[apple/security.git] / sec / Security / Regressions / secitem / si-64-ossl-cms.c

/*
 *  si-64-ossl-cms.c
 *  Security
 *
 *  Created by  on 9/28/09.
 *  Copyright 2009 Apple Inc. All rights reserved.
 *
 */
#include "si-64-ossl-cms/attached_no_data_signed_data.h"
#include "si-64-ossl-cms/attached_signed_data.h"
#include "si-64-ossl-cms/detached_content.h"
#include "si-64-ossl-cms/detached_signed_data.h"
#include "si-64-ossl-cms/signer.h"
#include "si-64-ossl-cms/privkey.h"

#include <CoreFoundation/CoreFoundation.h>
#include <Security/SecCMS.h>
#include <Security/SecRSAKey.h>
#include <Security/SecCertificatePriv.h>
#include <Security/SecIdentityPriv.h>
#include <utilities/SecCFWrappers.h>

#include <unistd.h>
#include <AssertMacros.h>

#include "Security_regressions.h"

/*
openssl req -new -newkey rsa:512 -x509 -nodes -subj "/O=foo/CN=bar" -out signer.pem
echo -n "hoi joh" > detached_content
openssl smime -sign -outform der -signer signer.pem -in detached_content -inkey privkey.pem -out detached_signed_data.der
openssl smime -nodetach -sign -outform der -signer test.pem -in detached_content -inkey privkey.pem -out attached_signed_data.der
openssl smime -nodetach -sign -outform der -signer test.pem -inkey privkey.pem -out attached_no_data_signed_data.der < /dev/null

xxd -i detached_content > detached_content.h
xxd -i attached_no_data_signed_data.der > attached_no_data_signed_data.h
xxd -i attached_signed_data.der > attached_signed_data.h
xxd -i detached_signed_data.der > detached_signed_data.h

openssl x509 -in test.pem -outform der -out signer.der
xxd -i signer.der > signer.h


attached difference:

  33 NDEF:       SEQUENCE {
    <06 09>
  35    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
    <A0 80>
  46 NDEF:         [0] {
    <24 80>
  48 NDEF:           OCTET STRING {
    <04 07>
  50    7:             OCTET STRING 'hoi joh'
    <00 00>
         :             }
    <00 00>
         :           }
    <00 00>
         :         }

  39   22:       SEQUENCE {
    <06 09>
  41    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
    <A0 09>
  52    9:         [0] {
    <04 07>
  54    7:           OCTET STRING 'hoi joh'
         :           }
         :         }

detached:

    <30 80>
  33 NDEF:       SEQUENCE {
    <06 09>
  35    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
    <00 00>
         :         }

    <30 0B>
  39   11:       SEQUENCE {
    <06 09>
  41    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
         :         }

attached empty:

    <30 80>
  33 NDEF:       SEQUENCE {
    <06 09>
  35    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
    <A0 80>
  46 NDEF:         [0] {
    <24 80>
  48 NDEF:           OCTET STRING {
    <00 00>
         :             }
    <00 00>
         :           }
    <00 00>
         :         }

    <30 0F>
  39   15:       SEQUENCE {
    <06 09>
  41    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
    <A0 02>
  52    2:         [0] {
    <04 00>
  54    0:           OCTET STRING
         :             Error: Object has zero length.
         :           }
         :         }


*/

#include <fcntl.h>
static inline void write_data(const char * path, CFDataRef data)
{
    int data_file = open(path, O_CREAT|O_WRONLY|O_TRUNC, 0644);
    write(data_file, CFDataGetBytePtr(data), CFDataGetLength(data));
    close(data_file);
}

static void tests(void)
{
	CFDataRef attached_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, attached_signed_data_der, attached_signed_data_der_len, kCFAllocatorNull);
	CFDataRef detached_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, detached_signed_data_der, detached_signed_data_der_len, kCFAllocatorNull);
	CFDataRef attached_no_data_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, attached_no_data_signed_data_der, attached_no_data_signed_data_der_len, kCFAllocatorNull);
	CFDataRef detached_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, detached_content, detached_content_len, kCFAllocatorNull);
	CFDataRef no_data = CFDataCreate(kCFAllocatorDefault, NULL, 0);
	SecPolicyRef policy = SecPolicyCreateBasicX509();
	SecTrustRef trust = NULL;

	ok_status(SecCMSVerifyCopyDataAndAttributes(attached_signed_data, NULL, policy, &trust, NULL, NULL), "verify attached data");
	CFRelease(trust);
	ok_status(SecCMSVerifyCopyDataAndAttributes(detached_signed_data, detached_data, policy, &trust, NULL, NULL), "verify detached data");
	CFRelease(trust);
	ok_status(SecCMSVerifyCopyDataAndAttributes(attached_no_data_signed_data, NULL, policy, &trust, NULL, NULL), "verify attached no data");
	CFRelease(trust);
	ok_status(SecCMSVerifyCopyDataAndAttributes(attached_no_data_signed_data, no_data, policy, &trust, NULL, NULL), "verify attached no data");
	CFRelease(trust);


