tests/TrustTests/EvaluationTests/iAPTests.m

   1 /*
   2  * Copyright (c) 2018 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  *
  23  */
  24
  25 #import <XCTest/XCTest.h>
  26 #include "SecCertificatePriv.h"
  27 #include "SecPolicyPriv.h"
  28 #include "SecTrustPriv.h"
  29 #include "OSX/utilities/SecCFWrappers.h"
  30
  31 #include "../TestMacroConversions.h"
  32 #include "TrustEvaluationTestCase.h"
  33 #include "iAPTests_data.h"
  34
  35 @interface iAPTests : TrustEvaluationTestCase
  36 @end
  37
  38 @implementation iAPTests
  39
  40 - (void)testiAPNegativeSignatures {
  41     /* Test that we can handle and fix up negative integer value(s) in ECDSA signature */
  42     const void *negIntSigLeaf;
  43     isnt(negIntSigLeaf = SecCertificateCreateWithBytes(NULL, _leaf_NegativeIntInSig,
  44                                                        sizeof(_leaf_NegativeIntInSig)), NULL, "create negIntSigLeaf");
  45     CFArrayRef certs = NULL;
  46     isnt(certs = CFArrayCreate(NULL, &negIntSigLeaf, 1, &kCFTypeArrayCallBacks), NULL, "failed to create certs array");
  47     SecPolicyRef policy = NULL;
  48     isnt(policy = SecPolicyCreateiAP(), NULL, "failed to create policy");
  49     SecTrustRef trust = NULL;
  50     ok_status(SecTrustCreateWithCertificates(certs, policy, &trust),
  51               "create trust for negIntSigLeaf");
  52
  53     const void *rootAACA2;
  54     isnt(rootAACA2 = SecCertificateCreateWithBytes(NULL, _root_AACA2,
  55                                                    sizeof(_root_AACA2)), NULL, "create rootAACA2");
  56     CFArrayRef anchors = NULL;
  57     isnt(anchors = CFArrayCreate(NULL, &rootAACA2, 1, &kCFTypeArrayCallBacks), NULL, "failed to create anchors array");
  58     if (!anchors) { goto errOut; }
  59     ok_status(SecTrustSetAnchorCertificates(trust, anchors), "set anchor certificates");
  60
  61     XCTAssert(SecTrustEvaluateWithError(trust, NULL), "trust evaluation failed");
  62
  63 errOut:
  64     CFReleaseNull(trust);
  65     CFReleaseNull(certs);
  66     CFReleaseNull(anchors);
  67     CFReleaseNull(negIntSigLeaf);
  68     CFReleaseNull(rootAACA2);
  69     CFReleaseNull(policy);
  70 }
  71
  72 @end