[apple/security.git] / OSX / sec / Security / Regressions / secitem / si-41-sececkey.c

/*
 * Copyright (c) 2011-2014 Apple Inc. All Rights Reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */


/*
 *  si-40-seckey.c
 *  Security
 *
 *  Copyright (c) 2007-2009,2012-2014 Apple Inc. All Rights Reserved.
 *
 */

#include <CoreFoundation/CoreFoundation.h>
#include <Security/SecCertificate.h>
#include <Security/SecCertificateInternal.h>
#include <Security/SecKey.h>
#include <Security/SecECKey.h>
#include <Security/SecKeyPriv.h>
#include <Security/SecItem.h>
#include <Security/SecAsn1Types.h>
#include <Security/oidsalg.h>
#include <Security/SecureTransport.h>
#include <Security/SecRandom.h>
#include <utilities/array_size.h>
#include <utilities/SecCFRelease.h>
#include <utilities/SecCFWrappers.h>
#include <CommonCrypto/CommonDigest.h>
#include <libDER/libDER.h>
#include <stdlib.h>
#include <unistd.h>

#include "Security_regressions.h"

static void testdigestandsignalg(SecKeyRef privKey, SecKeyRef pubKey, const SecAsn1AlgId *algId) {
    uint8_t dataToDigest[256] = {0,};
    size_t dataToDigestLen = sizeof(dataToDigest);
    size_t sigLen = SecKeyGetSize(privKey, kSecKeySignatureSize);
    uint8_t sig[sigLen];

    DERItem oid;
    oid.length = algId->algorithm.Length;
    oid.data = algId->algorithm.Data;

    /* Get the oid in decimal for display purposes. */
    CFStringRef oidStr = SecDERItemCopyOIDDecimalRepresentation(kCFAllocatorDefault, &oid);
	char oidBuf[40];
    CFStringGetCString(oidStr, oidBuf, sizeof(oidBuf), kCFStringEncodingUTF8);
    CFRelease(oidStr);

SKIP: {
    OSStatus status;

    /* Time to sign. */
    ok_status(status = SecKeyDigestAndSign(privKey, algId, dataToDigest, dataToDigestLen,
                                           sig, &sigLen),
              "digest and sign %s with %ld bit RSA key", oidBuf, sigLen * 8);

    skip("SecKeyDigestAndSign failed", 3, status == errSecSuccess);

    /* Verify the signature we just made. */
    ok_status(SecKeyDigestAndVerify(pubKey, algId, dataToDigest, dataToDigestLen,
                                    sig, sigLen), "digest and verify");
    /* Invalidate the signature. */
    sig[0] ^= 0xff;
    is_status(SecKeyDigestAndVerify(pubKey, algId, dataToDigest, dataToDigestLen,
                                    sig, sigLen), errSSLCrypto, "digest and verify bad sig");
    sig[0] ^= 0xff;
    dataToDigest[0] ^= 0xff;
    is_status(SecKeyDigestAndVerify(pubKey, algId, dataToDigest, dataToDigestLen,
                                    sig, sigLen), errSSLCrypto, "digest and verify bad digest");
}
}

static void testdigestandsign(SecKeyRef privKey, SecKeyRef pubKey) {
    static const SecAsn1Oid *oids[] = {
        &CSSMOID_ECDSA_WithSHA1,
#if 0
        &CSSMOID_ECDSA_WithSHA224,
        &CSSMOID_ECDSA_WithSHA256,
        &CSSMOID_ECDSA_WithSHA384,
        &CSSMOID_ECDSA_WithSHA512,
#endif
    };

    uint32_t ix;
    SecAsn1AlgId algId = {};
    for (ix = 0; ix < array_size(oids); ++ix) {
        if (oids[ix]) {
            algId.algorithm = *oids[ix];
        } else {
            algId.algorithm.Length = 0;
            algId.algorithm.Data = NULL;
        }

        testdigestandsignalg(privKey, pubKey, &algId);
    }
}

static void testkeygen(size_t keySizeInBits) {
	SecKeyRef pubKey = NULL, privKey = NULL;
	size_t keySizeInBytes = (keySizeInBits + 7) / 8;
	CFNumberRef kzib;
    int32_t keysz32 = (int32_t)keySizeInBits;

	kzib = CFNumberCreate(NULL, kCFNumberSInt32Type, &keysz32);
	CFMutableDictionaryRef kgp = CFDictionaryCreateMutable(NULL, 0, NULL, NULL);
	CFDictionaryAddValue(kgp, kSecAttrKeyType, kSecAttrKeyTypeEC);
	CFDictionaryAddValue(kgp, kSecAttrKeySizeInBits, kzib);

	OSStatus status;
	ok_status(status = SecKeyGeneratePair(kgp, &pubKey, &privKey),
              "Generate %ld bit (%ld byte) EC keypair", keySizeInBits,
              keySizeInBytes);
	CFRelease(kzib);
	CFRelease(kgp);

SKIP: {
    skip("keygen failed", 8, status == errSecSuccess);
    ok(pubKey, "pubkey returned");
    ok(privKey, "privKey returned");
    is(SecKeyGetSize(pubKey, kSecKeyKeySizeInBits), (size_t) keySizeInBits, "public key size is ok");
    is(SecKeyGetSize(privKey, kSecKeyKeySizeInBits), (size_t) keySizeInBits, "private key size is ok");

