keychain/SecureObjectSync/Regressions/sc-153-backupslicekeybag.c

   1 /*
   2  * Copyright (c) 2015 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 #include <Security/SecureObjectSync/SOSBackupSliceKeyBag.h>
  26 #include "keychain/SecureObjectSync/SOSPeerInfoCollections.h"
  27 #include <utilities/SecCFWrappers.h>
  28 #include <Security/SecRandom.h>
  29
  30 #include "keychain/SecureObjectSync/SOSInternal.h"
  31
  32 #include "SOSCircle_regressions.h"
  33 #include "SOSRegressionUtilities.h"
  34
  35 #define encode_decode_count 2
  36 #if !TARGET_OS_SIMULATOR
  37 static CF_RETURNS_RETAINED SOSBackupSliceKeyBagRef EncodeDecode(SOSBackupSliceKeyBagRef bag)
  38 {
  39     SOSBackupSliceKeyBagRef result = NULL;
  40     CFErrorRef localError = NULL;
  41     SKIP: {
  42         skip("No bag to use", 2, bag);
  43         CFDataRef encoded = SOSBSKBCopyEncoded(bag, &localError);
  44         ok(encoded, "encode (%@)", localError);
  45         CFReleaseNull(localError);
  46
  47         skip("Encode failed", 1, encoded);
  48         result = SOSBackupSliceKeyBagCreateFromData(kCFAllocatorDefault, encoded, &localError);
  49         ok(result, "create (%@)", localError);
  50         CFReleaseNull(localError);
  51
  52         CFReleaseNull(encoded);
  53     }
  54
  55     return result;
  56 }
  57 #endif
  58
  59 #if 0
  60 static CFDataRef CFDataCreateWithRandom(CFAllocatorRef allocator, size_t size) {
  61     CFMutableDataRef result = CFDataCreateMutableWithScratch(allocator, size);
  62
  63     SecRandomCopyBytes(kSecRandomDefault, size, CFDataGetMutableBytePtr(result));
  64
  65     return result;
  66 }
  67 #endif
  68
  69 static const uint8_t sEntropy1[] = {
  70     0xc4, 0xb9, 0xa6, 0x6e, 0xeb, 0x56, 0xa1, 0x5c, 0x1d, 0x30, 0x09, 0x40,
  71     0x41, 0xe9, 0x68, 0xb4, 0x12, 0xe0, 0xc6, 0x69, 0xfb, 0xdf, 0xcb, 0xe0,
  72     0x27, 0x4b, 0x54, 0xf0, 0xdd, 0x62, 0x10, 0x78
  73 };
  74
  75 static const uint8_t sEntropy2[] = {
  76     0xef, 0xbd, 0x72, 0x57, 0x02, 0xe6, 0xbd, 0x0a, 0x22, 0x6e, 0x77, 0x93,
  77     0x17, 0xb3, 0x27, 0x12, 0x1b, 0x1f, 0xdf, 0xa0, 0x5b, 0xc6, 0x66, 0x54,
  78     0x3a, 0x91, 0x0d, 0xc1, 0x5f, 0x57, 0x98, 0x44
  79 };
  80
  81 #if !TARGET_OS_SIMULATOR
  82     #define tests_count (8 + encode_decode_count)
  83 #else
  84     #define tests_count (6)
  85 #endif
  86
  87 static void tests(void)
  88 {
  89     CFErrorRef localError = NULL;
  90     CFMutableSetRef piSet = CFSetCreateMutableForSOSPeerInfosByID(kCFAllocatorDefault);
  91
  92     CFDataRef entropy1 = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, sEntropy1, sizeof(sEntropy1), kCFAllocatorNull);
  93     CFDataRef entropy2 = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, sEntropy2, sizeof(sEntropy2), kCFAllocatorNull);
  94
  95     SecKeyRef peer1SigningKey = NULL;
  96     SecKeyRef peer1OctagonSigningKey = NULL;
  97     SecKeyRef peer1OctagonEncryptionKey = NULL;
  98     SOSFullPeerInfoRef fullPeer1WithBackup = SOSCreateFullPeerInfoFromName(CFSTR("peer1WithBackupID"), &peer1SigningKey, &peer1OctagonSigningKey, &peer1OctagonEncryptionKey, &localError);
  99     ok(fullPeer1WithBackup, "Allocate peer 1 (%@)", localError);
