]> git.saurik.com Git - apple/security.git/blob - keychain/ot/tests/OTLocalStoreTests.m
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Security-59306.11.20.tar.gz
[apple/security.git] / keychain / ot / tests / OTLocalStoreTests.m
1 /*
2 * Copyright (c) 2017 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #if OCTAGON
25
26 #import "OTTestsBase.h"
27
28 /* Octagon Trust Local Context Record Constants */
29 static NSString* OTCKRecordContextID = @"contextID";
30 static NSString* OTCKRecordDSID = @"accountDSID";
31 static NSString* OTCKRecordContextName = @"contextName";
32 static NSString* OTCKRecordZoneCreated = @"zoneCreated";
33 static NSString* OTCKRecordSubscribedToChanges = @"subscribedToChanges";
34 static NSString* OTCKRecordChangeToken = @"changeToken";
35 static NSString* OTCKRecordEgoPeerID = @"egoPeerID";
36 static NSString* OTCKRecordEgoPeerCreationDate = @"egoPeerCreationDate";
37 static NSString* OTCKRecordRecoverySigningSPKI = @"recoverySigningSPKI";
38 static NSString* OTCKRecordRecoveryEncryptionSPKI = @"recoveryEncryptionSPKI";
39 static NSString* OTCKRecordBottledPeerTableEntry = @"bottledPeer";
40
41 /* Octagon Trust Local Peer Record */
42 static NSString* OTCKRecordPeerID = @"peerID";
43 static NSString* OTCKRecordPermanentInfo = @"permanentInfo";
44 static NSString* OTCKRecordStableInfo = @"stableInfo";
45 static NSString* OTCKRecordDynamicInfo = @"dynamicInfo";
46 static NSString* OTCKRecordRecoveryVoucher = @"recoveryVoucher";
47 static NSString* OTCKRecordIsEgoPeer = @"isEgoPeer";
48
49 /* Octagon Trust BottledPeerSchema */
50 static NSString* OTCKRecordEscrowRecordID = @"escrowRecordID";
51 static NSString* OTCKRecordRecordID = @"bottledPeerRecordID";
52 static NSString* OTCKRecordSPID = @"spID";
53 static NSString* OTCKRecordEscrowSigningSPKI = @"escrowSigningSPKI";
54 static NSString* OTCKRecordPeerSigningSPKI = @"peerSigningSPKI";
55 static NSString* OTCKRecordEscrowSigningPubKey = @"escrowSigningPubKey";
56 static NSString* OTCKRecordPeerSigningPubKey = @"peerSigningPubKey";
57 static NSString* OTCKRecordSignatureFromEscrow = @"signatureUsingEscrow";
58 static NSString* OTCKRecordSignatureFromPeerKey = @"signatureUsingPeerKey";
59 static NSString* OTCKRecordBottle = @"bottle";
60
61 static NSString* const testDSID = @"123456789";
62
63 @interface UnitTestOTLocalStore : OTTestsBase
64 @end
65
66 @implementation UnitTestOTLocalStore
67
68 - (void)setUp
69 {
70 [super setUp];
71
72 self.continueAfterFailure = NO;
73 }
74
75 - (void)tearDown
76 {
77 [super tearDown];
78 }
79
80 -(void)testDBConnection
81 {
82 NSError* error = nil;
83
84 XCTAssertTrue([self.localStore closeDBWithError:&error], @"failed attempt at closing the db");
85 XCTAssertNil(error, @"error should be nil:%@", error);
86
87 XCTAssertTrue([self.localStore openDBWithError:&error], @"could not open db");
88 XCTAssertNil(error, @"error should be nil:%@", error);
89
90 XCTAssertTrue([self.localStore closeDBWithError:&error], @"failed attempt at closing the db");
91 XCTAssertNil(error, @"error should be nil:%@", error);
92
93 XCTAssertTrue([self.localStore openDBWithError:&error], @"could not open db");
94 XCTAssertNil(error, @"error should be nil:%@", error);
95 }
96
97 -(void) testDBLocalContextRetrieval
98 {
99 NSString* contextAndDSID = [NSString stringWithFormat:@"testContextRetreival-%@", testDSID];
