keychain/SecurityUnitTests/SecKeyTests.m

   1 /*
   2  * Copyright (c) 2017 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #import <XCTest/XCTest.h>
  25
  26 @interface SecKeyTests : XCTestCase
  27 @end
  28
  29 @implementation SecKeyTests
  30
  31 - (void)testSecKeyAttributesCanBeReadWithMatchingStringsAsKeys {
  32     CFMutableDictionaryRef keyParameters = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
  33     CFDictionarySetValue(keyParameters, kSecAttrKeyType, kSecAttrKeyTypeECSECPrimeRandom);
  34     CFDictionarySetValue(keyParameters, kSecAttrKeySizeInBits, (__bridge CFNumberRef)@(384));
  35     CFDictionarySetValue(keyParameters, CFSTR("nleg"), kCFBooleanTrue);
  36     SecKeyRef secKey = SecKeyCreateRandomKey(keyParameters, nil);
  37     NSDictionary* attributes = (__bridge_transfer NSDictionary*)SecKeyCopyAttributes(secKey);
  38     XCTAssertEqualObjects(attributes[(__bridge NSString*)kSecAttrKeySizeInBits], attributes[@"bsiz"], @"the SecKey attributes dictionary value of 'kSecAttrKeySizeInBits' and 'bsiz' are not the same");
  39     XCTAssertNotNil(attributes[@"bsiz"], @"the SecKey attributes dictionary value for 'bsiz' is nil");
  40 }
  41
  42 - (void)testECIESDecryptBadInputData {
  43     NSData *message = [@"message" dataUsingEncoding:NSUTF8StringEncoding];
  44     NSError *error;
  45     id privKey = CFBridgingRelease(SecKeyCreateRandomKey((CFDictionaryRef)@{(id)kSecAttrKeyType: (id)kSecAttrKeyTypeECSECPrimeRandom, (id)kSecAttrKeySizeInBits: @256}, (void *)&error));
  46     XCTAssertNotNil(privKey, @"key generation failed: %@", error);
  47     id pubKey = CFBridgingRelease(SecKeyCopyPublicKey((SecKeyRef)privKey));
  48     XCTAssertNotNil(pubKey);
  49     NSData *ciphertext = CFBridgingRelease(SecKeyCreateEncryptedData((SecKeyRef)pubKey, kSecKeyAlgorithmECIESEncryptionStandardX963SHA256AESGCM, (CFDataRef)message, (void *)&error));
  50     XCTAssertNotNil(ciphertext, @"Encryption failed: %@", error);
  51     NSData *plaintext = CFBridgingRelease(SecKeyCreateDecryptedData((SecKeyRef)privKey, kSecKeyAlgorithmECIESEncryptionStandardX963SHA256AESGCM, (CFDataRef)ciphertext, (void *)&error));
  52     XCTAssertEqualObjects(message, plaintext, @"Decryption did not provide original message");
  53
  54     // Strip tag from ciphertext
  55     NSData *strippedCiphertext = [ciphertext subdataWithRange:NSMakeRange(0, ciphertext.length - 16)];
  56     NSData *failedDecrypted = CFBridgingRelease(SecKeyCreateDecryptedData((SecKeyRef)privKey, kSecKeyAlgorithmECIESEncryptionStandardX963SHA256AESGCM, (CFDataRef)strippedCiphertext, (void *)&error));
  57     XCTAssertNil(failedDecrypted, @"Decryption of malformed data did not fail");
  58     XCTAssertEqual(error.code, errSecParam, @"Unexpected error code provided");
  59 }
  60
  61 @end