[apple/security.git] / OSX / sec / Security / Regressions / secitem / si-23-sectrust-ocsp-wwdr.c

/*
 * Copyright (c) 2012-2013 Apple Inc. All Rights Reserved.
 */

#include <CoreFoundation/CoreFoundation.h>
#include <Security/SecCertificate.h>
#include <Security/SecCertificatePriv.h>
#include <Security/SecCertificateInternal.h>
#include <Security/SecPolicyPriv.h>
#include <Security/SecTrustPriv.h>
#include <stdlib.h>
#include <unistd.h>

#include "testmore.h"

/* subject:/UID=6H766P4BDJ/CN=iPhone Distribution: SCK Solutions LLC/OU=6H766P4BDJ/O=6H766P4BDJ/C=US */
/* issuer :/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority */
static const unsigned char WWDR_NoRevInfo[]={
0x30,0x82,0x05,0x2D,0x30,0x82,0x04,0x15,0xA0,0x03,0x02,0x01,0x02,0x02,0x08,0x34,
0x92,0xF6,0x39,0x2B,0x4B,0x16,0x64,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,
0x0D,0x01,0x01,0x05,0x05,0x00,0x30,0x81,0x96,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,
0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0A,0x0C,
0x0A,0x41,0x70,0x70,0x6C,0x65,0x20,0x49,0x6E,0x63,0x2E,0x31,0x2C,0x30,0x2A,0x06,
0x03,0x55,0x04,0x0B,0x0C,0x23,0x41,0x70,0x70,0x6C,0x65,0x20,0x57,0x6F,0x72,0x6C,
0x64,0x77,0x69,0x64,0x65,0x20,0x44,0x65,0x76,0x65,0x6C,0x6F,0x70,0x65,0x72,0x20,
0x52,0x65,0x6C,0x61,0x74,0x69,0x6F,0x6E,0x73,0x31,0x44,0x30,0x42,0x06,0x03,0x55,
0x04,0x03,0x0C,0x3B,0x41,0x70,0x70,0x6C,0x65,0x20,0x57,0x6F,0x72,0x6C,0x64,0x77,
0x69,0x64,0x65,0x20,0x44,0x65,0x76,0x65,0x6C,0x6F,0x70,0x65,0x72,0x20,0x52,0x65,
0x6C,0x61,0x74,0x69,0x6F,0x6E,0x73,0x20,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,
0x61,0x74,0x69,0x6F,0x6E,0x20,0x41,0x75,0x74,0x68,0x6F,0x72,0x69,0x74,0x79,0x30,
0x1E,0x17,0x0D,0x31,0x32,0x30,0x31,0x31,0x34,0x32,0x30,0x33,0x30,0x34,0x30,0x5A,
0x17,0x0D,0x31,0x33,0x30,0x31,0x31,0x33,0x32,0x30,0x33,0x30,0x34,0x30,0x5A,0x30,
0x81,0x84,0x31,0x1A,0x30,0x18,0x06,0x0A,0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,
0x01,0x01,0x0C,0x0A,0x36,0x48,0x37,0x36,0x36,0x50,0x34,0x42,0x44,0x4A,0x31,0x2F,
0x30,0x2D,0x06,0x03,0x55,0x04,0x03,0x0C,0x26,0x69,0x50,0x68,0x6F,0x6E,0x65,0x20,
0x44,0x69,0x73,0x74,0x72,0x69,0x62,0x75,0x74,0x69,0x6F,0x6E,0x3A,0x20,0x53,0x43,
0x4B,0x20,0x53,0x6F,0x6C,0x75,0x74,0x69,0x6F,0x6E,0x73,0x20,0x4C,0x4C,0x43,0x31,
0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0B,0x0C,0x0A,0x36,0x48,0x37,0x36,0x36,0x50,
0x34,0x42,0x44,0x4A,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0A,0x0C,0x0A,0x36,
0x48,0x37,0x36,0x36,0x50,0x34,0x42,0x44,0x4A,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,
0x04,0x06,0x13,0x02,0x55,0x53,0x30,0x82,0x01,0x22,0x30,0x0D,0x06,0x09,0x2A,0x86,
0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0F,0x00,0x30,0x82,
0x01,0x0A,0x02,0x82,0x01,0x01,0x00,0xED,0x4A,0x4F,0x35,0x46,0x46,0x40,0xDE,0x95,
0x88,0x51,0x73,0x00,0x96,0x6F,0x7F,0xA4,0x25,0x1E,0x61,0xA9,0x37,0x30,0x01,0x5C,
0xAF,0x92,0xCB,0x29,0x8D,0xC2,0x93,0xBE,0xDF,0x7D,0xF0,0xC7,0x0C,0xD3,0x25,0x84,
0xF8,0x12,0x0D,0x35,0xBC,0x75,0x58,0x80,0x25,0x24,0x3A,0xCD,0x90,0xD9,0xE6,0x2E,
0xD6,0x00,0x1E,0x36,0x33,0x13,0xBA,0x35,0x5F,0x87,0xB5,0x33,0x5E,0x7E,0x91,0x96,
0x92,0x91,0x5E,0xE9,0xAE,0xB1,0x50,0xBB,0x7C,0x71,0xF2,0x86,0xF3,0xA9,0x4F,0x48,
0xE5,0x02,0xFE,0x0A,0x0B,0x3E,0x01,0xC5,0x38,0x02,0x96,0x2F,0xC5,0x44,0x11,0x89,
0x8D,0x15,0xC1,0xCE,0x77,0x11,0xE7,0xD4,0x83,0x5F,0x4B,0xA9,0x1D,0xE9,0xE2,0xFD,
0x8E,0xFA,0x7B,0x9A,0xC2,0x2E,0x10,0x8A,0x27,0x86,0xDE,0x65,0x47,0x57,0x49,0x5B,
0x6F,0xA4,0x41,0x22,0x4C,0x4A,0x9D,0xB5,0x7A,0xD7,0x87,0x06,0xF9,0x52,0x53,0xB8,
0x39,0xB5,0xA1,0xAC,0x74,0xFC,0x28,0xAE,0x4E,0x14,0xC8,0x0C,0x77,0xEC,0x10,0xBD,
0xBA,0x22,0xDB,0x5C,0x2E,0x15,0xDD,0x17,0x7A,0x7D,0xFA,0x15,0x81,0x1E,0x31,0xB1,
0x2D,0x06,0x7E,0x21,0x71,0x69,0xA4,0x7E,0x47,0x43,0x59,0x1D,0xE7,0x3E,0x11,0xCE,