 100     CFReleaseNull(localError);
 101
 102     CFDataRef peer1BackupPublic = SOSCopyDeviceBackupPublicKey(entropy1, &localError);
 103     ok(peer1BackupPublic, "Got backup key (%@)", localError);
 104     CFReleaseNull(localError);
 105
 106     SOSFullPeerInfoUpdateBackupKey(fullPeer1WithBackup, peer1BackupPublic, &localError);
 107
 108     SOSPeerInfoRef peer1WithBackup = SOSFullPeerInfoGetPeerInfo(fullPeer1WithBackup);
 109
 110     SecKeyRef peer2SigningKey = NULL;
 111     SecKeyRef peer2OctagonSigningKey = NULL;
 112     SecKeyRef peer2OctagonEncryptionKey = NULL;
 113     SOSFullPeerInfoRef fullPeer2WithBackup = SOSCreateFullPeerInfoFromName(CFSTR("peer2WithBackupID"), &peer2SigningKey, &peer2OctagonSigningKey, &peer2OctagonEncryptionKey, &localError);
 114     ok(fullPeer2WithBackup, "Allocate peer 2 (%@)", localError);
 115     CFReleaseNull(localError);
 116
 117     CFDataRef peer2BackupPublic = SOSCopyDeviceBackupPublicKey(entropy2, &localError);
 118     ok(peer2BackupPublic, "Got backup key (%@)", localError);
 119     CFReleaseNull(localError);
 120
 121     SOSFullPeerInfoUpdateBackupKey(fullPeer2WithBackup, peer2BackupPublic, &localError);
 122
 123     SOSPeerInfoRef peer2WithBackup = SOSFullPeerInfoGetPeerInfo(fullPeer2WithBackup);
 124
 125     SOSBackupSliceKeyBagRef vb = SOSBackupSliceKeyBagCreate(kCFAllocatorDefault, piSet, &localError);
 126     ok(vb == NULL, "Should fail with no peers (%@)", localError);
 127     CFReleaseNull(localError);
 128     CFReleaseNull(vb);
 129
 130     CFSetAddValue(piSet, peer1WithBackup);
 131     CFSetAddValue(piSet, peer2WithBackup);
 132
 133     SOSBackupSliceKeyBagRef vb2 = NULL;
 134
 135 #if !TARGET_OS_SIMULATOR
 136     vb = SOSBackupSliceKeyBagCreate(kCFAllocatorDefault, piSet, &localError);
 137     ok(vb != NULL, "Allocation: (%@)", localError);
 138     CFReleaseNull(localError);
 139
 140     vb2 = EncodeDecode(vb);
 141
 142     ok(vb2 != NULL, "transcoded");
 143 #endif
 144 #if 0
 145     // <rdar://problem/20561988> Have helper functions for new security object that load bags
 146     keybag_handle_t ourHandle = SOSBSKBLoadAndUnlockWithPeerSecret(vb, peer2WithBackup, entropy2, &localError);
 147     ok(ourHandle != bad_keybag_handle, "loaded with peer secret, handle %d (%@)", ourHandle, localError);
 148     CFReleaseNull(localError);
 149
 150     aks_unload_bag(ourHandle);
 151 #else
 152 TODO:{
 153     todo("no simulator supprt");
 154     ok(false);
 155     }
 156 #endif
 157
 158     CFReleaseNull(vb);
 159     CFReleaseNull(vb2);
 160     CFReleaseNull(piSet);
 161
 162     CFReleaseNull(peer1SigningKey);
 163     CFReleaseNull(peer2OctagonSigningKey);
 164     CFReleaseNull(peer1BackupPublic);
 165     CFReleaseNull(fullPeer1WithBackup);
 166
 167     CFReleaseNull(peer2SigningKey);
 168     CFReleaseNull(peer2OctagonSigningKey);
 169     CFReleaseNull(peer2BackupPublic);
 170     CFReleaseNull(fullPeer2WithBackup);
 171
 172     CFReleaseNull(entropy1);
 173     CFReleaseNull(entropy2);
 174 }
 175
 176 static int kTestTestCount = tests_count;
 177
 178 int sc_153_backupslicekeybag(int argc, char *const *argv)
 179 {
 180     plan_tests(kTestTestCount);
 181
 182     tests();
 183
 184     return 0;
 185 }