]> git.saurik.com Git - apple/security.git/blob - Security/sec/securityd/Regressions/secd-56-account-apply.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57031.1.35.tar.gz
[apple/security.git] / Security / sec / securityd / Regressions / secd-56-account-apply.c
1 /*
2 * Copyright (c) 2013-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25
26
27 #include <Security/SecBase.h>
28 #include <Security/SecItem.h>
29
30 #include <CoreFoundation/CFDictionary.h>
31
32 #include <SecureObjectSync/SOSAccount.h>
33 #include <SecureObjectSync/SOSCloudCircle.h>
34 #include <SecureObjectSync/SOSInternal.h>
35 #include <SecureObjectSync/SOSUserKeygen.h>
36 #include <SecureObjectSync/SOSTransport.h>
37
38 #include <stdlib.h>
39 #include <unistd.h>
40
41 #include "secd_regressions.h"
42 #include "SOSTestDataSource.h"
43
44 #include "SOSRegressionUtilities.h"
45 #include <utilities/SecCFWrappers.h>
46 #include <Security/SecKeyPriv.h>
47
48 #include <securityd/SOSCloudCircleServer.h>
49
50 #include "SOSAccountTesting.h"
51
52
53 static int kTestTestCount = 125;
54
55 #if 0
56 static int countPeers(SOSAccountRef account, bool active) {
57 CFErrorRef error = NULL;
58 CFArrayRef peers;
59
60 if(active) peers = SOSAccountCopyActivePeers(account, &error);
61 else peers = SOSAccountCopyPeers(account, &error);
62 int retval = (int) CFArrayGetCount(peers);
63 CFReleaseNull(error);
64 CFReleaseNull(peers);
65 return retval;
66 }
67 #endif
68
69 static void tests(void)
70 {
71 CFErrorRef error = NULL;
72 CFDataRef cfpassword = CFDataCreate(NULL, (uint8_t *) "FooFooFoo", 10);
73 CFStringRef cfaccount = CFSTR("test@test.org");
74
75 CFMutableDictionaryRef changes = CFDictionaryCreateMutableForCFTypes(kCFAllocatorDefault);
76
77 SOSAccountRef alice_account = CreateAccountForLocalChanges(CFSTR("Alice"), CFSTR("TestSource"));
78 SOSAccountRef bob_account = CreateAccountForLocalChanges(CFSTR("Bob"), CFSTR("TestSource"));
79 SOSAccountRef carole_account = CreateAccountForLocalChanges(CFSTR("Carole"), CFSTR("TestSource"));
80 SOSAccountRef david_account = CreateAccountForLocalChanges(CFSTR("David"), CFSTR("TestSource"));
81
82 ok(SOSAccountAssertUserCredentials(bob_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
83
84 // Bob wins writing at this point, feed the changes back to alice.
85 is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, carole_account, david_account, NULL), 1, "updates");
86
87 ok(SOSAccountAssertUserCredentials(alice_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
88 CFReleaseNull(error);
89
90 ok(SOSAccountAssertUserCredentials(carole_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
91 CFReleaseNull(error);
92
93 ok(SOSAccountAssertUserCredentials(david_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
94 CFReleaseNull(cfpassword);
95 CFReleaseNull(error);
96
97 ok(SOSAccountResetToOffering(alice_account, &error), "Reset to offering (%@)", error);
98 CFReleaseNull(error);
99
100 // Lost Application Scenario
101 is(ProcessChangesOnce(changes, alice_account, bob_account, carole_account, david_account, NULL), 1, "updates");
102
103 ok(SOSAccountJoinCircles(bob_account, &error), "Bob Applies (%@)", error);
104 CFReleaseNull(error);
105
106 ok(SOSAccountJoinCircles(carole_account, &error), "Carole Applies too (%@)", error);
107 CFReleaseNull(error);
108
109 is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, carole_account, david_account, NULL), 3, "updates");
110
111 accounts_agree("alice and carole agree", alice_account, carole_account);
112 accounts_agree("alice and bob agree", alice_account, bob_account);
113
114 {
115 CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
116
117 ok(applicants && CFArrayGetCount(applicants) == 2, "See two applicants %@ (%@)", applicants, error);
118 CFReleaseNull(error);
119 CFReleaseSafe(applicants);
120 }
121
122 is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, carole_account, david_account, NULL), 1, "updates");
123
124 accounts_agree("alice and carole agree", alice_account, carole_account);
125
126 CFReleaseNull(error);
127
128 {
129 CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
130 ok(applicants && CFArrayGetCount(applicants) == 2, "See two applicants %@ (%@)", applicants, error);
131 ok(SOSAccountRejectApplicants(alice_account, applicants, &error), "Everyone out the pool");
132 CFReleaseNull(error);
133 CFReleaseSafe(applicants);
134 }
135
136 is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, carole_account, david_account, NULL), 2, "updates");
137
138 accounts_agree("alice and carole agree", alice_account, carole_account);
139
140 {
141 CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
142 ok(applicants && CFArrayGetCount(applicants) == 0, "See no applicants %@ (%@)", applicants, error);
143 CFReleaseNull(error);
144 CFReleaseSafe(applicants);
145 }
146
147 ok(SOSAccountJoinCircles(bob_account, &error), "Bob asks again");
148 CFReleaseNull(error);
149
150 is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, carole_account, david_account, NULL), 2, "updates");
151
152 {
153 CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
154 ok(applicants && CFArrayGetCount(applicants) == 1, "See one applicants %@ (%@)", applicants, error);
155 CFReleaseNull(error);
156 ok(SOSAccountAcceptApplicants(alice_account, applicants, &error), "Accept bob into the fold");
157 CFReleaseNull(error);
158 CFReleaseSafe(applicants);
159 }
160
161 is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, carole_account, david_account, NULL), 3, "updates");
162
163 #if 0
164
165 {
166 CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
167
168 ok(applicants && CFArrayGetCount(applicants) == 1, "Bob automatically re-applied %@ (%@)", applicants, error);
