[apple/security.git] / SecurityTests / clxutils / threadTest / cgVerifyThr.cpp

/* cgVerifyThr.cpp - simple version CertGroupVerify test */

#include "testParams.h"
#include <Security/cssm.h>
#include <utilLib/common.h>
#include <utilLib/cspwrap.h>
#include <clAppUtils/clutils.h>
#include <clAppUtils/tpUtils.h>
#include <clAppUtils/timeStr.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include <Security/oidsalg.h>

/* for memory leak debug only, with only one thread running */
#define DO_PAUSE			0

/*** start of code directly copied from ../cgVerify/cgVerify.cpp ***/
#define NUM_CERTS_MIN		4
#define KEYGEN_ALG_DEF		CSSM_ALGID_RSA
#define SIG_ALG_DEF			CSSM_ALGID_SHA1WithRSA
#define LOOPS_DEF			10
#define CG_KEY_SIZE_DEFAULT	CSP_RSA_KEY_SIZE_DEFAULT
#define SECONDS_TO_LIVE		(60 * 60 * 24)		/* certs are valid for this long */

#define CERT_IN_DB		0

/*
 * How we define the "expected result".
 */
typedef enum {
	ER_InvalidAnchor,		// root in certGroup, not found in AnchorCerts
	ER_RootInCertGroup,		// root in certGroup, copy in AnchorCerts
	ER_AnchorVerify,		// end of chain verified by an anchor
	ER_NoRoot				// no root, no anchor verify
} ExpectResult;

static int testError()
{
	char resp;

	printf("Attach via debugger for more info.\n");
	printf("a to abort, c to continue: ");
	resp = getchar();
	return (resp == 'a');
}

static int doTest(
	CSSM_TP_HANDLE	tpHand,
	CSSM_CL_HANDLE	clHand,
	CSSM_CSP_HANDLE	cspHand,
	CSSM_DL_DB_HANDLE dlDb,
	CSSM_DATA_PTR	certs,
	unsigned		numCerts,
	CSSM_BOOL		useDb,
	ExpectResult	expectResult,	
	CSSM_BOOL		verbose)
{
	unsigned			cgEnd;				// last cert in certGroupFrag
	unsigned			anchorStart;		// first cert in anchorGroup
	unsigned			anchorEnd;			// last cert in anchorGroup
	CSSM_CERTGROUP		certGroupFrag;		// INPUT to CertGroupVerify
	CSSM_CERTGROUP		anchorCerts;		// ditto 
	unsigned			die;				// random number
	CSSM_DL_DB_LIST		dbList;
	CSSM_DL_DB_LIST_PTR	dbListPtr;
	CSSM_DL_DB_HANDLE_PTR	dlDbPtr;
	CSSM_RETURN			expErr;				// expected rtn from GroupVfy()
	int					rtn = 0;
	const char			*expResStr;
	uint32				expEvidenceSize;	// expected evidenceSize
	unsigned			evidenceSize;		// actual evidence size
	CSSM_TP_VERIFY_CONTEXT_RESULT	vfyResult;
	CSSM_CERTGROUP_PTR 	outGrp = NULL;
	CSSM_RETURN			crtn;
	
	memset(&vfyResult, 0, sizeof(CSSM_TP_VERIFY_CONTEXT_RESULT));
	
	if(useDb) {
		dlDbPtr = &dlDb;
		dbList.NumHandles = 1;
		dbList.DLDBHandle = &dlDb;
		dbListPtr = &dbList;
	}
	else {
		/* not yet */
		dlDbPtr = NULL;
		dbListPtr = NULL;
	}
 	
 	/* the four test cases */
 	switch(expectResult) {
		case ER_InvalidAnchor:		
			/* root in certGroup, not found in AnchorCerts */
			cgEnd = numCerts - 1;		// certGroupFrag is the whole pile
			anchorStart = 0;			// anchors = all except root
			anchorEnd = numCerts - 2;
			expErr = CSSMERR_TP_INVALID_ANCHOR_CERT;
			expEvidenceSize = numCerts;
			expResStr = "InvalidAnchor (root in certGroup but not in anchors)";
			break;
			
		case ER_RootInCertGroup:		
			/* root in certGroup, copy in AnchorCerts */
			cgEnd = numCerts - 1;		// certGroupFrag = the whole pile
			anchorStart = 0;			// anchors = the whole pile
			anchorEnd = numCerts - 1;
			expErr = CSSM_OK;
			expEvidenceSize = numCerts;
			expResStr = "Good (root in certGroup AND in anchors)";
			break;

