OSX/sec/securityd/Regressions/secd-32-restore-bad-backup.c

   1 /*
   2  * Copyright (c) 2008-2010,2013 Apple Inc. All rights reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 #include <CoreFoundation/CoreFoundation.h>
  26 #include <Security/SecBase.h>
  27 #include <Security/SecItem.h>
  28 #include <Security/SecItemPriv.h>
  29 #include <Security/SecInternal.h>
  30 #include <utilities/SecFileLocations.h>
  31 #include <utilities/SecCFWrappers.h>
  32
  33 #include <stdlib.h>
  34 #include <fcntl.h>
  35 #include <unistd.h>
  36 #include <sys/stat.h>
  37 #include <sqlite3.h>
  38
  39 #include "secd_regressions.h"
  40
  41 #include <securityd/SecItemServer.h>
  42
  43 #include "SecdTestKeychainUtilities.h"
  44
  45 /* Keybag and exported plist data. */
  46 static const unsigned char keybag_data[] = {
  47     0x56, 0x45, 0x52, 0x53, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x03,
  48     0x54, 0x59, 0x50, 0x45, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x01,
  49     0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10, 0x12, 0x3a, 0xf9, 0xcb,
  50     0xd8, 0x76, 0x47, 0x01, 0xaa, 0xc5, 0xcf, 0xe5, 0x14, 0xf4, 0xf2, 0x98,
  51     0x48, 0x4d, 0x43, 0x4b, 0x00, 0x00, 0x00, 0x28, 0x00, 0x00, 0x00, 0x00,
  52     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  53     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  54     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  55     0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00,
  56     0x53, 0x41, 0x4c, 0x54, 0x00, 0x00, 0x00, 0x14, 0xbb, 0xfd, 0xa3, 0x3e,
  57     0x32, 0xa7, 0x80, 0x48, 0xd1, 0x2a, 0x39, 0x4b, 0x78, 0x6b, 0x35, 0x11,
  58     0x27, 0x62, 0x38, 0xe4, 0x49, 0x54, 0x45, 0x52, 0x00, 0x00, 0x00, 0x04,
  59     0x00, 0x00, 0x27, 0x10, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
  60     0xba, 0x4e, 0xed, 0x78, 0x38, 0x4a, 0x41, 0x4c, 0x8a, 0x2f, 0x6d, 0x1c,
  61     0x3a, 0xc9, 0xc8, 0xad, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
  62     0x00, 0x00, 0x00, 0x0b, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
  63     0x00, 0x00, 0x00, 0x03, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
  64     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
  65     0x75, 0x88, 0x12, 0x0f, 0xbf, 0x21, 0x6b, 0x65, 0x85, 0xd0, 0x67, 0xdf,
  66     0x9b, 0xd1, 0xb3, 0x40, 0x53, 0x03, 0xaf, 0xb8, 0x8f, 0xe3, 0x5c, 0x97,
  67     0x43, 0xdd, 0x71, 0x65, 0x27, 0xd3, 0x73, 0xeb, 0x37, 0x5b, 0x29, 0xe8,
  68     0xd1, 0x14, 0xfe, 0xa3, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
  69     0x2b, 0x76, 0x49, 0x3c, 0xc2, 0x5c, 0x4e, 0xc8, 0x8d, 0xea, 0x9a, 0x59,
  70     0x11, 0x98, 0xdd, 0x40, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
  71     0x00, 0x00, 0x00, 0x0a, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
  72     0x00, 0x00, 0x00, 0x03, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
  73     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
  74     0xee, 0x8f, 0x46, 0xd8, 0x10, 0x17, 0x6e, 0x6c, 0x63, 0xee, 0x04, 0x22,
  75     0xd4, 0xec, 0x7c, 0x53, 0x8f, 0x2c, 0x18, 0x8d, 0xf3, 0x86, 0xdb, 0xd6,
  76     0x19, 0xae, 0x1e, 0xe0, 0x45, 0xc7, 0x75, 0x13, 0x8c, 0xb3, 0x95, 0x6f,
  77     0x21, 0x60, 0xd2, 0x9e, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