0xBA,0x58,0x91,0xB5,0xBC,0x52,0x89,0xDE,0x02,0x3E,0x84,0x29,0xF9,0xA0,0xF4,0x24,
0x04,0x24,0x5C,0xB2,0xA0,0x09,0x54,0xE2,0x8E,0xCF,0xA9,0x43,0x12,0x4B,0xC0,0x22,
0x18,0x3B,0x51,0x8C,0x89,0xC3,0xB2,0x86,0x05,0x98,0x4F,0x25,0x95,0x82,0x7B,0x7F,
0xED,0x4A,0xC4,0x74,0xF1,0xA5,0x7D,0x02,0x03,0x01,0x00,0x01,0xA3,0x82,0x01,0x8D,
0x30,0x82,0x01,0x89,0x30,0x1D,0x06,0x03,0x55,0x1D,0x0E,0x04,0x16,0x04,0x14,0xA1,
0x00,0xAE,0xE5,0x3E,0x53,0xF1,0x39,0x38,0x73,0x02,0xC0,0x6E,0x50,0xCE,0xC8,0xD9,
0x05,0x50,0x2A,0x30,0x0C,0x06,0x03,0x55,0x1D,0x13,0x01,0x01,0xFF,0x04,0x02,0x30,
0x00,0x30,0x1F,0x06,0x03,0x55,0x1D,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x88,0x27,
0x17,0x09,0xA9,0xB6,0x18,0x60,0x8B,0xEC,0xEB,0xBA,0xF6,0x47,0x59,0xC5,0x52,0x54,
0xA3,0xB7,0x30,0x82,0x01,0x0F,0x06,0x03,0x55,0x1D,0x20,0x04,0x82,0x01,0x06,0x30,
0x82,0x01,0x02,0x30,0x81,0xFF,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x63,0x64,0x05,
0x01,0x30,0x81,0xF1,0x30,0x81,0xC3,0x06,0x08,0x2B,0x06,0x01,0x05,0x05,0x07,0x02,
0x02,0x30,0x81,0xB6,0x0C,0x81,0xB3,0x52,0x65,0x6C,0x69,0x61,0x6E,0x63,0x65,0x20,
0x6F,0x6E,0x20,0x74,0x68,0x69,0x73,0x20,0x63,0x65,0x72,0x74,0x69,0x66,0x69,0x63,
0x61,0x74,0x65,0x20,0x62,0x79,0x20,0x61,0x6E,0x79,0x20,0x70,0x61,0x72,0x74,0x79,
0x20,0x61,0x73,0x73,0x75,0x6D,0x65,0x73,0x20,0x61,0x63,0x63,0x65,0x70,0x74,0x61,
0x6E,0x63,0x65,0x20,0x6F,0x66,0x20,0x74,0x68,0x65,0x20,0x74,0x68,0x65,0x6E,0x20,
0x61,0x70,0x70,0x6C,0x69,0x63,0x61,0x62,0x6C,0x65,0x20,0x73,0x74,0x61,0x6E,0x64,
0x61,0x72,0x64,0x20,0x74,0x65,0x72,0x6D,0x73,0x20,0x61,0x6E,0x64,0x20,0x63,0x6F,
0x6E,0x64,0x69,0x74,0x69,0x6F,0x6E,0x73,0x20,0x6F,0x66,0x20,0x75,0x73,0x65,0x2C,
0x20,0x63,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x65,0x20,0x70,0x6F,0x6C,
0x69,0x63,0x79,0x20,0x61,0x6E,0x64,0x20,0x63,0x65,0x72,0x74,0x69,0x66,0x69,0x63,
0x61,0x74,0x69,0x6F,0x6E,0x20,0x70,0x72,0x61,0x63,0x74,0x69,0x63,0x65,0x20,0x73,
0x74,0x61,0x74,0x65,0x6D,0x65,0x6E,0x74,0x73,0x2E,0x30,0x29,0x06,0x08,0x2B,0x06,
0x01,0x05,0x05,0x07,0x02,0x01,0x16,0x1D,0x68,0x74,0x74,0x70,0x3A,0x2F,0x2F,0x77,
0x77,0x77,0x2E,0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x2F,0x61,0x70,0x70,
0x6C,0x65,0x63,0x61,0x2F,0x30,0x0E,0x06,0x03,0x55,0x1D,0x0F,0x01,0x01,0xFF,0x04,
0x04,0x03,0x02,0x07,0x80,0x30,0x16,0x06,0x03,0x55,0x1D,0x25,0x01,0x01,0xFF,0x04,
0x0C,0x30,0x0A,0x06,0x08,0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03,0x30,0x0D,0x06,
0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,
0x00,0x27,0x78,0xD3,0xFB,0xCE,0xD6,0x10,0x99,0xBF,0x7F,0xAE,0x0A,0x00,0xA3,0x9F,
0x9C,0x4E,0x23,0x15,0xDB,0x54,0x3E,0x4F,0x9B,0x93,0x67,0x17,0xF2,0x14,0x5A,0x36,
0x1C,0x30,0x28,0x71,0xCB,0x0A,0xFF,0x1A,0x36,0xA2,0x49,0x7B,0xA4,0xE2,0xD5,0xC7,
0x58,0x96,0x2A,0x09,0x74,0x16,0x51,0x69,0xEC,0x54,0xDC,0x97,0xA5,0x43,0x65,0x6A,
0xC9,0x8D,0x93,0x74,0x59,0x62,0x4D,0xF9,0x88,0x42,0x99,0xB6,0xDB,0xA1,0x19,0x19,
0x2D,0x1D,0xB6,0x4B,0x40,0x74,0x5B,0x57,0x3E,0x3E,0xD6,0x02,0xE0,0xEB,0xAB,0x01,
0x48,0x7D,0x4B,0x78,0x2B,0x0C,0x9F,0xD3,0x24,0x5C,0x9B,0xB7,0x37,0xA0,0x99,0xC7,
0xB5,0xDC,0x9A,0x3D,0x85,0x4D,0xAA,0x23,0xEF,0xBA,0xAB,0xA2,0x64,0x56,0x15,0xAF,
0x0D,0x1B,0xEB,0x64,0xBD,0xD4,0x98,0x61,0xA8,0xB9,0xF8,0x1B,0xD6,0x4A,0x11,0xBB,
0x13,0x77,0x7A,0x29,0x31,0xC8,0x24,0xBF,0xD5,0xB3,0x4D,0x5F,0xEB,0x2A,0xA8,0xDF,
0x24,0x40,0xF4,0x2E,0x28,0x43,0xB4,0x88,0x61,0x20,0x51,0xA3,0xEF,0x5A,0xF2,0x24,
0xE2,0x87,0x29,0x2C,0xDC,0xE9,0xB7,0x43,0xAC,0x38,0x04,0xFB,0x8C,0x18,0x09,0x76,
0x9C,0xEE,0xFA,0x17,0xE4,0xE4,0x53,0x78,0x91,0x40,0xFC,0x76,0xE2,0x2B,0x39,0x54,
0xF6,0xF8,0xC6,0xB1,0xF8,0x55,0xD2,0xAF,0xF0,0x65,0x32,0x4E,0x89,0x05,0x4F,0x19,
0xAD,0xB3,0x65,0xB2,0x19,0xF8,0x00,0xDA,0xDD,0x8F,0x76,0x51,0x52,0x62,0x28,0x4B,
0x41,0x1C,0xDA,0xFD,0x12,0x11,0x65,0x8D,0xB4,0x69,0xD4,0xC4,0x23,0x67,0x3E,0xD6,
0x89,
};