    /* Sign something. */
    uint8_t something[20] = {0x80, 0xbe, 0xef, 0xba, 0xd0, };
    uint8_t sig[8+2*keySizeInBytes];
    size_t sigLen = sizeof(sig);
    ok_status(SecKeyRawSign(privKey, kSecPaddingNone,
                            something, sizeof(something), sig, &sigLen), "sign something");
    ok_status(SecKeyRawVerify(pubKey, kSecPaddingNone,
                              something, sizeof(something), sig, sigLen), "verify sig on something");

    testdigestandsign(privKey, pubKey);

    const void *privkeys[] = {
        kSecValueRef
    };
    const void *privvalues[] = {
        privKey
    };
    CFDictionaryRef privitem = CFDictionaryCreate(NULL, privkeys, privvalues,
                                                  array_size(privkeys), NULL, NULL);
    ok_status(SecItemAdd(privitem, NULL), "add private key");
    ok_status(SecItemDelete(privitem), "delete public key");
    CFReleaseNull(privitem);

    const void *pubkeys[] = {
        kSecValueRef
    };
    const void *pubvalues[] = {
        pubKey
    };
    CFDictionaryRef pubitem = CFDictionaryCreate(NULL, pubkeys, pubvalues,
                                                 array_size(pubkeys), NULL, NULL);
    ok_status(SecItemAdd(pubitem, NULL), "add public key");
    ok_status(SecItemDelete(pubitem), "delete public key");
    CFReleaseNull(pubitem);

    /* Cleanup. */
    CFReleaseNull(pubKey);
    CFReleaseNull(privKey);
}
}


static void testkeygen2(size_t keySizeInBits) {
	SecKeyRef pubKey = NULL, privKey = NULL;
	size_t keySizeInBytes = (keySizeInBits + 7) / 8;
	CFNumberRef kzib;
    int32_t keysz32 = (int32_t)keySizeInBits;

    CFUUIDRef ourUUID = CFUUIDCreate(kCFAllocatorDefault);
    CFStringRef uuidString = CFUUIDCreateString(kCFAllocatorDefault, ourUUID);
    CFMutableStringRef publicName = CFStringCreateMutableCopy(kCFAllocatorDefault, 0, uuidString);
    CFMutableStringRef privateName = CFStringCreateMutableCopy(kCFAllocatorDefault, 0, uuidString);

    CFReleaseNull(ourUUID);
    CFReleaseNull(uuidString);

    CFStringAppend(publicName, CFSTR("-Public-41"));
    CFStringAppend(privateName, CFSTR("-Private-41"));

    CFMutableDictionaryRef pubd = CFDictionaryCreateMutableForCFTypesWith(kCFAllocatorDefault,
                                                                          kSecAttrLabel, publicName,
                                                                          NULL);
    CFMutableDictionaryRef privd = CFDictionaryCreateMutableForCFTypesWith(kCFAllocatorDefault,
                                                                           kSecAttrLabel, privateName,
                                                                           NULL);

	kzib = CFNumberCreate(NULL, kCFNumberSInt32Type, &keysz32);
    CFDictionaryRef kgp = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
                                                       kSecAttrKeyType, kSecAttrKeyTypeEC,
                                                       kSecAttrKeySizeInBits, kzib,
                                                       kSecAttrIsPermanent, kCFBooleanTrue,
                                                       kSecPublicKeyAttrs, pubd,
                                                       kSecPrivateKeyAttrs, privd,
                                                       NULL);

    CFReleaseNull(kzib);

	OSStatus status;
	ok_status(status = SecKeyGeneratePair(kgp, &pubKey, &privKey),
              "Generate %ld bit (%ld byte) persistent RSA keypair",
              keySizeInBits, keySizeInBytes);

    CFReleaseNull(kgp);

SKIP: {
    skip("keygen failed", 8, status == errSecSuccess);
    ok(pubKey, "pubkey returned");
    ok(privKey, "privKey returned");
    is(SecKeyGetSize(pubKey, kSecKeyKeySizeInBits), (size_t) keySizeInBits, "public key size is ok");
    is(SecKeyGetSize(privKey, kSecKeyKeySizeInBits), (size_t) keySizeInBits, "private key size is ok");

    SecKeyRef pubKey2, privKey2;
    CFDictionaryAddValue(pubd, kSecClass, kSecClassKey);
    CFDictionaryAddValue(pubd, kSecReturnRef, kCFBooleanTrue);
    CFDictionaryAddValue(privd, kSecClass, kSecClassKey);
    CFDictionaryAddValue(privd, kSecReturnRef, kCFBooleanTrue);
    CFDictionaryAddValue(privd, kSecAttrCanSign, kCFBooleanTrue);
    ok_status(SecItemCopyMatching(pubd, (CFTypeRef *)&pubKey2),
              "retrieve pub key by label");
    ok(pubKey2, "got valid object");
    ok_status(SecItemCopyMatching(privd, (CFTypeRef *)&privKey2),
              "retrieve priv key by label and kSecAttrCanSign");
    ok(privKey2, "got valid object");

    /* Sign something. */
    uint8_t something[20] = {0x80, 0xbe, 0xef, 0xba, 0xd0, };
    size_t sigLen = SecKeyGetSize(privKey2, kSecKeySignatureSize);
    uint8_t sig[sigLen];
    ok_status(SecKeyRawSign(privKey2, kSecPaddingPKCS1,
                            something, sizeof(something), sig, &sigLen), "sign something");
    ok_status(SecKeyRawVerify(pubKey2, kSecPaddingPKCS1,
                              something, sizeof(something), sig, sigLen), "verify sig on something");

    /* Cleanup. */
    CFReleaseNull(pubKey2);
    CFReleaseNull(privKey2);
}

    /* delete from keychain - note: do it before releasing publicName and privateName
       because pubd and privd have no retain/release callbacks */
    ok_status(SecItemDelete(pubd), "delete generated pub key");
    ok_status(SecItemDelete(privd), "delete generated priv key");

	/* Cleanup. */
	CFReleaseNull(pubKey);
	CFReleaseNull(privKey);

    CFReleaseNull(publicName);
    CFReleaseNull(privateName);

	CFReleaseNull(pubd);
	CFReleaseNull(privd);
}

static void testkeywrap(unsigned long keySizeInBits, CFTypeRef alg)
{
    SecKeyRef pubKey = NULL, privKey = NULL;
    size_t keySizeInBytes = (keySizeInBits + 7) / 8;
    CFNumberRef kzib;
    int32_t keysz32 = (int32_t)keySizeInBits;

    CFUUIDRef ourUUID = CFUUIDCreate(kCFAllocatorDefault);
    CFStringRef uuidString = CFUUIDCreateString(kCFAllocatorDefault, ourUUID);
    CFMutableStringRef publicName = CFStringCreateMutableCopy(kCFAllocatorDefault, 0, uuidString);
    CFMutableStringRef privateName = CFStringCreateMutableCopy(kCFAllocatorDefault, 0, uuidString);

