Skip to content

Commit b54eaf8

Browse files
bzbarsky-applebzbarsky-apple
authored
Revert "Add new API so it's possible to not leak a key (project-chip#36299)" (project-chip#36339)
This reverts commit 08024d2 because it's failing CI as committed.
1 parent b0cc28a commit b54eaf8

12 files changed

+41
-170
lines changed

examples/darwin-framework-tool/commands/common/CHIPToolKeypair.h

+1-1
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@
2222
@interface CHIPToolKeypair : NSObject <MTRKeypair>
2323
- (BOOL)initialize;
2424
- (NSData *)signMessageECDSA_RAW:(NSData *)message;
25-
- (SecKeyRef)copyPublicKey;
25+
- (SecKeyRef)publicKey;
2626
- (CHIP_ERROR)Serialize:(chip::Crypto::P256SerializedKeypair &)output;
2727
- (CHIP_ERROR)Deserialize:(chip::Crypto::P256SerializedKeypair &)input;
2828
- (CHIP_ERROR)createOrLoadKeys:(id)storage;

examples/darwin-framework-tool/commands/common/CHIPToolKeypair.mm

+2-8
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@ - (NSData *)signMessageECDSA_RAW:(NSData *)message
6565
return out_signature;
6666
}
6767

68-
- (SecKeyRef)copyPublicKey
68+
- (SecKeyRef)publicKey
6969
{
7070
if (_mPublicKey == nil) {
7171
chip::Crypto::P256PublicKey publicKey = _mKeyPair.Pubkey();
@@ -79,13 +79,7 @@ - (SecKeyRef)copyPublicKey
7979
};
8080
_mPublicKey = SecKeyCreateWithData((__bridge CFDataRef) publicKeyNSData, (__bridge CFDictionaryRef) attributes, nullptr);
8181
}
82-
83-
if (_mPublicKey) {
84-
CFRetain(_mPublicKey);
85-
return _mPublicKey;
86-
}
87-
88-
return NULL;
82+
return _mPublicKey;
8983
}
9084

9185
- (CHIP_ERROR)Deserialize:(chip::Crypto::P256SerializedKeypair &)input

src/darwin/Framework/CHIP/MTRCertificates.mm

+1-18
Original file line numberDiff line numberDiff line change
@@ -152,24 +152,7 @@ + (MTRCertificateDERBytes _Nullable)createOperationalCertificate:(id<MTRKeypair>
152152
+ (BOOL)keypair:(id<MTRKeypair>)keypair matchesCertificate:(NSData *)certificate
153153
{
154154
P256PublicKey keypairPubKey;
155-
SecKeyRef publicKey = NULL;
156-
157-
if ([keypair respondsToSelector:@selector(copyPublicKey)]) {
158-
publicKey = [keypair copyPublicKey];
159-
} else {
160-
publicKey = [keypair publicKey];
161-
if (publicKey) {
162-
CFRetain(publicKey);
163-
}
164-
}
165-
166-
CHIP_ERROR err = MTRP256KeypairBridge::MatterPubKeyFromSecKeyRef(publicKey, &keypairPubKey);
167-
168-
if (publicKey != NULL) {
169-
CFRelease(publicKey);
170-
publicKey = NULL;
171-
}
172-
155+
CHIP_ERROR err = MTRP256KeypairBridge::MatterPubKeyFromSecKeyRef(keypair.publicKey, &keypairPubKey);
173156
if (err != CHIP_NO_ERROR) {
174157
MTR_LOG_ERROR("Can't extract public key from keypair: %s", ErrorStr(err));
175158
return NO;

