Address lifetime concerns

dotnet · Jun 19, 2024 · d93c08e · d93c08e
1 parent b9e78eb
commit d93c08e
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 8 deletions.
diff --git a/...es/Common/src/Interop/Android/System.Security.Cryptography.Native.Android/Interop.X509.cs b/...es/Common/src/Interop/Android/System.Security.Cryptography.Native.Android/Interop.X509.cs
@@ -39,10 +39,23 @@ internal static byte[] X509Encode(SafeX509Handle x)
         private static partial IntPtr GetPrivateKeyEntryCertificate(IntPtr privatKeyEntryHandle);
         internal static SafeX509Handle GetPrivateKeyEntryCertificate(SafeHandle privatKeyEntryHandle)
         {
-            var certificateHandle = new SafeX509Handle();
-            var certificatePtr = GetPrivateKeyEntryCertificate(privatKeyEntryHandle.DangerousGetHandle());
-            Marshal.InitHandle(certificateHandle, Interop.JObjectLifetime.NewGlobalReference(certificatePtr));
-            return certificateHandle;
+            bool addedRef = false;
+            try
+            {
+                privatKeyEntryHandle.DangerousAddRef(ref addedRef);
+                IntPtr certificatePtr = GetPrivateKeyEntryCertificate(privatKeyEntryHandle.DangerousGetHandle());
+
+                SafeX509Handle certificateHandle = new();
+                Marshal.InitHandle(certificateHandle, certificatePtr);
+                return certificateHandle;
+            }
+            finally
+            {
+                if (addedRef)
+                {
+                    privatKeyEntryHandle.DangerousRelease();
+                }
+            }
         }
 
         [LibraryImport(Libraries.AndroidCryptoNative, EntryPoint = "AndroidCryptoNative_X509DecodeCollection")]

diff --git a/...y.Cryptography/src/System/Security/Cryptography/X509Certificates/AndroidCertificatePal.cs b/...y.Cryptography/src/System/Security/Cryptography/X509Certificates/AndroidCertificatePal.cs
@@ -44,11 +44,22 @@ public static ICertificatePal FromOtherCert(X509Certificate cert)
 
             AndroidCertificatePal certPal = (AndroidCertificatePal)cert.Pal;
 
-            if (certPal._keyStorePrivateKeyEntry is not null)
+            if (certPal._keyStorePrivateKeyEntry is SafeJObjectHandle privateKeyEntry)
             {
-                var jobjectHandle = new Interop.JObjectLifetime.SafeJObjectHandle();
-                Marshal.InitHandle(jobjectHandle, Interop.JObjectLifetime.NewGlobalReference(certPal.Handle));
-                return new AndroidCertificatePal(jobjectHandle);
+                bool addedRef = false;
+                try
+                {
+                    privateKeyEntry.DangerousAddRef(ref addedRef);
+                    SafeJObjectHandle newSafeHandle = SafeJObjectHandle.CreateGlobalReferenceFromHandle(privateKeyEntry.DangerousGetHandle());
+                    return new AndroidCertificatePal(newSafeHandle);
+                }
+                finally
+                {
+                    if (addedRef)
+                    {
+                        privateKeyEntry.DangerousRelease();
+                    }
+                }
             }
 
             // Ensure private key is copied