Security-58286.260.20.tar.gz

[apple/security.git] / OSX / libsecurity_keychain / regressions / kc-18-find-combined.c
diff --git a/OSX/libsecurity_keychain/regressions/kc-18-find-combined.c b/OSX/libsecurity_keychain/regressions/kc-18-find-combined.c

index 12de9f6fc2027ee35b78a7583ac89ea8109e879e..b85f36ead8771070cf6b703f13bb0d626143cf14 100644 (file)
--- a/OSX/libsecurity_keychain/regressions/kc-18-find-combined.c
+++ b/OSX/libsecurity_keychain/regressions/kc-18-find-combined.c
@@ -42,6 +42,7 @@
  #include <CoreFoundation/CoreFoundation.h>
  #include <CoreServices/CoreServices.h>
  #include <Security/Security.h>
  #include <CoreFoundation/CoreFoundation.h>
  #include <CoreServices/CoreServices.h>
  #include <Security/Security.h>
+#include <Security/SecKey.h>
  #include <Security/SecPolicyPriv.h>
  
  #include <stdlib.h>
  #include <Security/SecPolicyPriv.h>
  
  #include <stdlib.h>
@@ -50,7 +51,7 @@
  #include <unistd.h>
  #include <time.h>
  #include <sys/param.h>
  #include <unistd.h>
  #include <time.h>
  #include <sys/param.h>
-#include "test/testenv.h"
+#include "regressions/test/testenv.h"
  #include "utilities/SecCFRelease.h"
  
  #include "keychain_regressions.h"
  #include "utilities/SecCFRelease.h"
  
  #include "keychain_regressions.h"
@@ -1051,10 +1052,20 @@ static void PrintStringToMatch(CFStringRef nameStr)
         }
  }
  
         }
  }
  
+static void PrintStringToMatchRelease(CFStringRef CF_CONSUMED nameStr)
+{
+    PrintStringToMatch(nameStr);
+    CFReleaseNull(nameStr);
+}
+
  
  static void PrintSecCertificate(SecCertificateRef certificate)
  {
         CFStringRef nameStr;
  