    CFReleaseNull(ourUUID);
    CFReleaseNull(uuidString);

    CFStringAppend(publicName, CFSTR("-Public-41"));
    CFStringAppend(privateName, CFSTR("-Private-41"));

    CFDictionaryRef pubd = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
                                                        kSecAttrLabel, publicName,
                                                        NULL);
    CFDictionaryRef privd = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
                                                         kSecAttrLabel, privateName,
                                                         NULL);

    CFReleaseNull(publicName);
    CFReleaseNull(privateName);

    kzib = CFNumberCreate(NULL, kCFNumberSInt32Type, &keysz32);
    CFDictionaryRef kgp = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
                                                       kSecAttrKeyType, kSecAttrKeyTypeEC,
                                                       kSecAttrKeySizeInBits, kzib,
                                                       kSecAttrIsPermanent, kCFBooleanFalse,
                                                       kSecPublicKeyAttrs, pubd,
                                                       kSecPrivateKeyAttrs, privd,
                                                       NULL);
    CFReleaseNull(pubd);
    CFReleaseNull(privd);
    CFReleaseNull(kzib);

    OSStatus status;
    ok_status(status = SecKeyGeneratePair(kgp, &pubKey, &privKey),
              "Generate %ld bit (%ld byte) persistent RSA keypair (status = %d)",
              keySizeInBits, keySizeInBytes, (int)status);
    CFReleaseNull(kgp);

    CFErrorRef localError = NULL;

    CFDataRef secret = CFDataCreate(NULL, (void *)"0123456789012345", 16);
    ok(secret, "secret");

    CFDataRef fp = CFDataCreate(NULL, (void *)"01234567890123456789", 20);
    ok(fp, "fingerprint");


    int8_t sym_alg_data = 8;
    CFNumberRef symalg = CFNumberCreate(NULL, kCFNumberSInt8Type, &sym_alg_data);
    CFDictionaryRef param = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
                                                         _kSecKeyWrapPGPWrapAlg, alg,
                                                         _kSecKeyWrapPGPSymAlg, symalg,
                                                         _kSecKeyWrapPGPFingerprint, fp,
                                                         NULL);

    CFDataRef wrapped = _SecKeyCopyWrapKey(pubKey, kSecKeyWrapPublicKeyPGP, secret, param, NULL, &localError);
    ok(wrapped, "wrap key: %@", localError);

    CFDataRef unwrapped = _SecKeyCopyUnwrapKey(privKey, kSecKeyWrapPublicKeyPGP, wrapped, param, NULL, &localError);
    ok(unwrapped, "unwrap key: %@", localError);

    CFReleaseNull(symalg);

    ok(CFEqual(unwrapped, secret), "keys still same");

    CFReleaseNull(fp);
    CFReleaseNull(secret);
    CFReleaseNull(unwrapped);
    CFReleaseNull(wrapped);
    CFReleaseNull(param);
    CFReleaseNull(privKey);
    CFReleaseNull(pubKey);
}

const uint8_t EC_P256_KeyDER[]={
    0x30, 0x6b, 0x02, 0x01, 0x01, 0x04, 0x20, 0x86, 0x87, 0x79, 0x59, 0xd1,
    0xc6, 0x3c, 0x50, 0x24, 0x30, 0xa4, 0xaf, 0x89, 0x1d, 0xd1, 0x94, 0x23,
    0x56, 0x79, 0x46, 0x93, 0x72, 0x31, 0x39, 0x24, 0xe6, 0x01, 0x96, 0xc8,
    0xeb, 0xf3, 0x88, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x8c, 0xfa, 0xd7,
    0x8a, 0xf1, 0xb9, 0xad, 0xd7, 0x3a, 0x33, 0xb5, 0x9a, 0xad, 0x52, 0x0d,
    0x14, 0xd6, 0x6b, 0x35, 0x56, 0x79, 0xd6, 0x74, 0x2a, 0x37, 0x7e, 0x2f,
    0x33, 0xa6, 0xab, 0xee, 0x35, 0x00, 0x70, 0x82, 0x89, 0x9c, 0xfc, 0x97,
    0xc4, 0x89, 0x5c, 0x16, 0x50, 0xad, 0x60, 0x55, 0xa6, 0x70, 0xee, 0x07,
    0x1b, 0xfe, 0xe4, 0xf0, 0xa0, 0x63, 0xc0, 0x73, 0x24, 0x97, 0x92, 0x04,
    0xc7};

const uint8_t EC_P256_SigDER[]={
    0x30, 0x45, 0x02, 0x20, 0x4b, 0x37, 0x7f, 0x45, 0xd0, 0x5d, 0xa6, 0x53,
    0xb3, 0x62, 0x6f, 0x32, 0xdb, 0xfc, 0xf6, 0x3b, 0x84, 0xfa, 0x5a, 0xd9,
    0x17, 0x67, 0x03, 0x73, 0x48, 0x0c, 0xad, 0x89, 0x13, 0x69, 0x61, 0xb3,
    0x02, 0x21, 0x00, 0xd6, 0x23, 0xaf, 0xd9, 0x7d, 0x72, 0xba, 0x3b, 0x90,
    0xc1, 0x23, 0x7d, 0xdb, 0x2c, 0xd1, 0x0d, 0xbb, 0xb4, 0x0f, 0x67, 0x26,
    0xff, 0x3f, 0xa6, 0x47, 0xa4, 0x13, 0x0d, 0xe0, 0x45, 0xd5, 0x6b};

