SecurityTests/regressions/kc/kc-22-key-symmetric.c

   1 /* Included due to <rdar://problem/4063307> SecKeyPriv.h should
   2    include <Security/x509defs.h> */
   3 #include <Security/x509defs.h>
   4
   5 #include <Security/SecKeyPriv.h>
   6 #include <Security/SecKeychainSearch.h>
   7 #include <stdlib.h>
   8 #include <unistd.h>
   9
  10 #include "testenv.h"
  11 #include "testleaks.h"
  12 #include "testmore.h"
  13 #include "testsecevent.h"
  14
  15 void tests(int dont_skip)
  16 {
  17         SecKeychainRef keychain;
  18         ok_status(SecKeychainCreate("test", 4, "test", FALSE, NULL, &keychain),
  19                 "create keychain");
  20
  21         /* Symmetric key tests. */
  22
  23 #ifdef DEBUG
  24         ok_status(test_sec_event_register(kSecAddEventMask | kSecDeleteEventMask),
  25                 "register for add events");
  26         SecKeychainItemRef aes_key = NULL;
  27 #endif
  28
  29         ok_status(SecKeyGenerate(keychain, CSSM_ALGID_AES, 128,
  30                 0 /* contextHandle */,
  31                 CSSM_KEYUSE_DECRYPT | CSSM_KEYUSE_ENCRYPT,
  32                 CSSM_KEYATTR_EXTRACTABLE,
  33                 NULL, NULL), "SecKeyGenerate");
  34
  35 #ifdef DEBUG
  36         /* Wait for the add notification to get the generated aes_key to work
  37            around <rdar://problem/4063405> SecKeyGenerate CFReleases the
  38            returned key before returning it.  */
  39         is_sec_event(kSecAddEvent, NULL, &aes_key, NULL,
  40                 "got add event for key");
  41 #endif
  42
  43         uint32 btrue = 1;
  44         SecKeychainAttribute sym_attrs[] =
  45         {
  46                 { kSecKeyEncrypt, sizeof(btrue), &btrue }
  47         };
  48         SecKeychainAttributeList sym_attr_list =
  49         { sizeof(sym_attrs) / sizeof(*sym_attrs), sym_attrs };
  50         SecKeychainSearchRef search = NULL;
  51         ok_status(SecKeychainSearchCreateFromAttributes(keychain,
  52                 CSSM_DL_DB_RECORD_SYMMETRIC_KEY, &sym_attr_list, &search),
  53                 "create symmetric encryption key search");
  54         SecKeychainItemRef item = NULL;
  55         ok_status(SecKeychainSearchCopyNext(search, &item), "get first key");
  56
  57 #ifdef DEBUG
  58         cmp_ok((intptr_t)aes_key, ==, (intptr_t)item, "is key found the right one?");
  59 #endif
  60
  61         if (item) CFRelease(item);
  62         is_status(SecKeychainSearchCopyNext(search, &item),
  63                 errSecItemNotFound, "copy next returns no more keys");
  64         CFRelease(search);
  65
  66         ok_status(SecKeychainSearchCreateFromAttributes(keychain,
  67                 CSSM_DL_DB_RECORD_ANY, NULL, &search),
  68                 "create any item search");
  69         item = NULL;
  70         TODO: {
  71                 todo("<rdar://problem/3760340> Searching for CSSM_DL_DB_RECORD_ANY does not return "
  72                         "user-added symmetric keys");
  73
  74                 ok_status(SecKeychainSearchCopyNext(search, &item), "get first key");
  75
  76 #ifdef DEBUG
  77                 cmp_ok((intptr_t)aes_key, ==, (intptr_t)item, "is key found the right one?");
  78 #endif
  79
  80         }
  81         if (item) CFRelease(item);
  82
  83         is_status(SecKeychainSearchCopyNext(search, &item),
  84                 errSecItemNotFound, "copy next returns no more keys");
  85         CFRelease(search);
  86
  87 #ifdef DEBUG
  88         ok_status(SecKeychainItemDelete(aes_key), "delete key");
  89         is(CFGetRetainCount(aes_key), 2, "key retain count is 2");
  90 #endif
  91
  92 #ifdef DEBUG
  93         SecKeychainItemRef deleted_item = NULL;
  94     is_sec_event(kSecDeleteEvent, NULL, &deleted_item, NULL, "got delete event for key");
  95         is((intptr_t)aes_key, (intptr_t)deleted_item, "key was the deleted item");
  96 #endif
  97
  98
  99 #ifdef DEBUG
 100         ok_status(test_sec_event_deregister(), "deregister for events");
 101 #endif
 102
 103         SecKeyRef aes_key2 = NULL;
 104         ok_status(SecKeyGenerate(keychain, CSSM_ALGID_AES, 128,
 105                 0 /* contextHandle */,
 106                 CSSM_KEYUSE_DECRYPT | CSSM_KEYUSE_ENCRYPT,
 107                 CSSM_KEYATTR_EXTRACTABLE,
 108                 NULL, &aes_key2), "SecKeyGenerate and get key");
 109
 110         is(CFGetRetainCount(aes_key2), 1, "retain count is 1");
 111         CFRelease(aes_key2);
 112
 113
 114         CFRelease(keychain);
 115
 116         ok(tests_end(1), "cleanup");
 117 }
 118
 119 int main(int argc, char *const *argv)
 120 {
 121         int dont_skip = argc > 1 && !strcmp(argv[1], "-s");
 122         // plan_tests(21);
 123         plan_tests(12);
 124
 125         if (!tests_begin(argc, argv))
 126                 BAIL_OUT("tests_begin failed");
 127
 128         tests(dont_skip);
 129
 130         ok_leaks("no leaks");
 131
 132         return 0;
 133 }