From c188d1f130bbc6a9885b251514183715bf197a54 Mon Sep 17 00:00:00 2001 From: Ariel Abreu Date: Mon, 4 Jan 2021 12:09:50 -0500 Subject: [PATCH] Fix a probable typo in Apple's code? Maybe they changed `DERParseSequenceContent` after making libDER closed-source, and therefore this would be an issue with us using the last released libDER sources. This fixes certificate parsing and it was just a simple reversion to the old function call, which is why I think it was a typo in their updated code. --- OSX/sec/Security/SecCertificate.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/OSX/sec/Security/SecCertificate.c b/OSX/sec/Security/SecCertificate.c index 663665d5..269b4388 100644 --- a/OSX/sec/Security/SecCertificate.c +++ b/OSX/sec/Security/SecCertificate.c @@ -1742,7 +1742,11 @@ static bool SecCertificateParse(SecCertificateRef certificate) /* sequence we're given: encoded DERSubjPubKeyInfo */ DERSubjPubKeyInfo pubKeyInfo; +#ifdef DARLING + drtn = DERParseSequence(&tbsCert.subjectPubKey, +#else drtn = DERParseSequenceContent(&tbsCert.subjectPubKey, +#endif DERNumSubjPubKeyInfoItemSpecs, DERSubjPubKeyInfoItemSpecs, &pubKeyInfo, sizeof(pubKeyInfo)); require_noerr_quiet(drtn, badCert);