const uint8_t EC_P256_SigRaw[]= {
    0x4b, 0x37, 0x7f, 0x45, 0xd0, 0x5d, 0xa6, 0x53, 0xb3, 0x62, 0x6f, 0x32,
    0xdb, 0xfc, 0xf6, 0x3b, 0x84, 0xfa, 0x5a, 0xd9, 0x17, 0x67, 0x03, 0x73,
    0x48, 0x0c, 0xad, 0x89, 0x13, 0x69, 0x61, 0xb3, 0xd6, 0x23, 0xaf, 0xd9,
    0x7d, 0x72, 0xba, 0x3b, 0x90, 0xc1, 0x23, 0x7d, 0xdb, 0x2c, 0xd1, 0x0d,
    0xbb, 0xb4, 0x0f, 0x67, 0x26, 0xff, 0x3f, 0xa6, 0x47, 0xa4, 0x13, 0x0d,
    0xe0, 0x45, 0xd5, 0x6b};

const uint8_t EC_SigDigest[24] = "012345678912345678901234";

static void testsignformat(void)
{
    SecKeyRef pkey = NULL;
    SecKeyRef pubkey = NULL;
    CFDataRef pubdata = NULL;
    uint8_t EC_signature_DER[72];
    uint8_t EC_signature_RAW[64];
    size_t EC_signature_DER_size=sizeof(EC_signature_DER);
    size_t EC_signature_RAW_size=sizeof(EC_signature_RAW);

    ok((pkey = SecKeyCreateECPrivateKey(kCFAllocatorDefault,
                                       EC_P256_KeyDER, sizeof(EC_P256_KeyDER),
                                       kSecKeyEncodingPkcs1)) != NULL, "import privkey");

    ok_status(SecKeyCopyPublicBytes(pkey, &pubdata), "pub key from priv key");

    ok((pubkey = SecKeyCreateECPublicKey(kCFAllocatorDefault,
                                        CFDataGetBytePtr(pubdata), CFDataGetLength(pubdata),
                                        kSecKeyEncodingBytes))!=NULL,
       "recreate seckey");

    // Verify fixed signature
    ok_status(SecKeyRawVerify(pubkey, kSecPaddingPKCS1,
                              EC_SigDigest, sizeof(EC_SigDigest), EC_P256_SigDER, sizeof(EC_P256_SigDER)), "verify DER sig on something");

    ok_status(SecKeyRawVerify(pubkey, kSecPaddingSigRaw,
                              EC_SigDigest, sizeof(EC_SigDigest), EC_P256_SigRaw, sizeof(EC_P256_SigRaw)), "verify RAW sig on something");

    // Verify signature with mismatching format
    ok_status(!SecKeyRawVerify(pubkey, kSecPaddingSigRaw,
                              EC_SigDigest, sizeof(EC_SigDigest), EC_P256_SigDER, sizeof(EC_P256_SigDER)), "verify DER sig with RAW option");

    ok_status(!SecKeyRawVerify(pubkey, kSecPaddingPKCS1,
                              EC_SigDigest, sizeof(EC_SigDigest), EC_P256_SigRaw, sizeof(EC_P256_SigRaw)), "verify RAW sig with DER something");

    // Sign something in each format
    ok_status(SecKeyRawSign(pkey, kSecPaddingPKCS1,
                              EC_SigDigest, sizeof(EC_SigDigest), EC_signature_DER, &EC_signature_DER_size), "sign DER sig on something");

    ok_status(SecKeyRawSign(pkey, kSecPaddingSigRaw,
                              EC_SigDigest, sizeof(EC_SigDigest), EC_signature_RAW, &EC_signature_RAW_size), "sign RAW sig on something");

    // Verify expecting that verification does the right thing.
    ok_status(SecKeyRawVerify(pubkey, kSecPaddingPKCS1,
                              EC_SigDigest, sizeof(EC_SigDigest), EC_signature_DER, EC_signature_DER_size), "verify DER sig on something");

    ok_status(SecKeyRawVerify(pubkey, kSecPaddingSigRaw,
                              EC_SigDigest, sizeof(EC_SigDigest), EC_signature_RAW, EC_signature_RAW_size), "verify RAW sig on something");

    CFReleaseNull(pkey);
    CFReleaseNull(pubkey);
    CFReleaseNull(pubdata);
}

/* Test basic add delete update copy matching stuff. */
static void tests(void)
{
    testsignformat();

	testkeygen(192);
	testkeygen(224);
	testkeygen(256);
	testkeygen(384);
	testkeygen(521);

    testkeygen2(192);
    testkeygen2(224);
	testkeygen2(256);
	testkeygen2(384);
	testkeygen2(521);

    testkeywrap(256, _kSecKeyWrapRFC6637WrapDigestSHA256KekAES128);
    testkeywrap(521, _kSecKeyWrapRFC6637WrapDigestSHA256KekAES128);
    testkeywrap(256, _kSecKeyWrapRFC6637WrapDigestSHA512KekAES256);
    testkeywrap(521, _kSecKeyWrapRFC6637WrapDigestSHA512KekAES256);

}

int si_41_sececkey(int argc, char *const *argv)
{
	plan_tests(175);

	tests();

