]> git.saurik.com Git - apple/security.git/blob - SecurityTests/clxutils/threadTest/sslThrash.cpp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57031.10.10.tar.gz
[apple/security.git] / SecurityTests / clxutils / threadTest / sslThrash.cpp
1 /*
2 * sslThrash.cpp
3 *
4 * track down multithread SecureTransport memory smasher - this test
5 * does no network I/O
6 */
7 #include "testParams.h"
8 #include <Security/cssm.h>
9 #include <utilLib/common.h>
10 #include <utilLib/cspwrap.h>
11 #include <clAppUtils/clutils.h>
12 #include <clAppUtils/tpUtils.h>
13 #include <security_cdsa_utils/cuFileIo.h>
14 #include <stdio.h>
15 #include <stdlib.h>
16 #include <time.h>
17 #include <string.h>
18 #include <Security/SecureTransport.h>
19
20 #define DO_PAUSE 0
21
22 #define NUM_INNER_LOOPS 10
23
24
25 /*
26 * Derive a symmetric CSSM_KEY from the specified raw key material.
27 */
28 static CSSM_RETURN cdsaDeriveKey(
29 CSSM_CSP_HANDLE cspHandle,
30 const void *rawKey,
31 size_t rawKeyLen,
32 CSSM_ALGORITHMS keyAlg, // e.g., CSSM_ALGID_AES
33 uint32 keySizeInBits,
34 CSSM_KEY_PTR key)
35 {
36 CSSM_RETURN crtn;
37 CSSM_CC_HANDLE ccHand;
38 CSSM_DATA dummyLabel = {8, (uint8 *)"tempKey"};
39 CSSM_DATA saltData = {8, (uint8 *)"someSalt"};
40 CSSM_PKCS5_PBKDF2_PARAMS pbeParams;
41 CSSM_DATA pbeData;
42 CSSM_ACCESS_CREDENTIALS creds;
43
44 memset(key, 0, sizeof(CSSM_KEY));
45 memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
46 crtn = CSSM_CSP_CreateDeriveKeyContext(cspHandle,
47 CSSM_ALGID_PKCS5_PBKDF2,
48 keyAlg,
49 keySizeInBits,
50 &creds,
51 NULL, // BaseKey
52 1000, // iterationCount, 1000 is the minimum
53 &saltData,
54 NULL, // seed
55 &ccHand);
56 if(crtn) {
57 cssmPerror("CSSM_CSP_CreateDeriveKeyContext", crtn);
58 return crtn;
59 }
60
61 /* this is the caller's raw key bits, typically ASCII (though it
62 * could be anything) */
63 pbeParams.Passphrase.Data = (uint8 *)rawKey;
64 pbeParams.Passphrase.Length = rawKeyLen;
65 /* The only PRF supported by the CSP is HMACSHA1 */
66 pbeParams.PseudoRandomFunction = CSSM_PKCS5_PBKDF2_PRF_HMAC_SHA1;
67 pbeData.Data = (uint8 *)&pbeParams;
68 pbeData.Length = sizeof(pbeParams);
69 crtn = CSSM_DeriveKey(ccHand,
70 &pbeData,
71 CSSM_KEYUSE_ANY,
72 CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE,
73 &dummyLabel,
74 NULL, // cred and acl
75 key);
76 CSSM_DeleteContext(ccHand); // ignore error here
77 if(crtn) {
78 cssmPerror("CSSM_DeriveKey", crtn);
79 }
80 return crtn;
81 }
82
83 static CSSM_API_MEMORY_FUNCS memFuncs = {
84 appMalloc,
85 appFree,
86 appRealloc,
87 appCalloc,
88 NULL
89 };
90 static CSSM_VERSION vers = {2, 0};
91
92 /*
93 * Initialize CDSA and attach to the CSP.
