[apple/security.git] / OSX / shared_regressions / si-44-seckey-fv.m

//
//  si-44-seckey-fv.m
//

#import <Foundation/Foundation.h>

#if TARGET_OS_IOS && !TARGET_OS_SIMULATOR
#import "SecureKeyVaultPublic.h"
#import <Security/SecKey.h>

#import "shared_regressions.h"

static void testFileVaultKeyRawSign() {
    id key = CFBridgingRelease(SecKeyCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
    id certificate = CFBridgingRelease(SecCertificateCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
    id pubKey = CFBridgingRelease(SecCertificateCopyKey((SecCertificateRef)certificate));

    uint8_t hash[20] = { 0 };
    uint8_t signature[256] = { 0 };
    size_t siglen = sizeof(signature);
    ok_status(SecKeyRawSign((SecKeyRef)key, kSecPaddingPKCS1SHA1, hash, sizeof(hash), signature, &siglen), "rawSign for fileVault failed");
    ok_status(SecKeyRawVerify((SecKeyRef)pubKey, kSecPaddingPKCS1SHA1, hash, sizeof(hash), signature, siglen), "rawverify for fileVault failed");
}

static void testFileVaultKeySign() {
    NSData *data = [@"dataToSign" dataUsingEncoding:NSUTF8StringEncoding];
    NSData *signature;
    SecKeyAlgorithm algorithm = NULL;
    NSError *error;
    id key = CFBridgingRelease(SecKeyCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
    id certificate = CFBridgingRelease(SecCertificateCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
    id pubKey = CFBridgingRelease(SecCertificateCopyKey((SecCertificateRef)certificate));

    algorithm = kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA1;
    error = nil;
    signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
    ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
    ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));

    algorithm = kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA256;
    error = nil;
    signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
    ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
    ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));

    algorithm = kSecKeyAlgorithmRSASignatureMessagePSSSHA1;
    error = nil;
    signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
    ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
    ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));

    algorithm = kSecKeyAlgorithmRSASignatureMessagePSSSHA256;
    error = nil;
    signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
    ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
    ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));
}

int si_44_seckey_fv(int argc, char *const *argv) {
    @autoreleasepool {
        plan_tests(10);
        testFileVaultKeyRawSign();
        testFileVaultKeySign();
        return 0;
    }
}

#endif
Commit	Line	Data
866f8763 A	1	//
	2	// si-44-seckey-fv.m
	3	//
	4
	5	#import <Foundation/Foundation.h>
	6
	7	#if TARGET_OS_IOS && !TARGET_OS_SIMULATOR
	8	#import "SecureKeyVaultPublic.h"
	9	#import <Security/SecKey.h>
	10
	11	#import "shared_regressions.h"
	12
	13	static void testFileVaultKeyRawSign() {
	14	id key = CFBridgingRelease(SecKeyCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
	15	id certificate = CFBridgingRelease(SecCertificateCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
79b9da22	16	id pubKey = CFBridgingRelease(SecCertificateCopyKey((SecCertificateRef)certificate));
866f8763 A	17
	18	uint8_t hash[20] = { 0 };
	19	uint8_t signature[256] = { 0 };
	20	size_t siglen = sizeof(signature);
	21	ok_status(SecKeyRawSign((SecKeyRef)key, kSecPaddingPKCS1SHA1, hash, sizeof(hash), signature, &siglen), "rawSign for fileVault failed");
	22	ok_status(SecKeyRawVerify((SecKeyRef)pubKey, kSecPaddingPKCS1SHA1, hash, sizeof(hash), signature, siglen), "rawverify for fileVault failed");
	23	}
	24
	25	static void testFileVaultKeySign() {
	26	NSData *data = [@"dataToSign" dataUsingEncoding:NSUTF8StringEncoding];
	27	NSData *signature;
	28	SecKeyAlgorithm algorithm = NULL;
	29	NSError *error;
	30	id key = CFBridgingRelease(SecKeyCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
	31	id certificate = CFBridgingRelease(SecCertificateCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
79b9da22	32	id pubKey = CFBridgingRelease(SecCertificateCopyKey((SecCertificateRef)certificate));
866f8763 A	33
	34	algorithm = kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA1;
	35	error = nil;
	36	signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
	37	ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
	38	ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));
	39
	40	algorithm = kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA256;
	41	error = nil;
	42	signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
	43	ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
	44	ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));
	45
	46	algorithm = kSecKeyAlgorithmRSASignatureMessagePSSSHA1;
	47	error = nil;
	48	signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
	49	ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
	50	ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));
	51
	52	algorithm = kSecKeyAlgorithmRSASignatureMessagePSSSHA256;
	53	error = nil;
	54	signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
	55	ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
	56	ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));
	57	}
	58
	59	int si_44_seckey_fv(int argc, char const argv) {
	60	@autoreleasepool {
	61	plan_tests(10);
	62	testFileVaultKeyRawSign();
	63	testFileVaultKeySign();
	64	return 0;
	65	}
	66	}
	67
	68	#endif