src/darwin/Framework/CHIP/MTRDeviceControllerFactory.mm

+1-18
Original file line numberDiff line numberDiff line change
@@ -819,24 +819,7 @@ - (BOOL)findMatchingFabric:(FabricTable &)fabricTable
819819
} else {
820820
// No root certificate means the nocSigner is using the root keys, because
821821
// consumers must provide a root certificate whenever an ICA is used.
822-
SecKeyRef publicKey = NULL;
823-
824-
if ([params.nocSigner respondsToSelector:@selector(copyPublicKey)]) {
825-
publicKey = [params.nocSigner copyPublicKey];
826-
} else {
827-
publicKey = [params.nocSigner publicKey];
828-
if (publicKey) {
829-
CFRetain(publicKey);
830-
}
831-
}
832-
833-
CHIP_ERROR err = MTRP256KeypairBridge::MatterPubKeyFromSecKeyRef(publicKey, &pubKey);
834-
835-
if (publicKey != NULL) {
836-
CFRelease(publicKey);
837-
publicKey = NULL;
838-
}
839-
822+
CHIP_ERROR err = MTRP256KeypairBridge::MatterPubKeyFromSecKeyRef(params.nocSigner.publicKey, &pubKey);
840823
if (err != CHIP_NO_ERROR) {
841824
MTR_LOG_ERROR("Can't extract public key from MTRKeypair: %s", ErrorStr(err));
842825
return NO;

src/darwin/Framework/CHIP/MTRKeypair.h

+4-11
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,6 @@
1616
*/
1717

1818
#import <Foundation/Foundation.h>
19-
#import <Matter/Matter.h>
2019
#import <Security/Security.h>
2120

2221
NS_ASSUME_NONNULL_BEGIN
@@ -32,19 +31,13 @@ NS_ASSUME_NONNULL_BEGIN
3231
* framework APIs.
3332
*/
3433
@protocol MTRKeypair <NSObject>
35-
36-
@optional
34+
@required
3735
/**
38-
* @brief Returns a copy of the public key for the keypair.
36+
* @brief Return public key for the keypair.
3937
*/
40-
- (SecKeyRef)copyPublicKey MTR_NEWLY_AVAILABLE;
41-
42-
/**
43-
* @brief Returns public key for the keypair without adding a reference. DEPRECATED - please use copyPublicKey, otherwise this will leak.
44-
*/
45-
46-
- (SecKeyRef)publicKey MTR_DEPRECATED("Please implement copyPublicKey, this will leak otherwise", ios(16.1, 18.3), macos(13.0, 15.3), watchos(9.1, 11.3), tvos(16.1, 18.3));
38+
- (SecKeyRef)publicKey;
4739

40+
@optional
4841
/**
4942
* @brief A function to sign a message using ECDSA
5043
*

src/darwin/Framework/CHIPTests/MTRCertificateTests.m

+16-44
Original file line numberDiff line numberDiff line change
@@ -127,13 +127,9 @@ - (void)testGenerateIntermediateCert
127127
__auto_type * intermediateKeys = [[MTRTestKeys alloc] init];
128128
XCTAssertNotNil(intermediateKeys);
129129

130-
__auto_type * intermediatePublicKey = [intermediateKeys copyPublicKey];
131-
XCTAssert(intermediatePublicKey != NULL);
132-
CFAutorelease(intermediatePublicKey);
133-
134130
__auto_type * intermediateCert = [MTRCertificates createIntermediateCertificate:rootKeys
135131
rootCertificate:rootCert
136-
intermediatePublicKey:intermediatePublicKey
132+
intermediatePublicKey:intermediateKeys.publicKey
137133
issuerID:nil
138134
fabricID:nil
139135
error:nil];
@@ -159,16 +155,13 @@ - (void)testGenerateIntermediateCertWithValidityPeriod
159155

160156
__auto_type * intermediateKeys = [[MTRTestKeys alloc] init];
161157
XCTAssertNotNil(intermediateKeys);
162-
__auto_type * intermediatePublicKey = intermediateKeys.copyPublicKey;
163-
XCTAssert(intermediatePublicKey != NULL);
164-
CFAutorelease(intermediatePublicKey);
165158

166159
__auto_type * startDate = [MTRCertificateTests startDateWithTimeIntervalSinceNow:300];
167160
__auto_type * validityPeriod = [[NSDateInterval alloc] initWithStartDate:startDate duration:400];
168161