    SecCertificateRef cert = NULL;
    SecKeyRef privKey = NULL;
    SecIdentityRef identity = NULL;

    isnt(cert = SecCertificateCreateWithBytes(NULL, signer_der, signer_der_len), NULL, "create certificate");
    isnt(privKey = SecKeyCreateRSAPrivateKey(NULL, privkey_der, privkey_der_len, kSecKeyEncodingPkcs1), NULL, "create private key");
    isnt(identity = SecIdentityCreate(NULL, cert, privKey), NULL, "create identity");
    CFReleaseSafe(privKey);

	CFMutableDataRef cms_data = CFDataCreateMutable(kCFAllocatorDefault, 0);
	ok_status(SecCMSCreateSignedData(identity, detached_data, NULL, NULL, cms_data), "create attached data");
	//write_data("/var/tmp/attached", cms_data);
	CFDataSetLength(cms_data, 0);
	CFDictionaryRef detached_cms_dict = CFDictionaryCreate(kCFAllocatorDefault, &kSecCMSSignDetached, (const void **)&kCFBooleanTrue, 1, NULL, NULL);
	ok_status(SecCMSCreateSignedData(identity, detached_data, detached_cms_dict, NULL, cms_data), "create attached data");
	CFRelease(detached_cms_dict);
	//write_data("/var/tmp/detached", cms_data);
	CFDataSetLength(cms_data, 0);
	ok_status(SecCMSCreateSignedData(identity, NULL, NULL, NULL, cms_data), "create attached data");
	//write_data("/var/tmp/empty_attached", cms_data);

	CFReleaseSafe(cms_data);
	CFReleaseSafe(cert);
	CFReleaseNull(identity);
	CFRelease(attached_signed_data);
	CFRelease(detached_signed_data);
	CFRelease(attached_no_data_signed_data);
	CFRelease(detached_data);
	CFRelease(no_data);
	CFRelease(policy);
}

int si_64_ossl_cms(int argc, char *const *argv)
{
	plan_tests(10);


	tests();

