]> git.saurik.com Git - apple/security.git/blob - OSX/shared_regressions/si-44-seckey-fv.m
Security-58286.20.16.tar.gz
[apple/security.git] / OSX / shared_regressions / si-44-seckey-fv.m
1 //
2 // si-44-seckey-fv.m
3 //
4
5 #import <Foundation/Foundation.h>
6
7 #if TARGET_OS_IOS && !TARGET_OS_SIMULATOR
8 #import "SecureKeyVaultPublic.h"
9 #import <Security/SecKey.h>
10
11 #import "shared_regressions.h"
12
13 static void testFileVaultKeyRawSign() {
14 id key = CFBridgingRelease(SecKeyCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
15 id certificate = CFBridgingRelease(SecCertificateCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
16 id pubKey = CFBridgingRelease(SecCertificateCopyPublicKey((SecCertificateRef)certificate));
17
18 uint8_t hash[20] = { 0 };
19 uint8_t signature[256] = { 0 };
20 size_t siglen = sizeof(signature);
21 ok_status(SecKeyRawSign((SecKeyRef)key, kSecPaddingPKCS1SHA1, hash, sizeof(hash), signature, &siglen), "rawSign for fileVault failed");
22 ok_status(SecKeyRawVerify((SecKeyRef)pubKey, kSecPaddingPKCS1SHA1, hash, sizeof(hash), signature, siglen), "rawverify for fileVault failed");
23 }
24
25 static void testFileVaultKeySign() {
26 NSData *data = [@"dataToSign" dataUsingEncoding:NSUTF8StringEncoding];
27 NSData *signature;
28 SecKeyAlgorithm algorithm = NULL;
29 NSError *error;
30 id key = CFBridgingRelease(SecKeyCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
31 id certificate = CFBridgingRelease(SecCertificateCreateWithSecureKeyVaultID(kCFAllocatorDefault, kSecureKeyVaultIAPAuthPrivateKey));
32 id pubKey = CFBridgingRelease(SecCertificateCopyPublicKey((SecCertificateRef)certificate));
33
34 algorithm = kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA1;
35 error = nil;
36 signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
37 ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
38 ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));
39
40 algorithm = kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA256;
41 error = nil;
42 signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
43 ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
44 ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));
45
46 algorithm = kSecKeyAlgorithmRSASignatureMessagePSSSHA1;
47 error = nil;
48 signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
49 ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
50 ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));
51
52 algorithm = kSecKeyAlgorithmRSASignatureMessagePSSSHA256;
53 error = nil;
54 signature = CFBridgingRelease(SecKeyCreateSignature((SecKeyRef)key, algorithm, (CFDataRef)data, (void *)&error));
55 ok(signature != NULL, "signing with alg %@ failed, err %@", algorithm, error);
56 ok(SecKeyVerifySignature((SecKeyRef)pubKey, algorithm, (CFDataRef)data, (CFDataRef)signature, (void *)&error));
57 }
58
59 int si_44_seckey_fv(int argc, char *const *argv) {
60 @autoreleasepool {
61 plan_tests(10);
62 testFileVaultKeyRawSign();
63 testFileVaultKeySign();
64 return 0;
65 }
66 }
67
68 #endif