/* subject:/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority */
/* issuer :/C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Root CA */
static const unsigned char WWDR_CA[]={
0x30,0x82,0x04,0x23,0x30,0x82,0x03,0x0B,0xA0,0x03,0x02,0x01,0x02,0x02,0x01,0x19,
0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x30,
0x62,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13,
0x30,0x11,0x06,0x03,0x55,0x04,0x0A,0x13,0x0A,0x41,0x70,0x70,0x6C,0x65,0x20,0x49,
0x6E,0x63,0x2E,0x31,0x26,0x30,0x24,0x06,0x03,0x55,0x04,0x0B,0x13,0x1D,0x41,0x70,
0x70,0x6C,0x65,0x20,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x69,0x6F,
0x6E,0x20,0x41,0x75,0x74,0x68,0x6F,0x72,0x69,0x74,0x79,0x31,0x16,0x30,0x14,0x06,
0x03,0x55,0x04,0x03,0x13,0x0D,0x41,0x70,0x70,0x6C,0x65,0x20,0x52,0x6F,0x6F,0x74,
0x20,0x43,0x41,0x30,0x1E,0x17,0x0D,0x30,0x38,0x30,0x32,0x31,0x34,0x31,0x38,0x35,
0x36,0x33,0x35,0x5A,0x17,0x0D,0x31,0x36,0x30,0x32,0x31,0x34,0x31,0x38,0x35,0x36,
0x33,0x35,0x5A,0x30,0x81,0x96,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,
0x02,0x55,0x53,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0A,0x0C,0x0A,0x41,0x70,
0x70,0x6C,0x65,0x20,0x49,0x6E,0x63,0x2E,0x31,0x2C,0x30,0x2A,0x06,0x03,0x55,0x04,
0x0B,0x0C,0x23,0x41,0x70,0x70,0x6C,0x65,0x20,0x57,0x6F,0x72,0x6C,0x64,0x77,0x69,
0x64,0x65,0x20,0x44,0x65,0x76,0x65,0x6C,0x6F,0x70,0x65,0x72,0x20,0x52,0x65,0x6C,
0x61,0x74,0x69,0x6F,0x6E,0x73,0x31,0x44,0x30,0x42,0x06,0x03,0x55,0x04,0x03,0x0C,
0x3B,0x41,0x70,0x70,0x6C,0x65,0x20,0x57,0x6F,0x72,0x6C,0x64,0x77,0x69,0x64,0x65,
0x20,0x44,0x65,0x76,0x65,0x6C,0x6F,0x70,0x65,0x72,0x20,0x52,0x65,0x6C,0x61,0x74,
0x69,0x6F,0x6E,0x73,0x20,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x69,
0x6F,0x6E,0x20,0x41,0x75,0x74,0x68,0x6F,0x72,0x69,0x74,0x79,0x30,0x82,0x01,0x22,
0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,0x03,
0x82,0x01,0x0F,0x00,0x30,0x82,0x01,0x0A,0x02,0x82,0x01,0x01,0x00,0xCA,0x38,0x54,
0xA6,0xCB,0x56,0xAA,0xC8,0x24,0x39,0x48,0xE9,0x8C,0xEE,0xEC,0x5F,0xB8,0x7F,0x26,
0x91,0xBC,0x34,0x53,0x7A,0xCE,0x7C,0x63,0x80,0x61,0x77,0x64,0x5E,0xA5,0x07,0x23,
0xB6,0x39,0xFE,0x50,0x2D,0x15,0x56,0x58,0x70,0x2D,0x7E,0xC4,0x6E,0xC1,0x4A,0x85,
0x3E,0x2F,0xF0,0xDE,0x84,0x1A,0xA1,0x57,0xC9,0xAF,0x7B,0x18,0xFF,0x6A,0xFA,0x15,
0x12,0x49,0x15,0x08,0x19,0xAC,0xAA,0xDB,0x2A,0x32,0xED,0x96,0x63,0x68,0x52,0x15,
0x3D,0x8C,0x8A,0xEC,0xBF,0x6B,0x18,0x95,0xE0,0x03,0xAC,0x01,0x7D,0x97,0x05,0x67,
0xCE,0x0E,0x85,0x95,0x37,0x6A,0xED,0x09,0xB6,0xAE,0x67,0xCD,0x51,0x64,0x9F,0xC6,
0x5C,0xD1,0xBC,0x57,0x6E,0x67,0x35,0x80,0x76,0x36,0xA4,0x87,0x81,0x6E,0x38,0x8F,
0xD8,0x2B,0x15,0x4E,0x7B,0x25,0xD8,0x5A,0xBF,0x4E,0x83,0xC1,0x8D,0xD2,0x93,0xD5,
0x1A,0x71,0xB5,0x60,0x9C,0x9D,0x33,0x4E,0x55,0xF9,0x12,0x58,0x0C,0x86,0xB8,0x16,
0x0D,0xC1,0xE5,0x77,0x45,0x8D,0x50,0x48,0xBA,0x2B,0x2D,0xE4,0x94,0x85,0xE1,0xE8,
0xC4,0x9D,0xC6,0x68,0xA5,0xB0,0xA3,0xFC,0x67,0x7E,0x70,0xBA,0x02,0x59,0x4B,0x77,
0x42,0x91,0x39,0xB9,0xF5,0xCD,0xE1,0x4C,0xEF,0xC0,0x3B,0x48,0x8C,0xA6,0xE5,0x21,
0x5D,0xFD,0x6A,0x6A,0xBB,0xA7,0x16,0x35,0x60,0xD2,0xE6,0xAD,0xF3,0x46,0x29,0xC9,
0xE8,0xC3,0x8B,0xE9,0x79,0xC0,0x6A,0x61,0x67,0x15,0xB2,0xF0,0xFD,0xE5,0x68,0xBC,
0x62,0x5F,0x6E,0xCF,0x99,0xDD,0xEF,0x1B,0x63,0xFE,0x92,0x65,0xAB,0x02,0x03,0x01,
0x00,0x01,0xA3,0x81,0xAE,0x30,0x81,0xAB,0x30,0x0E,0x06,0x03,0x55,0x1D,0x0F,0x01,
0x01,0xFF,0x04,0x04,0x03,0x02,0x01,0x86,0x30,0x0F,0x06,0x03,0x55,0x1D,0x13,0x01,
0x01,0xFF,0x04,0x05,0x30,0x03,0x01,0x01,0xFF,0x30,0x1D,0x06,0x03,0x55,0x1D,0x0E,
0x04,0x16,0x04,0x14,0x88,0x27,0x17,0x09,0xA9,0xB6,0x18,0x60,0x8B,0xEC,0xEB,0xBA,
0xF6,0x47,0x59,0xC5,0x52,0x54,0xA3,0xB7,0x30,0x1F,0x06,0x03,0x55,0x1D,0x23,0x04,
0x18,0x30,0x16,0x80,0x14,0x2B,0xD0,0x69,0x47,0x94,0x76,0x09,0xFE,0xF4,0x6B,0x8D,
0x2E,0x40,0xA6,0xF7,0x47,0x4D,0x7F,0x08,0x5E,0x30,0x36,0x06,0x03,0x55,0x1D,0x1F,
0x04,0x2F,0x30,0x2D,0x30,0x2B,0xA0,0x29,0xA0,0x27,0x86,0x25,0x68,0x74,0x74,0x70,
0x3A,0x2F,0x2F,0x77,0x77,0x77,0x2E,0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,
0x2F,0x61,0x70,0x70,0x6C,0x65,0x63,0x61,0x2F,0x72,0x6F,0x6F,0x74,0x2E,0x63,0x72,
0x6C,0x30,0x10,0x06,0x0A,0x2A,0x86,0x48,0x86,0xF7,0x63,0x64,0x06,0x02,0x01,0x04,
0x02,0x05,0x00,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,
0x05,0x00,0x03,0x82,0x01,0x01,0x00,0xDA,0x32,0x00,0x96,0xC5,0x54,0x94,0xD3,0x3B,
0x82,0x37,0x66,0x7D,0x2E,0x68,0xD5,0xC3,0xC6,0xB8,0xCB,0x26,0x8C,0x48,0x90,0xCF,
0x13,0x24,0x6A,0x46,0x8E,0x63,0xD4,0xF0,0xD0,0x13,0x06,0xDD,0xD8,0xC4,0xC1,0x37,
0x15,0xF2,0x33,0x13,0x39,0x26,0x2D,0xCE,0x2E,0x55,0x40,0xE3,0x0B,0x03,0xAF,0xFA,
0x12,0xC2,0xE7,0x0D,0x21,0xB8,0xD5,0x80,0xCF,0xAC,0x28,0x2F,0xCE,0x2D,0xB3,0x4E,
0xAF,0x86,0x19,0x04,0xC6,0xE9,0x50,0xDD,0x4C,0x29,0x47,0x10,0x23,0xFC,0x6C,0xBB,
0x1B,0x98,0x6B,0x48,0x89,0xE1,0x5B,0x9D,0xDE,0x46,0xDB,0x35,0x85,0x35,0xEF,0x3E,
0xD0,0xE2,0x58,0x4B,0x38,0xF4,0xED,0x75,0x5A,0x1F,0x5C,0x70,0x1D,0x56,0x39,0x12,
0xE5,0xE1,0x0D,0x11,0xE4,0x89,0x25,0x06,0xBD,0xD5,0xB4,0x15,0x8E,0x5E,0xD0,0x59,
0x97,0x90,0xE9,0x4B,0x81,0xE2,0xDF,0x18,0xAF,0x44,0x74,0x1E,0x19,0xA0,0x3A,0x47,
0xCC,0x91,0x1D,0x3A,0xEB,0x23,0x5A,0xFE,0xA5,0x2D,0x97,0xF7,0x7B,0xBB,0xD6,0x87,
0x46,0x42,0x85,0xEB,0x52,0x3D,0x26,0xB2,0x63,0xA8,0xB4,0xB1,0xCA,0x8F,0xF4,0xCC,
0xE2,0xB3,0xC8,0x47,0xE0,0xBF,0x9A,0x59,0x83,0xFA,0xDA,0x98,0x53,0x2A,0x82,0xF5,
0x7C,0x65,0x2E,0x95,0xD9,0x33,0x5D,0xF5,0xED,0x65,0xCC,0x31,0x37,0xC5,0x5A,0x04,
0xE8,0x6B,0xE1,0xE7,0x88,0x03,0x4A,0x75,0x9E,0x9B,0x28,0xCB,0x4A,0x40,0x88,0x65,
0x43,0x75,0xDD,0xCB,0x3A,0x25,0x23,0xC5,0x9E,0x57,0xF8,0x2E,0xCE,0xD2,0xA9,0x92,
0x5E,0x73,0x2E,0x2F,0x25,0x75,0x15,
};


