From bbae751892a91a53b8d4b76eff368dbcf2082541 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20Lilleb=C3=B8=20Holm?= <andreas@sqhead.com>
Date: Tue, 24 Sep 2019 14:26:35 +0200
Subject: [PATCH] Added a patch to make sure the pkcs12 that were opened
 actually has the number of private - certificate pairs that are needed to
 continue. If a pkcs12 that was created with only one private key in it and no
 certificate was tried used, this just crashed when accessing index 0 with the
 CFArrayGetValueAtIndex

---
 Core/Algorithms/RSFamily/RSKeys/JWTCryptoSecurity.m | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Core/Algorithms/RSFamily/RSKeys/JWTCryptoSecurity.m b/Core/Algorithms/RSFamily/RSKeys/JWTCryptoSecurity.m
index 04982ac6..aab9eae3 100644
--- a/Core/Algorithms/RSFamily/RSKeys/JWTCryptoSecurity.m
+++ b/Core/Algorithms/RSFamily/RSKeys/JWTCryptoSecurity.m
@@ -185,6 +185,10 @@ + (OSStatus)extractIdentityAndTrustFromPKCS12:(CFDataRef)inPKCS12Data password:(
                                     optionsDictionary,
                                     &items);                    // 2
     
+    if (CFArrayGetCount(items) == 0) {
+        securityError = errSecPkcs12VerifyFailure;
+    }
+    
     //
     if (securityError == 0) {                                   // 3
         CFDictionaryRef myIdentityAndTrust = CFArrayGetValueAtIndex (items, 0);