2 * Copyright (c) 2015 Apple Inc. All Rights Reserved.
5 #include <Security/SecPolicyPriv.h>
6 #include <Security/SecInternal.h>
7 #include <Security/SecTrust.h>
8 #include <Security/SecTrustPriv.h>
9 #include <Security/SecCertificatePriv.h>
11 #include "Security_regressions.h"
13 #include "si-86-sectrust-eap-tls.h"
16 static void tests(void)
18 SecTrustRef trust
= NULL
;
19 SecPolicyRef policy
= NULL
;
20 SecCertificateRef leaf
, root
;
21 SecTrustResultType trustResult
;
23 isnt(leaf
= SecCertificateCreateWithBytes(NULL
, _TestLeafCertificate
, sizeof(_TestLeafCertificate
)), NULL
, "create leaf");
24 isnt(root
= SecCertificateCreateWithBytes(NULL
, _TestRootCertificate
, sizeof(_TestRootCertificate
)), NULL
, "create root");
26 const void *v_certs
[] = { leaf
};
27 const void *v_roots
[] = { root
};
28 CFArrayRef certs
= CFArrayCreate(NULL
, v_certs
, sizeof(v_certs
)/sizeof(*v_certs
), &kCFTypeArrayCallBacks
);
29 CFArrayRef roots
= CFArrayCreate(NULL
, v_roots
, sizeof(v_roots
)/sizeof(*v_roots
), &kCFTypeArrayCallBacks
);
31 /* Create EAP policy with specific hostname. */
32 CFStringRef host
= CFSTR("test.apple.com");
33 const void *v_names
[] = { host
};
34 CFArrayRef names
= CFArrayCreate(NULL
, v_names
, sizeof(v_names
)/sizeof(*v_names
), &kCFTypeArrayCallBacks
);
35 isnt(policy
= SecPolicyCreateEAP(true, names
), NULL
, "create policy");
37 /* Create trust reference. */
38 ok_status(SecTrustCreateWithCertificates(certs
, policy
, &trust
), "create trust");
40 /* Set explicit verify date: Sep 1 2015. */
41 CFDateRef date
= NULL
;
42 isnt(date
= CFDateCreate(NULL
, 462823871.0), NULL
, "Create verify date");
43 ok_status(SecTrustSetVerifyDate(trust
, date
), "set date");
45 /* Provide root certificate. */
46 ok_status(SecTrustSetAnchorCertificates(trust
, roots
), "set anchors");
48 ok_status(SecTrustEvaluate(trust
, &trustResult
), "evaluate trust");
49 is_status(trustResult
, kSecTrustResultRecoverableTrustFailure
, "trustResult is kSecTrustResultRecoverableTrustFailure");
50 is(SecTrustGetCertificateCount(trust
), 2, "cert count is 2");
54 CFReleaseSafe(policy
);
62 int si_86_sectrust_eap_tls(int argc
, char *const *argv
)