#define CFReleaseSafe(CF) { CFTypeRef _cf = (CF); if (_cf) CFRelease(_cf); }
#define CFReleaseNull(CF) { CFTypeRef _cf = (CF); \
	if (_cf) { (CF) = NULL; CFRelease(_cf); } }

static void tests(void)
{
	SecTrustRef trust;
	SecCertificateRef cert0, cert1;
	isnt(cert0 = SecCertificateCreateWithBytes(NULL, WWDR_NoRevInfo, sizeof(WWDR_NoRevInfo)),
			NULL, "create leaf");
	isnt(cert1 = SecCertificateCreateWithBytes(NULL, WWDR_CA, sizeof(WWDR_CA)),
			NULL, "create intermediate");
	CFMutableArrayRef certs = CFArrayCreateMutable(kCFAllocatorDefault, 0,
			&kCFTypeArrayCallBacks);
	CFArrayAppendValue(certs, cert0);
	CFArrayAppendValue(certs, cert1);

	/* at this point, we should have an OCSP responder for the WWDR-issued leaf cert,
	 * even though the leaf itself doesn't contain any revocation info.
	 */
	CFArrayRef ocspResponders = SecCertificateGetOCSPResponders(cert0);
	ok(ocspResponders != NULL, "synthesized OCSP responder successfully");

	SecPolicyRef signingPolicy = SecPolicyCreateCodeSigning();
	SecPolicyRef ocspPolicy = SecPolicyCreateRevocation();
	const void *v_policies[] = { signingPolicy, ocspPolicy };
	CFArrayRef policies = CFArrayCreate(NULL, v_policies,
			sizeof(v_policies) / sizeof(*v_policies), &kCFTypeArrayCallBacks);
	CFRelease(signingPolicy);
	CFRelease(ocspPolicy);
	ok_status(SecTrustCreateWithCertificates(certs, policies, &trust),
			"create trust");
	/* Aug 1st 2012. */
	CFGregorianDate g_date = { 2012, 8, 1, 12, 0, 0 }; // Aug 1 2012 12:00 PM
	CFDateRef date = CFDateCreate(kCFAllocatorDefault,
			CFGregorianDateGetAbsoluteTime(g_date, NULL));
#if 0
	/* will we trust the OCSP response for a verify date in the past?? */
	ok_status(SecTrustSetVerifyDate(trust, date), "set date");
#else
	ok_status(errSecSuccess, "using current date");
#endif

	SecTrustResultType trustResult;
	ok_status(SecTrustEvaluate(trust, &trustResult), "evaluate trust");

	/* The cert should either be reported as revoked (until Jan 13 2013),
	 * or as expired (after Jan 13 2013). That means its trust result value
     * should be 5 (kSecTrustResultRecoverableTrustFailure) or greater.
	 */
	ok(trustResult >= kSecTrustResultRecoverableTrustFailure,
       "trustResult must report a failure, cert is either expired or revoked");
#if 0
    fprintf(stderr, "=== trustResult %lu\n", trustResult);
    CFStringRef errStr = SecTrustCopyFailureDescription(trust);
    CFShow(errStr);
#endif

