sec/Security/Regressions/secitem/si-64-ossl-cms.c

   1 /*
   2  *  si-64-ossl-cms.c
   3  *  Security
   4  *
   5  *  Created by  on 9/28/09.
   6  *  Copyright 2009 Apple Inc. All rights reserved.
   7  *
   8  */
   9 #include "si-64-ossl-cms/attached_no_data_signed_data.h"
  10 #include "si-64-ossl-cms/attached_signed_data.h"
  11 #include "si-64-ossl-cms/detached_content.h"
  12 #include "si-64-ossl-cms/detached_signed_data.h"
  13 #include "si-64-ossl-cms/signer.h"
  14 #include "si-64-ossl-cms/privkey.h"
  15
  16 #include <CoreFoundation/CoreFoundation.h>
  17 #include <Security/SecCMS.h>
  18 #include <Security/SecRSAKey.h>
  19 #include <Security/SecCertificatePriv.h>
  20 #include <Security/SecIdentityPriv.h>
  21 #include <utilities/SecCFWrappers.h>
  22
  23 #include <unistd.h>
  24 #include <AssertMacros.h>
  25
  26 #include "Security_regressions.h"
  27
  28 /*
  29 openssl req -new -newkey rsa:512 -x509 -nodes -subj "/O=foo/CN=bar" -out signer.pem
  30 echo -n "hoi joh" > detached_content
  31 openssl smime -sign -outform der -signer signer.pem -in detached_content -inkey privkey.pem -out detached_signed_data.der
  32 openssl smime -nodetach -sign -outform der -signer test.pem -in detached_content -inkey privkey.pem -out attached_signed_data.der
  33 openssl smime -nodetach -sign -outform der -signer test.pem -inkey privkey.pem -out attached_no_data_signed_data.der < /dev/null
  34
  35 xxd -i detached_content > detached_content.h
  36 xxd -i attached_no_data_signed_data.der > attached_no_data_signed_data.h
  37 xxd -i attached_signed_data.der > attached_signed_data.h
  38 xxd -i detached_signed_data.der > detached_signed_data.h
  39
  40 openssl x509 -in test.pem -outform der -out signer.der
  41 xxd -i signer.der > signer.h
  42
  43
  44 attached difference:
  45
  46   33 NDEF:       SEQUENCE {
  47     <06 09>
  48   35    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
  49     <A0 80>
  50   46 NDEF:         [0] {
  51     <24 80>
  52   48 NDEF:           OCTET STRING {
  53     <04 07>
  54   50    7:             OCTET STRING 'hoi joh'
  55     <00 00>
  56          :             }
  57     <00 00>
  58          :           }
  59     <00 00>
  60          :         }
  61
  62   39   22:       SEQUENCE {
  63     <06 09>
  64   41    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
  65     <A0 09>
  66   52    9:         [0] {
  67     <04 07>
  68   54    7:           OCTET STRING 'hoi joh'
  69          :           }
  70          :         }
  71
  72 detached:
  73
  74     <30 80>
  75   33 NDEF:       SEQUENCE {
  76     <06 09>
  77   35    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
  78     <00 00>
  79          :         }
  80
  81     <30 0B>
  82   39   11:       SEQUENCE {
  83     <06 09>
  84   41    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
  85          :         }
  86
  87 attached empty:
  88
  89     <30 80>
  90   33 NDEF:       SEQUENCE {
  91     <06 09>
  92   35    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
  93     <A0 80>
  94   46 NDEF:         [0] {
  95     <24 80>
  96   48 NDEF:           OCTET STRING {
  97     <00 00>
  98          :             }
  99     <00 00>
 100          :           }
 101     <00 00>
 102          :         }
 103
 104     <30 0F>
 105   39   15:       SEQUENCE {
 106     <06 09>
 107   41    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
 108     <A0 02>
 109   52    2:         [0] {
 110     <04 00>
 111   54    0:           OCTET STRING
 112          :             Error: Object has zero length.