169162
__auto_type * intermediateCert = [MTRCertificates createIntermediateCertificate:rootKeys
170163
rootCertificate:rootCert
171-
intermediatePublicKey:intermediatePublicKey
164+
intermediatePublicKey:intermediateKeys.publicKey
172165
issuerID:nil
173166
fabricID:nil
174167
validityPeriod:validityPeriod
@@ -199,16 +192,13 @@ - (void)testGenerateIntermediateCertWithInfiniteValidity
199192

200193
__auto_type * intermediateKeys = [[MTRTestKeys alloc] init];
201194
XCTAssertNotNil(intermediateKeys);
202-
__auto_type * intermediatePublicKey = intermediateKeys.copyPublicKey;
203-
XCTAssert(intermediatePublicKey != NULL);
204-
CFAutorelease(intermediatePublicKey);
205195

206196
__auto_type * startDate = [MTRCertificateTests startDateWithTimeIntervalSinceNow:300];
207197
__auto_type * validityPeriod = [[NSDateInterval alloc] initWithStartDate:startDate endDate:[NSDate distantFuture]];
208198

209199
__auto_type * intermediateCert = [MTRCertificates createIntermediateCertificate:rootKeys
210200
rootCertificate:rootCert
211-
intermediatePublicKey:intermediatePublicKey
201+
intermediatePublicKey:intermediateKeys.publicKey
212202
issuerID:nil
213203
fabricID:nil
214204
validityPeriod:validityPeriod
@@ -239,9 +229,6 @@ - (void)testGenerateOperationalCertNoIntermediate
239229

240230
__auto_type * operationalKeys = [[MTRTestKeys alloc] init];
241231
XCTAssertNotNil(operationalKeys);
242-
__auto_type * operationalPublicKey = [operationalKeys copyPublicKey];
243-
XCTAssert(operationalPublicKey != NULL);
244-
CFAutorelease(operationalPublicKey);
245232

246233
__auto_type * cats = [[NSMutableSet alloc] initWithCapacity:3];
247234
// High bits are identifier, low bits are version.
@@ -251,7 +238,7 @@ - (void)testGenerateOperationalCertNoIntermediate
251238

252239
__auto_type * operationalCert = [MTRCertificates createOperationalCertificate:rootKeys
253240
signingCertificate:rootCert
254-
operationalPublicKey:operationalPublicKey
241+
operationalPublicKey:operationalKeys.publicKey
255242
fabricID:@1
256243
nodeID:@1
257244
caseAuthenticatedTags:cats
@@ -278,9 +265,6 @@ - (void)testGenerateOperationalCertNoIntermediateWithValidityPeriod
278265

279266
__auto_type * operationalKeys = [[MTRTestKeys alloc] init];
280267
XCTAssertNotNil(operationalKeys);
281-
__auto_type * operationalPublicKey = [operationalKeys copyPublicKey];
282-
XCTAssert(operationalPublicKey != NULL);
283-
CFAutorelease(operationalPublicKey);
284268

285269
__auto_type * cats = [[NSMutableSet alloc] initWithCapacity:3];
286270
// High bits are identifier, low bits are version.
@@ -293,7 +277,7 @@ - (void)testGenerateOperationalCertNoIntermediateWithValidityPeriod
293277

294278
__auto_type * operationalCert = [MTRCertificates createOperationalCertificate:rootKeys
295279
signingCertificate:rootCert
296-
operationalPublicKey:operationalPublicKey
280+
operationalPublicKey:operationalKeys.publicKey
297281
fabricID:@1
298282
nodeID:@1
299283
caseAuthenticatedTags:cats
@@ -325,9 +309,6 @@ - (void)testGenerateOperationalCertNoIntermediateWithInfiniteValidity
325309