	CFReleaseSafe(trust);
	CFReleaseSafe(policies);
	CFReleaseSafe(certs);
	CFReleaseSafe(cert0);
	CFReleaseSafe(cert1);
	CFReleaseSafe(date);
}

int si_23_sectrust_ocsp_wwdr(int argc, char *const *argv)
{
	plan_tests(7);

	tests();

	return 0;
}
Commit	Line	Data
427c49bc	1	/*
d8f41ccd	2	* Copyright (c) 2012-2013 Apple Inc. All Rights Reserved.
427c49bc A	3	*/
	4
	5	#include <CoreFoundation/CoreFoundation.h>
	6	#include <Security/SecCertificate.h>
	7	#include <Security/SecCertificatePriv.h>
	8	#include <Security/SecCertificateInternal.h>
	9	#include <Security/SecPolicyPriv.h>
	10	#include <Security/SecTrustPriv.h>
	11	#include <stdlib.h>
	12	#include <unistd.h>
	13
	14	#include "testmore.h"
	15
	16	/* subject:/UID=6H766P4BDJ/CN=iPhone Distribution: SCK Solutions LLC/OU=6H766P4BDJ/O=6H766P4BDJ/C=US */
	17	/* issuer :/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority */
	18	static const unsigned char WWDR_NoRevInfo[]={
	19	0x30,0x82,0x05,0x2D,0x30,0x82,0x04,0x15,0xA0,0x03,0x02,0x01,0x02,0x02,0x08,0x34,
	20	0x92,0xF6,0x39,0x2B,0x4B,0x16,0x64,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,
	21	0x0D,0x01,0x01,0x05,0x05,0x00,0x30,0x81,0x96,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,
	22	0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0A,0x0C,
	23	0x0A,0x41,0x70,0x70,0x6C,0x65,0x20,0x49,0x6E,0x63,0x2E,0x31,0x2C,0x30,0x2A,0x06,
	24	0x03,0x55,0x04,0x0B,0x0C,0x23,0x41,0x70,0x70,0x6C,0x65,0x20,0x57,0x6F,0x72,0x6C,
	25	0x64,0x77,0x69,0x64,0x65,0x20,0x44,0x65,0x76,0x65,0x6C,0x6F,0x70,0x65,0x72,0x20,
	26	0x52,0x65,0x6C,0x61,0x74,0x69,0x6F,0x6E,0x73,0x31,0x44,0x30,0x42,0x06,0x03,0x55,
	27	0x04,0x03,0x0C,0x3B,0x41,0x70,0x70,0x6C,0x65,0x20,0x57,0x6F,0x72,0x6C,0x64,0x77,
	28	0x69,0x64,0x65,0x20,0x44,0x65,0x76,0x65,0x6C,0x6F,0x70,0x65,0x72,0x20,0x52,0x65,
	29	0x6C,0x61,0x74,0x69,0x6F,0x6E,0x73,0x20,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,
	30	0x61,0x74,0x69,0x6F,0x6E,0x20,0x41,0x75,0x74,0x68,0x6F,0x72,0x69,0x74,0x79,0x30,
	31	0x1E,0x17,0x0D,0x31,0x32,0x30,0x31,0x31,0x34,0x32,0x30,0x33,0x30,0x34,0x30,0x5A,
	32	0x17,0x0D,0x31,0x33,0x30,0x31,0x31,0x33,0x32,0x30,0x33,0x30,0x34,0x30,0x5A,0x30,
	33	0x81,0x84,0x31,0x1A,0x30,0x18,0x06,0x0A,0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,
	34	0x01,0x01,0x0C,0x0A,0x36,0x48,0x37,0x36,0x36,0x50,0x34,0x42,0x44,0x4A,0x31,0x2F,
	35	0x30,0x2D,0x06,0x03,0x55,0x04,0x03,0x0C,0x26,0x69,0x50,0x68,0x6F,0x6E,0x65,0x20,
	36	0x44,0x69,0x73,0x74,0x72,0x69,0x62,0x75,0x74,0x69,0x6F,0x6E,0x3A,0x20,0x53,0x43,
	37	0x4B,0x20,0x53,0x6F,0x6C,0x75,0x74,0x69,0x6F,0x6E,0x73,0x20,0x4C,0x4C,0x43,0x31,
	38	0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0B,0x0C,0x0A,0x36,0x48,0x37,0x36,0x36,0x50,
	39	0x34,0x42,0x44,0x4A,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0A,0x0C,0x0A,0x36,
	40	0x48,0x37,0x36,0x36,0x50,0x34,0x42,0x44,0x4A,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,
	41	0x04,0x06,0x13,0x02,0x55,0x53,0x30,0x82,0x01,0x22,0x30,0x0D,0x06,0x09,0x2A,0x86,
	42	0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0F,0x00,0x30,0x82,
	43	0x01,0x0A,0x02,0x82,0x01,0x01,0x00,0xED,0x4A,0x4F,0x35,0x46,0x46,0x40,0xDE,0x95,
	44	0x88,0x51,0x73,0x00,0x96,0x6F,0x7F,0xA4,0x25,0x1E,0x61,0xA9,0x37,0x30,0x01,0x5C,
	45	0xAF,0x92,0xCB,0x29,0x8D,0xC2,0x93,0xBE,0xDF,0x7D,0xF0,0xC7,0x0C,0xD3,0x25,0x84,
	46	0xF8,0x12,0x0D,0x35,0xBC,0x75,0x58,0x80,0x25,0x24,0x3A,0xCD,0x90,0xD9,0xE6,0x2E,
	47	0xD6,0x00,0x1E,0x36,0x33,0x13,0xBA,0x35,0x5F,0x87,0xB5,0x33,0x5E,0x7E,0x91,0x96,
	48	0x92,0x91,0x5E,0xE9,0xAE,0xB1,0x50,0xBB,0x7C,0x71,0xF2,0x86,0xF3,0xA9,0x4F,0x48,
	49	0xE5,0x02,0xFE,0x0A,0x0B,0x3E,0x01,0xC5,0x38,0x02,0x96,0x2F,0xC5,0x44,0x11,0x89,
	50	0x8D,0x15,0xC1,0xCE,0x77,0x11,0xE7,0xD4,0x83,0x5F,0x4B,0xA9,0x1D,0xE9,0xE2,0xFD,
	51	0x8E,0xFA,0x7B,0x9A,0xC2,0x2E,0x10,0x8A,0x27,0x86,0xDE,0x65,0x47,0x57,0x49,0x5B,
	52	0x6F,0xA4,0x41,0x22,0x4C,0x4A,0x9D,0xB5,0x7A,0xD7,0x87,0x06,0xF9,0x52,0x53,0xB8,
	53	0x39,0xB5,0xA1,0xAC,0x74,0xFC,0x28,0xAE,0x4E,0x14,0xC8,0x0C,0x77,0xEC,0x10,0xBD,
	54	0xBA,0x22,0xDB,0x5C,0x2E,0x15,0xDD,0x17,0x7A,0x7D,0xFA,0x15,0x81,0x1E,0x31,0xB1,
	55	0x2D,0x06,0x7E,0x21,0x71,0x69,0xA4,0x7E,0x47,0x43,0x59,0x1D,0xE7,0x3E,0x11,0xCE,