100 _SFECKeyPair *recoverySigningPublicKey = [[SFECKeyPair alloc] initRandomKeyPairWithSpecifier:[[SFECKeySpecifier alloc] initWithCurve:SFEllipticCurveNistp384]];
101 _SFECKeyPair *recoveryEncryptionPublicKey = [[SFECKeyPair alloc] initRandomKeyPairWithSpecifier:[[SFECKeySpecifier alloc] initWithCurve:SFEllipticCurveNistp384]];
102
103 NSError* error = nil;
104 NSDictionary *attributes = @{
105 OTCKRecordContextID : @"testContextRetreival",
106 OTCKRecordDSID : testDSID,
107 OTCKRecordContextName : @"newFoo",
108 OTCKRecordZoneCreated : @(NO),
109 OTCKRecordSubscribedToChanges : @(NO),
110 OTCKRecordChangeToken : [NSData data],
111 OTCKRecordEgoPeerID : @"OctagonPeerID",
112 OTCKRecordEgoPeerCreationDate : [NSDate date],
113 OTCKRecordRecoverySigningSPKI : [[recoverySigningPublicKey publicKey] keyData],
114 OTCKRecordRecoveryEncryptionSPKI :[[recoveryEncryptionPublicKey publicKey] keyData]};
115
116 XCTAssertTrue([self.localStore insertLocalContextRecord:attributes error:&error], @"inserting new context failed");
117 XCTAssertNil(error, @"error should be nil:%@", error);
118
119 OTContextRecord* record = [self.localStore readLocalContextRecordForContextIDAndDSID:contextAndDSID error:&error];
120 XCTAssertNotNil(record, @"fetching attributes returned nil");
121 XCTAssertNotNil(record.contextID, @"fetching attributes returned nil");
122 XCTAssertNotNil(record.contextName, @"fetching attributes returned nil");
123 XCTAssertNotNil(record.dsid, @"fetching attributes returned nil");
124 XCTAssertNotNil(record.egoPeerCreationDate, @"fetching attributes returned nil");
125 XCTAssertNotNil(record.egoPeerID, @"fetching attributes returned nil");
126 XCTAssertNotNil(record.recoveryEncryptionSPKI, @"fetching attributes returned nil");
127 XCTAssertNotNil(record.recoverySigningSPKI, @"fetching attributes returned nil");
128
129 XCTAssertNil(error, @"failed to read local context for test local store");
130
131 OTContextRecord* recordToTestEquality = [[OTContextRecord alloc]init];
132 recordToTestEquality.contextName = @"newFoo";
133 recordToTestEquality.contextID = @"testContextRetreival";
134 recordToTestEquality.dsid = testDSID;
135 recordToTestEquality.contextName = @"newFoo";
136 recordToTestEquality.egoPeerID = @"OctagonPeerID";
137 recordToTestEquality.recoveryEncryptionSPKI = [[recoveryEncryptionPublicKey publicKey] keyData];
138 recordToTestEquality.recoverySigningSPKI = [[recoverySigningPublicKey publicKey] keyData];
139
140 OTContextRecord* recordFromDB = [self.localStore readLocalContextRecordForContextIDAndDSID:contextAndDSID error:&error];
141 XCTAssertTrue([recordFromDB isEqual:recordToTestEquality], @"OTContext should be equal");
142 }
143
144 -(void) testDBMultipleContexts
145 {
146 NSError* error = nil;
147 NSString* newFooContextAndDSID = [NSString stringWithFormat:@"newFoo-%@", testDSID];
148
149 _SFECKeyPair *recoverySigningPublicKey = [[SFECKeyPair alloc] initRandomKeyPairWithSpecifier:[[SFECKeySpecifier alloc] initWithCurve:SFEllipticCurveNistp384]];
150 _SFECKeyPair *recoveryEncryptionPublicKey = [[SFECKeyPair alloc] initRandomKeyPairWithSpecifier:[[SFECKeySpecifier alloc] initWithCurve:SFEllipticCurveNistp384]];
151 NSDictionary *attributes = @{
152 OTCKRecordContextID : @"newFoo",
153 OTCKRecordContextName : @"newFoo",
154 OTCKRecordDSID : testDSID,