326310
__auto_type * operationalKeys = [[MTRTestKeys alloc] init];
327311
XCTAssertNotNil(operationalKeys);
328-
__auto_type * operationalPublicKey = [operationalKeys copyPublicKey];
329-
XCTAssert(operationalPublicKey != NULL);
330-
CFAutorelease(operationalPublicKey);
331312

332313
__auto_type * cats = [[NSMutableSet alloc] initWithCapacity:3];
333314
// High bits are identifier, low bits are version.
@@ -340,7 +321,7 @@ - (void)testGenerateOperationalCertNoIntermediateWithInfiniteValidity
340321

341322
__auto_type * operationalCert = [MTRCertificates createOperationalCertificate:rootKeys
342323
signingCertificate:rootCert
343-
operationalPublicKey:operationalPublicKey
324+
operationalPublicKey:operationalKeys.publicKey
344325
fabricID:@1
345326
nodeID:@1
346327
caseAuthenticatedTags:cats
@@ -372,27 +353,21 @@ - (void)testGenerateOperationalCertWithIntermediate
372353

373354
__auto_type * intermediateKeys = [[MTRTestKeys alloc] init];
374355
XCTAssertNotNil(intermediateKeys);
375-
__auto_type * intermediatePublicKey = [intermediateKeys copyPublicKey];
376-
XCTAssert(intermediatePublicKey != NULL);
377-
CFAutorelease(intermediatePublicKey);
378356

379357
__auto_type * intermediateCert = [MTRCertificates createIntermediateCertificate:rootKeys
380358
rootCertificate:rootCert
381-
intermediatePublicKey:intermediatePublicKey
359+
intermediatePublicKey:intermediateKeys.publicKey
382360
issuerID:nil
383361
fabricID:nil
384362
error:nil];
385363
XCTAssertNotNil(intermediateCert);
386364

387365
__auto_type * operationalKeys = [[MTRTestKeys alloc] init];
388366
XCTAssertNotNil(operationalKeys);
389-
__auto_type * operationalPublicKey = [operationalKeys copyPublicKey];
390-
XCTAssert(operationalPublicKey != NULL);
391-
CFAutorelease(operationalPublicKey);
392367

393368
__auto_type * operationalCert = [MTRCertificates createOperationalCertificate:intermediateKeys
394369
signingCertificate:intermediateCert
395-
operationalPublicKey:operationalPublicKey
370+
operationalPublicKey:operationalKeys.publicKey
396371
fabricID:@1
397372
nodeID:@1
398373
caseAuthenticatedTags:nil
@@ -419,9 +394,6 @@ - (void)testGenerateOperationalCertErrorCases
419394

420395
__auto_type * operationalKeys = [[MTRTestKeys alloc] init];
421396
XCTAssertNotNil(operationalKeys);
422-
__auto_type * operationalPublicKey = [operationalKeys copyPublicKey];
423-
XCTAssert(operationalPublicKey != NULL);
424-
CFAutorelease(operationalPublicKey);
425397