	56	0xBA,0x58,0x91,0xB5,0xBC,0x52,0x89,0xDE,0x02,0x3E,0x84,0x29,0xF9,0xA0,0xF4,0x24,
	57	0x04,0x24,0x5C,0xB2,0xA0,0x09,0x54,0xE2,0x8E,0xCF,0xA9,0x43,0x12,0x4B,0xC0,0x22,
	58	0x18,0x3B,0x51,0x8C,0x89,0xC3,0xB2,0x86,0x05,0x98,0x4F,0x25,0x95,0x82,0x7B,0x7F,
	59	0xED,0x4A,0xC4,0x74,0xF1,0xA5,0x7D,0x02,0x03,0x01,0x00,0x01,0xA3,0x82,0x01,0x8D,
	60	0x30,0x82,0x01,0x89,0x30,0x1D,0x06,0x03,0x55,0x1D,0x0E,0x04,0x16,0x04,0x14,0xA1,
	61	0x00,0xAE,0xE5,0x3E,0x53,0xF1,0x39,0x38,0x73,0x02,0xC0,0x6E,0x50,0xCE,0xC8,0xD9,
	62	0x05,0x50,0x2A,0x30,0x0C,0x06,0x03,0x55,0x1D,0x13,0x01,0x01,0xFF,0x04,0x02,0x30,
	63	0x00,0x30,0x1F,0x06,0x03,0x55,0x1D,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x88,0x27,
	64	0x17,0x09,0xA9,0xB6,0x18,0x60,0x8B,0xEC,0xEB,0xBA,0xF6,0x47,0x59,0xC5,0x52,0x54,
	65	0xA3,0xB7,0x30,0x82,0x01,0x0F,0x06,0x03,0x55,0x1D,0x20,0x04,0x82,0x01,0x06,0x30,
	66	0x82,0x01,0x02,0x30,0x81,0xFF,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x63,0x64,0x05,
67	0x01,0x30,0x81,0xF1,0x30,0x81,0xC3,0x06,0x08,0x2B,0x06,0x01,0x05,0x05,0x07,0x02,
68	0x02,0x30,0x81,0xB6,0x0C,0x81,0xB3,0x52,0x65,0x6C,0x69,0x61,0x6E,0x63,0x65,0x20,
69	0x6F,0x6E,0x20,0x74,0x68,0x69,0x73,0x20,0x63,0x65,0x72,0x74,0x69,0x66,0x69,0x63,
70	0x61,0x74,0x65,0x20,0x62,0x79,0x20,0x61,0x6E,0x79,0x20,0x70,0x61,0x72,0x74,0x79,
71	0x20,0x61,0x73,0x73,0x75,0x6D,0x65,0x73,0x20,0x61,0x63,0x63,0x65,0x70,0x74,0x61,
72	0x6E,0x63,0x65,0x20,0x6F,0x66,0x20,0x74,0x68,0x65,0x20,0x74,0x68,0x65,0x6E,0x20,
73	0x61,0x70,0x70,0x6C,0x69,0x63,0x61,0x62,0x6C,0x65,0x20,0x73,0x74,0x61,0x6E,0x64,
74	0x61,0x72,0x64,0x20,0x74,0x65,0x72,0x6D,0x73,0x20,0x61,0x6E,0x64,0x20,0x63,0x6F,
75	0x6E,0x64,0x69,0x74,0x69,0x6F,0x6E,0x73,0x20,0x6F,0x66,0x20,0x75,0x73,0x65,0x2C,
76	0x20,0x63,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x65,0x20,0x70,0x6F,0x6C,
77	0x69,0x63,0x79,0x20,0x61,0x6E,0x64,0x20,0x63,0x65,0x72,0x74,0x69,0x66,0x69,0x63,
78	0x61,0x74,0x69,0x6F,0x6E,0x20,0x70,0x72,0x61,0x63,0x74,0x69,0x63,0x65,0x20,0x73,
79	0x74,0x61,0x74,0x65,0x6D,0x65,0x6E,0x74,0x73,0x2E,0x30,0x29,0x06,0x08,0x2B,0x06,
80	0x01,0x05,0x05,0x07,0x02,0x01,0x16,0x1D,0x68,0x74,0x74,0x70,0x3A,0x2F,0x2F,0x77,
81	0x77,0x77,0x2E,0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x2F,0x61,0x70,0x70,
82	0x6C,0x65,0x63,0x61,0x2F,0x30,0x0E,0x06,0x03,0x55,0x1D,0x0F,0x01,0x01,0xFF,0x04,
83	0x04,0x03,0x02,0x07,0x80,0x30,0x16,0x06,0x03,0x55,0x1D,0x25,0x01,0x01,0xFF,0x04,
84	0x0C,0x30,0x0A,0x06,0x08,0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03,0x30,0x0D,0x06,
85	0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,
86	0x00,0x27,0x78,0xD3,0xFB,0xCE,0xD6,0x10,0x99,0xBF,0x7F,0xAE,0x0A,0x00,0xA3,0x9F,
87	0x9C,0x4E,0x23,0x15,0xDB,0x54,0x3E,0x4F,0x9B,0x93,0x67,0x17,0xF2,0x14,0x5A,0x36,
88	0x1C,0x30,0x28,0x71,0xCB,0x0A,0xFF,0x1A,0x36,0xA2,0x49,0x7B,0xA4,0xE2,0xD5,0xC7,
89	0x58,0x96,0x2A,0x09,0x74,0x16,0x51,0x69,0xEC,0x54,0xDC,0x97,0xA5,0x43,0x65,0x6A,
90	0xC9,0x8D,0x93,0x74,0x59,0x62,0x4D,0xF9,0x88,0x42,0x99,0xB6,0xDB,0xA1,0x19,0x19,
91	0x2D,0x1D,0xB6,0x4B,0x40,0x74,0x5B,0x57,0x3E,0x3E,0xD6,0x02,0xE0,0xEB,0xAB,0x01,
92	0x48,0x7D,0x4B,0x78,0x2B,0x0C,0x9F,0xD3,0x24,0x5C,0x9B,0xB7,0x37,0xA0,0x99,0xC7,
93	0xB5,0xDC,0x9A,0x3D,0x85,0x4D,0xAA,0x23,0xEF,0xBA,0xAB,0xA2,0x64,0x56,0x15,0xAF,
94	0x0D,0x1B,0xEB,0x64,0xBD,0xD4,0x98,0x61,0xA8,0xB9,0xF8,0x1B,0xD6,0x4A,0x11,0xBB,
95	0x13,0x77,0x7A,0x29,0x31,0xC8,0x24,0xBF,0xD5,0xB3,0x4D,0x5F,0xEB,0x2A,0xA8,0xDF,
96	0x24,0x40,0xF4,0x2E,0x28,0x43,0xB4,0x88,0x61,0x20,0x51,0xA3,0xEF,0x5A,0xF2,0x24,
97	0xE2,0x87,0x29,0x2C,0xDC,0xE9,0xB7,0x43,0xAC,0x38,0x04,0xFB,0x8C,0x18,0x09,0x76,
98	0x9C,0xEE,0xFA,0x17,0xE4,0xE4,0x53,0x78,0x91,0x40,0xFC,0x76,0xE2,0x2B,0x39,0x54,
99	0xF6,0xF8,0xC6,0xB1,0xF8,0x55,0xD2,0xAF,0xF0,0x65,0x32,0x4E,0x89,0x05,0x4F,0x19,
100	0xAD,0xB3,0x65,0xB2,0x19,0xF8,0x00,0xDA,0xDD,0x8F,0x76,0x51,0x52,0x62,0x28,0x4B,
101	0x41,0x1C,0xDA,0xFD,0x12,0x11,0x65,0x8D,0xB4,0x69,0xD4,0xC4,0x23,0x67,0x3E,0xD6,
102	0x89,
103	};
104
105	/* subject:/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority */
106	/* issuer :/C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Root CA */
107	static const unsigned char WWDR_CA[]={
108	0x30,0x82,0x04,0x23,0x30,0x82,0x03,0x0B,0xA0,0x03,0x02,0x01,0x02,0x02,0x01,0x19,