  78     0x3e, 0x91, 0xc1, 0x5d, 0xb9, 0x64, 0x44, 0xb4, 0x81, 0x0f, 0xe5, 0x12,
  79     0xae, 0x89, 0xb5, 0x73, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
  80     0x00, 0x00, 0x00, 0x09, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
  81     0x00, 0x00, 0x00, 0x03, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
  82     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
  83     0xc1, 0x22, 0x1e, 0x92, 0x54, 0xc3, 0xd6, 0x04, 0xdc, 0x45, 0x3e, 0x24,
  84     0xf9, 0x0c, 0xbe, 0x46, 0x8a, 0x02, 0xf7, 0xfc, 0x32, 0x24, 0x6d, 0x21,
  85     0x57, 0x1a, 0x43, 0xd5, 0x5f, 0xda, 0x8a, 0x5a, 0x33, 0xc0, 0xc8, 0x67,
  86     0x37, 0x79, 0xfe, 0x57, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
  87     0x4a, 0xb0, 0xd7, 0xc0, 0xfe, 0xf7, 0x42, 0x4f, 0xb2, 0xd9, 0xd8, 0x85,
  88     0x70, 0xea, 0x97, 0x74, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
  89     0x00, 0x00, 0x00, 0x08, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
  90     0x00, 0x00, 0x00, 0x03, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
  91     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
  92     0x45, 0x26, 0xb9, 0xce, 0x3f, 0x7c, 0xd9, 0xbf, 0x92, 0xb0, 0x2e, 0x93,
  93     0xbc, 0x85, 0xf9, 0xd8, 0xec, 0x30, 0xd2, 0x42, 0x4c, 0x9d, 0x89, 0x77,
  94     0xbc, 0xe3, 0x66, 0xf2, 0x23, 0x61, 0xad, 0xc7, 0xc7, 0x02, 0xb9, 0x44,
  95     0x3d, 0x66, 0xd1, 0x6f, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
  96     0x63, 0xdc, 0x85, 0xdd, 0x5b, 0xcb, 0x49, 0x43, 0xa2, 0x23, 0x93, 0xe7,
  97     0xbc, 0x88, 0x67, 0x2c, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
  98     0x00, 0x00, 0x00, 0x07, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
  99     0x00, 0x00, 0x00, 0x03, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
 100     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
 101     0x2d, 0x80, 0xa8, 0xe6, 0x01, 0x32, 0x90, 0x06, 0x63, 0xb2, 0xaf, 0x23,
 102     0x29, 0xbb, 0x85, 0x2b, 0x8f, 0x03, 0x3c, 0x07, 0xf2, 0xc3, 0xff, 0x8c,
 103     0xe5, 0x61, 0xa0, 0xec, 0xc3, 0x53, 0x28, 0xd4, 0x98, 0x92, 0x30, 0x41,
 104     0xab, 0x2b, 0x7a, 0xc9, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
 105     0x22, 0x05, 0x3e, 0xc4, 0x9c, 0x32, 0x48, 0x8e, 0xad, 0x25, 0xe5, 0xe1,
 106     0x1d, 0x05, 0xbf, 0x1c, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
 107     0x00, 0x00, 0x00, 0x06, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
 108     0x00, 0x00, 0x00, 0x03, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
 109     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
 110     0x2a, 0x51, 0x5a, 0x8b, 0x5c, 0x2d, 0x67, 0x49, 0x59, 0xce, 0xf6, 0x77,
 111     0xb0, 0x22, 0x8b, 0x53, 0x22, 0xfd, 0x5d, 0x1b, 0x6e, 0x97, 0x0c, 0xed,
 112     0x3a, 0xb5, 0x52, 0xe7, 0x04, 0x31, 0xf6, 0x97, 0x5c, 0x55, 0xf5, 0xcc,
 113     0xa9, 0xce, 0x37, 0x8c, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
 114     0xb8, 0x54, 0xc8, 0xe5, 0x40, 0xc3, 0x4f, 0x15, 0x8d, 0xda, 0xfb, 0x82,
 115     0x24, 0xe4, 0x84, 0xf3, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
 116     0x00, 0x00, 0x00, 0x05, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
 117     0x00, 0x00, 0x00, 0x03, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
 118     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