  static void PrintSecCertificate(SecCertificateRef certificate)
  {
         CFStringRef nameStr;
+    if(!certificate) {
+        return;
+    }
+
         OSStatus status = SecCertificateCopyCommonName(certificate, &nameStr);
         if (status) {
                 fprintf(stderr, "### SecCertificateCopyCommonName error %d\n", (int)status);
         OSStatus status = SecCertificateCopyCommonName(certificate, &nameStr);
         if (status) {
                 fprintf(stderr, "### SecCertificateCopyCommonName error %d\n", (int)status);
@@ -1075,6 +1086,10 @@ static void PrintSecCertificate(SecCertificateRef certificate)
  static void PrintSecIdentity(SecIdentityRef identity)
  {
         SecCertificateRef certRef;
  static void PrintSecIdentity(SecIdentityRef identity)
  {
         SecCertificateRef certRef;
+    if(!identity) {
+        return;
+    }
+
         OSStatus status = SecIdentityCopyCertificate(identity, &certRef);
         if (status) {
                 fprintf(stderr, "### SecIdentityCopyCertificate error %d\n", (int)status);
         OSStatus status = SecIdentityCopyCertificate(identity, &certRef);
         if (status) {
                 fprintf(stderr, "### SecIdentityCopyCertificate error %d\n", (int)status);
@@ -1220,6 +1235,7 @@ static int TestAddItems(SecKeychainRef keychain)
                 };
                 status = SecItemImport(p12DataRef,
                         NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
                 };
                 status = SecItemImport(p12DataRef,
                         NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
+        CFReleaseSafe(p12DataRef);
                 CFRelease(keyUsagesArray);
                 CFRelease(keyAttrsArray);
         #endif
                 CFRelease(keyUsagesArray);
                 CFRelease(keyAttrsArray);
         #endif
@@ -1266,6 +1282,7 @@ static int TestAddItems(SecKeychainRef keychain)
                 };
                 status = SecItemImport(p12DataRef,
                         NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
                 };
                 status = SecItemImport(p12DataRef,
                         NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
+        CFReleaseSafe(p12DataRef);
                 CFRelease(keyUsagesArray);
                 CFRelease(keyAttrsArray);
         #endif
                 CFRelease(keyUsagesArray);
                 CFRelease(keyAttrsArray);
         #endif
@@ -1297,6 +1314,7 @@ static int TestAddItems(SecKeychainRef keychain)
                 };
                 status = SecItemImport(p12DataRef,
                         NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
                 };
                 status = SecItemImport(p12DataRef,
                         NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
+        CFReleaseNull(p12DataRef);
                 CFRelease(keyUsagesArray);
                 CFRelease(keyAttrsArray);
          ok_status(status, "Unable to import TestIDSSL2007_p12 identity: error %d\n", (int)status);
                 CFRelease(keyUsagesArray);
                 CFRelease(keyAttrsArray);
          ok_status(status, "Unable to import TestIDSSL2007_p12 identity: error %d\n", (int)status);
@@ -1327,6 +1345,7 @@ static int TestAddItems(SecKeychainRef keychain)
                 };
                 status = SecItemImport(p12DataRef,
                         NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
                 };
                 status = SecItemImport(p12DataRef,
                         NULL, &format, &itemType, flags, &keyParams, keychain, NULL);
+        CFReleaseSafe(p12DataRef);
                 CFRelease(keyUsagesArray);
                 CFRelease(keyAttrsArray);
          ok_status(status, "Unable to import TestIDSMIME2007_p12 identity: error %d\n", (int)status);
                 CFRelease(keyUsagesArray);
                 CFRelease(keyAttrsArray);
          ok_status(status, "Unable to import TestIDSMIME2007_p12 identity: error %d\n", (int)status);
@@ -1658,7 +1677,7 @@ static int FindCertificateByNameAndValidDate(SecKeychainRef keychain,
         CFTypeRef results = NULL;
         if (debug) {
                 PrintStringToMatch(nameStr);
         CFTypeRef results = NULL;
         if (debug) {
                 PrintStringToMatch(nameStr);
-               PrintStringToMatch(CFCopyDescription(validOnDate));
+               PrintStringToMatchRelease(CFCopyDescription(validOnDate));
         }
  
         OSStatus status = SecItemCopyMatching(query, &results);
         }
  
         OSStatus status = SecItemCopyMatching(query, &results);
@@ -1719,8 +1738,8 @@ static int FindCertificateForSMIMEEncryption(SecKeychainRef keychain,
         CFTypeRef results = NULL;
         if (debug) {
                 PrintStringToMatch(emailAddr);
         CFTypeRef results = NULL;
         if (debug) {
                 PrintStringToMatch(emailAddr);
-               PrintStringToMatch(CFCopyDescription(kSecPolicyAppleSMIME));
-               PrintStringToMatch(CFCopyDescription(validOnDate));
+               PrintStringToMatchRelease(CFCopyDescription(kSecPolicyAppleSMIME));
+               PrintStringToMatchRelease(CFCopyDescription(validOnDate));
         }
  
         OSStatus status = SecItemCopyMatching(query, &results);
         }
  
         OSStatus status = SecItemCopyMatching(query, &results);
@@ -1793,7 +1812,7 @@ static int FindPreferredCertificateForSMIMEEncryption(SecKeychainRef keychain,
  
                 if (debug) {
                         PrintStringToMatch(emailAddr);
  
                 if (debug) {
                         PrintStringToMatch(emailAddr);
-                       PrintStringToMatch(CFCopyDescription(validOnDate));
+                       PrintStringToMatchRelease(CFCopyDescription(validOnDate));
                 }
  
                 status = SecItemCopyMatching(query, (CFTypeRef*)&validatedCertificate);
                 }
  
                 status = SecItemCopyMatching(query, (CFTypeRef*)&validatedCertificate);
@@ -2018,7 +2037,7 @@ static int FindIdentityByPolicyAndValidDate(SecKeychainRef keychain,
                 &kCFTypeDictionaryKeyCallBacks,
                 &kCFTypeDictionaryValueCallBacks);
  
