OSX/sec/SOSCircle/Regressions/sc-153-backupslicekeybag.c

   1 /*
   2  * Copyright (c) 2015 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 #include <Security/SecureObjectSync/SOSBackupSliceKeyBag.h>
  26 #include <Security/SecureObjectSync/SOSPeerInfoCollections.h>
  27 #include <utilities/SecCFWrappers.h>
  28 #include <Security/SecRandom.h>
  29
  30 #include "SOSInternal.h"
  31
  32 #include "SOSCircle_regressions.h"
  33 #include "SOSRegressionUtilities.h"
  34
  35 #define encode_decode_count 2
  36 #if !TARGET_IPHONE_SIMULATOR
  37 static SOSBackupSliceKeyBagRef EncodeDecode(SOSBackupSliceKeyBagRef bag)
  38 {
  39     SOSBackupSliceKeyBagRef result = NULL;
  40     CFErrorRef localError = NULL;
  41     SKIP: {
  42         skip("No bag to use", 2, bag);
  43         CFDataRef encoded = SOSBSKBCopyEncoded(bag, &localError);
  44         ok(encoded, "encode (%@)", localError);
  45         CFReleaseNull(localError);
  46
  47         skip("Encode failed", 1, encoded);
  48         result = SOSBackupSliceKeyBagCreateFromData(kCFAllocatorDefault, encoded, &localError);
  49         ok(result, "create (%@)", localError);
  50         CFReleaseNull(localError);
  51
  52         CFReleaseNull(encoded);
  53     }
  54
  55     return result;
  56 }
  57 #endif
  58
  59 #if 0
  60 static CFDataRef CFDataCreateWithRandom(CFAllocatorRef allocator, size_t size) {
  61     CFMutableDataRef result = CFDataCreateMutableWithScratch(allocator, size);
  62
  63     SecRandomCopyBytes(kSecRandomDefault, size, CFDataGetMutableBytePtr(result));
  64
  65     return result;
  66 }
  67 #endif
  68
  69 static const uint8_t sEntropy1[] = {
  70     0xc4, 0xb9, 0xa6, 0x6e, 0xeb, 0x56, 0xa1, 0x5c, 0x1d, 0x30, 0x09, 0x40,
  71     0x41, 0xe9, 0x68, 0xb4, 0x12, 0xe0, 0xc6, 0x69, 0xfb, 0xdf, 0xcb, 0xe0,
  72     0x27, 0x4b, 0x54, 0xf0, 0xdd, 0x62, 0x10, 0x78
  73 };
  74
  75 static const uint8_t sEntropy2[] = {
  76     0xef, 0xbd, 0x72, 0x57, 0x02, 0xe6, 0xbd, 0x0a, 0x22, 0x6e, 0x77, 0x93,
  77     0x17, 0xb3, 0x27, 0x12, 0x1b, 0x1f, 0xdf, 0xa0, 0x5b, 0xc6, 0x66, 0x54,
  78     0x3a, 0x91, 0x0d, 0xc1, 0x5f, 0x57, 0x98, 0x44
  79 };
  80
  81 #if !TARGET_IPHONE_SIMULATOR
  82     #define tests_count (8 + encode_decode_count)
  83 #else
  84     #define tests_count (6)
  85 #endif
  86
  87 static void tests(void)
  88 {
  89     CFErrorRef localError = NULL;
  90     CFMutableSetRef piSet = CFSetCreateMutableForSOSPeerInfosByID(kCFAllocatorDefault);
  91
  92     CFDataRef entropy1 = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, sEntropy1, sizeof(sEntropy1), kCFAllocatorNull);
  93     CFDataRef entropy2 = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, sEntropy2, sizeof(sEntropy2), kCFAllocatorNull);
  94
  95     SecKeyRef peer1SigningKey = NULL;
  96     SecKeyRef peer1OctagonSigningKey = NULL;
  97     SOSFullPeerInfoRef fullPeer1WithBackup = SOSCreateFullPeerInfoFromName(CFSTR("peer1WithBackupID"), &peer1SigningKey, &peer1OctagonSigningKey, &localError);
  98     ok(fullPeer1WithBackup, "Allocate peer 1 (%@)", localError);
  99     CFReleaseNull(localError);
 100