 119     0x97, 0x9d, 0xac, 0x94, 0xdc, 0x34, 0xbc, 0xea, 0x47, 0x1e, 0xf8, 0x9a,
 120     0x2e, 0xb9, 0x51, 0x60, 0xc7, 0xf3, 0x5f, 0x79, 0x43, 0x9e, 0xc8, 0x80,
 121     0xad, 0xdd, 0x86, 0x61, 0x73, 0xd1, 0xad, 0xd2, 0xc6, 0x39, 0xa6, 0x94,
 122     0x5f, 0x3d, 0x8e, 0x0e, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
 123     0x60, 0x85, 0x58, 0x0e, 0xbb, 0x91, 0x4b, 0x47, 0x84, 0xdc, 0x5a, 0x81,
 124     0x75, 0x9a, 0xcd, 0x99, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
 125     0x00, 0x00, 0x00, 0x04, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
 126     0x00, 0x00, 0x00, 0x02, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
 127     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
 128     0xba, 0x30, 0x0f, 0x71, 0x33, 0x72, 0x12, 0xeb, 0x2f, 0x30, 0x51, 0xd0,
 129     0x24, 0xfb, 0xba, 0x9b, 0xeb, 0x9b, 0x13, 0x22, 0xbe, 0x20, 0x1f, 0xe2,
 130     0xaa, 0xfe, 0x46, 0x6f, 0xe9, 0x24, 0x98, 0x74, 0x75, 0xe1, 0xe8, 0x78,
 131     0xe2, 0xdf, 0x1d, 0x79, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
 132     0xba, 0x02, 0xb1, 0xbf, 0x5a, 0x19, 0x47, 0xf9, 0x8e, 0x63, 0x61, 0xbb,
 133     0x29, 0x1b, 0x11, 0xd3, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
 134     0x00, 0x00, 0x00, 0x03, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
 135     0x00, 0x00, 0x00, 0x02, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
 136     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
 137     0xaa, 0x5d, 0xb4, 0x84, 0x93, 0xe9, 0x58, 0xf9, 0xe1, 0xb2, 0xcc, 0xbd,
 138     0xb0, 0xb5, 0xa5, 0x17, 0xe1, 0x00, 0x86, 0xbc, 0x8c, 0x66, 0x68, 0x6e,
 139     0x70, 0x4d, 0x65, 0xda, 0x06, 0xb6, 0x1a, 0xc1, 0x63, 0x1d, 0x72, 0xcd,
 140     0x86, 0x73, 0xd2, 0x94, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
 141     0x3b, 0x0e, 0x79, 0xc8, 0xc9, 0xbc, 0x4b, 0x75, 0x88, 0x16, 0x89, 0xb8,
 142     0x69, 0x9b, 0x5e, 0xce, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
 143     0x00, 0x00, 0x00, 0x02, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
 144     0x00, 0x00, 0x00, 0x02, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
 145     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
 146     0xb3, 0x0a, 0x5d, 0xb2, 0x3e, 0x63, 0xb1, 0xc5, 0x02, 0xf2, 0x38, 0xbe,
 147     0x8b, 0xb9, 0xfa, 0x06, 0xcb, 0x41, 0x6f, 0x99, 0xe7, 0x69, 0x12, 0x5f,
 148     0x6e, 0xef, 0x17, 0x67, 0xe6, 0xf6, 0xe4, 0x61, 0x2b, 0x1d, 0xe7, 0x18,
 149     0x8a, 0x5d, 0x5f, 0x66, 0x55, 0x55, 0x49, 0x44, 0x00, 0x00, 0x00, 0x10,
 150     0x45, 0xc1, 0x1e, 0x42, 0x2f, 0xd4, 0x47, 0x56, 0xa6, 0x88, 0x3a, 0x38,
 151     0x07, 0x86, 0x74, 0xcd, 0x43, 0x4c, 0x41, 0x53, 0x00, 0x00, 0x00, 0x04,
 152     0x00, 0x00, 0x00, 0x01, 0x57, 0x52, 0x41, 0x50, 0x00, 0x00, 0x00, 0x04,
 153     0x00, 0x00, 0x00, 0x02, 0x4b, 0x54, 0x59, 0x50, 0x00, 0x00, 0x00, 0x04,
 154     0x00, 0x00, 0x00, 0x00, 0x57, 0x50, 0x4b, 0x59, 0x00, 0x00, 0x00, 0x28,
 155     0x92, 0xf6, 0xf2, 0xd3, 0x54, 0x02, 0xa9, 0xb3, 0x15, 0x19, 0x2a, 0x12,
 156     0x99, 0xb3, 0x81, 0xbc, 0x92, 0x7e, 0x5c, 0x47, 0xd3, 0x56, 0x92, 0x04,
 157     0xed, 0xbc, 0x5e, 0x22, 0x36, 0x6e, 0x51, 0xd4, 0xbb, 0xad, 0xaa, 0xa3,
 158     0xbd, 0x28, 0x90, 0x64
 159 };
 160
 161 static const char export_plist[] = "\
 162 <?xml version=\"1.0\" encoding=\"UTF-8\"?>\