	return 0;
}
Commit	Line	Data
d8f41ccd A	1	/*
	2	* Copyright (c) 2011-2014 Apple Inc. All Rights Reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
427c49bc A	24
	25	/*
	26	* si-40-seckey.c
	27	* Security
	28	*
d8f41ccd	29	* Copyright (c) 2007-2009,2012-2014 Apple Inc. All Rights Reserved.
427c49bc A	30	*
	31	*/
	32
	33	#include <CoreFoundation/CoreFoundation.h>
	34	#include <Security/SecCertificate.h>
	35	#include <Security/SecCertificateInternal.h>
	36	#include <Security/SecKey.h>
5c19dc3a	37	#include <Security/SecECKey.h>
427c49bc A	38	#include <Security/SecKeyPriv.h>
	39	#include <Security/SecItem.h>
	40	#include <Security/SecAsn1Types.h>
	41	#include <Security/oidsalg.h>
	42	#include <Security/SecureTransport.h>
	43	#include <Security/SecRandom.h>
	44	#include <utilities/array_size.h>
d8f41ccd A	45	#include <utilities/SecCFRelease.h>
d8f41ccd A	46	#include <utilities/SecCFWrappers.h>
427c49bc A	47	#include <CommonCrypto/CommonDigest.h>
	48	#include <libDER/libDER.h>
	49	#include <stdlib.h>
	50	#include <unistd.h>
	51
	52	#include "Security_regressions.h"
	53
427c49bc A	54	static void testdigestandsignalg(SecKeyRef privKey, SecKeyRef pubKey, const SecAsn1AlgId *algId) {
	55	uint8_t dataToDigest[256] = {0,};
	56	size_t dataToDigestLen = sizeof(dataToDigest);
	57	size_t sigLen = SecKeyGetSize(privKey, kSecKeySignatureSize);
	58	uint8_t sig[sigLen];
	59
	60	DERItem oid;
	61	oid.length = algId->algorithm.Length;
	62	oid.data = algId->algorithm.Data;
	63
	64	/* Get the oid in decimal for display purposes. */
	65	CFStringRef oidStr = SecDERItemCopyOIDDecimalRepresentation(kCFAllocatorDefault, &oid);
	66	char oidBuf[40];
	67	CFStringGetCString(oidStr, oidBuf, sizeof(oidBuf), kCFStringEncodingUTF8);
	68	CFRelease(oidStr);
	69
	70	SKIP: {
	71	OSStatus status;
	72
	73	/* Time to sign. */
	74	ok_status(status = SecKeyDigestAndSign(privKey, algId, dataToDigest, dataToDigestLen,
	75	sig, &sigLen),
	76	"digest and sign %s with %ld bit RSA key", oidBuf, sigLen * 8);
	77
	78	skip("SecKeyDigestAndSign failed", 3, status == errSecSuccess);
	79
	80	/* Verify the signature we just made. */
	81	ok_status(SecKeyDigestAndVerify(pubKey, algId, dataToDigest, dataToDigestLen,
	82	sig, sigLen), "digest and verify");
	83	/* Invalidate the signature. */
	84	sig[0] ^= 0xff;
	85	is_status(SecKeyDigestAndVerify(pubKey, algId, dataToDigest, dataToDigestLen,
	86	sig, sigLen), errSSLCrypto, "digest and verify bad sig");
	87	sig[0] ^= 0xff;
	88	dataToDigest[0] ^= 0xff;
	89	is_status(SecKeyDigestAndVerify(pubKey, algId, dataToDigest, dataToDigestLen,
	90	sig, sigLen), errSSLCrypto, "digest and verify bad digest");
	91	}
	92	}
	93
	94	static void testdigestandsign(SecKeyRef privKey, SecKeyRef pubKey) {
	95	static const SecAsn1Oid *oids[] = {
	96	&CSSMOID_ECDSA_WithSHA1,
	97	#if 0
	98	&CSSMOID_ECDSA_WithSHA224,
	99	&CSSMOID_ECDSA_WithSHA256,
	100	&CSSMOID_ECDSA_WithSHA384,
	101	&CSSMOID_ECDSA_WithSHA512,
	102	#endif
	103	};
	104
	105	uint32_t ix;
	106	SecAsn1AlgId algId = {};
	107	for (ix = 0; ix < array_size(oids); ++ix) {
	108	if (oids[ix]) {
	109	algId.algorithm = *oids[ix];
	110	} else {
	111	algId.algorithm.Length = 0;
	112	algId.algorithm.Data = NULL;
	113	}
	114
	115	testdigestandsignalg(privKey, pubKey, &algId);
	116	}
	117	}
118
119	static void testkeygen(size_t keySizeInBits) {
120	SecKeyRef pubKey = NULL, privKey = NULL;
121	size_t keySizeInBytes = (keySizeInBits + 7) / 8;
122	CFNumberRef kzib;
123	int32_t keysz32 = (int32_t)keySizeInBits;
124
125	kzib = CFNumberCreate(NULL, kCFNumberSInt32Type, &keysz32);
126	CFMutableDictionaryRef kgp = CFDictionaryCreateMutable(NULL, 0, NULL, NULL);
127	CFDictionaryAddValue(kgp, kSecAttrKeyType, kSecAttrKeyTypeEC);
128	CFDictionaryAddValue(kgp, kSecAttrKeySizeInBits, kzib);
129
130	OSStatus status;
131	ok_status(status = SecKeyGeneratePair(kgp, &pubKey, &privKey),
132	"Generate %ld bit (%ld byte) EC keypair", keySizeInBits,
133	keySizeInBytes);
134	CFRelease(kzib);
135	CFRelease(kgp);
136
137	SKIP: {
138	skip("keygen failed", 8, status == errSecSuccess);
139	ok(pubKey, "pubkey returned");
140	ok(privKey, "privKey returned");
141	is(SecKeyGetSize(pubKey, kSecKeyKeySizeInBits), (size_t) keySizeInBits, "public key size is ok");
142	is(SecKeyGetSize(privKey, kSecKeyKeySizeInBits), (size_t) keySizeInBits, "private key size is ok");
143
144	/* Sign something. */
145	uint8_t something[20] = {0x80, 0xbe, 0xef, 0xba, 0xd0, };