109	0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x30,
110	0x62,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13,
111	0x30,0x11,0x06,0x03,0x55,0x04,0x0A,0x13,0x0A,0x41,0x70,0x70,0x6C,0x65,0x20,0x49,
112	0x6E,0x63,0x2E,0x31,0x26,0x30,0x24,0x06,0x03,0x55,0x04,0x0B,0x13,0x1D,0x41,0x70,
113	0x70,0x6C,0x65,0x20,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x69,0x6F,
114	0x6E,0x20,0x41,0x75,0x74,0x68,0x6F,0x72,0x69,0x74,0x79,0x31,0x16,0x30,0x14,0x06,
115	0x03,0x55,0x04,0x03,0x13,0x0D,0x41,0x70,0x70,0x6C,0x65,0x20,0x52,0x6F,0x6F,0x74,
116	0x20,0x43,0x41,0x30,0x1E,0x17,0x0D,0x30,0x38,0x30,0x32,0x31,0x34,0x31,0x38,0x35,
117	0x36,0x33,0x35,0x5A,0x17,0x0D,0x31,0x36,0x30,0x32,0x31,0x34,0x31,0x38,0x35,0x36,
118	0x33,0x35,0x5A,0x30,0x81,0x96,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,
119	0x02,0x55,0x53,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0A,0x0C,0x0A,0x41,0x70,
120	0x70,0x6C,0x65,0x20,0x49,0x6E,0x63,0x2E,0x31,0x2C,0x30,0x2A,0x06,0x03,0x55,0x04,
121	0x0B,0x0C,0x23,0x41,0x70,0x70,0x6C,0x65,0x20,0x57,0x6F,0x72,0x6C,0x64,0x77,0x69,
122	0x64,0x65,0x20,0x44,0x65,0x76,0x65,0x6C,0x6F,0x70,0x65,0x72,0x20,0x52,0x65,0x6C,
123	0x61,0x74,0x69,0x6F,0x6E,0x73,0x31,0x44,0x30,0x42,0x06,0x03,0x55,0x04,0x03,0x0C,
124	0x3B,0x41,0x70,0x70,0x6C,0x65,0x20,0x57,0x6F,0x72,0x6C,0x64,0x77,0x69,0x64,0x65,
125	0x20,0x44,0x65,0x76,0x65,0x6C,0x6F,0x70,0x65,0x72,0x20,0x52,0x65,0x6C,0x61,0x74,
126	0x69,0x6F,0x6E,0x73,0x20,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x69,
127	0x6F,0x6E,0x20,0x41,0x75,0x74,0x68,0x6F,0x72,0x69,0x74,0x79,0x30,0x82,0x01,0x22,
128	0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,0x05,0x00,0x03,
129	0x82,0x01,0x0F,0x00,0x30,0x82,0x01,0x0A,0x02,0x82,0x01,0x01,0x00,0xCA,0x38,0x54,
130	0xA6,0xCB,0x56,0xAA,0xC8,0x24,0x39,0x48,0xE9,0x8C,0xEE,0xEC,0x5F,0xB8,0x7F,0x26,
131	0x91,0xBC,0x34,0x53,0x7A,0xCE,0x7C,0x63,0x80,0x61,0x77,0x64,0x5E,0xA5,0x07,0x23,
132	0xB6,0x39,0xFE,0x50,0x2D,0x15,0x56,0x58,0x70,0x2D,0x7E,0xC4,0x6E,0xC1,0x4A,0x85,
133	0x3E,0x2F,0xF0,0xDE,0x84,0x1A,0xA1,0x57,0xC9,0xAF,0x7B,0x18,0xFF,0x6A,0xFA,0x15,
134	0x12,0x49,0x15,0x08,0x19,0xAC,0xAA,0xDB,0x2A,0x32,0xED,0x96,0x63,0x68,0x52,0x15,
135	0x3D,0x8C,0x8A,0xEC,0xBF,0x6B,0x18,0x95,0xE0,0x03,0xAC,0x01,0x7D,0x97,0x05,0x67,
136	0xCE,0x0E,0x85,0x95,0x37,0x6A,0xED,0x09,0xB6,0xAE,0x67,0xCD,0x51,0x64,0x9F,0xC6,
137	0x5C,0xD1,0xBC,0x57,0x6E,0x67,0x35,0x80,0x76,0x36,0xA4,0x87,0x81,0x6E,0x38,0x8F,
138	0xD8,0x2B,0x15,0x4E,0x7B,0x25,0xD8,0x5A,0xBF,0x4E,0x83,0xC1,0x8D,0xD2,0x93,0xD5,
139	0x1A,0x71,0xB5,0x60,0x9C,0x9D,0x33,0x4E,0x55,0xF9,0x12,0x58,0x0C,0x86,0xB8,0x16,
140	0x0D,0xC1,0xE5,0x77,0x45,0x8D,0x50,0x48,0xBA,0x2B,0x2D,0xE4,0x94,0x85,0xE1,0xE8,
141	0xC4,0x9D,0xC6,0x68,0xA5,0xB0,0xA3,0xFC,0x67,0x7E,0x70,0xBA,0x02,0x59,0x4B,0x77,
142	0x42,0x91,0x39,0xB9,0xF5,0xCD,0xE1,0x4C,0xEF,0xC0,0x3B,0x48,0x8C,0xA6,0xE5,0x21,
143	0x5D,0xFD,0x6A,0x6A,0xBB,0xA7,0x16,0x35,0x60,0xD2,0xE6,0xAD,0xF3,0x46,0x29,0xC9,
144	0xE8,0xC3,0x8B,0xE9,0x79,0xC0,0x6A,0x61,0x67,0x15,0xB2,0xF0,0xFD,0xE5,0x68,0xBC,
145	0x62,0x5F,0x6E,0xCF,0x99,0xDD,0xEF,0x1B,0x63,0xFE,0x92,0x65,0xAB,0x02,0x03,0x01,
146	0x00,0x01,0xA3,0x81,0xAE,0x30,0x81,0xAB,0x30,0x0E,0x06,0x03,0x55,0x1D,0x0F,0x01,
147	0x01,0xFF,0x04,0x04,0x03,0x02,0x01,0x86,0x30,0x0F,0x06,0x03,0x55,0x1D,0x13,0x01,
148	0x01,0xFF,0x04,0x05,0x30,0x03,0x01,0x01,0xFF,0x30,0x1D,0x06,0x03,0x55,0x1D,0x0E,
149	0x04,0x16,0x04,0x14,0x88,0x27,0x17,0x09,0xA9,0xB6,0x18,0x60,0x8B,0xEC,0xEB,0xBA,
150	0xF6,0x47,0x59,0xC5,0x52,0x54,0xA3,0xB7,0x30,0x1F,0x06,0x03,0x55,0x1D,0x23,0x04,
151	0x18,0x30,0x16,0x80,0x14,0x2B,0xD0,0x69,0x47,0x94,0x76,0x09,0xFE,0xF4,0x6B,0x8D,
152	0x2E,0x40,0xA6,0xF7,0x47,0x4D,0x7F,0x08,0x5E,0x30,0x36,0x06,0x03,0x55,0x1D,0x1F,
153	0x04,0x2F,0x30,0x2D,0x30,0x2B,0xA0,0x29,0xA0,0x27,0x86,0x25,0x68,0x74,0x74,0x70,
154	0x3A,0x2F,0x2F,0x77,0x77,0x77,0x2E,0x61,0x70,0x70,0x6C,0x65,0x2E,0x63,0x6F,0x6D,
155	0x2F,0x61,0x70,0x70,0x6C,0x65,0x63,0x61,0x2F,0x72,0x6F,0x6F,0x74,0x2E,0x63,0x72,
156	0x6C,0x30,0x10,0x06,0x0A,0x2A,0x86,0x48,0x86,0xF7,0x63,0x64,0x06,0x02,0x01,0x04,
157	0x02,0x05,0x00,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,
158	0x05,0x00,0x03,0x82,0x01,0x01,0x00,0xDA,0x32,0x00,0x96,0xC5,0x54,0x94,0xD3,0x3B,