94 */
95 static CSSM_RETURN cdsaCspAttach(
96 CSSM_CSP_HANDLE *cspHandle)
97 {
98 CSSM_CSP_HANDLE cspHand;
99 CSSM_RETURN crtn;
100
101 /* Load the CSP bundle into this app's memory space */
102 crtn = CSSM_ModuleLoad(&gGuidAppleCSP,
103 CSSM_KEY_HIERARCHY_NONE,
104 NULL, // eventHandler
105 NULL); // AppNotifyCallbackCtx
106 if(crtn) {
107 return crtn;
108 }
109
110 /* obtain a handle which will be used to refer to the CSP */
111 crtn = CSSM_ModuleAttach (&gGuidAppleCSP,
112 &vers,
113 &memFuncs, // memFuncs
114 0, // SubserviceID
115 CSSM_SERVICE_CSP,
116 0, // AttachFlags
117 CSSM_KEY_HIERARCHY_NONE,
118 NULL, // FunctionTable
119 0, // NumFuncTable
120 NULL, // reserved
121 &cspHand);
122 if(crtn) {
123 return crtn;
124 }
125 *cspHandle = cspHand;
126 return CSSM_OK;
127 }
128
129 static bool thrashInit = false;
130 static bool doSsl = true;
131 static bool doKey = true;
132 static bool doAttach = true;
133
134 int sslThrashInit(TestParams *testParams)
135 {
136 if(thrashInit) {
137 return 0;
138 }
139
140 char *opts = testParams->testOpts;
141 if(opts == NULL) {
142 thrashInit = true;
143 return 0;
144 }
145 while(*opts != '\0') {
146 switch(*opts) {
147 case 'k':
148 doKey = false;
149 printf("...sslThrash: doKey disabled\n");
150 break;
151 case 's':
152 doSsl = false;
153 printf("...sslThrash: doSsl disabled\n");
154 break;
155 case 'a':
156 doAttach = false;
157 printf("...sslThrash: doAttach disabled\n");
158 break;
159 default:
160 /* for other tests */
161 break;
162 }
163 opts++;
164 }
165 thrashInit = true;
166 return 0;
167 }
168
169 #define FAKE_SSL 0
170 #define SSL_CTX_SIZE 600
171 #define FAKE_DISPOSE 0
172
173 int sslThrash(TestParams *testParams)
174 {
175 CSSM_RETURN crtn;
176 unsigned loopNum;
177 SSLContextRef sslCtx;
178 unsigned dex;
179 CSSM_KEY ckey;
180 CSSM_HANDLE cspHand;
181
182 for(loopNum=0; loopNum<testParams->numLoops; loopNum++) {
183 if(testParams->verbose) {
184 printf("sslThrash loop %d\n", loopNum);
185 }
186 else if(!testParams->quiet) {
187 printChar(testParams->progressChar);
188 }
189
190 for(dex=0; dex<NUM_INNER_LOOPS; dex++) {
191 if(doAttach) {
192 crtn = cdsaCspAttach(&cspHand);
193 if(crtn) {
194 printf("cdsaCspAttach error\n");
195 return 1;
196 }
197 }
198 if(doSsl) {
199 #if FAKE_SSL
200 sslCtx = (SSLContext *)malloc(SSL_CTX_SIZE);
201 #else
202 OSStatus ortn = SSLNewContext(false, &sslCtx);
203 if(ortn) {
204 cssmPerror("SSLNewContext", ortn);
205 printf("SSLNewContext error %d\n", (int)ortn);
206 return 1;
207 }
208 #endif
209 }
210 if(doKey) {
211 crtn = cdsaDeriveKey(testParams->cspHand,
212 "some silly string",
213 17,
214 CSSM_ALGID_AES,
215 128,
216 &ckey);
217 if(crtn) {
218 printf("cdsaDeriveKey error\n");
219 return 1;
220 }
221 }
222 if(doSsl) {
223 #if FAKE_SSL || FAKE_DISPOSE
224 free(sslCtx);
225 #else
226 OSStatus ortn = SSLDisposeContext(sslCtx);
227 if(ortn) {
228 cssmPerror("SSLDisposeContext", ortn);
229 printf("SSLDisposeContext error %d\n", (int)ortn);
230 return 1;
231 }
232 #endif
233 }
234 if(doKey) {
235 crtn = CSSM_FreeKey(testParams->cspHand,
236 NULL, // access cred
237 &ckey,
238 CSSM_FALSE);
239 if(crtn) {
240 cssmPerror("CSSM_FreeKey", crtn);
241 printf("CSSM_FreeKey error\n");
242 return 1;
243 }
244 }
245 if(doAttach) {
246 crtn = CSSM_ModuleDetach(cspHand);
247 if(crtn) {
248 cssmPerror("CSSM_ModuleDetach", crtn);
249 printf("CSSM_ModuleDetach error\n");
250 return 1;
251 }
252 }
253 randomDelay();
254
255 /* leak debug */
256 #if DO_PAUSE
257 fpurge(stdin);
258 printf("Hit CR to continue: ");
259 getchar();
260 #endif
261 } /* inner loop */
262
263 } /* outer loop */
264 return 0;
265 }
mirror of Security