426398
__auto_type * longCats = [[NSMutableSet alloc] initWithCapacity:4];
427399
[longCats addObject:@0x00010001];
@@ -443,7 +415,7 @@ - (void)testGenerateOperationalCertErrorCases
443415
// Check basic case works
444416
__auto_type * operationalCert = [MTRCertificates createOperationalCertificate:rootKeys
445417
signingCertificate:rootCert
446-
operationalPublicKey:operationalPublicKey
418+
operationalPublicKey:operationalKeys.publicKey
447419
fabricID:@1
448420
nodeID:@1
449421
caseAuthenticatedTags:nil
@@ -453,7 +425,7 @@ - (void)testGenerateOperationalCertErrorCases
453425
// CATs too long
454426
operationalCert = [MTRCertificates createOperationalCertificate:rootKeys
455427
signingCertificate:rootCert
456-
operationalPublicKey:operationalPublicKey
428+
operationalPublicKey:operationalKeys.publicKey
457429
fabricID:@1
458430
nodeID:@1
459431
caseAuthenticatedTags:longCats
@@ -463,7 +435,7 @@ - (void)testGenerateOperationalCertErrorCases
463435
// Multiple CATs with the same identifier but different versions
464436
operationalCert = [MTRCertificates createOperationalCertificate:rootKeys
465437
signingCertificate:rootCert
466-
operationalPublicKey:operationalPublicKey
438+
operationalPublicKey:operationalKeys.publicKey
467439
fabricID:@1
468440
nodeID:@1
469441
caseAuthenticatedTags:catsWithSameIdentifier
@@ -473,7 +445,7 @@ - (void)testGenerateOperationalCertErrorCases
473445
// CAT with invalid version
474446
operationalCert = [MTRCertificates createOperationalCertificate:rootKeys
475447
signingCertificate:rootCert
476-
operationalPublicKey:operationalPublicKey
448+
operationalPublicKey:operationalKeys.publicKey
477449
fabricID:@1
478450
nodeID:@1
479451
caseAuthenticatedTags:catsWithInvalidVersion
@@ -483,7 +455,7 @@ - (void)testGenerateOperationalCertErrorCases
483455
// Signing key mismatch
484456
operationalCert = [MTRCertificates createOperationalCertificate:operationalKeys
485457
signingCertificate:rootCert
486-
operationalPublicKey:operationalPublicKey
458+
operationalPublicKey:operationalKeys.publicKey
487459
fabricID:@1
488460
nodeID:@1
489461
caseAuthenticatedTags:nil
@@ -493,7 +465,7 @@ - (void)testGenerateOperationalCertErrorCases
493465
// Invalid fabric id
494466
operationalCert = [MTRCertificates createOperationalCertificate:rootKeys
495467
signingCertificate:rootCert
496-
operationalPublicKey:operationalPublicKey
468+
operationalPublicKey:operationalKeys.publicKey
497469
fabricID:@0
498470
nodeID:@1
499471
caseAuthenticatedTags:nil
@@ -503,7 +475,7 @@ - (void)testGenerateOperationalCertErrorCases
503475
// Undefined node id
504476
operationalCert = [MTRCertificates createOperationalCertificate:rootKeys
505477
signingCertificate:rootCert
506-
operationalPublicKey:operationalPublicKey
478+
operationalPublicKey:operationalKeys.publicKey
507479
fabricID:@1
508480
nodeID:@0
509481
caseAuthenticatedTags:nil
@@ -513,7 +485,7 @@ - (void)testGenerateOperationalCertErrorCases
513485
// Non-operational node id
514486
operationalCert = [MTRCertificates createOperationalCertificate:rootKeys
515487
signingCertificate:rootCert
516-
operationalPublicKey:operationalPublicKey
488+
operationalPublicKey:operationalKeys.publicKey
517489
fabricID:@1
518490
nodeID:@(0xFFFFFFFFFFFFFFFFLLU)
519491
caseAuthenticatedTags:nil

src/darwin/Framework/CHIPTests/MTRCertificateValidityTests.m

+1-4
Original file line numberDiff line numberDiff line change
@@ -259,13 +259,10 @@ - (void)initStack:(MTRTestCertificateIssuer *)certificateIssuer
259259

260260
__auto_type * controllerOperationalKeys = [[MTRTestKeys alloc] init];
261261
XCTAssertNotNil(controllerOperationalKeys);
262-
__auto_type * controllerPublicKey = controllerOperationalKeys.copyPublicKey;
263-
XCTAssert(controllerPublicKey != NULL);
264-
CFAutorelease(controllerPublicKey);
265262

266263
__auto_type * controllerOperationalCert =
267264
[certificateIssuer issueOperationalCertificateForNode:@(kControllerId)
268-
operationalPublicKey:controllerPublicKey];
265+
operationalPublicKey:controllerOperationalKeys.publicKey];
269266
XCTAssertNotNil(controllerOperationalCert);
270267

271268
__auto_type * params = [[MTRDeviceControllerStartupParams alloc] initWithIPK:certificateIssuer.rootKey.ipk

0 commit comments

Comments
 (0)