 163 <!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\
 164 <plist version=\"1.0\">\
 165 <dict>\
 166 <key>genp</key>\
 167 <array>\
 168 <dict>\
 169 <key>v_Data</key>\
 170 <data>\
 171 AwAAAAgAAAAoAAAAPjxrzgnoJYiuTfNV0OAii8Jgl8Zegkk93Dwm\
 172 dJo27hIyxqzTT+twzAHn0qbb+uq7IIDFbLZt9ThLJmpGuwMzXKl0\
 173 91YCqoT6d3zPAkSPhPwS29/LFE3hqeGsUyV9CSye3fW9A51b/+uA\
 174 XVD7LQdM9Xv7Def8JO9abBKW42X+l38SW0sOq34/243Hyp3q0VWT\
 175 XN+UojOkzAgsBxPsuHEOre0+9aOe+RzIO2R+s54YG3QaxSwhUOu/\
 176 DcN6raIA37BF0eOFHOlP6ZUH+NzwTWi5ycRyX833b0bMhU4M24yx\
 177 5Z88ysOPWZuD6oqycfo=\
 178 </data>\
 179 <key>v_PersistentRef</key>\
 180 <data>\
 181 Z2VucAAAAAAAAAA1\
 182 </data>\
 183 </dict>\
 184 </array>\
 185 </dict>\
 186 </plist>\
 187 ";
 188
 189 /* Test backup-restore case, when item had inconsistently set pdmn attribute (due to another bug),
 190    and mobile restore restored item with inconsistent attributes and afterwards tried SecItemUpdate()
 191    on it, which failed, leading to the failure of the whole restore operation.
 192  */
 193 static void tests(void)
 194 {
 195     /* custom keychain dir */
 196     secd_test_setup_temp_keychain("secd_32_restore_bad_backup", ^{});
 197
 198     /* Restore keychain from plist. */
 199     CFDataRef keybag = CFDataCreate(kCFAllocatorDefault, keybag_data, sizeof(keybag_data));
 200     CFDataRef backup = CFDataCreate(kCFAllocatorDefault, (const UInt8 *)export_plist, sizeof(export_plist));
 201     ok_status(_SecKeychainRestoreBackup(backup, keybag, NULL));
 202     CFRelease(keybag);
 203     CFRelease(backup);
 204
 205     /* The restored item is kind of malformed (pdmn and accc attributes are inconsistent).  Currently adopted way
 206      of handling of this item is to try to handle it gracefully, this is what this test does (i.e. it checks that
 207      it is possible to update such item).  Another possibility which might be adopted in the future is dropping such
 208      item during backup decoding.  In this case, the test should be modified to check that the item does not exist
 209      in the keychain at all. */
 210
 211     /* Try to update item with inconsistent accc and pdmn attributes. */
 212     CFDictionaryRef query = CFDictionaryCreateMutableForCFTypesWith(kCFAllocatorDefault,
 213                                                                     kSecClass, kSecClassGenericPassword,
 214                                                                     kSecAttrAccessGroup, CFSTR("com.apple.security.sos"),
 215                                                                     kSecAttrService, CFSTR("test"),
 216                                                                     NULL);
 217     CFDictionaryRef update = CFDictionaryCreateMutableForCFTypesWith(kCFAllocatorDefault,
 218                                                                      kSecAttrService, CFSTR("updated-test"),
 219                                                                      NULL);
 220
 221     ok_status(SecItemUpdate(query, update));
 222     diag("This still fails - don't be alarmed");
 223     CFRelease(update);
 224     CFRelease(query);
 225 }
 226
 227 int secd_32_restore_bad_backup(int argc, char *const *argv)
 228 {
 229     plan_tests(2 + kSecdTestSetupTestCount);
 230     tests();
 231
 232     return 0;
 233 }