		case ER_AnchorVerify:	
			/* non-root end of chain verified by an anchor */
			/* break chain at random place other than start and end-2 */
			die = genRand(1, numCerts-3);
			cgEnd = die;				// certGroupFrag up to break point
			anchorStart = 0;			// anchors = all
			anchorEnd = numCerts - 1;
			expErr = CSSM_OK;
			/* size = # certs in certGroupFrag, plus one anchor */ 
			expEvidenceSize = die + 2;
			expResStr = "Good (root ONLY in anchors)";
			break;
			
		case ER_NoRoot:			
			/* no root, no anchor verify */
			/* break chain at random place other than start and end-1 */
			die = genRand(1, numCerts-2);
			cgEnd = die;				// certGroupFrag up to break point
			/* and skip one cert */
			anchorStart = die + 2;		// anchors = n+1...numCerts-2
										// may be empty if n == numCerts-2
			anchorEnd = numCerts - 1;
			expErr = CSSMERR_TP_NOT_TRUSTED;
			expEvidenceSize = die + 1;
			expResStr = "Not Trusted (no root, no anchor verify)";
			break;
 	}
 	
 	if(verbose) {
 		printf("   ...expectResult = %s\n", expResStr);
 	}
 	
 	/* cook up two cert groups */
 	if(verbose) {
 		printf("   ...building certGroupFrag from certs[0..%d]\n",
 			cgEnd);
 	}
  	if(tpMakeRandCertGroup(clHand,
	 		dbListPtr,
	 		certs,				// certGroupFrag always starts at 0
	 		cgEnd+1,			// # of certs
	 		&certGroupFrag,
	 		CSSM_TRUE,			// firstCertIsSubject
	 		verbose,
	 		CSSM_FALSE,			// allInDbs
	 		CSSM_FALSE)) {		// skipFirstDb
	 	printf("\nError in tpMakeRandCertGroup\n");
	 	return 1;		
	}
	
	if(anchorStart > anchorEnd) {
		/* legal for ER_NoRoot */
		if((expectResult != ER_NoRoot) || (anchorStart != numCerts)) {
			printf("Try again, pal.\n");
			exit(1);
		}
	}
 	if(verbose) {
 		printf("   ...building anchorCerts from certs[%d..%d]\n",
 			anchorStart, anchorEnd);
 	}
 	if(anchorEnd > (numCerts - 1)) {
 		printf("anchorEnd overflow\n");
 		exit(1);
 	} 
 	/* anchors do not go in DB */
  	if(tpMakeRandCertGroup(clHand,
	 		NULL,
	 		certs + anchorStart,
	 		anchorEnd - anchorStart + 1,			// # of certs
	 		&anchorCerts,
	 		CSSM_FALSE,			// firstCertIsSubject
	 		verbose,
	 		CSSM_FALSE,			// allInDbs
	 		CSSM_FALSE)) {		// skipFirstDb
	 	printf("\nError in tpMakeRandCertGroup\n");
	 	return 1;		
	}
	
	crtn = tpCertGroupVerify(
		tpHand,
		clHand,
		cspHand,
		dbListPtr,
		&CSSMOID_APPLE_X509_BASIC, 	// Policy
		NULL,						// fieldOpts
		NULL,						// actionData
		NULL,						// policyOpts
		&certGroupFrag,
		anchorCerts.GroupList.CertList,	// passed as CSSM_DATA_PTR, not CERTGROUP....
		anchorCerts.NumCerts, 
		CSSM_TP_STOP_ON_POLICY,
		NULL,					// cssmTimeStr
		&vfyResult);
		
	/* first verify format of result */
	if( (vfyResult.NumberOfEvidences != 3) ||
	    (vfyResult.Evidence == NULL) ||
		(vfyResult.Evidence[0].EvidenceForm != CSSM_EVIDENCE_FORM_APPLE_HEADER) ||
		(vfyResult.Evidence[1].EvidenceForm != CSSM_EVIDENCE_FORM_APPLE_CERTGROUP) ||
		(vfyResult.Evidence[2].EvidenceForm != CSSM_EVIDENCE_FORM_APPLE_CERT_INFO) ||
		(vfyResult.Evidence[0].Evidence == NULL) ||
		(vfyResult.Evidence[1].Evidence == NULL) ||
		(vfyResult.Evidence[2].Evidence == NULL)) {
		printf("***Malformed VerifyContextResult\n");
		return 1;
	}
	if((vfyResult.Evidence != NULL) && (vfyResult.Evidence[1].Evidence != NULL)) {
		outGrp = (CSSM_CERTGROUP_PTR)vfyResult.Evidence[1].Evidence;
		evidenceSize = outGrp->NumCerts;
	}
	else {
		/* in case no evidence returned */
		evidenceSize = 0;
	}

