sec/Security/Regressions/secitem/si-31-keychain-unreadable.c

   1 /*
   2  *  si-31-keychain-unreadable.c
   3  *  Security
   4  *
   5  *  Created by Michael Brouwer on 5/23/08.
   6  *  Copyright (c) 2008-2010 Apple Inc.  All Rights Reserved.
   7  *
   8  */
   9
  10 #include <CoreFoundation/CoreFoundation.h>
  11 #include <Security/SecBase.h>
  12 #include <Security/SecItem.h>
  13 #include <Security/SecInternal.h>
  14
  15 #include <stdlib.h>
  16 #include <fcntl.h>
  17 #include <unistd.h>
  18 #include <sys/stat.h>
  19 #include <sqlite3.h>
  20
  21 #include "Security_regressions.h"
  22
  23 #ifdef NO_SERVER
  24 static void ensureKeychainExists(void) {
  25     CFDictionaryRef query = CFDictionaryCreate(0, &kSecClass, &kSecClassInternetPassword, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
  26     CFTypeRef results = NULL;
  27     is_status(SecItemCopyMatching(query, &results), errSecItemNotFound, "expected nothing got %@", results);
  28     CFReleaseNull(query);
  29     CFReleaseNull(results);
  30 }
  31 #endif
  32
  33 void kc_dbhandle_reset(void);
  34
  35 /* Create an empty keychain file that can't be read or written and make sure
  36    securityd can deal with it. */
  37 static void tests(void)
  38 {
  39 #ifndef NO_SERVER
  40     plan_skip_all("No testing against server.");
  41 #else
  42     const char *home_dir = getenv("HOME");
  43     char keychain_dir[1000];
  44     char keychain_name[1000];
  45     sprintf(keychain_dir, "%s/Library/Keychains", home_dir);
  46     sprintf(keychain_name, "%s/keychain-2-debug.db", keychain_dir);
  47
  48     ensureKeychainExists();
  49     int fd;
  50     ok_unix(fd = open(keychain_name, O_RDWR | O_CREAT | O_TRUNC, 0644),
  51         "create keychain file '%s'", keychain_name);
  52     ok_unix(fchmod(fd, 0), " keychain file '%s'", keychain_name);
  53     ok_unix(close(fd), "close keychain file '%s'", keychain_name);
  54
  55     kc_dbhandle_reset();
  56
  57     int v_eighty = 80;
  58     CFNumberRef eighty = CFNumberCreate(NULL, kCFNumberSInt32Type, &v_eighty);
  59     const char *v_data = "test";
  60     CFDataRef pwdata = CFDataCreate(NULL, (UInt8 *)v_data, strlen(v_data));
  61     CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0, NULL, NULL);
  62     CFDictionaryAddValue(query, kSecClass, kSecClassInternetPassword);
  63     CFDictionaryAddValue(query, kSecAttrServer, CFSTR("members.spamcop.net"));
  64     CFDictionaryAddValue(query, kSecAttrAccount, CFSTR("smith"));
  65     CFDictionaryAddValue(query, kSecAttrPort, eighty);
  66     CFDictionaryAddValue(query, kSecAttrProtocol, kSecAttrProtocolHTTP);
  67     CFDictionaryAddValue(query, kSecAttrAuthenticationType, kSecAttrAuthenticationTypeDefault);
  68     CFDictionaryAddValue(query, kSecValueData, pwdata);
  69     ok_status(SecItemAdd(query, NULL), "add internet password");
  70     is_status(SecItemAdd(query, NULL), errSecDuplicateItem,
  71         "add internet password again");
  72
  73     ok_status(SecItemCopyMatching(query, NULL), "Found the item we added");
  74
  75     ok_status(SecItemDelete(query),"Deleted the item we added");
  76
  77     CFReleaseSafe(eighty);
  78     CFReleaseSafe(pwdata);
  79     CFReleaseSafe(query);
  80 #endif
  81 }
  82
  83 int si_31_keychain_unreadable(int argc, char *const *argv)
  84 {
  85         plan_tests(8);
  86         tests();
  87
  88         return 0;
  89 }