]> git.saurik.com Git - apple/security.git/blob - sec/securityd/Regressions/secd-58-password-change.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-55471.14.tar.gz
[apple/security.git] / sec / securityd / Regressions / secd-58-password-change.c
1 //
2 // secd-58-password-change.c
3 // sec
4 //
5 // Created by Mitch Adler on 6/18/13.
6 //
7 //
8
9
10
11 #include <Security/SecBase.h>
12 #include <Security/SecItem.h>
13
14 #include <CoreFoundation/CFDictionary.h>
15
16 #include <SecureObjectSync/SOSAccount.h>
17 #include <SecureObjectSync/SOSCloudCircle.h>
18 #include <SecureObjectSync/SOSInternal.h>
19 #include <SecureObjectSync/SOSUserKeygen.h>
20
21 #include <stdlib.h>
22 #include <unistd.h>
23
24 #include "secd_regressions.h"
25 #include "SOSTestDataSource.h"
26
27 #include "SOSRegressionUtilities.h"
28 #include <utilities/SecCFWrappers.h>
29 #include <Security/SecKeyPriv.h>
30
31 #include <securityd/SOSCloudCircleServer.h>
32
33 #include "SOSAccountTesting.h"
34
35
36 static int kTestTestCount = 300;
37
38 static bool AssertCreds(SOSAccountRef account, CFStringRef acct_name, CFDataRef password) {
39 CFErrorRef error = NULL;
40 bool retval;
41 ok((retval = SOSAccountAssertUserCredentials(account, acct_name, password, &error)), "Credential setting (%@)", error);
42 CFReleaseNull(error);
43 return retval;
44 }
45
46 static bool ResetToOffering(SOSAccountRef account) {
47 CFErrorRef error = NULL;
48 bool retval;
49 ok((retval = SOSAccountResetToOffering(account, &error)), "Reset to offering (%@)", error);
50 CFReleaseNull(error);
51 return retval;
52 }
53
54 static bool JoinCircle(SOSAccountRef account) {
55 CFErrorRef error = NULL;
56 bool retval;
57 ok((retval = SOSAccountJoinCircles(account, &error)), "Join Circle (%@)", error);
58 CFReleaseNull(error);
59 return retval;
60 }
61
62 static bool AcceptApplicants(SOSAccountRef account, CFIndex cnt) {
63 CFErrorRef error = NULL;
64 bool retval = false;
65 CFArrayRef applicants = SOSAccountCopyApplicants(account, &error);
66
67 ok((retval = (applicants && CFArrayGetCount(applicants) == cnt)), "See applicants %@ (%@)", applicants, error);
68 if(retval) ok((retval = SOSAccountAcceptApplicants(account, applicants, &error)), "Accept Applicants (%@)", error);
69 CFReleaseNull(applicants);
70 CFReleaseNull(error);
71 return retval;
72 }
73
74
75 static void tests(void)
76 {
77 CFDataRef cfpassword = CFDataCreate(NULL, (uint8_t *) "FooFooFoo", 10);
78 CFStringRef cfaccount = CFSTR("test@test.org");
79
80 CFMutableDictionaryRef changes = CFDictionaryCreateMutableForCFTypes(kCFAllocatorDefault);
81
82 SOSAccountRef alice_account = CreateAccountForLocalChanges(changes, CFSTR("Alice"), CFSTR("TestSource"));
83 SOSAccountRef bob_account = CreateAccountForLocalChanges(changes, CFSTR("Bob"), CFSTR("TestSource"));
84 SOSAccountRef carol_account = CreateAccountForLocalChanges(changes, CFSTR("Carol"), CFSTR("TestSource"));
85
86 /* Set Initial Credentials and Parameters for the Syncing Circles ---------------------------------------*/
87 ok(AssertCreds(bob_account, cfaccount, cfpassword), "Setting credentials for Bob");
88 // Bob wins writing at this point, feed the changes back to alice.