	/* %%% since non-root anchors are permitted as of <rdar://5685316>,
	 * the test assumptions have become invalid: these tests generate
	 * an anchors list which always includes the full chain, so by
	 * definition, the evidence chain will never be longer than 2,
	 * since the leaf's issuer is always an anchor.
	 * %%% need to revisit and rewrite these tests. -kcm
	 */
	if ((evidenceSize > 1) && (evidenceSize < expEvidenceSize) &&
		(crtn == CSSM_OK || crtn == CSSMERR_TP_CERTIFICATE_CANT_OPERATE)) {
		/* ignore, for now */
		expErr = crtn;
		expEvidenceSize = evidenceSize;
	}
	
	if((crtn != expErr) || 
	   (evidenceSize != expEvidenceSize)) {
		printf("\n***cgVerify: Error on tpCertGroupVerify expectResult %s\n", 
			expResStr);
		printf("   err  %s   expErr  %s\n", 
			cssmErrToStr(crtn), cssmErrToStr(expErr));
		printf("   evidenceSize  %d   expEvidenceSize  %u\n", 
			evidenceSize, (unsigned)expEvidenceSize);
		printf("   numCerts %d  cgEnd %d  anchorStart %d  anchorEnd %d\n",
			numCerts, cgEnd, anchorStart, anchorEnd);
		rtn = testError();
	}
	else {
		rtn = 0;
	}

	/* free resources */
	tpFreeCertGroup(&certGroupFrag, 
		CSSM_FALSE,			// caller malloc'd the actual certs 
		CSSM_FALSE);		// struct is on stack
	tpFreeCertGroup(&anchorCerts, 
		CSSM_FALSE,			// caller malloc'd the actual certs 
		CSSM_FALSE);		// struct is on stack
	freeVfyResult(&vfyResult);
	if(useDb) {
		clDeleteAllCerts(dlDb);
	}
	return rtn;
}

/*** end of code directly copied from ../cgVerify/cgVerify.cpp ***/

/*
 * For debug only - ensure that the given array of public keys are all unique 
 * Only saw this when using FEE RNG (i.e., no SecurityServer running).
 */
int comparePubKeys(
	unsigned numKeys,
	const CSSM_KEY *pubKeys)	
{
	unsigned i,j;
	
	for(i=0; i<numKeys-1; i++) {
		for(j=i+1; j<numKeys; j++) {
			if(appCompareCssmData(&pubKeys[i].KeyData, &pubKeys[j].KeyData)) {
				printf("***HEY! DUPLICATE PUBLIC KEYS in cgVerify!\n");
				return testError();
			}
		}
	}
	return 0;
}

 
/*
 * key pairs - created in cgConstructInit, stored in testParams->perThread
 */
typedef struct {
	CSSM_KEY_PTR pubKeys;
	CSSM_KEY_PTR privKeys;
	unsigned numKeys;
	char *notBeforeStr;		// to use thread-safe tpGenCerts()
	char *notAfterStr;		// to use thread-safe tpGenCerts()
}	TT_KeyPairs;


int cgVerifyInit(TestParams *testParams)
{
	unsigned			numKeys = NUM_CERTS_MIN + testParams->threadNum;
	TT_KeyPairs			*keyPairs;
	
	if(testParams->verbose) {
		printf("cgVerify thread %d: generating keys...\n", 
			testParams->threadNum);
	}
	keyPairs = (TT_KeyPairs *)CSSM_MALLOC(sizeof(TT_KeyPairs));
	keyPairs->numKeys = numKeys;
	keyPairs->pubKeys  = (CSSM_KEY_PTR)CSSM_CALLOC(numKeys, sizeof(CSSM_KEY));
	keyPairs->privKeys = (CSSM_KEY_PTR)CSSM_CALLOC(numKeys, sizeof(CSSM_KEY));
	CSSM_DL_DB_HANDLE	dlDbHand = {0, 0};
	if(tpGenKeys(testParams->cspHand,
			dlDbHand,
			numKeys,
			KEYGEN_ALG_DEF, 
			CG_KEY_SIZE_DEFAULT,
			"cgVerify",			// keyLabelBase
			keyPairs->pubKeys,
			keyPairs->privKeys)) {
		goto abort;
	}
	if(comparePubKeys(numKeys, keyPairs->pubKeys)) {
		return 1;
	}
	keyPairs->notBeforeStr = genTimeAtNowPlus(0);
	keyPairs->notAfterStr = genTimeAtNowPlus(SECONDS_TO_LIVE);
	
