+++ /dev/null
-/*
- * Copyright (c) 2009,2012-2014 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- *
- * testcert.c
- */
-
-#include <TargetConditionals.h>
-
-#if TARGET_OS_IPHONE
-
-#include <CoreFoundation/CoreFoundation.h>
-#include <Security/SecIdentityPriv.h>
-#include <Security/SecItem.h>
-#include <Security/SecCertificateRequest.h>
-#include <Security/SecInternal.h>
-#include <utilities/array_size.h>
-
-#include <AssertMacros.h>
-
-#include "testcert.h"
-
-static inline CF_RETURNS_RETAINED CFMutableArrayRef maa(CFMutableArrayRef array CF_CONSUMED, CFTypeRef a CF_CONSUMED) {
- CFMutableArrayRef ma = array;
- if (!ma)
- ma = CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks);
- if (ma) {
- CFArrayAppendValue(ma, a);
- }
- CFRelease(a);
- return ma;
-}
-
-
-CF_RETURNS_RETAINED
-CFArrayRef test_cert_string_to_subject(CFStringRef subject)
-{
- CFMutableArrayRef subject_array = NULL;
- char buffer[1024];
-
- if (!CFStringGetCString(subject, buffer, sizeof(buffer), kCFStringEncodingASCII))
- goto out;
-
- char *s = buffer, *e = NULL;
- while ( (e = strchr(s, ',')) || (e = strchr(s, '\0')) ) {
- if (s == e)
- break;
- if (*e && (*(e-1) == '\\'))
- continue;
- char *k;
- while ((k = strchr(s, '=')) &&
- (*(k-1) == '\\'));
- if ( ((k - s) > 0) && ((e - k) > 1) ) {
- CFStringRef key = CFStringCreateWithBytes(kCFAllocatorDefault, (uint8_t *)s, k - s, kCFStringEncodingASCII, false);
- CFStringRef value = CFStringCreateWithBytes(kCFAllocatorDefault, (uint8_t *)k + 1, e - k - 1, kCFStringEncodingASCII, false);
- subject_array = maa(subject_array, maa(NULL, maa(maa(NULL, key), value)));
- }
- if (*e == '\0')
- break;
- s = e + 1;
- }
-
-out:
- return subject_array;
-}
-
-
-static void test_cert_key_usage(CFMutableDictionaryRef extensions_dict, unsigned int key_usage)
-{
- int key_usage_int = key_usage;
- CFNumberRef key_usage_num = CFNumberCreate(kCFAllocatorDefault, kCFNumberIntType, &key_usage_int);
- CFDictionarySetValue(extensions_dict, kSecCertificateKeyUsage, key_usage_num);
- CFRelease(key_usage_num);
-}
-
-
-static void test_cert_path_length(CFMutableDictionaryRef extensions_dict, unsigned int path_length)
-{
- int path_len_int = path_length;
- CFNumberRef path_len_num = CFNumberCreate(kCFAllocatorDefault, kCFNumberIntType, &path_len_int);
- CFDictionarySetValue(extensions_dict, kSecCSRBasicContraintsPathLen, path_len_num);
- CFRelease(path_len_num);
-}
-
-
-SecIdentityRef test_cert_create_root_certificate(CFStringRef subject, SecKeyRef public_key, SecKeyRef private_key)
-{
- SecCertificateRef ca_cert = NULL;
- SecIdentityRef ca_identity = NULL;
- CFMutableDictionaryRef extensions = NULL;
-
- CFArrayRef ca_subject = NULL;
- require(ca_subject = test_cert_string_to_subject(subject), out);
- extensions = CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
- test_cert_key_usage(extensions, kSecKeyUsageKeyCertSign | kSecKeyUsageCRLSign);
- test_cert_path_length(extensions, 0);
- ca_cert = SecGenerateSelfSignedCertificate(ca_subject, extensions, public_key, private_key);
- if (private_key && ca_cert)
- ca_identity = SecIdentityCreate(kCFAllocatorDefault, ca_cert, private_key);
-
-out:
- CFReleaseSafe(extensions);
- CFReleaseSafe(ca_subject);
- CFReleaseSafe(ca_cert);
-
- return ca_identity;
-}
-
-SecCertificateRef test_cert_issue_certificate(SecIdentityRef ca_identity,
- SecKeyRef public_key, CFStringRef subject,
- unsigned int serial_no, unsigned int key_usage)
-{
- SecCertificateRef cert = NULL;
- CFArrayRef cert_subject = NULL;
- CFDataRef serialno = NULL;
- CFMutableDictionaryRef extensions = NULL;
-
- unsigned int serial = htonl(serial_no);
- unsigned int serial_length = sizeof(serial);
- uint8_t *serial_non_zero = (uint8_t*)&serial;
- while (!*serial_non_zero && serial_length)
- { serial_non_zero++; serial_length--; }
- serialno = CFDataCreate(kCFAllocatorDefault,
- serial_non_zero, serial_length);
- require(cert_subject = test_cert_string_to_subject(subject), out);
- //extensions = CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
- //require(extensions, out);
- //test_cert_key_usage(extensions, key_usage);
-
- cert = SecIdentitySignCertificate(ca_identity, serialno,
- public_key, cert_subject, NULL);
-
-out:
- CFReleaseSafe(extensions);
- CFReleaseSafe(cert_subject);
- CFReleaseSafe(serialno);
-
- return cert;
-}
-
-OSStatus
-test_cert_generate_key(uint32_t key_size_in_bits, CFTypeRef sec_attr_key_type,
- SecKeyRef *private_key, SecKeyRef *public_key)
-{
- CFNumberRef key_size = CFNumberCreate(kCFAllocatorDefault, kCFNumberIntType, &key_size_in_bits);
- const void *keygen_keys[] = { kSecAttrKeyType, kSecAttrKeySizeInBits };
- const void *keygen_vals[] = { sec_attr_key_type, key_size };
- CFDictionaryRef parameters = CFDictionaryCreate(kCFAllocatorDefault,
- keygen_keys, keygen_vals, array_size(keygen_vals),
- &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
- CFRelease(key_size);
-
- return SecKeyGeneratePair(parameters, public_key, private_key);
-}
-
-#endif /* TARGET_OS_IPHONE */
projects / apple / security.git / blobdiff