146	uint8_t sig[8+2*keySizeInBytes];
147	size_t sigLen = sizeof(sig);
148	ok_status(SecKeyRawSign(privKey, kSecPaddingNone,
149	something, sizeof(something), sig, &sigLen), "sign something");
150	ok_status(SecKeyRawVerify(pubKey, kSecPaddingNone,
151	something, sizeof(something), sig, sigLen), "verify sig on something");
152
153	testdigestandsign(privKey, pubKey);
154
155	const void *privkeys[] = {
156	kSecValueRef
157	};
158	const void *privvalues[] = {
159	privKey
160	};
161	CFDictionaryRef privitem = CFDictionaryCreate(NULL, privkeys, privvalues,
162	array_size(privkeys), NULL, NULL);
163	ok_status(SecItemAdd(privitem, NULL), "add private key");
164	ok_status(SecItemDelete(privitem), "delete public key");
165	CFReleaseNull(privitem);
166
167	const void *pubkeys[] = {
168	kSecValueRef
169	};
170	const void *pubvalues[] = {
171	pubKey
172	};
173	CFDictionaryRef pubitem = CFDictionaryCreate(NULL, pubkeys, pubvalues,
174	array_size(pubkeys), NULL, NULL);
175	ok_status(SecItemAdd(pubitem, NULL), "add public key");
176	ok_status(SecItemDelete(pubitem), "delete public key");
177	CFReleaseNull(pubitem);
178
179	/* Cleanup. */
180	CFReleaseNull(pubKey);
181	CFReleaseNull(privKey);
182	}
183	}
184
185
186	static void testkeygen2(size_t keySizeInBits) {
187	SecKeyRef pubKey = NULL, privKey = NULL;
188	size_t keySizeInBytes = (keySizeInBits + 7) / 8;
189	CFNumberRef kzib;
190	int32_t keysz32 = (int32_t)keySizeInBits;
191
192	CFUUIDRef ourUUID = CFUUIDCreate(kCFAllocatorDefault);
193	CFStringRef uuidString = CFUUIDCreateString(kCFAllocatorDefault, ourUUID);
194	CFMutableStringRef publicName = CFStringCreateMutableCopy(kCFAllocatorDefault, 0, uuidString);
195	CFMutableStringRef privateName = CFStringCreateMutableCopy(kCFAllocatorDefault, 0, uuidString);
196
197	CFReleaseNull(ourUUID);
198	CFReleaseNull(uuidString);
199
200	CFStringAppend(publicName, CFSTR("-Public-41"));
201	CFStringAppend(privateName, CFSTR("-Private-41"));
202
d8f41ccd A	203	CFMutableDictionaryRef pubd = CFDictionaryCreateMutableForCFTypesWith(kCFAllocatorDefault,
	204	kSecAttrLabel, publicName,
	205	NULL);
	206	CFMutableDictionaryRef privd = CFDictionaryCreateMutableForCFTypesWith(kCFAllocatorDefault,
	207	kSecAttrLabel, privateName,
	208	NULL);
427c49bc A	209
427c49bc A	210	kzib = CFNumberCreate(NULL, kCFNumberSInt32Type, &keysz32);
d8f41ccd A	211	CFDictionaryRef kgp = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
	212	kSecAttrKeyType, kSecAttrKeyTypeEC,
	213	kSecAttrKeySizeInBits, kzib,
	214	kSecAttrIsPermanent, kCFBooleanTrue,
	215	kSecPublicKeyAttrs, pubd,
	216	kSecPrivateKeyAttrs, privd,
	217	NULL);
	218
	219	CFReleaseNull(kzib);
427c49bc A	220
	221	OSStatus status;
	222	ok_status(status = SecKeyGeneratePair(kgp, &pubKey, &privKey),
	223	"Generate %ld bit (%ld byte) persistent RSA keypair",
	224	keySizeInBits, keySizeInBytes);
d8f41ccd A	225
d8f41ccd A	226	CFReleaseNull(kgp);
427c49bc A	227
	228	SKIP: {
	229	skip("keygen failed", 8, status == errSecSuccess);
	230	ok(pubKey, "pubkey returned");
	231	ok(privKey, "privKey returned");
	232	is(SecKeyGetSize(pubKey, kSecKeyKeySizeInBits), (size_t) keySizeInBits, "public key size is ok");
	233	is(SecKeyGetSize(privKey, kSecKeyKeySizeInBits), (size_t) keySizeInBits, "private key size is ok");
	234
	235	SecKeyRef pubKey2, privKey2;
	236	CFDictionaryAddValue(pubd, kSecClass, kSecClassKey);
	237	CFDictionaryAddValue(pubd, kSecReturnRef, kCFBooleanTrue);
	238	CFDictionaryAddValue(privd, kSecClass, kSecClassKey);
	239	CFDictionaryAddValue(privd, kSecReturnRef, kCFBooleanTrue);
	240	CFDictionaryAddValue(privd, kSecAttrCanSign, kCFBooleanTrue);
	241	ok_status(SecItemCopyMatching(pubd, (CFTypeRef *)&pubKey2),
	242	"retrieve pub key by label");
	243	ok(pubKey2, "got valid object");
	244	ok_status(SecItemCopyMatching(privd, (CFTypeRef *)&privKey2),
	245	"retrieve priv key by label and kSecAttrCanSign");
	246	ok(privKey2, "got valid object");
	247
	248	/* Sign something. */
	249	uint8_t something[20] = {0x80, 0xbe, 0xef, 0xba, 0xd0, };
	250	size_t sigLen = SecKeyGetSize(privKey2, kSecKeySignatureSize);
	251	uint8_t sig[sigLen];
	252	ok_status(SecKeyRawSign(privKey2, kSecPaddingPKCS1,
	253	something, sizeof(something), sig, &sigLen), "sign something");
	254	ok_status(SecKeyRawVerify(pubKey2, kSecPaddingPKCS1,
	255	something, sizeof(something), sig, sigLen), "verify sig on something");
	256
	257	/* Cleanup. */
