Skip to content

Commit 47a5990

Browse files
omercsomercs
committed
Merge pull request #179 from AzureAD/dev
Dev
2 parents 125f7b1 + 7e6d483 commit 47a5990

File tree

2 files changed

+29
-69
lines changed

2 files changed

+29
-69
lines changed

ADALiOS/ADALiOS/ADRegistrationInformation.m

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -77,18 +77,12 @@ -(void) releaseData{
7777
_privateKey = nil;
7878
}
7979

80-
if(_privateKeyData){
81-
CFRelease((__bridge CFTypeRef)_privateKeyData);
82-
_privateKeyData = nil;
83-
}
84-
8580
if(_certificateSubject){
8681
CFRelease((__bridge CFTypeRef)(_certificateSubject));
8782
_certificateSubject = nil;
8883
}
8984

9085
if(_certificateData){
91-
CFRelease((__bridge CFTypeRef)(_certificateData));
9286
_certificateData = nil;
9387
}
9488

ADALiOS/ADALiOS/ADWorkPlaceJoinUtil.m

Lines changed: 29 additions & 63 deletions
Original file line numberDiff line numberDiff line change
@@ -68,10 +68,10 @@ - (NSData *)getPrivateKeyForAccessGroup: (NSString*) sharedAccessGroup
6868
if (*error != NULL)
6969
{
7070
*error = [self buildNSErrorForDomain:errorDomain
71-
errorCode:sharedKeychainPermission
72-
errorMessage: [NSString stringWithFormat:unabletoReadFromSharedKeychain, sharedAccessGroup]
73-
underlyingError:nil
74-
shouldRetry:false];
71+
errorCode:sharedKeychainPermission
72+
errorMessage: [NSString stringWithFormat:unabletoReadFromSharedKeychain, sharedAccessGroup]
73+
underlyingError:nil
74+
shouldRetry:false];
7575
}
7676
}
7777

@@ -81,7 +81,7 @@ - (NSData *)getPrivateKeyForAccessGroup: (NSString*) sharedAccessGroup
8181

8282

8383
- (ADRegistrationInformation*)getRegistrationInformation: (NSString*) sharedAccessGroup
84-
error: (NSError**) error
84+
error: (NSError**) error
8585
{
8686
AD_LOG_VERBOSE_F(@"Attempting to get registration information - ", @"%@ shared access Group", sharedAccessGroup);
8787

@@ -103,15 +103,15 @@ - (ADRegistrationInformation*)getRegistrationInformation: (NSString*) sharedAcce
103103
#if !TARGET_IPHONE_SIMULATOR
104104
[identityAttr setObject:sharedAccessGroup forKey:(__bridge id)kSecAttrAccessGroup];
105105
#endif
106-
107-
SecItemCopyMatching((__bridge CFDictionaryRef)identityAttr, (CFTypeRef*)&identity);
108106

109-
//Get the identity
110-
if(identity)
107+
OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)identityAttr, (CFTypeRef*)&identity);
108+
109+
//Get the identity
110+
if(status == errSecSuccess && identity)
111111
{
112112
AD_LOG_VERBOSE(@"Found identity in keychain", nil);
113113
//Get the certificate and data
114-
SecIdentityCopyCertificate(identity, &certificate);
114+
status = SecIdentityCopyCertificate(identity, &certificate);
115115
if(certificate)
116116
{
117117
AD_LOG_VERBOSE(@"Found certificate in keychain", nil);
@@ -120,14 +120,8 @@ - (ADRegistrationInformation*)getRegistrationInformation: (NSString*) sharedAcce
120120
}
121121

122122
//Get the private key and data
123-
SecIdentityCopyPrivateKey(identity, &privateKey);
124-
if(privateKey)
125-
{
126-
AD_LOG_VERBOSE(@"Retrieved privatekey", nil);
127-
privateKeyData = [self getPrivateKeyForAccessGroup:sharedAccessGroup privateKeyIdentifier:privateKeyIdentifier error:error];
128-
}
129-
130-
if (error)
123+
status = SecIdentityCopyPrivateKey(identity, &privateKey);
124+
if (status != errSecSuccess)
131125
{
132126
if (certificateSubject)
133127
CFRelease((__bridge CFTypeRef)(certificateSubject));
@@ -137,25 +131,24 @@ - (ADRegistrationInformation*)getRegistrationInformation: (NSString*) sharedAcce
137131
return nil;
138132
}
139133