                 &kCFTypeDictionaryKeyCallBacks,
                 &kCFTypeDictionaryValueCallBacks);
  
-       if (debug) PrintStringToMatch(CFCopyDescription(policyIdentifier));
+       if (debug) PrintStringToMatchRelease(CFCopyDescription(policyIdentifier));
  
         status = SecItemCopyMatching(query, &results);
  
  
         status = SecItemCopyMatching(query, &results);
  
@@ -2087,7 +2106,7 @@ static int FindIdentityByNameAndValidDate(SecKeychainRef keychain,
         CFTypeRef results = NULL;
         if (debug) {
                 PrintStringToMatch(nameStr);
         CFTypeRef results = NULL;
         if (debug) {
                 PrintStringToMatch(nameStr);
-               PrintStringToMatch(CFCopyDescription(validOnDate));
+               PrintStringToMatchRelease(CFCopyDescription(validOnDate));
         }
  
         OSStatus status = SecItemCopyMatching(query, &results);
         }
  
         OSStatus status = SecItemCopyMatching(query, &results);
@@ -2157,7 +2176,7 @@ static int FindPreferredIdentityForSMIMESigning(SecKeychainRef keychain, CFStrin
  
                 if (debug) {
                         PrintStringToMatch(emailAddr);
  
                 if (debug) {
                         PrintStringToMatch(emailAddr);
-                       PrintStringToMatch(CFCopyDescription(validOnDate));
+                       PrintStringToMatchRelease(CFCopyDescription(validOnDate));
                 }
  
                 status = SecItemCopyMatching(query, (CFTypeRef*)&validatedIdentity);
                 }
  
                 status = SecItemCopyMatching(query, (CFTypeRef*)&validatedIdentity);
@@ -2488,9 +2507,9 @@ static int FindMailPassword(SecKeychainRef keychain,
  
  
  
  
  
  
-const CFStringRef gPrefix = CFSTR("Test Key");
-const CFStringRef gLabel = CFSTR("Test AES Encryption Key");
-const CFStringRef gUUID = CFSTR("550e8400-e29b-41d4-a716-446655441234");
+const CFStringRef g18Prefix = CFSTR("Test Key");
+const CFStringRef g18Label = CFSTR("Test AES Encryption Key");
+const CFStringRef g18UUID = CFSTR("550e8400-e29b-41d4-a716-446655441234");
  
  // CreateSymmetricKey will create a new AES-128 symmetric encryption key
  // with the provided label, application label, and application tag.
  
  // CreateSymmetricKey will create a new AES-128 symmetric encryption key
  // with the provided label, application label, and application tag.
@@ -2517,7 +2536,7 @@ static int CreateSymmetricKey(
         // note: the access descriptor should be the same string as will be used for the item's label,
         // since it's the string that is displayed by the access confirmation dialog to describe the item.
         SecAccessRef access = NULL;
         // note: the access descriptor should be the same string as will be used for the item's label,
         // since it's the string that is displayed by the access confirmation dialog to describe the item.
         SecAccessRef access = NULL;
-       status = SecAccessCreate(gLabel, NULL, &access);
+       status = SecAccessCreate(g18Label, NULL, &access);
  
         // create a dictionary of parameters describing the key we want to create
         CFMutableDictionaryRef params = CFDictionaryCreateMutable(NULL, 0,
  
