OSX/sec/securityd/Regressions/secd-64-circlereset.c

   1 //
   2 //  secd-64-circlereset.c
   3 //  sec
   4 //
   5 //  Created by Richard Murphy on 7/22/15.
   6 //
   7 //
   8
   9
  10
  11 #include <Security/SecBase.h>
  12 #include <Security/SecItem.h>
  13
  14 #include <CoreFoundation/CFDictionary.h>
  15
  16 #include <Security/SecureObjectSync/SOSAccount.h>
  17 #include <Security/SecureObjectSync/SOSCloudCircle.h>
  18 #include <Security/SecureObjectSync/SOSInternal.h>
  19 #include <Security/SecureObjectSync/SOSUserKeygen.h>
  20 #include <Security/SecureObjectSync/SOSTransport.h>
  21
  22 #include <stdlib.h>
  23 #include <unistd.h>
  24
  25 #include "secd_regressions.h"
  26 #include "SOSTestDataSource.h"
  27
  28 #include "SOSRegressionUtilities.h"
  29 #include <utilities/SecCFWrappers.h>
  30 #include <Security/SecKeyPriv.h>
  31
  32 #include <securityd/SOSCloudCircleServer.h>
  33
  34 #include "SOSAccountTesting.h"
  35
  36 #include "SecdTestKeychainUtilities.h"
  37
  38 static int64_t getCurrentGenCount(SOSAccountRef account) {
  39     return SOSCircleGetGenerationSint(account->trusted_circle);
  40 }
  41
  42 static bool SOSAccountResetWithGenCountValue(SOSAccountRef account, int64_t gcount, CFErrorRef* error) {
  43     if (!SOSAccountHasPublicKey(account, error))
  44         return false;
  45     __block bool result = true;
  46
  47     result &= SOSAccountResetAllRings(account, error);
  48
  49     CFReleaseNull(account->my_identity);
  50
  51     account->departure_code = kSOSWithdrewMembership;
  52     result &= SOSAccountModifyCircle(account, error, ^(SOSCircleRef circle) {
  53         SOSGenCountRef gencount = SOSGenerationCreateWithValue(gcount);
  54         result = SOSCircleResetToEmpty(circle, error);
  55         SOSCircleSetGeneration(circle, gencount);
  56         CFReleaseNull(gencount);
  57         return result;
  58     });
  59
  60     if (!result) {
  61         secerror("error: %@", error ? *error : NULL);
  62     }
  63
  64     return result;
  65 }
  66
  67 static SOSCircleRef SOSCircleCreateWithGenCount(int64_t gcount) {
  68     SOSCircleRef c = SOSCircleCreate(kCFAllocatorDefault, CFSTR("a"), NULL);
  69     SOSGenCountRef gencount = SOSGenerationCreateWithValue(gcount);
  70     SOSCircleSetGeneration(c, gencount);
  71     CFReleaseNull(gencount);
  72     return c;
  73 }
  74
  75 static int kTestTestCount = 47;
  76
  77 static void tests(void)
  78 {
  79     CFErrorRef error = NULL;
  80     CFDataRef cfpassword = CFDataCreate(NULL, (uint8_t *) "FooFooFoo", 10);
  81     CFStringRef cfaccount = CFSTR("test@test.org");
  82
  83     SOSCircleRef c1 = SOSCircleCreateWithGenCount(1);
  84     SOSCircleRef c99 = SOSCircleCreateWithGenCount(99);
  85     ok(SOSCircleIsOlderGeneration(c1, c99), "Is Comparison working correctly?", NULL);
  86     CFReleaseNull(c1);
  87     CFReleaseNull(c99);
  88
  89
  90     CFMutableDictionaryRef changes = CFDictionaryCreateMutableForCFTypes(kCFAllocatorDefault);
  91     SOSAccountRef alice_account = CreateAccountForLocalChanges(CFSTR("Alice"), CFSTR("TestSource"));
  92     SOSAccountRef bob_account = CreateAccountForLocalChanges(CFSTR("Bob"), CFSTR("TestSource"));
  93
  94     // Setup Circle with Bob and Alice in it
  95     ok(SOSAccountAssertUserCredentialsAndUpdate(bob_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
  96     is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, NULL), 1, "updates");
  97     ok(SOSAccountAssertUserCredentialsAndUpdate(alice_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
  98     CFReleaseNull(error);
  99     ok(SOSAccountResetToOffering_wTxn(alice_account, &error), "Reset to offering (%@)", error);
 100     CFReleaseNull(error);
 101     is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, NULL), 2, "updates");
 102     ok(SOSAccountJoinCircles_wTxn(bob_account, &error), "Bob Applies (%@)", error);
 103     CFReleaseNull(error);
 104     is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, NULL), 2, "updates");
 105     {
 106         CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
 107
 108         ok(applicants && CFArrayGetCount(applicants) == 1, "See one applicant %@ (%@)", applicants, error);
 109         ok(SOSAccountAcceptApplicants(alice_account, applicants, &error), "Alice accepts (%@)", error);
 110         CFReleaseNull(error);
 111         CFReleaseNull(applicants);
 112     }
 113     is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, NULL), 3, "updates");
 114     accounts_agree("bob&alice pair", bob_account, alice_account);
 115     CFArrayRef peers = SOSAccountCopyPeers(alice_account, &error);
 116     ok(peers && CFArrayGetCount(peers) == 2, "See two peers %@ (%@)", peers, error);
 117     CFReleaseNull(peers);
 118
 119     uint64_t cnt = getCurrentGenCount(alice_account);
 120
 121     ok(SOSAccountResetWithGenCountValue(alice_account, cnt-1, &error), "Alice resets the circle to empty with old value");
 122     CFReleaseNull(error);
 123
 124     is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, NULL), 1, "updates");
 125     is(SOSAccountGetCircleStatus(bob_account, NULL), 0, "Bob Survives bad circle post");
 126     is(SOSAccountGetCircleStatus(alice_account, NULL), 1, "Alice does not survive bad circle post");
 127     CFReleaseNull(bob_account);
 128     CFReleaseNull(alice_account);
 129     CFReleaseNull(cfpassword);
 130
 131     SOSUnregisterAllTransportMessages();
 132     SOSUnregisterAllTransportCircles();
 133     SOSUnregisterAllTransportKeyParameters();
 134     CFArrayRemoveAllValues(key_transports);
 135     CFArrayRemoveAllValues(circle_transports);
 136     CFArrayRemoveAllValues(message_transports);
 137
 138 }
 139
 140 int secd_64_circlereset(int argc, char *const *argv)
 141 {
 142     plan_tests(kTestTestCount);
 143
 144     secd_test_setup_temp_keychain(__FUNCTION__, NULL);
 145
 146     tests();
 147
 148     return 0;
 149 }