159	0x82,0x37,0x66,0x7D,0x2E,0x68,0xD5,0xC3,0xC6,0xB8,0xCB,0x26,0x8C,0x48,0x90,0xCF,
160	0x13,0x24,0x6A,0x46,0x8E,0x63,0xD4,0xF0,0xD0,0x13,0x06,0xDD,0xD8,0xC4,0xC1,0x37,
161	0x15,0xF2,0x33,0x13,0x39,0x26,0x2D,0xCE,0x2E,0x55,0x40,0xE3,0x0B,0x03,0xAF,0xFA,
162	0x12,0xC2,0xE7,0x0D,0x21,0xB8,0xD5,0x80,0xCF,0xAC,0x28,0x2F,0xCE,0x2D,0xB3,0x4E,
163	0xAF,0x86,0x19,0x04,0xC6,0xE9,0x50,0xDD,0x4C,0x29,0x47,0x10,0x23,0xFC,0x6C,0xBB,
164	0x1B,0x98,0x6B,0x48,0x89,0xE1,0x5B,0x9D,0xDE,0x46,0xDB,0x35,0x85,0x35,0xEF,0x3E,
165	0xD0,0xE2,0x58,0x4B,0x38,0xF4,0xED,0x75,0x5A,0x1F,0x5C,0x70,0x1D,0x56,0x39,0x12,
166	0xE5,0xE1,0x0D,0x11,0xE4,0x89,0x25,0x06,0xBD,0xD5,0xB4,0x15,0x8E,0x5E,0xD0,0x59,
167	0x97,0x90,0xE9,0x4B,0x81,0xE2,0xDF,0x18,0xAF,0x44,0x74,0x1E,0x19,0xA0,0x3A,0x47,
168	0xCC,0x91,0x1D,0x3A,0xEB,0x23,0x5A,0xFE,0xA5,0x2D,0x97,0xF7,0x7B,0xBB,0xD6,0x87,
169	0x46,0x42,0x85,0xEB,0x52,0x3D,0x26,0xB2,0x63,0xA8,0xB4,0xB1,0xCA,0x8F,0xF4,0xCC,
170	0xE2,0xB3,0xC8,0x47,0xE0,0xBF,0x9A,0x59,0x83,0xFA,0xDA,0x98,0x53,0x2A,0x82,0xF5,
171	0x7C,0x65,0x2E,0x95,0xD9,0x33,0x5D,0xF5,0xED,0x65,0xCC,0x31,0x37,0xC5,0x5A,0x04,
172	0xE8,0x6B,0xE1,0xE7,0x88,0x03,0x4A,0x75,0x9E,0x9B,0x28,0xCB,0x4A,0x40,0x88,0x65,
173	0x43,0x75,0xDD,0xCB,0x3A,0x25,0x23,0xC5,0x9E,0x57,0xF8,0x2E,0xCE,0xD2,0xA9,0x92,
174	0x5E,0x73,0x2E,0x2F,0x25,0x75,0x15,
175	};
176
177
178	#define CFReleaseSafe(CF) { CFTypeRef _cf = (CF); if (_cf) CFRelease(_cf); }
179	#define CFReleaseNull(CF) { CFTypeRef _cf = (CF); \
180	if (_cf) { (CF) = NULL; CFRelease(_cf); } }
181
182	static void tests(void)
183	{
184	SecTrustRef trust;
185	SecCertificateRef cert0, cert1;
186	isnt(cert0 = SecCertificateCreateWithBytes(NULL, WWDR_NoRevInfo, sizeof(WWDR_NoRevInfo)),
187	NULL, "create leaf");
188	isnt(cert1 = SecCertificateCreateWithBytes(NULL, WWDR_CA, sizeof(WWDR_CA)),
189	NULL, "create intermediate");
190	CFMutableArrayRef certs = CFArrayCreateMutable(kCFAllocatorDefault, 0,
191	&kCFTypeArrayCallBacks);
192	CFArrayAppendValue(certs, cert0);
193	CFArrayAppendValue(certs, cert1);
194
195	/* at this point, we should have an OCSP responder for the WWDR-issued leaf cert,
196	* even though the leaf itself doesn't contain any revocation info.
197	*/
198	CFArrayRef ocspResponders = SecCertificateGetOCSPResponders(cert0);
199	ok(ocspResponders != NULL, "synthesized OCSP responder successfully");
200
201	SecPolicyRef signingPolicy = SecPolicyCreateCodeSigning();
202	SecPolicyRef ocspPolicy = SecPolicyCreateRevocation();
203	const void *v_policies[] = { signingPolicy, ocspPolicy };
204	CFArrayRef policies = CFArrayCreate(NULL, v_policies,
205	sizeof(v_policies) / sizeof(*v_policies), &kCFTypeArrayCallBacks);
206	CFRelease(signingPolicy);
207	CFRelease(ocspPolicy);
208	ok_status(SecTrustCreateWithCertificates(certs, policies, &trust),
209	"create trust");
210	/* Aug 1st 2012. */
211	CFGregorianDate g_date = { 2012, 8, 1, 12, 0, 0 }; // Aug 1 2012 12:00 PM
212	CFDateRef date = CFDateCreate(kCFAllocatorDefault,
213	CFGregorianDateGetAbsoluteTime(g_date, NULL));
214	#if 0
215	/* will we trust the OCSP response for a verify date in the past?? */
216	ok_status(SecTrustSetVerifyDate(trust, date), "set date");
217	#else
218	ok_status(errSecSuccess, "using current date");
219	#endif
220
221	SecTrustResultType trustResult;
222	ok_status(SecTrustEvaluate(trust, &trustResult), "evaluate trust");
223
224	/* The cert should either be reported as revoked (until Jan 13 2013),
225	* or as expired (after Jan 13 2013). That means its trust result value
226	* should be 5 (kSecTrustResultRecoverableTrustFailure) or greater.
227	*/
228	ok(trustResult >= kSecTrustResultRecoverableTrustFailure,
229	"trustResult must report a failure, cert is either expired or revoked");
230	#if 0
231	fprintf(stderr, "=== trustResult %lu\n", trustResult);
232	CFStringRef errStr = SecTrustCopyFailureDescription(trust);
233	CFShow(errStr);
234	#endif
235
236	CFReleaseSafe(trust);
237	CFReleaseSafe(policies);
238	CFReleaseSafe(certs);
239	CFReleaseSafe(cert0);
240	CFReleaseSafe(cert1);
241	CFReleaseSafe(date);
242	}
243
244	int si_23_sectrust_ocsp_wwdr(int argc, char const argv)
245	{
246	plan_tests(7);
247
248	tests();
249
250	return 0;
251	}