155 OTCKRecordZoneCreated : @(NO),
156 OTCKRecordSubscribedToChanges : @(NO),
157 OTCKRecordChangeToken : [NSData data],
158 OTCKRecordEgoPeerID : @"OctagonPeerID",
159 OTCKRecordEgoPeerCreationDate : [NSDate date],
160 OTCKRecordRecoverySigningSPKI : [[recoverySigningPublicKey publicKey] keyData], // FIXME not SPKI
161 OTCKRecordRecoveryEncryptionSPKI : [[recoveryEncryptionPublicKey publicKey] keyData]};
162
163
164 XCTAssertTrue([self.localStore insertLocalContextRecord:attributes error:&error], @"inserting new context failed");
165 XCTAssertNil(error, @"error should be nil:%@", error);
166
167 NSString* foo2ContextAndDSID = [NSString stringWithFormat:@"Foo2-%@", testDSID];
168 attributes = @{
169 OTCKRecordContextID : @"Foo2",
170 OTCKRecordContextName : @"Foo2",
171 OTCKRecordDSID : testDSID,
172 OTCKRecordZoneCreated : @(NO),
173 OTCKRecordSubscribedToChanges : @(NO),
174 OTCKRecordChangeToken : [NSData data],
175 OTCKRecordEgoPeerID : @"OctagonPeerID2",
176 OTCKRecordEgoPeerCreationDate : [NSDate date],
177 OTCKRecordRecoverySigningSPKI : [[recoverySigningPublicKey publicKey] keyData], // FIXME not SPKI
178 OTCKRecordRecoveryEncryptionSPKI :[[recoveryEncryptionPublicKey publicKey] keyData]};
179
180 XCTAssertTrue([self.localStore insertLocalContextRecord:attributes error:&error], @"inserting new context failed");
181 XCTAssertNil(error, @"error should be nil:%@", error);
182
183 OTContextRecord* recordNewFoo = [self.localStore readLocalContextRecordForContextIDAndDSID:newFooContextAndDSID error:&error];
184
185 XCTAssertNotNil(recordNewFoo, @"fetching attributes returned nil");
186 XCTAssertNotNil(recordNewFoo.contextID, @"fetching attributes returned nil");
187 XCTAssertNotNil(recordNewFoo.contextName, @"fetching attributes returned nil");
188 XCTAssertNotNil(recordNewFoo.dsid, @"fetching attributes returned nil");
189 XCTAssertNotNil(recordNewFoo.egoPeerCreationDate, @"fetching attributes returned nil");
190 XCTAssertNotNil(recordNewFoo.egoPeerID, @"fetching attributes returned nil");
191 XCTAssertNotNil(recordNewFoo.recoveryEncryptionSPKI, @"fetching attributes returned nil");
192 XCTAssertNotNil(recordNewFoo.recoverySigningSPKI, @"fetching attributes returned nil");
193
194 XCTAssertNil(error, @"failed to read local context for test local store");
195
196 OTContextRecord* recordFoo2 = [self.localStore readLocalContextRecordForContextIDAndDSID:foo2ContextAndDSID error:&error];
197
198 XCTAssertNotNil(recordFoo2, @"fetching attributes returned nil");
199 XCTAssertNotNil(recordFoo2.contextID, @"fetching attributes returned nil");
200 XCTAssertNotNil(recordFoo2.contextName, @"fetching attributes returned nil");
201 XCTAssertNotNil(recordFoo2.dsid, @"fetching attributes returned nil");
202 XCTAssertNotNil(recordFoo2.egoPeerCreationDate, @"fetching attributes returned nil");
203 XCTAssertNotNil(recordFoo2.egoPeerID, @"fetching attributes returned nil");
204 XCTAssertNotNil(recordFoo2.recoveryEncryptionSPKI, @"fetching attributes returned nil");
205 XCTAssertNotNil(recordFoo2.recoverySigningSPKI, @"fetching attributes returned nil");
206 XCTAssertNil(error, @"failed to read local context for test local store");
207
208 }
209
210 -(void) testRowUpdates
211 {
212 NSError* error = nil;
213 NSString* escrowRecordID = @"escrow record 1";
214 NSString* escrowRecordID2 = @"escrow record 2";