140-
//privateKey = [self getPrivateKeyRef];
141134
}
142135

143-
if(identity && certificate && certificateSubject && certificateData && privateKey && privateKeyData)
136+
if(identity && certificate && certificateSubject && certificateData && privateKey)
144137
{
145138
ADRegistrationInformation *info = [[ADRegistrationInformation alloc] initWithSecurityIdentity:identity
146-
userPrincipalName:userPrincipalName
147-
certificateProperties:certificateProperties
148-
certificate:certificate
149-
certificateSubject:certificateSubject
150-
certificateData:certificateData
151-
privateKey:privateKey
152-
privateKeyData:privateKeyData];
139+
userPrincipalName:userPrincipalName
140+
certificateProperties:certificateProperties
141+
certificate:certificate
142+
certificateSubject:certificateSubject
143+
certificateData:certificateData
144+
privateKey:privateKey
145+
privateKeyData:privateKeyData];
153146
return info;
154147
}
155148
else
156149
{
157150
AD_LOG_VERBOSE_F(@"Unable to extract a workplace join identity for", @"%@ shared access keychain",
158-
sharedAccessGroup);
151+
sharedAccessGroup);
159152
if (certificateSubject)
160153
CFRelease((__bridge CFTypeRef)(certificateSubject));
161154
if (certificateData)
@@ -190,13 +183,13 @@ - (NSError*)getCertificateForAccessGroup: (NSString*)sharedAccessGroup
190183
else
191184
{
192185
return [self buildNSErrorForDomain:errorDomain
193-
errorCode:sharedKeychainPermission
194-
errorMessage: [NSString stringWithFormat:unabletoReadFromSharedKeychain, sharedAccessGroup]
195-
underlyingError:nil
196-
shouldRetry:false];
186+
errorCode:sharedKeychainPermission
187+
errorMessage: [NSString stringWithFormat:unabletoReadFromSharedKeychain, sharedAccessGroup]
188+
underlyingError:nil
189+
shouldRetry:false];
197190
}
198191

199-
192+
200193
}
201194

202195

@@ -236,7 +229,7 @@ - (NSData *)base64DataFromString: (NSString *)string
236229
{
237230
return [NSData data];
238231
}
239-
232+
240233
charString = (const unsigned char *)[string UTF8String];
241234

242235
theData = [NSMutableData dataWithCapacity: [string length]];
@@ -290,7 +283,7 @@ - (NSData *)base64DataFromString: (NSString *)string
290283
}
291284

292285
}
293-
286+
294287
}
295288

296289
return theData;
@@ -301,7 +294,7 @@ - (NSString*)getApplicationIdentifierPrefix{
301294
AD_LOG_VERBOSE(@"Looking for application identifier prefix in app data", nil);
302295
NSUserDefaults* c = [NSUserDefaults standardUserDefaults];
303296
NSString* appIdentifierPrefix = [c objectForKey:applicationIdentifierPrefix];
304-
297+
305298
if (!appIdentifierPrefix)
306299
{
307300
appIdentifierPrefix = [self bundleSeedID];
@@ -337,32 +330,5 @@ - (NSString*)bundleSeedID {
337330
return bundleSeedID;
338331
}
339332

340-
- (SecKeyRef)getPrivateKeyRef {
341-
OSStatus sanityCheck = noErr;
342-
SecKeyRef privateKeyReference = NULL;
343-
344-
NSData *privateKeyTag = [NSData dataWithBytes:[privateKeyIdentifier UTF8String] length:privateKeyIdentifier.length];
345-
346-
NSMutableDictionary * queryPrivateKey = [[NSMutableDictionary alloc] init];
347-
348-
// Set the private key query dictionary.
349-
[queryPrivateKey setObject:(__bridge id)kSecClassKey forKey:(__bridge id)kSecClass];
350-
[queryPrivateKey setObject:privateKeyTag forKey:(__bridge id)kSecAttrApplicationTag];
351-
[queryPrivateKey setObject:(__bridge id)kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
352-
[queryPrivateKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef];
353-
#if !TARGET_IPHONE_SIMULATOR
354-
[queryPrivateKey setObject:@"com.microsoft.workplacejoin" forKey:(__bridge id)kSecAttrAccessGroup];
355-
#endif
356-
// Get the key.
357-
sanityCheck = SecItemCopyMatching((__bridge CFDictionaryRef)queryPrivateKey, (CFTypeRef *)&privateKeyReference);
358-
359-
if (sanityCheck != noErr)
360-
{
361-
privateKeyReference = NULL;
362-
}
363-
364-
return privateKeyReference;
365-
}
366-
367333
@end
368334

0 commit comments

Comments
 (0)