2 * Copyright (c) 2018 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 #import <XCTest/XCTest.h>
26 #include "SecCertificatePriv.h"
27 #include "SecPolicyPriv.h"
28 #include "SecTrustPriv.h"
29 #include "OSX/utilities/SecCFWrappers.h"
31 #include "../TestMacroConversions.h"
32 #include "TrustEvaluationTestCase.h"
33 #include "iAPTests_data.h"
35 @interface iAPTests : TrustEvaluationTestCase
38 @implementation iAPTests
40 - (void)testiAPNegativeSignatures {
41 /* Test that we can handle and fix up negative integer value(s) in ECDSA signature */
42 const void *negIntSigLeaf;
43 isnt(negIntSigLeaf = SecCertificateCreateWithBytes(NULL, _leaf_NegativeIntInSig,
44 sizeof(_leaf_NegativeIntInSig)), NULL, "create negIntSigLeaf");
45 CFArrayRef certs = NULL;
46 isnt(certs = CFArrayCreate(NULL, &negIntSigLeaf, 1, &kCFTypeArrayCallBacks), NULL, "failed to create certs array");
47 SecPolicyRef policy = NULL;
48 isnt(policy = SecPolicyCreateiAP(), NULL, "failed to create policy");
49 SecTrustRef trust = NULL;
50 ok_status(SecTrustCreateWithCertificates(certs, policy, &trust),
51 "create trust for negIntSigLeaf");
53 const void *rootAACA2;
54 isnt(rootAACA2 = SecCertificateCreateWithBytes(NULL, _root_AACA2,
55 sizeof(_root_AACA2)), NULL, "create rootAACA2");
56 CFArrayRef anchors = NULL;
57 isnt(anchors = CFArrayCreate(NULL, &rootAACA2, 1, &kCFTypeArrayCallBacks), NULL, "failed to create anchors array");
58 if (!anchors) { goto errOut; }
59 ok_status(SecTrustSetAnchorCertificates(trust, anchors), "set anchor certificates");
61 XCTAssert(SecTrustEvaluateWithError(trust, NULL), "trust evaluation failed");
66 CFReleaseNull(anchors);
67 CFReleaseNull(negIntSigLeaf);
68 CFReleaseNull(rootAACA2);
69 CFReleaseNull(policy);