215 NSString* escrowRecordID3 = @"escrow record 3";
216
217 OTBottledPeerRecord* record = [[OTBottledPeerRecord alloc]init];
218 OTBottledPeerRecord* record2 = [[OTBottledPeerRecord alloc]init];
219 OTBottledPeerRecord* record3 = [[OTBottledPeerRecord alloc]init];
220
221 record.escrowRecordID = escrowRecordID;
222 record2.escrowRecordID = escrowRecordID2;
223 record3.escrowRecordID = escrowRecordID3;
224
225 record.escrowedSigningSPKI = [@"escrowedSigingSPKI" dataUsingEncoding:NSUTF8StringEncoding];
226 record2.escrowedSigningSPKI = [@"escrowedSigingSPI" dataUsingEncoding:NSUTF8StringEncoding];
227 record3.escrowedSigningSPKI = [@"escrowedSigingSPKI" dataUsingEncoding:NSUTF8StringEncoding];
228
229 XCTAssertTrue([self.localStore insertBottledPeerRecord:record escrowRecordID:escrowRecordID error:&error]);
230 XCTAssertNil(error, @"error should be nil:%@", error);
231
232 XCTAssertTrue([self.localStore insertBottledPeerRecord:record2 escrowRecordID:escrowRecordID2 error:&error]);
233 XCTAssertNil(error, @"error should be nil:%@", error);
234
235 XCTAssertTrue([self.localStore insertBottledPeerRecord:record3 escrowRecordID:escrowRecordID3 error:&error]);
236 XCTAssertNil(error, @"error should be nil:%@", error);
237
238
239 OTBottledPeerRecord *bp = [self.localStore readLocalBottledPeerRecordWithRecordID:record.recordName error:&error];
240 XCTAssertNotNil(bp);
241 XCTAssertNil(error, @"error should be nil:%@", error);
242
243 OTBottledPeerRecord *bp2 = [self.localStore readLocalBottledPeerRecordWithRecordID:record2.recordName error:&error];
244 XCTAssertNotNil(bp2);
245 XCTAssertNil(error, @"error should be nil:%@", error);
246
247 OTBottledPeerRecord *bp3 = [self.localStore readLocalBottledPeerRecordWithRecordID:record3.recordName error:&error];
248 XCTAssertNotNil(bp3);
249 XCTAssertNil(error, @"error should be nil:%@", error);
250
251 XCTAssertTrue([self.localStore updateLocalContextRecordRowWithContextID:self.localStore.contextID columnName:OTCKRecordContextName newValue:(void*)@"SuperSuperFoo" error:&error], @"could not update column:%@ with value:%@", OTCKRecordContextName, @"SuperSuperFoo");
252 XCTAssertNil(error, @"error should be nil:%@", error);
253
254 XCTAssertTrue([self.localStore updateLocalContextRecordRowWithContextID:self.localStore.contextID columnName:OTCKRecordEgoPeerID newValue:(void*)@"NewPeerID" error:&error], @"could not update column:%@ with value:%@", OTCKRecordEgoPeerID, @"NewPeerID");
255 XCTAssertNil(error, @"error should be nil:%@", error);
256
257 XCTAssertTrue([self.localStore updateLocalContextRecordRowWithContextID:self.localStore.contextID columnName:OTCKRecordRecoverySigningSPKI newValue:(void*)[[NSData alloc]initWithBase64EncodedString:@"I'm a string" options:NSDataBase64DecodingIgnoreUnknownCharacters] error:&error], @"could not update column:%@ with value:%@", OTCKRecordContextName, @"NewPeerID");
258 XCTAssertNil(error, @"error should be nil:%@", error);
259
260 XCTAssertFalse([self.localStore updateLocalContextRecordRowWithContextID:self.localStore.contextID columnName:@"ColumnName" newValue:(void*)@"value" error:&error], @"could not update column:%@ with value:%@", @"ColumnName", @"value");
261 XCTAssertNotNil(error, @"error should not be nil: %@", error);
262 }
263
264 @end
265
266 #endif /* OCTAGON */
mirror of Security