	258	CFReleaseNull(pubKey2);
	259	CFReleaseNull(privKey2);
	260	}
	261
	262	/* delete from keychain - note: do it before releasing publicName and privateName
	263	because pubd and privd have no retain/release callbacks */
	264	ok_status(SecItemDelete(pubd), "delete generated pub key");
	265	ok_status(SecItemDelete(privd), "delete generated priv key");
	266
	267	/* Cleanup. */
	268	CFReleaseNull(pubKey);
	269	CFReleaseNull(privKey);
	270
	271	CFReleaseNull(publicName);
	272	CFReleaseNull(privateName);
	273
d8f41ccd A	274	CFReleaseNull(pubd);
	275	CFReleaseNull(privd);
	276	}
	277
	278	static void testkeywrap(unsigned long keySizeInBits, CFTypeRef alg)
	279	{
	280	SecKeyRef pubKey = NULL, privKey = NULL;
	281	size_t keySizeInBytes = (keySizeInBits + 7) / 8;
	282	CFNumberRef kzib;
	283	int32_t keysz32 = (int32_t)keySizeInBits;
	284
	285	CFUUIDRef ourUUID = CFUUIDCreate(kCFAllocatorDefault);
	286	CFStringRef uuidString = CFUUIDCreateString(kCFAllocatorDefault, ourUUID);
	287	CFMutableStringRef publicName = CFStringCreateMutableCopy(kCFAllocatorDefault, 0, uuidString);
	288	CFMutableStringRef privateName = CFStringCreateMutableCopy(kCFAllocatorDefault, 0, uuidString);
	289
	290	CFReleaseNull(ourUUID);
	291	CFReleaseNull(uuidString);
	292
	293	CFStringAppend(publicName, CFSTR("-Public-41"));
	294	CFStringAppend(privateName, CFSTR("-Private-41"));
	295
	296	CFDictionaryRef pubd = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
	297	kSecAttrLabel, publicName,
	298	NULL);
	299	CFDictionaryRef privd = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
	300	kSecAttrLabel, privateName,
	301	NULL);
	302
	303	CFReleaseNull(publicName);
	304	CFReleaseNull(privateName);
	305
	306	kzib = CFNumberCreate(NULL, kCFNumberSInt32Type, &keysz32);
	307	CFDictionaryRef kgp = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
	308	kSecAttrKeyType, kSecAttrKeyTypeEC,
	309	kSecAttrKeySizeInBits, kzib,
	310	kSecAttrIsPermanent, kCFBooleanFalse,
	311	kSecPublicKeyAttrs, pubd,
	312	kSecPrivateKeyAttrs, privd,
	313	NULL);
	314	CFReleaseNull(pubd);
	315	CFReleaseNull(privd);
	316	CFReleaseNull(kzib);
	317
	318	OSStatus status;
	319	ok_status(status = SecKeyGeneratePair(kgp, &pubKey, &privKey),
	320	"Generate %ld bit (%ld byte) persistent RSA keypair (status = %d)",
	321	keySizeInBits, keySizeInBytes, (int)status);
	322	CFReleaseNull(kgp);
	323
5c19dc3a	324	CFErrorRef localError = NULL;
d8f41ccd A	325
	326	CFDataRef secret = CFDataCreate(NULL, (void *)"0123456789012345", 16);
	327	ok(secret, "secret");
	328
	329	CFDataRef fp = CFDataCreate(NULL, (void *)"01234567890123456789", 20);
	330	ok(fp, "fingerprint");
	331
	332
	333	int8_t sym_alg_data = 8;
	334	CFNumberRef symalg = CFNumberCreate(NULL, kCFNumberSInt8Type, &sym_alg_data);
	335	CFDictionaryRef param = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
	336	_kSecKeyWrapPGPWrapAlg, alg,
	337	_kSecKeyWrapPGPSymAlg, symalg,
	338	_kSecKeyWrapPGPFingerprint, fp,
	339	NULL);
	340
	341	CFDataRef wrapped = _SecKeyCopyWrapKey(pubKey, kSecKeyWrapPublicKeyPGP, secret, param, NULL, &localError);
	342	ok(wrapped, "wrap key: %@", localError);
	343
	344	CFDataRef unwrapped = _SecKeyCopyUnwrapKey(privKey, kSecKeyWrapPublicKeyPGP, wrapped, param, NULL, &localError);
	345	ok(unwrapped, "unwrap key: %@", localError);
	346
	347	CFReleaseNull(symalg);
	348
	349	ok(CFEqual(unwrapped, secret), "keys still same");
	350
	351	CFReleaseNull(fp);
	352	CFReleaseNull(secret);
	353	CFReleaseNull(unwrapped);
	354	CFReleaseNull(wrapped);
	355	CFReleaseNull(param);
	356	CFReleaseNull(privKey);
	357	CFReleaseNull(pubKey);
427c49bc A	358	}
427c49bc A	359
5c19dc3a A	360	const uint8_t EC_P256_KeyDER[]={
	361	0x30, 0x6b, 0x02, 0x01, 0x01, 0x04, 0x20, 0x86, 0x87, 0x79, 0x59, 0xd1,
	362	0xc6, 0x3c, 0x50, 0x24, 0x30, 0xa4, 0xaf, 0x89, 0x1d, 0xd1, 0x94, 0x23,
	363	0x56, 0x79, 0x46, 0x93, 0x72, 0x31, 0x39, 0x24, 0xe6, 0x01, 0x96, 0xc8,
	364	0xeb, 0xf3, 0x88, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x8c, 0xfa, 0xd7,
	365	0x8a, 0xf1, 0xb9, 0xad, 0xd7, 0x3a, 0x33, 0xb5, 0x9a, 0xad, 0x52, 0x0d,
	366	0x14, 0xd6, 0x6b, 0x35, 0x56, 0x79, 0xd6, 0x74, 0x2a, 0x37, 0x7e, 0x2f,
	367	0x33, 0xa6, 0xab, 0xee, 0x35, 0x00, 0x70, 0x82, 0x89, 0x9c, 0xfc, 0x97,
	368	0xc4, 0x89, 0x5c, 0x16, 0x50, 0xad, 0x60, 0x55, 0xa6, 0x70, 0xee, 0x07,
	369	0x1b, 0xfe, 0xe4, 0xf0, 0xa0, 0x63, 0xc0, 0x73, 0x24, 0x97, 0x92, 0x04,
	370	0xc7};
	371