 101     CFDataRef peer1BackupPublic = SOSCopyDeviceBackupPublicKey(entropy1, &localError);
 102     ok(peer1BackupPublic, "Got backup key (%@)", localError);
 103     CFReleaseNull(localError);
 104
 105     SOSFullPeerInfoUpdateBackupKey(fullPeer1WithBackup, peer1BackupPublic, &localError);
 106
 107     SOSPeerInfoRef peer1WithBackup = SOSFullPeerInfoGetPeerInfo(fullPeer1WithBackup);
 108
 109     SecKeyRef peer2SigningKey = NULL;
 110     SecKeyRef peer2OctagonSigningKey = NULL;
 111     SOSFullPeerInfoRef fullPeer2WithBackup = SOSCreateFullPeerInfoFromName(CFSTR("peer2WithBackupID"), &peer2SigningKey, &peer2OctagonSigningKey, &localError);
 112     ok(fullPeer2WithBackup, "Allocate peer 2 (%@)", localError);
 113     CFReleaseNull(localError);
 114
 115     CFDataRef peer2BackupPublic = SOSCopyDeviceBackupPublicKey(entropy2, &localError);
 116     ok(peer2BackupPublic, "Got backup key (%@)", localError);
 117     CFReleaseNull(localError);
 118
 119     SOSFullPeerInfoUpdateBackupKey(fullPeer2WithBackup, peer2BackupPublic, &localError);
 120
 121     SOSPeerInfoRef peer2WithBackup = SOSFullPeerInfoGetPeerInfo(fullPeer2WithBackup);
 122
 123     SOSBackupSliceKeyBagRef vb = SOSBackupSliceKeyBagCreate(kCFAllocatorDefault, piSet, &localError);
 124     ok(vb == NULL, "Should fail with no peers (%@)", localError);
 125     CFReleaseNull(localError);
 126     CFReleaseNull(vb);
 127
 128     CFSetAddValue(piSet, peer1WithBackup);
 129     CFSetAddValue(piSet, peer2WithBackup);
 130
 131     SOSBackupSliceKeyBagRef vb2 = NULL;
 132
 133 #if !TARGET_IPHONE_SIMULATOR
 134     vb = SOSBackupSliceKeyBagCreate(kCFAllocatorDefault, piSet, &localError);
 135     ok(vb != NULL, "Allocation: (%@)", localError);
 136     CFReleaseNull(localError);
 137
 138     vb2 = EncodeDecode(vb);
 139
 140     ok(vb2 != NULL, "transcoded");
 141 #endif
 142 #if 0
 143     // <rdar://problem/20561988> Have helper functions for new security object that load bags
 144     keybag_handle_t ourHandle = SOSBSKBLoadAndUnlockWithPeerSecret(vb, peer2WithBackup, entropy2, &localError);
 145     ok(ourHandle != bad_keybag_handle, "loaded with peer secret, handle %d (%@)", ourHandle, localError);
 146     CFReleaseNull(localError);
 147
 148     aks_unload_bag(ourHandle);
 149 #else
 150 TODO:{
 151     todo("no simulator supprt");
 152     ok(false);
 153     }
 154 #endif
 155
 156     CFReleaseNull(vb);
 157     CFReleaseNull(vb2);
 158     CFReleaseNull(piSet);
 159
 160     CFReleaseNull(peer1SigningKey);
 161     CFReleaseNull(peer2OctagonSigningKey);
 162     CFReleaseNull(peer1BackupPublic);
 163     CFReleaseNull(fullPeer1WithBackup);
 164
 165     CFReleaseNull(peer2SigningKey);
 166     CFReleaseNull(peer2OctagonSigningKey);
 167     CFReleaseNull(peer2BackupPublic);
 168     CFReleaseNull(fullPeer2WithBackup);
 169
 170     CFReleaseNull(entropy1);
 171     CFReleaseNull(entropy2);
 172 }
 173
 174 static int kTestTestCount = tests_count;
 175
 176 int sc_153_backupslicekeybag(int argc, char *const *argv)
 177 {
 178     plan_tests(kTestTestCount);
 179
 180     tests();
 181
 182     return 0;
 183 }