         // create a dictionary of parameters describing the key we want to create
         CFMutableDictionaryRef params = CFDictionaryCreateMutable(NULL, 0,
@@ -2529,7 +2548,7 @@ static int CreateSymmetricKey(
         CFDictionaryAddValue( params, kSecAttrAccess, access );
         CFDictionaryAddValue( params, kSecAttrKeyClass, kSecAttrKeyClassSymmetric );
         CFDictionaryAddValue( params, kSecAttrKeyType, kSecAttrKeyTypeAES );
         CFDictionaryAddValue( params, kSecAttrAccess, access );
         CFDictionaryAddValue( params, kSecAttrKeyClass, kSecAttrKeyClassSymmetric );
         CFDictionaryAddValue( params, kSecAttrKeyType, kSecAttrKeyTypeAES );
-       CFDictionaryAddValue( params, kSecAttrKeySizeInBits, keySize );
+    CFDictionaryAddValue( params, kSecAttrKeySizeInBits, keySize ); CFReleaseNull(keySize);
         CFDictionaryAddValue( params, kSecAttrIsPermanent, kCFBooleanTrue );
         CFDictionaryAddValue( params, kSecAttrCanEncrypt, kCFBooleanTrue );
         CFDictionaryAddValue( params, kSecAttrCanDecrypt, kCFBooleanTrue );
         CFDictionaryAddValue( params, kSecAttrIsPermanent, kCFBooleanTrue );
         CFDictionaryAddValue( params, kSecAttrCanEncrypt, kCFBooleanTrue );
         CFDictionaryAddValue( params, kSecAttrCanDecrypt, kCFBooleanTrue );
@@ -2754,9 +2773,11 @@ static int TestIdentityLookup(SecKeychainRef keychain)
  
         // look up identity by policy, want first result as a CFDictionary of attributes (should find "Test SSL User" identity)
         result += FindIdentityByPolicy(keychain, sslPolicy, kSecReturnAttributes, kSecMatchLimitOne, 1, noErr);
  
         // look up identity by policy, want first result as a CFDictionary of attributes (should find "Test SSL User" identity)
         result += FindIdentityByPolicy(keychain, sslPolicy, kSecReturnAttributes, kSecMatchLimitOne, 1, noErr);
+    CFReleaseNull(sslPolicy);
  
         // look up identity by policy, expect errSecItemNotFound error (this assumes no code signing identity is present!)
         result += FindIdentityByPolicy(keychain, codeSigningPolicy, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
  
         // look up identity by policy, expect errSecItemNotFound error (this assumes no code signing identity is present!)
         result += FindIdentityByPolicy(keychain, codeSigningPolicy, kSecReturnRef, kSecMatchLimitOne, 0, errSecItemNotFound);
+    CFReleaseNull(codeSigningPolicy);
  
         // -------------------------
         // test kSecMatchValidOnDate
  
         // -------------------------
         // test kSecMatchValidOnDate
@@ -2788,11 +2809,13 @@ static int TestIdentityLookup(SecKeychainRef keychain)
         CFDateRef aPastValidDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aPastValidGDate, NULL));
         if (FindIdentityByNameAndValidDate(keychain, CFSTR(" 2007"), aPastValidDate, kSecReturnRef, kSecMatchLimitAll, 0, noErr))
                 ++result;
         CFDateRef aPastValidDate = CFDateCreate(kCFAllocatorDefault, CFGregorianDateGetAbsoluteTime(aPastValidGDate, NULL));
         if (FindIdentityByNameAndValidDate(keychain, CFSTR(" 2007"), aPastValidDate, kSecReturnRef, kSecMatchLimitAll, 0, noErr))
                 ++result;
+    CFReleaseNull(aPastValidDate);
  
         // test the ability of kCFNull to denote "currently valid" (should not find anything, since the " 2007" certs are expired)
         if (FindIdentityByNameAndValidDate(keychain, CFSTR(" 2007"), kCFNull, kSecReturnRef, kSecMatchLimitAll, 0, errSecItemNotFound))
                 ++result;
  
  
         // test the ability of kCFNull to denote "currently valid" (should not find anything, since the " 2007" certs are expired)
         if (FindIdentityByNameAndValidDate(keychain, CFSTR(" 2007"), kCFNull, kSecReturnRef, kSecMatchLimitAll, 0, errSecItemNotFound))
                 ++result;
  