	testParams->perThread = keyPairs;
	return 0;
	
abort:
	printf("Error generating keys; aborting\n");
	CSSM_FREE(keyPairs->pubKeys);
	CSSM_FREE(keyPairs->privKeys);
	CSSM_FREE(keyPairs);
	return 1;
}

int cgVerify(TestParams *testParams)
{
	unsigned 			loopNum;
	int					status = -1;		// exit status
	unsigned			dex;
	
	TT_KeyPairs			*keyPairs = (TT_KeyPairs *)testParams->perThread;

	/* all three of these are arrays with numCert elements */
	CSSM_KEY_PTR		pubKeys = keyPairs->pubKeys;
	CSSM_KEY_PTR		privKeys = keyPairs->privKeys;
	CSSM_DATA_PTR		certs = NULL;
	
	unsigned			numCerts = keyPairs->numKeys;
	uint32				sigAlg = SIG_ALG_DEF;
	ExpectResult		expectResult;
	#if	CERT_IN_DB
	CSSM_BOOL			useDb = CSSM_TRUE;
	#else
	CSSM_BOOL			useDb = CSSM_FALSE;
	#endif
	CSSM_DL_DB_HANDLE	dlDbHand = {0, 0};
	
	/* malloc empty certs */
	certs = (CSSM_DATA_PTR)CSSM_CALLOC(numCerts, sizeof(CSSM_DATA));
	if(certs == NULL) {
		printf("not enough memory for %u certs.\n", numCerts);
		goto abort;
	}
	memset(certs, 0, numCerts * sizeof(CSSM_DATA));

	for(loopNum=0; loopNum<testParams->numLoops; loopNum++) {
		/* generate certs */
		if(testParams->verbose) {
			printf("generating certs...\n");
		}
		else if(!testParams->quiet) {
			printChar(testParams->progressChar);
		}
		if(tpGenCerts(testParams->cspHand,
				testParams->clHand,
				numCerts,
				sigAlg, 
				"cgConstruct",	// nameBase
				pubKeys,
				privKeys,
				certs,
				keyPairs->notBeforeStr,
				keyPairs->notAfterStr)) {
			goto abort;
		}