89 FeedChangesToMulti(changes, alice_account, carol_account, NULL);
90 ok(AssertCreds(alice_account, cfaccount, cfpassword), "Setting credentials for Alice");
91 ok(AssertCreds(carol_account, cfaccount, cfpassword), "Setting credentials for Carol");
92 CFReleaseNull(cfpassword);
93
94 /* Make Alice First Peer -------------------------------------------------------------------------------*/
95 ok(ResetToOffering(alice_account), "Reset to offering - Alice as first peer");
96 FeedChangesToMulti(changes, bob_account, carol_account, NULL);
97
98 /* Bob Joins -------------------------------------------------------------------------------------------*/
99 ok(JoinCircle(bob_account), "Bob Applies");
100 FeedChangesToMulti(changes, alice_account, carol_account, NULL);
101
102 /* Alice Accepts -------------------------------------------------------------------------------------------*/
103 ok(AcceptApplicants(alice_account, 1), "Alice Accepts Bob's Application");
104 FeedChangesToMulti(changes, bob_account, carol_account, NULL); // Bob sees he's accepted
105 FeedChangesToMulti(changes, alice_account, carol_account, NULL); // Alice sees bob-concurring
106 ok(CFDictionaryGetCount(changes) == 0, "We converged. (%@)", changes);
107 accounts_agree("bob&alice pair", bob_account, alice_account);
108
109 /* Carol Applies -------------------------------------------------------------------------------------------*/
110 ok(JoinCircle(carol_account), "Carol Applies");
111 FeedChangesToMulti(changes, alice_account, bob_account, NULL);
112
113 is(countPeers(alice_account), 2, "See two peers");
114
115
116 /* Change Password ------------------------------------------------------------------------------------------*/
117 CFDataRef cfnewpassword = CFDataCreate(NULL, (uint8_t *) "ooFooFooF", 10);
118
119 ok(AssertCreds(bob_account, cfaccount, cfnewpassword), "Credential resetting for Bob");
120 is(countPeers(bob_account), 2, "There are two valid peers - iCloud and Bob");
121 is(countActivePeers(bob_account), 3, "There are three active peers - bob, alice, and iCloud");
122 is(countActiveValidPeers(bob_account), 2, "There is two active valid peer - Bob and iCloud");
123 FeedChangesToMulti(changes, alice_account, carol_account, NULL);
124
125 ok(AssertCreds(alice_account, cfaccount, cfnewpassword), "Credential resetting for Alice");
126 is(countPeers(alice_account), 2, "There are two peers - bob and alice");
127 is(countActiveValidPeers(alice_account), 3, "There are three active valid peers - alice, bob, and icloud");
128 FeedChangesToMulti(changes, bob_account, carol_account, NULL);
129 FeedChangesToMulti(changes, alice_account, carol_account, NULL);
130 FeedChangesToMulti(changes, alice_account, bob_account, NULL);
131 accounts_agree("bob&alice pair", bob_account, alice_account);
132 is(countPeers(alice_account), 2, "There are two peers - bob and alice");
133 is(countActiveValidPeers(alice_account), 3, "There are three active valid peers - alice, bob, and icloud");
134
135 ok(AssertCreds(carol_account, cfaccount, cfnewpassword), "Credential resetting for Carol");
136 FeedChangesToMulti(changes, alice_account, bob_account, NULL);
137 FeedChangesToMulti(changes, bob_account, carol_account, alice_account, NULL);
138 FeedChangesToMulti(changes, bob_account, carol_account, alice_account, NULL);
139 FeedChangesToMulti(changes, bob_account, carol_account, alice_account, NULL);
140 accounts_agree("bob&alice pair", bob_account, alice_account);
141
142 ok(AcceptApplicants(alice_account, 1), "Alice Accepts Carol's Application");
143 FeedChangesToMulti(changes, bob_account, carol_account, NULL); // Carol sees she's accepted
144 FeedChangesToMulti(changes, alice_account, bob_account, carol_account, NULL); // Alice sees bob-concurring
145 FeedChangesToMulti(changes, alice_account, bob_account, carol_account, NULL); // Alice sees bob-concurring
146 FeedChangesToMulti(changes, alice_account, bob_account, carol_account, NULL); // Alice sees bob-concurring
147 accounts_agree_internal("bob&alice pair", bob_account, alice_account, false);
148 accounts_agree_internal("bob&carol pair", bob_account, carol_account, false);
149 accounts_agree_internal("carol&alice pair", alice_account, carol_account, false);
150
151
152 /* Change Password 2 ----------------------------------------------------------------------------------------*/
153 CFReleaseNull(cfnewpassword);
154 cfnewpassword = CFDataCreate(NULL, (uint8_t *) "ffoffoffo", 10);
155
156 /* Bob */
157 ok(AssertCreds(bob_account, cfaccount, cfnewpassword), "Credential resetting for Bob");
158 is(countPeers(bob_account), 3, "There are three peers - Alice, Carol, Bob");
159 is(countActivePeers(bob_account), 4, "There are four active peers - bob, alice, carol and iCloud");
160 is(countActiveValidPeers(bob_account), 2, "There is two active valid peer - Bob and iCloud");
161 FeedChangesToMulti(changes, alice_account, carol_account, NULL);
162
163 /* Alice */
164 ok(AssertCreds(alice_account, cfaccount, cfnewpassword), "Credential resetting for Alice");
165 is(countPeers(alice_account), 3, "There are three peers - Alice, Carol, Bob");
166 is(countActivePeers(alice_account), 4, "There are four active peers - bob, alice, carol and iCloud");
167 is(countActiveValidPeers(alice_account), 3, "There are three active valid peers - alice, bob, and icloud");
168 FeedChangesToMulti(changes, bob_account, carol_account, NULL);
169 FeedChangesToMulti(changes, alice_account, bob_account, carol_account, NULL);
170 FeedChangesToMulti(changes, alice_account, bob_account, carol_account, NULL);
171
172 /* Carol */
173 ok(AssertCreds(carol_account, cfaccount, cfnewpassword), "Credential resetting for Carol");
174 is(countPeers(carol_account), 3, "There are three peers - Alice, Carol, Bob");
175 is(countActivePeers(carol_account), 4, "There are four active peers - bob, alice, carol and iCloud");
176 is(countActiveValidPeers(carol_account), 4, "There are three active valid peers - alice, bob, carol, and icloud");
177
178 FeedChangesToMulti(changes, alice_account, bob_account, NULL);
179 FeedChangesToMulti(changes, bob_account, carol_account, alice_account, NULL);
180 FeedChangesToMulti(changes, bob_account, carol_account, alice_account, NULL);
181 FeedChangesToMulti(changes, bob_account, carol_account, alice_account, NULL);
182 accounts_agree_internal("bob&alice pair", bob_account, alice_account, false);
183
184 CFReleaseNull(bob_account);
185 CFReleaseNull(alice_account);
186 CFReleaseNull(carol_account);
187 CFReleaseNull(cfnewpassword);
188
189 }
190
191 int secd_58_password_change(int argc, char *const *argv)
192 {
193 plan_tests(kTestTestCount);
194
195 tests();
196
197 return 0;
198 }
mirror of Security