	return 0;
}
Commit	Line	Data
427c49bc A	1	/*
	2	* si-64-ossl-cms.c
	3	* Security
	4	*
	5	* Created by on 9/28/09.
	6	* Copyright 2009 Apple Inc. All rights reserved.
	7	*
	8	*/
	9	#include "si-64-ossl-cms/attached_no_data_signed_data.h"
	10	#include "si-64-ossl-cms/attached_signed_data.h"
	11	#include "si-64-ossl-cms/detached_content.h"
	12	#include "si-64-ossl-cms/detached_signed_data.h"
	13	#include "si-64-ossl-cms/signer.h"
	14	#include "si-64-ossl-cms/privkey.h"
	15
	16	#include <CoreFoundation/CoreFoundation.h>
	17	#include <Security/SecCMS.h>
	18	#include <Security/SecRSAKey.h>
	19	#include <Security/SecCertificatePriv.h>
	20	#include <Security/SecIdentityPriv.h>
	21	#include <utilities/SecCFWrappers.h>
	22
	23	#include <unistd.h>
	24	#include <AssertMacros.h>
	25
	26	#include "Security_regressions.h"
	27
	28	/*
	29	openssl req -new -newkey rsa:512 -x509 -nodes -subj "/O=foo/CN=bar" -out signer.pem
	30	echo -n "hoi joh" > detached_content
	31	openssl smime -sign -outform der -signer signer.pem -in detached_content -inkey privkey.pem -out detached_signed_data.der
	32	openssl smime -nodetach -sign -outform der -signer test.pem -in detached_content -inkey privkey.pem -out attached_signed_data.der
	33	openssl smime -nodetach -sign -outform der -signer test.pem -inkey privkey.pem -out attached_no_data_signed_data.der < /dev/null
	34
	35	xxd -i detached_content > detached_content.h
	36	xxd -i attached_no_data_signed_data.der > attached_no_data_signed_data.h
	37	xxd -i attached_signed_data.der > attached_signed_data.h
	38	xxd -i detached_signed_data.der > detached_signed_data.h
	39
	40	openssl x509 -in test.pem -outform der -out signer.der
	41	xxd -i signer.der > signer.h
	42
	43
	44	attached difference:
	45
	46	33 NDEF: SEQUENCE {
	47	<06 09>
	48	35 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
	49	<A0 80>
	50	46 NDEF: [0] {
	51	<24 80>
	52	48 NDEF: OCTET STRING {
	53	<04 07>
	54	50 7: OCTET STRING 'hoi joh'
	55	<00 00>
	56	: }
	57	<00 00>
	58	: }
	59	<00 00>
	60	: }
	61
	62	39 22: SEQUENCE {
	63	<06 09>
	64	41 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
65	<A0 09>
66	52 9: [0] {
67	<04 07>
68	54 7: OCTET STRING 'hoi joh'
69	: }
70	: }
71
72	detached:
73
74	<30 80>
75	33 NDEF: SEQUENCE {
76	<06 09>
77	35 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
78	<00 00>
79	: }
80
81	<30 0B>
82	39 11: SEQUENCE {
83	<06 09>
84	41 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
85	: }
86
87	attached empty:
88
89	<30 80>
90	33 NDEF: SEQUENCE {
91	<06 09>
92	35 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
93	<A0 80>
94	46 NDEF: [0] {
95	<24 80>
96	48 NDEF: OCTET STRING {
97	<00 00>
98	: }
99	<00 00>
100	: }
101	<00 00>
102	: }
103
104	<30 0F>
105	39 15: SEQUENCE {
106	<06 09>
107	41 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
108	<A0 02>
109	52 2: [0] {
110	<04 00>
111	54 0: OCTET STRING
112	: Error: Object has zero length.
113	: }
114	: }
115
116
117	*/
118
119	#include <fcntl.h>
120	static inline void write_data(const char * path, CFDataRef data)
121	{
122	int data_file = open(path, O_CREAT\|O_WRONLY\|O_TRUNC, 0644);
123	write(data_file, CFDataGetBytePtr(data), CFDataGetLength(data));
124	close(data_file);
125	}
126
127	static void tests(void)
128	{
129	CFDataRef attached_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, attached_signed_data_der, attached_signed_data_der_len, kCFAllocatorNull);
130	CFDataRef detached_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, detached_signed_data_der, detached_signed_data_der_len, kCFAllocatorNull);
131	CFDataRef attached_no_data_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, attached_no_data_signed_data_der, attached_no_data_signed_data_der_len, kCFAllocatorNull);
132	CFDataRef detached_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, detached_content, detached_content_len, kCFAllocatorNull);
133	CFDataRef no_data = CFDataCreate(kCFAllocatorDefault, NULL, 0);
134	SecPolicyRef policy = SecPolicyCreateBasicX509();
135	SecTrustRef trust = NULL;
136
137	ok_status(SecCMSVerifyCopyDataAndAttributes(attached_signed_data, NULL, policy, &trust, NULL, NULL), "verify attached data");
138	CFRelease(trust);
139	ok_status(SecCMSVerifyCopyDataAndAttributes(detached_signed_data, detached_data, policy, &trust, NULL, NULL), "verify detached data");
140	CFRelease(trust);
141	ok_status(SecCMSVerifyCopyDataAndAttributes(attached_no_data_signed_data, NULL, policy, &trust, NULL, NULL), "verify attached no data");
142	CFRelease(trust);
143	ok_status(SecCMSVerifyCopyDataAndAttributes(attached_no_data_signed_data, no_data, policy, &trust, NULL, NULL), "verify attached no data");
144	CFRelease(trust);
145
146
147	SecCertificateRef cert = NULL;
148	SecKeyRef privKey = NULL;
149	SecIdentityRef identity = NULL;
150
151	isnt(cert = SecCertificateCreateWithBytes(NULL, signer_der, signer_der_len), NULL, "create certificate");
152	isnt(privKey = SecKeyCreateRSAPrivateKey(NULL, privkey_der, privkey_der_len, kSecKeyEncodingPkcs1), NULL, "create private key");
153	isnt(identity = SecIdentityCreate(NULL, cert, privKey), NULL, "create identity");
154	CFReleaseSafe(privKey);
155
156	CFMutableDataRef cms_data = CFDataCreateMutable(kCFAllocatorDefault, 0);
157	ok_status(SecCMSCreateSignedData(identity, detached_data, NULL, NULL, cms_data), "create attached data");
158	//write_data("/var/tmp/attached", cms_data);
159	CFDataSetLength(cms_data, 0);
160	CFDictionaryRef detached_cms_dict = CFDictionaryCreate(kCFAllocatorDefault, &kSecCMSSignDetached, (const void **)&kCFBooleanTrue, 1, NULL, NULL);
161	ok_status(SecCMSCreateSignedData(identity, detached_data, detached_cms_dict, NULL, cms_data), "create attached data");
162	CFRelease(detached_cms_dict);
163	//write_data("/var/tmp/detached", cms_data);
164	CFDataSetLength(cms_data, 0);
165	ok_status(SecCMSCreateSignedData(identity, NULL, NULL, NULL, cms_data), "create attached data");
166	//write_data("/var/tmp/empty_attached", cms_data);
167
168	CFReleaseSafe(cms_data);
169	CFReleaseSafe(cert);
170	CFReleaseNull(identity);
171	CFRelease(attached_signed_data);
172	CFRelease(detached_signed_data);
173	CFRelease(attached_no_data_signed_data);
174	CFRelease(detached_data);
175	CFRelease(no_data);
176	CFRelease(policy);
177	}
178
179	int si_64_ossl_cms(int argc, char const argv)
180	{
181	plan_tests(10);
182
183
184	tests();
185
186	return 0;
187	}