		/* cycle thru test scenarios */
		switch(loopNum % 4) {
			case 0:
				expectResult = ER_InvalidAnchor;
				break;
			case 1:
				expectResult = ER_RootInCertGroup;
				break;
			case 2:
				expectResult = ER_AnchorVerify;
				break;
			case 3:
				expectResult = ER_NoRoot;
				break;
		}
		status = doTest(testParams->tpHand,
				testParams->clHand,
				testParams->cspHand,
				dlDbHand,
				certs,
				numCerts,
				useDb,
				expectResult,
				testParams->verbose);
		if(status) {
			break;
		}
		/* free certs */
		for(dex=0; dex<numCerts; dex++) {
			CSSM_FREE(certs[dex].Data);
		}
		memset(certs, 0, numCerts * sizeof(CSSM_DATA));
		#if DO_PAUSE
		fpurge(stdin);
		printf("Hit CR to proceed: ");
		getchar();
		#endif
	}
abort:
	/* free resources */
	for(dex=0; dex<numCerts; dex++) {
		if(certs[dex].Data) {
			CSSM_FREE(certs[dex].Data);
		}
	}
	CSSM_FREE(keyPairs->pubKeys);
	CSSM_FREE(keyPairs->privKeys);
	CSSM_FREE(keyPairs);
	return status;
}
Commit	Line	Data
d8f41ccd A	1	/* cgVerifyThr.cpp - simple version CertGroupVerify test */
	2
	3	#include "testParams.h"
	4	#include <Security/cssm.h>
	5	#include <utilLib/common.h>
	6	#include <utilLib/cspwrap.h>
	7	#include <clAppUtils/clutils.h>
	8	#include <clAppUtils/tpUtils.h>
	9	#include <clAppUtils/timeStr.h>
	10	#include <stdio.h>
	11	#include <stdlib.h>
	12	#include <time.h>
	13	#include <string.h>
	14	#include <Security/oidsalg.h>
	15
	16	/* for memory leak debug only, with only one thread running */
	17	#define DO_PAUSE 0
	18
	19	/* start of code directly copied from ../cgVerify/cgVerify.cpp */
	20	#define NUM_CERTS_MIN 4
	21	#define KEYGEN_ALG_DEF CSSM_ALGID_RSA
	22	#define SIG_ALG_DEF CSSM_ALGID_SHA1WithRSA
	23	#define LOOPS_DEF 10
	24	#define CG_KEY_SIZE_DEFAULT CSP_RSA_KEY_SIZE_DEFAULT
	25	#define SECONDS_TO_LIVE (60 * 60 * 24) /* certs are valid for this long */
	26
	27	#define CERT_IN_DB 0
	28
	29	/*
	30	* How we define the "expected result".
	31	*/
	32	typedef enum {
	33	ER_InvalidAnchor, // root in certGroup, not found in AnchorCerts
	34	ER_RootInCertGroup, // root in certGroup, copy in AnchorCerts
	35	ER_AnchorVerify, // end of chain verified by an anchor
	36	ER_NoRoot // no root, no anchor verify
	37	} ExpectResult;
	38
	39	static int testError()
	40	{
	41	char resp;
	42
	43	printf("Attach via debugger for more info.\n");
	44	printf("a to abort, c to continue: ");
	45	resp = getchar();
	46	return (resp == 'a');
	47	}
	48
	49	static int doTest(
	50	CSSM_TP_HANDLE tpHand,
	51	CSSM_CL_HANDLE clHand,
	52	CSSM_CSP_HANDLE cspHand,
	53	CSSM_DL_DB_HANDLE dlDb,
	54	CSSM_DATA_PTR certs,
	55	unsigned numCerts,
	56	CSSM_BOOL useDb,
	57	ExpectResult expectResult,
	58	CSSM_BOOL verbose)
	59	{
	60	unsigned cgEnd; // last cert in certGroupFrag
	61	unsigned anchorStart; // first cert in anchorGroup
	62	unsigned anchorEnd; // last cert in anchorGroup
	63	CSSM_CERTGROUP certGroupFrag; // INPUT to CertGroupVerify
	64	CSSM_CERTGROUP anchorCerts; // ditto
65	unsigned die; // random number
66	CSSM_DL_DB_LIST dbList;
67	CSSM_DL_DB_LIST_PTR dbListPtr;
68	CSSM_DL_DB_HANDLE_PTR dlDbPtr;
69	CSSM_RETURN expErr; // expected rtn from GroupVfy()
70	int rtn = 0;
71	const char *expResStr;
72	uint32 expEvidenceSize; // expected evidenceSize
73	unsigned evidenceSize; // actual evidence size
74	CSSM_TP_VERIFY_CONTEXT_RESULT vfyResult;
75	CSSM_CERTGROUP_PTR outGrp = NULL;
76	CSSM_RETURN crtn;
77
78	memset(&vfyResult, 0, sizeof(CSSM_TP_VERIFY_CONTEXT_RESULT));
79
80	if(useDb) {
81	dlDbPtr = &dlDb;
82	dbList.NumHandles = 1;