	372	const uint8_t EC_P256_SigDER[]={
	373	0x30, 0x45, 0x02, 0x20, 0x4b, 0x37, 0x7f, 0x45, 0xd0, 0x5d, 0xa6, 0x53,
	374	0xb3, 0x62, 0x6f, 0x32, 0xdb, 0xfc, 0xf6, 0x3b, 0x84, 0xfa, 0x5a, 0xd9,
	375	0x17, 0x67, 0x03, 0x73, 0x48, 0x0c, 0xad, 0x89, 0x13, 0x69, 0x61, 0xb3,
	376	0x02, 0x21, 0x00, 0xd6, 0x23, 0xaf, 0xd9, 0x7d, 0x72, 0xba, 0x3b, 0x90,
	377	0xc1, 0x23, 0x7d, 0xdb, 0x2c, 0xd1, 0x0d, 0xbb, 0xb4, 0x0f, 0x67, 0x26,
	378	0xff, 0x3f, 0xa6, 0x47, 0xa4, 0x13, 0x0d, 0xe0, 0x45, 0xd5, 0x6b};
	379
	380	const uint8_t EC_P256_SigRaw[]= {
	381	0x4b, 0x37, 0x7f, 0x45, 0xd0, 0x5d, 0xa6, 0x53, 0xb3, 0x62, 0x6f, 0x32,
	382	0xdb, 0xfc, 0xf6, 0x3b, 0x84, 0xfa, 0x5a, 0xd9, 0x17, 0x67, 0x03, 0x73,
	383	0x48, 0x0c, 0xad, 0x89, 0x13, 0x69, 0x61, 0xb3, 0xd6, 0x23, 0xaf, 0xd9,
	384	0x7d, 0x72, 0xba, 0x3b, 0x90, 0xc1, 0x23, 0x7d, 0xdb, 0x2c, 0xd1, 0x0d,
	385	0xbb, 0xb4, 0x0f, 0x67, 0x26, 0xff, 0x3f, 0xa6, 0x47, 0xa4, 0x13, 0x0d,
	386	0xe0, 0x45, 0xd5, 0x6b};
	387
	388	const uint8_t EC_SigDigest[24] = "012345678912345678901234";
	389
	390	static void testsignformat(void)
	391	{
	392	SecKeyRef pkey = NULL;
	393	SecKeyRef pubkey = NULL;
	394	CFDataRef pubdata = NULL;
	395	uint8_t EC_signature_DER[72];
	396	uint8_t EC_signature_RAW[64];
	397	size_t EC_signature_DER_size=sizeof(EC_signature_DER);
	398	size_t EC_signature_RAW_size=sizeof(EC_signature_RAW);
	399
	400	ok((pkey = SecKeyCreateECPrivateKey(kCFAllocatorDefault,
	401	EC_P256_KeyDER, sizeof(EC_P256_KeyDER),
	402	kSecKeyEncodingPkcs1)) != NULL, "import privkey");
	403
	404	ok_status(SecKeyCopyPublicBytes(pkey, &pubdata), "pub key from priv key");
	405
	406	ok((pubkey = SecKeyCreateECPublicKey(kCFAllocatorDefault,
	407	CFDataGetBytePtr(pubdata), CFDataGetLength(pubdata),
	408	kSecKeyEncodingBytes))!=NULL,
	409	"recreate seckey");
	410
	411	// Verify fixed signature
	412	ok_status(SecKeyRawVerify(pubkey, kSecPaddingPKCS1,
	413	EC_SigDigest, sizeof(EC_SigDigest), EC_P256_SigDER, sizeof(EC_P256_SigDER)), "verify DER sig on something");
	414
	415	ok_status(SecKeyRawVerify(pubkey, kSecPaddingSigRaw,
	416	EC_SigDigest, sizeof(EC_SigDigest), EC_P256_SigRaw, sizeof(EC_P256_SigRaw)), "verify RAW sig on something");
	417
	418	// Verify signature with mismatching format
	419	ok_status(!SecKeyRawVerify(pubkey, kSecPaddingSigRaw,
	420	EC_SigDigest, sizeof(EC_SigDigest), EC_P256_SigDER, sizeof(EC_P256_SigDER)), "verify DER sig with RAW option");
427c49bc	421
5c19dc3a A	422	ok_status(!SecKeyRawVerify(pubkey, kSecPaddingPKCS1,
5c19dc3a A	423	EC_SigDigest, sizeof(EC_SigDigest), EC_P256_SigRaw, sizeof(EC_P256_SigRaw)), "verify RAW sig with DER something");
d8f41ccd	424
5c19dc3a A	425	// Sign something in each format
	426	ok_status(SecKeyRawSign(pkey, kSecPaddingPKCS1,
	427	EC_SigDigest, sizeof(EC_SigDigest), EC_signature_DER, &EC_signature_DER_size), "sign DER sig on something");
	428
	429	ok_status(SecKeyRawSign(pkey, kSecPaddingSigRaw,
	430	EC_SigDigest, sizeof(EC_SigDigest), EC_signature_RAW, &EC_signature_RAW_size), "sign RAW sig on something");
	431
	432	// Verify expecting that verification does the right thing.
	433	ok_status(SecKeyRawVerify(pubkey, kSecPaddingPKCS1,
	434	EC_SigDigest, sizeof(EC_SigDigest), EC_signature_DER, EC_signature_DER_size), "verify DER sig on something");
	435
	436	ok_status(SecKeyRawVerify(pubkey, kSecPaddingSigRaw,
	437	EC_SigDigest, sizeof(EC_SigDigest), EC_signature_RAW, EC_signature_RAW_size), "verify RAW sig on something");
	438
	439	CFReleaseNull(pkey);
	440	CFReleaseNull(pubkey);
	441	CFReleaseNull(pubdata);
	442	}
d8f41ccd	443
427c49bc A	444	/* Test basic add delete update copy matching stuff. */
	445	static void tests(void)
	446	{
5c19dc3a A	447	testsignformat();
5c19dc3a A	448
427c49bc A	449	testkeygen(192);
	450	testkeygen(224);
	451	testkeygen(256);
	452	testkeygen(384);
	453	testkeygen(521);
	454
	455	testkeygen2(192);
	456	testkeygen2(224);
	457	testkeygen2(256);
	458	testkeygen2(384);
	459	testkeygen2(521);
	460
d8f41ccd A	461	testkeywrap(256, _kSecKeyWrapRFC6637WrapDigestSHA256KekAES128);
	462	testkeywrap(521, _kSecKeyWrapRFC6637WrapDigestSHA256KekAES128);
	463	testkeywrap(256, _kSecKeyWrapRFC6637WrapDigestSHA512KekAES256);
	464	testkeywrap(521, _kSecKeyWrapRFC6637WrapDigestSHA512KekAES256);
	465
427c49bc A	466	}
	467
	468	int si_41_sececkey(int argc, char const argv)
	469	{
5c19dc3a	470	plan_tests(175);
427c49bc A	471
	472	tests();
	473
	474	return 0;
	475	}