+
         // test Ian's bug: <rdar://8197632>; the 4th argument is a string which should NOT be present in any found items
         if (FindIdentityByPolicyAndValidDate(keychain, kSecPolicyAppleSMIME, FALSE, kCFNull, CFSTR(" 2007"), kSecReturnAttributes, kSecMatchLimitAll, 0, errSecSuccess))
                 ++result;
         // test Ian's bug: <rdar://8197632>; the 4th argument is a string which should NOT be present in any found items
         if (FindIdentityByPolicyAndValidDate(keychain, kSecPolicyAppleSMIME, FALSE, kCFNull, CFSTR(" 2007"), kSecReturnAttributes, kSecMatchLimitAll, 0, errSecSuccess))
                 ++result;
@@ -3032,12 +3055,12 @@ static int TestSymmetricKeyLookup(SecKeychainRef keychain)
         int result = 0;
  
         // look up our symmetric key by label and UUID (it might not exist yet)
         int result = 0;
  
         // look up our symmetric key by label and UUID (it might not exist yet)
-       if (FindSymmetricKey(keychain, gLabel, gUUID, NULL, errSecItemNotFound) != errSecSuccess) {
+       if (FindSymmetricKey(keychain, g18Label, g18UUID, NULL, errSecItemNotFound) != errSecSuccess) {
                 // create test key (unique by UUID only)
                 // create test key (unique by UUID only)
-               if (CreateSymmetricKey(keychain, gLabel, gUUID, NULL, errSecSuccess) != errSecSuccess)
+               if (CreateSymmetricKey(keychain, g18Label, g18UUID, NULL, errSecSuccess) != errSecSuccess)
                         ++result;
                 // look it up again (it should exist now!)
                         ++result;
                 // look it up again (it should exist now!)
-               if (FindSymmetricKey(keychain, gLabel, gUUID, NULL, errSecSuccess) != errSecSuccess)
+               if (FindSymmetricKey(keychain, g18Label, g18UUID, NULL, errSecSuccess) != errSecSuccess)
                         ++result;
         }
  
                         ++result;
         }
  
@@ -3045,7 +3068,7 @@ static int TestSymmetricKeyLookup(SecKeychainRef keychain)
         // (so we can make sure on a daily basis that SecKeyGenerateSymmetric is still working)
         CFGregorianDate curGDate = CFAbsoluteTimeGetGregorianDate(CFAbsoluteTimeGetCurrent(), NULL);
         CFStringRef curDateLabel = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@ (%4d-%02d-%02d)"),
         // (so we can make sure on a daily basis that SecKeyGenerateSymmetric is still working)
         CFGregorianDate curGDate = CFAbsoluteTimeGetGregorianDate(CFAbsoluteTimeGetCurrent(), NULL);
         CFStringRef curDateLabel = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@ (%4d-%02d-%02d)"),
-               gPrefix, (int32_t) curGDate.year, (int8_t) curGDate.month, (int8_t) curGDate.day);
+               g18Prefix, (int32_t) curGDate.year, (int8_t) curGDate.month, (int8_t) curGDate.day);
  
         //
         //%%% FIXME Creating a symmetric key with attributes that would duplicate an existing
  
         //
         //%%% FIXME Creating a symmetric key with attributes that would duplicate an existing
@@ -3055,17 +3078,17 @@ static int TestSymmetricKeyLookup(SecKeychainRef keychain)
         CFStringRef curAppTag = CFSTR("SecItemFind");
  
         // look up our date-based symmetric key by label, UUID, and tag (it might not exist yet)
         CFStringRef curAppTag = CFSTR("SecItemFind");
  
         // look up our date-based symmetric key by label, UUID, and tag (it might not exist yet)
-       if (FindSymmetricKey(keychain, curDateLabel, gUUID, curAppTag, errSecItemNotFound) != errSecSuccess) {
+       if (FindSymmetricKey(keychain, curDateLabel, g18UUID, curAppTag, errSecItemNotFound) != errSecSuccess) {
                 // create test key (unique by combination of UUID and application tag)
                 // create test key (unique by combination of UUID and application tag)
-               if (CreateSymmetricKey(keychain, curDateLabel, gUUID, curAppTag, errSecSuccess) != errSecSuccess)
+               if (CreateSymmetricKey(keychain, curDateLabel, g18UUID, curAppTag, errSecSuccess) != errSecSuccess)
                         ++result;
                 // look it up again (it should exist now!)
                         ++result;
                 // look it up again (it should exist now!)
-               if (FindSymmetricKey(keychain, curDateLabel, gUUID, curAppTag, errSecSuccess) != errSecSuccess)
+               if (FindSymmetricKey(keychain, curDateLabel, g18UUID, curAppTag, errSecSuccess) != errSecSuccess)
                         ++result;
         }
  