83	dbList.DLDBHandle = &dlDb;
84	dbListPtr = &dbList;
85	}
86	else {
87	/* not yet */
88	dlDbPtr = NULL;
89	dbListPtr = NULL;
90	}
91
92	/* the four test cases */
93	switch(expectResult) {
94	case ER_InvalidAnchor:
95	/* root in certGroup, not found in AnchorCerts */
96	cgEnd = numCerts - 1; // certGroupFrag is the whole pile
97	anchorStart = 0; // anchors = all except root
98	anchorEnd = numCerts - 2;
99	expErr = CSSMERR_TP_INVALID_ANCHOR_CERT;
100	expEvidenceSize = numCerts;
101	expResStr = "InvalidAnchor (root in certGroup but not in anchors)";
102	break;
103
104	case ER_RootInCertGroup:
105	/* root in certGroup, copy in AnchorCerts */
106	cgEnd = numCerts - 1; // certGroupFrag = the whole pile
107	anchorStart = 0; // anchors = the whole pile
108	anchorEnd = numCerts - 1;
109	expErr = CSSM_OK;
110	expEvidenceSize = numCerts;
111	expResStr = "Good (root in certGroup AND in anchors)";
112	break;
113
114	case ER_AnchorVerify:
115	/* non-root end of chain verified by an anchor */
116	/* break chain at random place other than start and end-2 */
117	die = genRand(1, numCerts-3);
118	cgEnd = die; // certGroupFrag up to break point
119	anchorStart = 0; // anchors = all
120	anchorEnd = numCerts - 1;
121	expErr = CSSM_OK;
122	/* size = # certs in certGroupFrag, plus one anchor */
123	expEvidenceSize = die + 2;
124	expResStr = "Good (root ONLY in anchors)";
125	break;
126
127	case ER_NoRoot:
128	/* no root, no anchor verify */
129	/* break chain at random place other than start and end-1 */
130	die = genRand(1, numCerts-2);
131	cgEnd = die; // certGroupFrag up to break point
132	/* and skip one cert */
133	anchorStart = die + 2; // anchors = n+1...numCerts-2
134	// may be empty if n == numCerts-2
135	anchorEnd = numCerts - 1;
136	expErr = CSSMERR_TP_NOT_TRUSTED;
137	expEvidenceSize = die + 1;
138	expResStr = "Not Trusted (no root, no anchor verify)";
139	break;
140	}
141
142	if(verbose) {
143	printf(" ...expectResult = %s\n", expResStr);
144	}
145
146	/* cook up two cert groups */
147	if(verbose) {
148	printf(" ...building certGroupFrag from certs[0..%d]\n",
149	cgEnd);
150	}
151	if(tpMakeRandCertGroup(clHand,
152	dbListPtr,
153	certs, // certGroupFrag always starts at 0
154	cgEnd+1, // # of certs
155	&certGroupFrag,
156	CSSM_TRUE, // firstCertIsSubject
157	verbose,
158	CSSM_FALSE, // allInDbs
159	CSSM_FALSE)) { // skipFirstDb
160	printf("\nError in tpMakeRandCertGroup\n");
161	return 1;
162	}
163
164	if(anchorStart > anchorEnd) {
165	/* legal for ER_NoRoot */
166	if((expectResult != ER_NoRoot) \|\| (anchorStart != numCerts)) {
167	printf("Try again, pal.\n");
168	exit(1);
169	}
170	}
171	if(verbose) {
172	printf(" ...building anchorCerts from certs[%d..%d]\n",
173	anchorStart, anchorEnd);
174	}
175	if(anchorEnd > (numCerts - 1)) {
176	printf("anchorEnd overflow\n");
177	exit(1);
178	}
179	/* anchors do not go in DB */
180	if(tpMakeRandCertGroup(clHand,
181	NULL,
182	certs + anchorStart,
183	anchorEnd - anchorStart + 1, // # of certs
184	&anchorCerts,
185	CSSM_FALSE, // firstCertIsSubject
186	verbose,
187	CSSM_FALSE, // allInDbs
188	CSSM_FALSE)) { // skipFirstDb
189	printf("\nError in tpMakeRandCertGroup\n");
190	return 1;
191	}
192
193	crtn = tpCertGroupVerify(
194	tpHand,
195	clHand,
196	cspHand,
197	dbListPtr,
198	&CSSMOID_APPLE_X509_BASIC, // Policy
199	NULL, // fieldOpts
200	NULL, // actionData
201	NULL, // policyOpts
202	&certGroupFrag,
203	anchorCerts.GroupList.CertList, // passed as CSSM_DATA_PTR, not CERTGROUP....
204	anchorCerts.NumCerts,