169 ok(SOSAccountAcceptApplicants(alice_account, applicants, &error), "Alice accepts (%@)", error);
170 CFReleaseNull(error);
171 CFReleaseNull(applicants);
172 }
173
174 is(countPeers(alice_account, 0), 3, "Bob is accepted after auto-reapply");
175
176 FillAllChanges(changes);
177 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
178 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
179 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
180 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL);
181
182 FillAllChanges(changes);
183 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
184 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
185 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
186 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL);
187
188 FillAllChanges(changes);
189 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
190 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
191 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
192 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL);
193 accounts_agree("alice and carole agree after bob gets in", alice_account, carole_account);
194
195 // Rejected Application Scenario
196 ok(SOSAccountJoinCircles(david_account, &error), "Dave Applies (%@)", error);
197 CFReleaseNull(error);
198
199 FillAllChanges(changes);
200 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
201 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
202 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
203 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL);
204
205 SOSAccountPurgePrivateCredential(alice_account);
206
207 {
208 CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
209
210 ok(applicants && CFArrayGetCount(applicants) == 1, "See one applicant %@ (%@)", applicants, error);
211 ok(SOSAccountRejectApplicants(alice_account, applicants, &error), "Alice rejects (%@)", error);
212 CFReleaseNull(error);
213 CFReleaseNull(applicants);
214 }
215
216 FillAllChanges(changes);
217 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
218 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
219 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
220 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL);
221
222 FillAllChanges(changes);
223 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
224 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
225 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
226 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL);
227
228 FillAllChanges(changes);
229 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
230 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
231 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
232 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL);
233
234 accounts_agree("alice and carole still agree after david is rejected", alice_account, carole_account);
235 ok(SOSAccountTryUserCredentials(alice_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
236 CFReleaseNull(error);
237
238 FillAllChanges(changes);
239 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
240 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
241 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
242 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL);
243
244 FillAllChanges(changes);
245
246 ok(CFDictionaryGetCount(CarolChanges) == 0, "We converged. (%@)", CarolChanges);
247 ok(CFDictionaryGetCount(BobChanges) == 0, "We converged. (%@)", BobChanges);
248 ok(CFDictionaryGetCount(AliceChanges) == 0, "We converged. (%@)", AliceChanges);
249 ok(CFDictionaryGetCount(DavidChanges) == 0, "We converged. (%@)", DavidChanges);
250
251 accounts_agree("bob&alice pair", bob_account, alice_account);
252
253 ok(SOSAccountJoinCirclesAfterRestore(carole_account, &error), "Carole cloud identiy joins (%@)", error);
254 CFReleaseNull(error);
255
256 is(countPeers(carole_account, false), 3, "Carole sees 3 valid peers after sliding in");
257
258 FillAllChanges(changes);
259 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
260 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
261 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
262 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL);
263
264 FillAllChanges(changes);
265 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
266 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
267 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
268 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL);
269
270 FillAllChanges(changes);
271 FeedChangesToMulti(AliceChanges, bob_account, carole_account, david_account, NULL);
272 FeedChangesToMulti(BobChanges, alice_account, carole_account, david_account, NULL);
273 FeedChangesToMulti(CarolChanges, bob_account, alice_account, david_account, NULL);
274 FeedChangesToMulti(DavidChanges, bob_account, alice_account, carole_account, NULL); // Bob and carole see the final result.
275
276 accounts_agree_internal("Carole's in", bob_account, alice_account, false);
277 accounts_agree_internal("Carole's in - 2", bob_account, carole_account, false);
278 #endif
279 CFReleaseNull(bob_account);
280 CFReleaseNull(alice_account);
281 CFReleaseNull(carole_account);
282
283 SOSUnregisterAllTransportMessages();
284 SOSUnregisterAllTransportCircles();
285 SOSUnregisterAllTransportKeyParameters();
286 CFArrayRemoveAllValues(key_transports);
287 CFArrayRemoveAllValues(circle_transports);
288 CFArrayRemoveAllValues(message_transports);
289
290 }
291
292 int secd_56_account_apply(int argc, char *const *argv)
293 {
294 plan_tests(kTestTestCount);
295
296 tests();
297
298 return 0;
299 }
mirror of Security