == errSecAuthFailed && !retry)
     {
@@ -360,6 +361,10 @@
                                0,
                                NULL,
                                &exportedKey);
+  if (res != errSecSuccess)
+    {
+      throw Error("Cannot export requested public key from OSX Keychain");
+    }
 
   shared_ptr<PublicKey> key = make_shared<PublicKey>(CFDataGetBytePtr(exportedKey), CFDataGetLength(exportedKey));
   CFRelease(exportedKey);
@@ -546,6 +551,9 @@
                                                0,
                                                NULL);
   
+  if(res != errSecSuccess)
+    return false;
+
   CFRelease(importedKey);
   return true;
 }