205	CSSM_TP_STOP_ON_POLICY,
206	NULL, // cssmTimeStr
207	&vfyResult);
208
209	/* first verify format of result */
210	if( (vfyResult.NumberOfEvidences != 3) \|\|
211	(vfyResult.Evidence == NULL) \|\|
212	(vfyResult.Evidence[0].EvidenceForm != CSSM_EVIDENCE_FORM_APPLE_HEADER) \|\|
213	(vfyResult.Evidence[1].EvidenceForm != CSSM_EVIDENCE_FORM_APPLE_CERTGROUP) \|\|
214	(vfyResult.Evidence[2].EvidenceForm != CSSM_EVIDENCE_FORM_APPLE_CERT_INFO) \|\|
215	(vfyResult.Evidence[0].Evidence == NULL) \|\|
216	(vfyResult.Evidence[1].Evidence == NULL) \|\|
217	(vfyResult.Evidence[2].Evidence == NULL)) {
218	printf("***Malformed VerifyContextResult\n");
219	return 1;
220	}
221	if((vfyResult.Evidence != NULL) && (vfyResult.Evidence[1].Evidence != NULL)) {
222	outGrp = (CSSM_CERTGROUP_PTR)vfyResult.Evidence[1].Evidence;
223	evidenceSize = outGrp->NumCerts;
224	}
225	else {
226	/* in case no evidence returned */
227	evidenceSize = 0;
228	}
229
230	/* %%% since non-root anchors are permitted as of <rdar://5685316>,
231	* the test assumptions have become invalid: these tests generate
232	* an anchors list which always includes the full chain, so by
233	* definition, the evidence chain will never be longer than 2,
234	* since the leaf's issuer is always an anchor.
235	* %%% need to revisit and rewrite these tests. -kcm
236	*/
237	if ((evidenceSize > 1) && (evidenceSize < expEvidenceSize) &&
238	(crtn == CSSM_OK \|\| crtn == CSSMERR_TP_CERTIFICATE_CANT_OPERATE)) {
239	/* ignore, for now */
240	expErr = crtn;
241	expEvidenceSize = evidenceSize;
242	}
243
244	if((crtn != expErr) \|\|
245	(evidenceSize != expEvidenceSize)) {
246	printf("\n***cgVerify: Error on tpCertGroupVerify expectResult %s\n",
247	expResStr);
248	printf(" err %s expErr %s\n",
249	cssmErrToStr(crtn), cssmErrToStr(expErr));
250	printf(" evidenceSize %d expEvidenceSize %u\n",
251	evidenceSize, (unsigned)expEvidenceSize);
252	printf(" numCerts %d cgEnd %d anchorStart %d anchorEnd %d\n",
253	numCerts, cgEnd, anchorStart, anchorEnd);
254	rtn = testError();
255	}
256	else {
257	rtn = 0;
258	}
259
260	/* free resources */
261	tpFreeCertGroup(&certGroupFrag,
262	CSSM_FALSE, // caller malloc'd the actual certs
263	CSSM_FALSE); // struct is on stack
264	tpFreeCertGroup(&anchorCerts,
265	CSSM_FALSE, // caller malloc'd the actual certs
266	CSSM_FALSE); // struct is on stack
267	freeVfyResult(&vfyResult);
268	if(useDb) {
269	clDeleteAllCerts(dlDb);
270	}
271	return rtn;
272	}
273
274	/* end of code directly copied from ../cgVerify/cgVerify.cpp */
275
276	/*
277	* For debug only - ensure that the given array of public keys are all unique
278	* Only saw this when using FEE RNG (i.e., no SecurityServer running).
279	*/
280	int comparePubKeys(
281	unsigned numKeys,
282	const CSSM_KEY *pubKeys)
283	{
284	unsigned i,j;
285
286	for(i=0; i<numKeys-1; i++) {
287	for(j=i+1; j<numKeys; j++) {
288	if(appCompareCssmData(&pubKeys[i].KeyData, &pubKeys[j].KeyData)) {
289	printf("***HEY! DUPLICATE PUBLIC KEYS in cgVerify!\n");
290	return testError();
291	}
292	}
293	}
294	return 0;
295	}
296
297
298	/*
299	* key pairs - created in cgConstructInit, stored in testParams->perThread
300	*/
301	typedef struct {
302	CSSM_KEY_PTR pubKeys;
303	CSSM_KEY_PTR privKeys;
304	unsigned numKeys;
305	char *notBeforeStr; // to use thread-safe tpGenCerts()
306	char *notAfterStr; // to use thread-safe tpGenCerts()
307	} TT_KeyPairs;
308
309
310	int cgVerifyInit(TestParams *testParams)
311	{
312	unsigned numKeys = NUM_CERTS_MIN + testParams->threadNum;
