OSX/libsecurity_keychain/regressions/kc-03-status.c

   1 #include <Security/SecKeychain.h>
   2 #include <stdlib.h>
   3 #include <sys/stat.h>
   4 #include <sys/types.h>
   5
   6 #include "keychain_regressions.h"
   7 #include "kc-helpers.h"
   8
   9 static void tests(void)
  10 {
  11         char *home = getenv("HOME");
  12         char kcname1[256], kcname2[256];
  13         SecKeychainStatus status1, status2;
  14
  15         if (!home || strlen(home) > 200)
  16                 plan_skip_all("home too big");
  17
  18         snprintf(kcname1, sizeof(kcname1), "%s/kctests/kc1/kc1", home);
  19         SecKeychainRef kc1 = NULL, kc2 = NULL;
  20     kc1 = createNewKeychainAt(kcname1, "test");
  21
  22         ok_status(SecKeychainGetStatus(kc1, &status1), "get kc1 status");
  23         is(status1, kSecUnlockStateStatus|kSecReadPermStatus|kSecWritePermStatus,
  24                 "status unlocked readable writable");
  25         ok_status(SecKeychainLock(kc1), "SecKeychainLock kc1");
  26         ok_status(SecKeychainGetStatus(kc1, &status1), "get kc1 status");
  27         TODO: {
  28                 todo("<rdar://problem/2668794> KeychainImpl::status() returns "
  29                         "incorrect status (always writable?)");
  30
  31                 is(status1, kSecReadPermStatus|kSecWritePermStatus,
  32                         "status (locked) readable writable");
  33         }
  34
  35         /* Make keychain non writable. */
  36         char kcdir1[256];
  37         snprintf(kcdir1, sizeof(kcdir1), "%s/kctests/kc1", home);
  38         ok_unix(chmod(kcdir1, 0555), "chmod kcdir1 0555");
  39
  40         ok_status(SecKeychainGetStatus(kc1, &status1), "get kc1 status");
  41         is(status1, kSecReadPermStatus, "status (locked) readable");
  42         ok_status(SecKeychainUnlock(kc1, 4, "test", TRUE), "SecKeychainLock kc1");
  43         ok_status(SecKeychainGetStatus(kc1, &status1), "get kc1 status");
  44         TODO: {
  45                 todo("<rdar://problem/2668794> KeychainImpl::status() returns "
  46                         "incorrect status (always writable?)");
  47
  48                 is(status1, kSecUnlockStateStatus|kSecReadPermStatus,
  49                         "status unlocked readable");
  50         }
  51
  52         /* Reopen the keychain. */
  53         CFRelease(kc1);
  54         ok_status(SecKeychainOpen(kcname1, &kc1), "SecKeychainOpen kc1");
  55
  56         ok_status(SecKeychainGetStatus(kc1, &status1), "get kc1 status");
  57         TODO: {
  58                 todo("<rdar://problem/2668794> KeychainImpl::status() returns "
  59                         "incorrect status (always writable?)");
  60
  61                 is(status1, kSecUnlockStateStatus|kSecReadPermStatus,
  62                         "status unlocked readable");
  63         }
  64
  65         snprintf(kcname2, sizeof(kcname2), "%s/kctests/kc2/kc2", home);
  66     kc2 = createNewKeychainAt(kcname2, "test");
  67         ok_unix(chmod(kcname2, 0444), "chmod kc2 0444");
  68         ok_status(SecKeychainGetStatus(kc2, &status2), "get kc2 status");
  69         is(status2, kSecUnlockStateStatus|kSecReadPermStatus|kSecWritePermStatus,
  70                 "status unlocked readable writable");
  71
  72         /* Reopen the keychain. */
  73         CFRelease(kc2);
  74         ok_status(SecKeychainOpen(kcname2, &kc2), "SecKeychainOpen kc2");
  75
  76         ok_status(SecKeychainGetStatus(kc2, &status2), "get kc2 status");
  77         is(status2, kSecUnlockStateStatus|kSecReadPermStatus|kSecWritePermStatus,
  78                 "status unlocked readable writable");
  79
  80         /* Restore dir to writable so cleanup code will work ok. */
  81         ok_unix(chmod(kcdir1, 0755), "chmod kcdir1 0755");
  82     ok_status(SecKeychainDelete(kc1), "%s: SecKeychainDelete", testName);
  83         CFRelease(kc1);
  84     ok_status(SecKeychainDelete(kc2), "%s: SecKeychainDelete", testName);
  85         CFRelease(kc2);
  86
  87         bool testWithFreshlyCreatedKeychain = true;
  88         SecKeychainRef keychain = createNewKeychain("test", "test");
  89         ok_status(SecKeychainLock(keychain), "SecKeychainLock");
  90
  91         do {
  92                 SecKeychainStatus keychainStatus = 0;
  93                 is_status(SecKeychainUnlock(keychain, 0, NULL, true), -25293, "SecKeychainUnlock with NULL password (incorrect)");
  94                 ok_status(SecKeychainGetStatus(keychain, &keychainStatus), "SecKeychainGetStatus");
  95                 is( (keychainStatus & kSecUnlockStateStatus), 0, "Check it's not unlocked");
  96
  97                 keychainStatus = 0;
  98                 ok_status(SecKeychainUnlock(keychain, strlen("test"), "test", true), "SecKeychainUnlock with correct password");
  99                 ok_status(SecKeychainGetStatus(keychain, &keychainStatus), "SecKeychainGetStatus");
 100                 is( (keychainStatus & kSecUnlockStateStatus), kSecUnlockStateStatus, "Check it's unlocked");
 101
 102                 ok_status(SecKeychainLock(keychain), "SecKeychainLock");
 103
 104                 if (testWithFreshlyCreatedKeychain)
 105                 {
 106         CFRelease(keychain);
 107                         testWithFreshlyCreatedKeychain = false;
 108                         ok_status(SecKeychainOpen("test", &keychain), "SecKeychainOpen");
 109                 }
 110         else {
 111                         testWithFreshlyCreatedKeychain = true;
 112
 113             ok_status(SecKeychainDelete(keychain), "%s: SecKeychainDelete", testName);
 114             CFReleaseNull(keychain);
 115         }
 116
 117         }
 118         while(!testWithFreshlyCreatedKeychain);
 119
 120 }
 121
 122
 123
 124 int kc_03_status(int argc, char *const *argv)
 125 {
 126         plan_tests(43);
 127
 128         tests();
 129
 130         return 0;
 131 }