projects / apple / security.git / blame
| Commit | Line | Data |
|---|---|---|
| fa7225c8 A |
1 | /* |
| 2 | * Copyright (c) 2016 Apple Inc. All Rights Reserved. | |
| 3 | * | |
| 4 | * @APPLE_LICENSE_HEADER_START@ | |
| 5 | * | |
| 6 | * This file contains Original Code and/or Modifications of Original Code | |
| 7 | * as defined in and that are subject to the Apple Public Source License | |
| 8 | * Version 2.0 (the 'License'). You may not use this file except in | |
| 9 | * compliance with the License. Please obtain a copy of the License at | |
| 10 | * http://www.opensource.apple.com/apsl/ and read it before using this | |
| 11 | * file. | |
| 12 | * | |
| 13 | * The Original Code and all software distributed under the License are | |
| 14 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
| 15 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | |
| 16 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
| 17 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. | |
| 18 | * Please see the License for the specific language governing rights and | |
| 19 | * limitations under the License. | |
| 20 | * | |
| 21 | * @APPLE_LICENSE_HEADER_END@ | |
| 22 | */ | |
| 23 | ||
| 24 | ||
| 25 | #import <Foundation/Foundation.h> | |
| 26 | ||
| 27 | #include "shared_regressions.h" | |
| 28 | ||
| 29 | static void create_random_key_worker(id keyType, int keySize, bool permPub, bool permPriv) { | |
| 30 | NSDictionary *params = nil; | |
| 31 | NSError *error = nil; | |
| 32 | ||
| 33 | params = @{ | |
| 34 | (id)kSecAttrKeyType: keyType, | |
| 35 | (id)kSecAttrKeySizeInBits: @(keySize), | |
| 36 | (id)kSecAttrLabel: @"si-44-seckey-gen:0", | |
| 37 | (id)kSecPublicKeyAttrs: @{ | |
| 38 | (id)kSecAttrIsPermanent: @(permPub), | |
| 39 | }, | |
| 40 | (id)kSecPrivateKeyAttrs: @{ | |
| 41 | (id)kSecAttrIsPermanent: @(permPriv), | |
| 42 | }, | |
| 43 | }; | |
| 44 | ||
| 45 | id privateKey = CFBridgingRelease(SecKeyCreateRandomKey((CFDictionaryRef)params, (void *)&error)); | |
| 6b200bc3 A |
46 | ok(privateKey != nil, "generating key (type:%@, size:%d, permPub:%d, permPriv:%d) : %@", keyType, keySize, (int)permPub, (int)permPriv, error); |
| 47 | ||
| 48 | id publicKey = CFBridgingRelease(SecKeyCopyPublicKey((SecKeyRef)privateKey)); | |
| 49 | ok(publicKey != nil, "got public key from generated private key"); | |
| fa7225c8 A |
50 | |
| 51 | params = @{ | |
| 52 | (id)kSecClass: (id)kSecClassKey, | |
| 53 | (id)kSecAttrKeyType: keyType, | |
| 54 | (id)kSecAttrKeySizeInBits: @(keySize), | |
| 55 | (id)kSecAttrLabel: @"si-44-seckey-gen:0", | |
| 56 | (id)kSecMatchLimit: (id)kSecMatchLimitAll, | |
| 57 | (id)kSecReturnAttributes: @YES, | |
| 58 | }; | |
| 59 | NSArray *items = nil; | |
| 60 | OSStatus expected = (permPub || permPriv) ? errSecSuccess : errSecItemNotFound; | |
| 61 | is_status(SecItemCopyMatching((CFDictionaryRef)params, (void *)&items), expected, "keychain query for generated keys"); | |
| 62 | is((int)items.count, (permPub ? 1 : 0) + (permPriv ? 1 : 0), "found keys in the keychain"); | |
| 63 | ||
| 64 | if (items.count > 0) { | |
| 65 | params = @{ | |
| 66 | (id)kSecClass: (id)kSecClassKey, | |
| 67 | (id)kSecAttrKeyType: keyType, | |
| 68 | (id)kSecAttrKeySizeInBits: @(keySize), | |
| 6b200bc3 A |
69 | #if TARGET_OS_OSX |
| 70 | // Despite headerdoc and other docs, SecItemDelete on macOS deletes only first found item, we need to persuade | |
| 71 | // it to delete everything passing the query. On the other hand, iOS implementation errs out when | |
| 72 | // kSecMatchLimit is given, so we need to add it only for macOS. | |
| 73 | (id)kSecMatchLimit: (id)kSecMatchLimitAll, | |
| 74 | #endif | |
| fa7225c8 A |
75 | (id)kSecAttrLabel: @"si-44-seckey-gen:0", |
| 76 | }; | |
| 77 | ok_status(SecItemDelete((CFDictionaryRef)params), "clear generated pair from keychain"); | |
| 78 | } | |
| 79 | } | |
| 80 | ||
| 81 | static void test_create_random_key() { | |
| 82 | create_random_key_worker((id)kSecAttrKeyTypeRSA, 1024, false, false); | |
| 83 | create_random_key_worker((id)kSecAttrKeyTypeRSA, 1024, true, false); | |
| 84 | create_random_key_worker((id)kSecAttrKeyTypeRSA, 1024, false, true); | |
| 85 | create_random_key_worker((id)kSecAttrKeyTypeRSA, 1024, true, true); | |
| 86 | create_random_key_worker((id)kSecAttrKeyTypeECSECPrimeRandom, 256, false, false); | |
| 87 | create_random_key_worker((id)kSecAttrKeyTypeECSECPrimeRandom, 256, true, false); | |
| 88 | create_random_key_worker((id)kSecAttrKeyTypeECSECPrimeRandom, 256, false, true); | |
| 89 | create_random_key_worker((id)kSecAttrKeyTypeECSECPrimeRandom, 256, true, true); | |
| 90 | } | |
| 6b200bc3 | 91 | static const int TestCountCreateRandomKey = (4 * 4 + 1 * 3) * 2; |
| fa7225c8 A |
92 | |
| 93 | static const int TestCount = TestCountCreateRandomKey; | |
| 94 | ||
| 95 | int si_44_seckey_gen(int argc, char *const *argv) { | |
| 96 | plan_tests(TestCount); | |
| 97 | ||
| 98 | @autoreleasepool { | |
| 99 | test_create_random_key(); | |
| 100 | } | |
| 101 | ||
| 102 | return 0; | |
| 103 | } |