]> git.saurik.com Git - apple/security.git/blob - Security/sec/securityd/Regressions/secd-02-upgrade-while-locked.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57031.1.35.tar.gz
[apple/security.git] / Security / sec / securityd / Regressions / secd-02-upgrade-while-locked.c
1 /*
2 * Copyright (c) 2013-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 #include "secd_regressions.h"
26
27 #include <securityd/SecDbItem.h>
28 #include <utilities/array_size.h>
29 #include <utilities/SecCFWrappers.h>
30 #include <utilities/SecFileLocations.h>
31 #include <utilities/fileIo.h>
32
33 #include <securityd/SOSCloudCircleServer.h>
34 #include <securityd/SecItemServer.h>
35
36 #include <Security/SecBasePriv.h>
37
38 #include <TargetConditionals.h>
39 #include <AssertMacros.h>
40
41 #include <stdio.h>
42 #include <unistd.h>
43 #include <sys/stat.h>
44 #include <pthread.h>
45
46 #if TARGET_OS_IPHONE && USE_KEYSTORE
47 #include <libaks.h>
48
49 #include "SecdTestKeychainUtilities.h"
50
51 #include "ios6_1_keychain_2_db.h"
52
53 static OSStatus query_one(void)
54 {
55 OSStatus ok;
56
57 /* querying a password */
58 const void *keys[] = {
59 kSecClass,
60 kSecAttrServer,
61 };
62 const void *values[] = {
63 kSecClassInternetPassword,
64 CFSTR("members.spamcop.net"),
65 };
66 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
67 array_size(keys), NULL, NULL);
68 CFTypeRef results = NULL;
69
70 ok = SecItemCopyMatching(query, &results);
71
72 CFReleaseSafe(results);
73 CFReleaseSafe(query);
74
75 return ok;
76 }
77
78
79
80 static void *do_query(void *arg)
81 {
82 /* querying a password */
83 const void *keys[] = {
84 kSecClass,
85 kSecAttrServer,
86 };
87 const void *values[] = {
88 kSecClassInternetPassword,
89 CFSTR("members.spamcop.net"),
90 };
91 CFDictionaryRef query = CFDictionaryCreate(NULL, keys, values,
92 array_size(keys), NULL, NULL);
93 CFTypeRef results = NULL;
94
95 for(int i=0;i<20;i++)
96 verify_action(SecItemCopyMatching(query, &results)==errSecUpgradePending, CFReleaseSafe(query); return (void *)-1);
97
98 CFReleaseSafe(query);
99
100 return NULL;
101 }
102
103 static void *do_sos(void *arg)
104 {
105
106 for(int i=0;i<20;i++)
107 verify_action(SOSCCThisDeviceIsInCircle_Server(NULL)==-1, return (void *)-1);
108
109 return NULL;
110 }
111
112
113 #define N_THREADS 10
114
115 int secd_02_upgrade_while_locked(int argc, char *const *argv)
116 {
117 plan_tests(11 + N_THREADS + kSecdTestSetupTestCount);
118
119 __block keybag_handle_t keybag;
120 __block keybag_state_t state;
121 char *passcode="password";
122 int passcode_len=(int)strlen(passcode);
123
124 /* custom keychain dir */
125 secd_test_setup_temp_keychain("secd_02_upgrade_while_locked", ^{
126 CFStringRef keychain_path_cf = __SecKeychainCopyPath();
127
128 CFStringPerformWithCString(keychain_path_cf, ^(const char *keychain_path) {
129 writeFile(keychain_path, ios6_1_keychain_2_db, ios6_1_keychain_2_db_len);
130
131 /* custom notification */
132 SecItemServerSetKeychainChangedNotification("com.apple.secdtests.keychainchanged");
133
134 /* Create and lock custom keybag */
135 ok(kIOReturnSuccess==aks_create_bag(passcode, passcode_len, kAppleKeyStoreDeviceBag, &keybag), "create keybag");
136 ok(kIOReturnSuccess==aks_get_lock_state(keybag, &state), "get keybag state");
137 ok(!(state&keybag_state_locked), "keybag unlocked");
138 SecItemServerSetKeychainKeybag(keybag);
139
140 /* lock */
141 ok(kIOReturnSuccess==aks_lock_bag(keybag), "lock keybag");
142 ok(kIOReturnSuccess==aks_get_lock_state(keybag, &state), "get keybag state");
143 ok(state&keybag_state_locked, "keybag locked");
144 });
145
146 CFReleaseSafe(keychain_path_cf);
147 });
148
149 pthread_t query_thread[N_THREADS];
150 pthread_t sos_thread;
151 void *query_err[N_THREADS] = {NULL,};
152 void *sos_err = NULL;
153
154 for(int i=0; i<N_THREADS; i++)
155 pthread_create(&query_thread[i], NULL, do_query, NULL);
156 pthread_create(&sos_thread, NULL, do_sos, NULL);
157
158 for(int i=0; i<N_THREADS; i++)
159 pthread_join(query_thread[i],&query_err[i]);
160 pthread_join(sos_thread, &sos_err);
161
162 for(int i=0; i<N_THREADS; i++)
163 ok(query_err[i]==NULL, "query thread ok");
164 ok(sos_err==NULL, "sos thread ok");
165
166 ok(kIOReturnSuccess==aks_unlock_bag(keybag, passcode, passcode_len), "lock keybag");
167 ok(kIOReturnSuccess==aks_get_lock_state(keybag, &state), "get keybag state");
168 ok(!(state&keybag_state_locked), "keybag unlocked");
169
170 is_status(query_one(), errSecItemNotFound, "Query after unlock");
171
172 /* Reset keybag */
173 SecItemServerResetKeychainKeybag();
174
175 return 0;
176 }
177
178 #else
179
180 int secd_02_upgrade_while_locked(int argc, char *const *argv)
181 {
182 plan_tests(1);
183
184 todo("Not yet working in simulator");
185
186 TODO: {
187 ok(false);
188 }
189 /* not implemented in simulator (no keybag) */
190 /* Not implemented in OSX (no upgrade scenario) */
191 return 0;
192 }
193 #endif
mirror of Security