313	TT_KeyPairs *keyPairs;
314
315	if(testParams->verbose) {
316	printf("cgVerify thread %d: generating keys...\n",
317	testParams->threadNum);
318	}
319	keyPairs = (TT_KeyPairs *)CSSM_MALLOC(sizeof(TT_KeyPairs));
320	keyPairs->numKeys = numKeys;
321	keyPairs->pubKeys = (CSSM_KEY_PTR)CSSM_CALLOC(numKeys, sizeof(CSSM_KEY));
322	keyPairs->privKeys = (CSSM_KEY_PTR)CSSM_CALLOC(numKeys, sizeof(CSSM_KEY));
323	CSSM_DL_DB_HANDLE dlDbHand = {0, 0};
324	if(tpGenKeys(testParams->cspHand,
325	dlDbHand,
326	numKeys,
327	KEYGEN_ALG_DEF,
328	CG_KEY_SIZE_DEFAULT,
329	"cgVerify", // keyLabelBase
330	keyPairs->pubKeys,
331	keyPairs->privKeys)) {
332	goto abort;
333	}
334	if(comparePubKeys(numKeys, keyPairs->pubKeys)) {
335	return 1;
336	}
337	keyPairs->notBeforeStr = genTimeAtNowPlus(0);
338	keyPairs->notAfterStr = genTimeAtNowPlus(SECONDS_TO_LIVE);
339
340	testParams->perThread = keyPairs;
341	return 0;
342
343	abort:
344	printf("Error generating keys; aborting\n");
345	CSSM_FREE(keyPairs->pubKeys);
346	CSSM_FREE(keyPairs->privKeys);
347	CSSM_FREE(keyPairs);
348	return 1;
349	}
350
351	int cgVerify(TestParams *testParams)
352	{
353	unsigned loopNum;
354	int status = -1; // exit status
355	unsigned dex;
356
357	TT_KeyPairs keyPairs = (TT_KeyPairs )testParams->perThread;
358
359	/* all three of these are arrays with numCert elements */
360	CSSM_KEY_PTR pubKeys = keyPairs->pubKeys;
361	CSSM_KEY_PTR privKeys = keyPairs->privKeys;
362	CSSM_DATA_PTR certs = NULL;
363
364	unsigned numCerts = keyPairs->numKeys;
365	uint32 sigAlg = SIG_ALG_DEF;
366	ExpectResult expectResult;
367	#if CERT_IN_DB
368	CSSM_BOOL useDb = CSSM_TRUE;
369	#else
370	CSSM_BOOL useDb = CSSM_FALSE;
371	#endif
372	CSSM_DL_DB_HANDLE dlDbHand = {0, 0};
373
374	/* malloc empty certs */
375	certs = (CSSM_DATA_PTR)CSSM_CALLOC(numCerts, sizeof(CSSM_DATA));
376	if(certs == NULL) {
377	printf("not enough memory for %u certs.\n", numCerts);
378	goto abort;
379	}
380	memset(certs, 0, numCerts * sizeof(CSSM_DATA));
381
382	for(loopNum=0; loopNum<testParams->numLoops; loopNum++) {
383	/* generate certs */
384	if(testParams->verbose) {
385	printf("generating certs...\n");
386	}
387	else if(!testParams->quiet) {
388	printChar(testParams->progressChar);
389	}
390	if(tpGenCerts(testParams->cspHand,
391	testParams->clHand,
392	numCerts,
393	sigAlg,
394	"cgConstruct", // nameBase
395	pubKeys,
396	privKeys,
397	certs,
398	keyPairs->notBeforeStr,
399	keyPairs->notAfterStr)) {
400	goto abort;
401	}
402
403	/* cycle thru test scenarios */
404	switch(loopNum % 4) {
405	case 0:
406	expectResult = ER_InvalidAnchor;
407	break;
408	case 1:
409	expectResult = ER_RootInCertGroup;
410	break;
411	case 2:
412	expectResult = ER_AnchorVerify;
413	break;
414	case 3:
415	expectResult = ER_NoRoot;
416	break;
417	}
418	status = doTest(testParams->tpHand,
419	testParams->clHand,
420	testParams->cspHand,
421	dlDbHand,
422	certs,
423	numCerts,
424	useDb,
425	expectResult,
426	testParams->verbose);
427	if(status) {
428	break;
429	}
430	/* free certs */
431	for(dex=0; dex<numCerts; dex++) {
432	CSSM_FREE(certs[dex].Data);
433	}
434	memset(certs, 0, numCerts * sizeof(CSSM_DATA));
435	#if DO_PAUSE
436	fpurge(stdin);
437	printf("Hit CR to proceed: ");
438	getchar();
439	#endif
440	}
441	abort:
442	/* free resources */
443	for(dex=0; dex<numCerts; dex++) {
444	if(certs[dex].Data) {
445	CSSM_FREE(certs[dex].Data);
446	}
447	}
448	CSSM_FREE(keyPairs->pubKeys);
449	CSSM_FREE(keyPairs->privKeys);
450	CSSM_FREE(keyPairs);
451	return status;
452	}
453