OSX/sec/Security/Regressions/secitem/si-89-cms-hash-agility.c

   1 /*
   2  * Copyright (c) 2015 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #include <CoreFoundation/CoreFoundation.h>
  25 #include <Security/Security.h>
  26 #include <Security/SecCMS.h>
  27 #include <utilities/SecCFRelease.h>
  28
  29 #include "Security_regressions.h"
  30
  31 #include "si-89-cms-hash-agility.h"
  32
  33
  34 static void tests(void)
  35 {
  36     CFDataRef message = NULL, contentData = NULL, hashAgilityOid = NULL, hashAgilityValue = NULL;
  37     SecPolicyRef policy = NULL;
  38     SecTrustRef trust = NULL;
  39     CFDictionaryRef attrs = NULL;
  40     CFArrayRef attrValues = NULL;
  41     CFDateRef signingTime = NULL, expectedTime = NULL;
  42
  43     ok(message = CFDataCreate(NULL, valid_message, sizeof(valid_message)), "Create valid message");
  44     ok(contentData = CFDataCreate(NULL, content, sizeof(content)), "Create detached content");
  45     ok(policy = SecPolicyCreateBasicX509(), "Create policy");
  46
  47     /* verify the valid message and copy out attributes */
  48     is(SecCMSVerifyCopyDataAndAttributes(message, contentData, policy, &trust,  NULL, &attrs),
  49        errSecSuccess, "Verify valid CMS message and get attributes");
  50     isnt(attrs, NULL, "Copy CMS attributes");
  51
  52     /* verify we can get the parsed attribute */
  53     uint8_t appleHashAgilityOid[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x63, 0x64, 0x9, 0x1 };
  54     ok(hashAgilityOid = CFDataCreate(NULL, appleHashAgilityOid, sizeof(appleHashAgilityOid)),
  55        "Create oid data");
  56     ok(attrValues = (CFArrayRef) CFDictionaryGetValue(attrs, hashAgilityOid),
  57        "Get hash agility value array");
  58     is(CFArrayGetCount(attrValues), 1, "One attribute value");
  59     ok(hashAgilityValue = CFArrayGetValueAtIndex(attrValues, 0), "Get hash agility value");
  60     is((size_t)CFDataGetLength(hashAgilityValue), sizeof(attribute), "Verify size of parsed hash agility value");
  61     is(memcmp(attribute, CFDataGetBytePtr(hashAgilityValue), sizeof(attribute)), 0,
  62        "Verify correct hash agility value");
  63
  64     attrValues = NULL;
  65
  66     /*verify we can get the signing time attribute */
  67     ok(signingTime = (CFDateRef) CFDictionaryGetValue(attrs, kSecCMSSignDate), "Get signing time");
  68     ok(expectedTime = CFDateCreate(NULL, 468295000.0), "Set expected signing time");
  69     is(CFDateCompare(signingTime, expectedTime, NULL), 0, "Verify signing time");
  70
  71     CFReleaseNull(message);
  72
  73     /* verify the invalid message */
  74     ok(message = CFDataCreate(NULL, invalid_message, sizeof(invalid_message)), "Create invalid message");
  75     is(SecCMSVerify(message, contentData, policy, &trust, NULL), errSecAuthFailed,
  76        "Verify invalid CMS message");
  77
  78     CFReleaseNull(message);
  79
  80     /* verify the valid message with no hash agility attribute */
  81     ok(message = CFDataCreate(NULL, valid_no_attr, sizeof(valid_no_attr)),
  82        "Create valid message with no hash agility value");
  83     is(SecCMSVerifyCopyDataAndAttributes(message, contentData, policy, &trust,  NULL, &attrs),
  84        errSecSuccess, "Verify 2nd valid CMS message and get attributes");
  85     isnt(attrs, NULL, "Copy 2nd CMS attributes");
  86
  87     /* verify we can't get the hash agility attribute */
  88     is((CFArrayRef) CFDictionaryGetValue(attrs, hashAgilityOid), NULL,
  89        "Get hash agility value array");
  90
  91
  92     CFReleaseNull(message);
  93     CFReleaseNull(contentData);
  94     CFReleaseNull(hashAgilityOid);
  95     CFReleaseNull(expectedTime);
  96     CFReleaseNull(policy);
  97     CFReleaseNull(trust);
  98     CFReleaseNull(attrs);
  99 }
 100
 101 int si_89_cms_hash_agility(int argc, char *const *argv)
 102 {
 103     plan_tests(20);
 104
 105     tests();
 106
 107     return 0;
 108 }