2 * Copyright (c) 2017 Apple Inc. All rights reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 #include <Foundation/Foundation.h>
26 #include <Security/SecBase.h>
27 #include <Security/SecItem.h>
28 #include <Security/SecItemPriv.h>
29 #include <Security/SecInternal.h>
30 #include <utilities/SecFileLocations.h>
31 #include <utilities/SecCFWrappers.h>
32 #include <Security/SecItemBackup.h>
39 #include "secd_regressions.h"
41 #include <securityd/SecItemServer.h>
43 #include "SecdTestKeychainUtilities.h"
45 void SecAccessGroupsSetCurrent(CFArrayRef accessGroups);
46 CFArrayRef SecAccessGroupsGetCurrent(void);
49 static void AddItem(NSDictionary *attr)
51 NSMutableDictionary *mattr = [attr mutableCopy];
52 mattr[(__bridge id)kSecValueData] = [NSData dataWithBytes:"foo" length:3];
53 mattr[(__bridge id)kSecAttrAccessible] = (__bridge id)kSecAttrAccessibleAfterFirstUnlock;
54 ok_status(SecItemAdd((__bridge CFDictionaryRef)mattr, NULL));
57 int secd_37_pairing_initial_sync(int argc, char *const *argv)
59 CFErrorRef error = NULL;
60 CFTypeRef stuff = NULL;
65 /* custom keychain dir */
66 secd_test_setup_temp_keychain("secd_37_pairing_initial_sync", NULL);
68 CFArrayRef currentACL = CFRetainSafe(SecAccessGroupsGetCurrent());
70 NSMutableArray *newACL = [NSMutableArray arrayWithArray:(__bridge NSArray *)currentACL];
71 [newACL addObjectsFromArray:@[
72 @"com.apple.ProtectedCloudStorage",
75 SecAccessGroupsSetCurrent((__bridge CFArrayRef)newACL);
78 NSDictionary *pcsinetattrs = @{
79 (__bridge id)kSecClass : (__bridge id)kSecClassInternetPassword,
80 (__bridge id)kSecAttrAccessGroup : @"com.apple.ProtectedCloudStorage",
81 (__bridge id)kSecAttrAccount : @"1",
82 (__bridge id)kSecAttrServer : @"current",
83 (__bridge id)kSecAttrType : @(0x10001),
84 (__bridge id)kSecAttrSynchronizable : @YES,
85 (__bridge id)kSecAttrSyncViewHint : (__bridge id)kSecAttrViewHintPCSMasterKey,
87 NSDictionary *pcsinetattrsNotCurrent = @{
88 (__bridge id)kSecClass : (__bridge id)kSecClassInternetPassword,
89 (__bridge id)kSecAttrAccessGroup : @"com.apple.ProtectedCloudStorage",
90 (__bridge id)kSecAttrAccount : @"1",
91 (__bridge id)kSecAttrServer : @"noncurrent",
92 (__bridge id)kSecAttrType : @(0x00001),
93 (__bridge id)kSecAttrSynchronizable : @YES,
94 (__bridge id)kSecAttrSyncViewHint : (__bridge id)kSecAttrViewHintPCSMasterKey,
96 NSDictionary *pcsgenpattrs = @{
97 (__bridge id)kSecClass : (__bridge id)kSecClassGenericPassword,
98 (__bridge id)kSecAttrAccessGroup : @"com.apple.ProtectedCloudStorage",
99 (__bridge id)kSecAttrAccount : @"2",
100 (__bridge id)kSecAttrSynchronizable : @YES,
101 (__bridge id)kSecAttrSyncViewHint : (__bridge id)kSecAttrViewHintPCSMasterKey,
103 NSDictionary *ckksattrs = @{
104 (__bridge id)kSecClass : (__bridge id)kSecClassInternetPassword,
105 (__bridge id)kSecAttrAccessGroup : @"com.apple.security.ckks",
106 (__bridge id)kSecAttrAccount : @"2",
107 (__bridge id)kSecAttrSynchronizable : @YES,
108 (__bridge id)kSecAttrSyncViewHint : (__bridge id)kSecAttrViewHintPCSMasterKey,
110 AddItem(pcsinetattrs);
111 AddItem(pcsinetattrsNotCurrent);
112 AddItem(pcsgenpattrs);
115 CFArrayRef items = _SecServerCopyInitialSyncCredentials(SecServerInitialSyncCredentialFlagTLK | SecServerInitialSyncCredentialFlagPCS, &error);
116 ok(items, "_SecServerCopyInitialSyncCredentials: %@", error);
117 CFReleaseNull(error);
119 ok_status((res = SecItemCopyMatching((__bridge CFDictionaryRef)pcsinetattrs, &stuff)),
120 "SecItemCopyMatching: %d", (int)res);
121 CFReleaseNull(stuff);
122 ok_status((res = SecItemCopyMatching((__bridge CFDictionaryRef)pcsinetattrsNotCurrent, &stuff)),
123 "SecItemCopyMatching: %d", (int)res);
124 CFReleaseNull(stuff);
125 ok_status((res = SecItemCopyMatching((__bridge CFDictionaryRef)pcsgenpattrs, &stuff)),
126 "SecItemCopyMatching: %d", (int)res);
127 CFReleaseNull(stuff);
128 ok_status((res = SecItemCopyMatching((__bridge CFDictionaryRef)ckksattrs, &stuff)),
129 "SecItemCopyMatching: %d", (int)res);
130 CFReleaseNull(stuff);
133 ok(_SecItemDeleteAll(&error), "SecItemServerDeleteAll: %@", error);
134 CFReleaseNull(error);
136 ok(_SecServerImportInitialSyncCredentials(items, &error), "_SecServerImportInitialSyncCredentials: %@", error);
137 CFReleaseNull(error);
138 CFReleaseNull(items);
140 ok_status((res = SecItemCopyMatching((__bridge CFDictionaryRef)pcsinetattrs, &stuff)),
141 "SecItemCopyMatching: %d", (int)res);
142 CFReleaseNull(stuff);
143 is_status((res = SecItemCopyMatching((__bridge CFDictionaryRef)pcsinetattrsNotCurrent, &stuff)), errSecItemNotFound,
144 "SecItemCopyMatching: %d", (int)res);
145 CFReleaseNull(stuff);
146 ok_status((res = SecItemCopyMatching((__bridge CFDictionaryRef)pcsgenpattrs, &stuff)),
147 "SecItemCopyMatching: %d", (int)res);
148 CFReleaseNull(stuff);
149 ok_status((res = SecItemCopyMatching((__bridge CFDictionaryRef)ckksattrs, &stuff)),
150 "SecItemCopyMatching: %d", (int)res);
151 CFReleaseNull(stuff);
153 SecAccessGroupsSetCurrent(currentACL);
154 CFReleaseNull(currentACL);