 113          :           }
 114          :         }
 115
 116
 117 */
 118
 119 #include <fcntl.h>
 120 static inline void write_data(const char * path, CFDataRef data)
 121 {
 122     int data_file = open(path, O_CREAT|O_WRONLY|O_TRUNC, 0644);
 123     write(data_file, CFDataGetBytePtr(data), CFDataGetLength(data));
 124     close(data_file);
 125 }
 126
 127 static void tests(void)
 128 {
 129         CFDataRef attached_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, attached_signed_data_der, attached_signed_data_der_len, kCFAllocatorNull);
 130         CFDataRef detached_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, detached_signed_data_der, detached_signed_data_der_len, kCFAllocatorNull);
 131         CFDataRef attached_no_data_signed_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, attached_no_data_signed_data_der, attached_no_data_signed_data_der_len, kCFAllocatorNull);
 132         CFDataRef detached_data = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, detached_content, detached_content_len, kCFAllocatorNull);
 133         CFDataRef no_data = CFDataCreate(kCFAllocatorDefault, NULL, 0);
 134         SecPolicyRef policy = SecPolicyCreateBasicX509();
 135         SecTrustRef trust = NULL;
 136
 137         ok_status(SecCMSVerifyCopyDataAndAttributes(attached_signed_data, NULL, policy, &trust, NULL, NULL), "verify attached data");
 138         CFRelease(trust);
 139         ok_status(SecCMSVerifyCopyDataAndAttributes(detached_signed_data, detached_data, policy, &trust, NULL, NULL), "verify detached data");
 140         CFRelease(trust);
 141         ok_status(SecCMSVerifyCopyDataAndAttributes(attached_no_data_signed_data, NULL, policy, &trust, NULL, NULL), "verify attached no data");
 142         CFRelease(trust);
 143         ok_status(SecCMSVerifyCopyDataAndAttributes(attached_no_data_signed_data, no_data, policy, &trust, NULL, NULL), "verify attached no data");
 144         CFRelease(trust);
 145
 146
 147     SecCertificateRef cert = NULL;
 148     SecKeyRef privKey = NULL;
 149     SecIdentityRef identity = NULL;
 150
 151     isnt(cert = SecCertificateCreateWithBytes(NULL, signer_der, signer_der_len), NULL, "create certificate");
 152     isnt(privKey = SecKeyCreateRSAPrivateKey(NULL, privkey_der, privkey_der_len, kSecKeyEncodingPkcs1), NULL, "create private key");
 153     isnt(identity = SecIdentityCreate(NULL, cert, privKey), NULL, "create identity");
 154     CFReleaseSafe(privKey);
 155
 156         CFMutableDataRef cms_data = CFDataCreateMutable(kCFAllocatorDefault, 0);
 157         ok_status(SecCMSCreateSignedData(identity, detached_data, NULL, NULL, cms_data), "create attached data");
 158         //write_data("/var/tmp/attached", cms_data);
 159         CFDataSetLength(cms_data, 0);
 160         CFDictionaryRef detached_cms_dict = CFDictionaryCreate(kCFAllocatorDefault, &kSecCMSSignDetached, (const void **)&kCFBooleanTrue, 1, NULL, NULL);
 161         ok_status(SecCMSCreateSignedData(identity, detached_data, detached_cms_dict, NULL, cms_data), "create attached data");
 162         CFRelease(detached_cms_dict);
 163         //write_data("/var/tmp/detached", cms_data);
 164         CFDataSetLength(cms_data, 0);
 165         ok_status(SecCMSCreateSignedData(identity, NULL, NULL, NULL, cms_data), "create attached data");
 166         //write_data("/var/tmp/empty_attached", cms_data);
 167
 168         CFReleaseSafe(cms_data);
 169         CFReleaseSafe(cert);
 170         CFReleaseNull(identity);
 171         CFRelease(attached_signed_data);
 172         CFRelease(detached_signed_data);
 173         CFRelease(attached_no_data_signed_data);
 174         CFRelease(detached_data);
 175         CFRelease(no_data);
 176         CFRelease(policy);
 177 }
 178
 179 int si_64_ossl_cms(int argc, char *const *argv)
 180 {
 181         plan_tests(10);
 182
 183
 184         tests();
 185
 186         return 0;
 187 }