         // test handling of duplicate symmetric key items (<rdar://8289559>)
                         ++result;
         }
  
         // test handling of duplicate symmetric key items (<rdar://8289559>)
-       if (CreateSymmetricKey(keychain, curDateLabel, gUUID, curAppTag, errSecDuplicateItem) != errSecDuplicateItem)
+       if (CreateSymmetricKey(keychain, curDateLabel, g18UUID, curAppTag, errSecDuplicateItem) != errSecDuplicateItem)
                 ++result;
  
         CFRelease(curDateLabel);
                 ++result;
  
         CFRelease(curDateLabel);
@@ -3140,7 +3163,7 @@ static int TestUpdateItems(SecKeychainRef keychain)
         CFNumberRef keySize = CFNumberCreate(NULL, kCFNumberIntType, &keySizeValue);
         CFStringRef keyLabel = CFSTR("AppleID 8658820 test key");
         CFDictionaryAddValue( params, kSecAttrKeyType, kSecAttrKeyTypeRSA );
         CFNumberRef keySize = CFNumberCreate(NULL, kCFNumberIntType, &keySizeValue);
         CFStringRef keyLabel = CFSTR("AppleID 8658820 test key");
         CFDictionaryAddValue( params, kSecAttrKeyType, kSecAttrKeyTypeRSA );
-       CFDictionaryAddValue( params, kSecAttrKeySizeInBits, keySize );
+    CFDictionaryAddValue( params, kSecAttrKeySizeInBits, keySize ); CFReleaseNull(keySize);
         CFDictionaryAddValue( params, kSecAttrLabel, keyLabel );
         CFDictionaryAddValue( params, kSecUseKeychain, keychain );
  //     CFDictionaryAddValue( params, kSecAttrAccess, access );
         CFDictionaryAddValue( params, kSecAttrLabel, keyLabel );
         CFDictionaryAddValue( params, kSecUseKeychain, keychain );
  //     CFDictionaryAddValue( params, kSecAttrAccess, access );
@@ -3247,11 +3270,11 @@ static int TestDeleteItems(SecKeychainRef keychain)
                 ++result;
  
         // delete our test symmetric keys (no partial string matching for key items! need an ER Radar...)
                 ++result;
  
         // delete our test symmetric keys (no partial string matching for key items! need an ER Radar...)
-       if (FindAndDeleteItemsByName(keychain, gLabel, NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
+       if (FindAndDeleteItemsByName(keychain, g18Label, NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
                 ++result;
         CFGregorianDate curGDate = CFAbsoluteTimeGetGregorianDate(CFAbsoluteTimeGetCurrent(), NULL);
         CFStringRef curDateLabel = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@ (%4d-%02d-%02d)"),
                 ++result;
         CFGregorianDate curGDate = CFAbsoluteTimeGetGregorianDate(CFAbsoluteTimeGetCurrent(), NULL);
         CFStringRef curDateLabel = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@ (%4d-%02d-%02d)"),
-               gPrefix, (int32_t) curGDate.year, (int8_t) curGDate.month, (int8_t) curGDate.day);
+               g18Prefix, (int32_t) curGDate.year, (int8_t) curGDate.month, (int8_t) curGDate.day);
         if (FindAndDeleteItemsByName(keychain, curDateLabel, NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
                 ++result;
         CFRelease(curDateLabel);
         if (FindAndDeleteItemsByName(keychain, curDateLabel, NULL, kSecClassKey, kSecMatchLimitAll, 1, noErr))
                 ++result;
         CFRelease(curDateLabel);