]> git.saurik.com Git - apple/security.git/blob - OSX/sec/Security/Regressions/secitem/si-86-sectrust-eap-tls.c
Security-57337.40.85.tar.gz
[apple/security.git] / OSX / sec / Security / Regressions / secitem / si-86-sectrust-eap-tls.c
1 /*
2 * Copyright (c) 2015 Apple Inc. All Rights Reserved.
3 */
4
5 #include <Security/SecPolicyPriv.h>
6 #include <Security/SecInternal.h>
7 #include <Security/SecTrust.h>
8 #include <Security/SecTrustPriv.h>
9 #include <Security/SecCertificatePriv.h>
10
11 #include "Security_regressions.h"
12
13 #include "si-86-sectrust-eap-tls.h"
14
15
16 static void tests(void)
17 {
18 SecTrustRef trust = NULL;
19 SecPolicyRef policy = NULL;
20 SecCertificateRef leaf, root;
21 SecTrustResultType trustResult;
22
23 isnt(leaf = SecCertificateCreateWithBytes(NULL, _TestLeafCertificate, sizeof(_TestLeafCertificate)), NULL, "create leaf");
24 isnt(root = SecCertificateCreateWithBytes(NULL, _TestRootCertificate, sizeof(_TestRootCertificate)), NULL, "create root");
25
26 const void *v_certs[] = { leaf };
27 const void *v_roots[] = { root };
28 CFArrayRef certs = CFArrayCreate(NULL, v_certs, sizeof(v_certs)/sizeof(*v_certs), &kCFTypeArrayCallBacks);
29 CFArrayRef roots = CFArrayCreate(NULL, v_roots, sizeof(v_roots)/sizeof(*v_roots), &kCFTypeArrayCallBacks);
30
31 /* Create EAP policy with specific hostname. */
32 CFStringRef host = CFSTR("test.apple.com");
33 const void *v_names[] = { host };
34 CFArrayRef names = CFArrayCreate(NULL, v_names, sizeof(v_names)/sizeof(*v_names), &kCFTypeArrayCallBacks);
35 isnt(policy = SecPolicyCreateEAP(true, names), NULL, "create policy");
36
37 /* Create trust reference. */
38 ok_status(SecTrustCreateWithCertificates(certs, policy, &trust), "create trust");
39
40 /* Set explicit verify date: Sep 1 2015. */
41 CFDateRef date = NULL;
42 isnt(date = CFDateCreate(NULL, 462823871.0), NULL, "Create verify date");
43 ok_status(SecTrustSetVerifyDate(trust, date), "set date");
44
45 /* Provide root certificate. */
46 ok_status(SecTrustSetAnchorCertificates(trust, roots), "set anchors");
47
48 ok_status(SecTrustEvaluate(trust, &trustResult), "evaluate trust");
49 is_status(trustResult, kSecTrustResultRecoverableTrustFailure, "trustResult is kSecTrustResultRecoverableTrustFailure");
50 is(SecTrustGetCertificateCount(trust), 2, "cert count is 2");
51
52 CFReleaseSafe(date);
53 CFReleaseSafe(trust);
54 CFReleaseSafe(policy);
55 CFReleaseSafe(certs);
56 CFReleaseSafe(roots);
57 CFReleaseSafe(names);
58 CFReleaseSafe(root);
59 CFReleaseSafe(leaf);
60 }
61
62 int si_86_sectrust_eap_tls(int argc, char *const *argv)
63 {
64 plan_tests(10);
65
66 tests();
67
68 return 0;
69 }