+++ /dev/null
-/* Copyright (c) 2001,2003-2006,2008 Apple Inc.
- *
- * keyStore.c - basic key pair store/lookup routines.
- *
- * create key pair, varying pub is permanent, priv is permanent;
- * sign some data with priv;
- * lookUpPub = lookup pub by label;
- * vfy with lookUpPub;
- * lookUpPriv = lookup priv by label;
- * if(privIsPerm) {
- * ensure lookUpPriv == priv;
- * freeKey(lookUpPriv);
- * obtainedPriv = obtainPubFromPriv(lookUpPub);
- * ensure obtainedPriv == priv;
- * freeKey(obtainedPriv);
- * delete priv; // cspwrap does implicit freeKey here...
- * }
- * else {
- * free priv;
- * }
- * lookUpPriv = lookup priv by label; verify fail;
- * lookUpPriv = obtainPubFromPriv(pub); verify fail;
- * freeKey(lookUpPub);
- * if pub is permament {
- * lookUpPub = lookup pub by label; verify OK;
- * deleteKey(lookUpPub);
- * lookUpPub = lookup pub by label; verify fail;
- * }
- * lookUpPub = lookup pub by label; verify fail;
- */
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <time.h>
-#include <string.h>
-#include <unistd.h>
-#include <Security/cssm.h>
-#include "cspwrap.h"
-#include "common.h"
-#include "cspdlTesting.h"
-
-#define LOOPS_DEF 10
-#define MAX_DATA_SIZE 100
-#define DB_NAME "keyStore.db"
-
-/* can't lookup non-permanent keys! */
-#define FORCE_PUB_PERMANENT 0
-
-static void usage(char **argv)
-{
- printf("usage: %s [options]\n", argv[0]);
- printf(" Options:\n");
- printf(" l=loops (default=%d; 0=forever)\n", LOOPS_DEF);
- printf(" r(RSA; default = FEE)\n");
- printf(" p(ermanent keys, implies l=1)\n");
- printf(" k=keyChainFile\n");
- printf(" n(o sign/verify)\n");
- printf(" N(o lookup of nonexistent keys)\n");
- printf(" x (privKey always extractable)\n");
- printf(" P(ause for MallocDebug)\n");
- printf(" v(erbose)\n");
- printf(" q(uiet)\n");
- printf(" h(elp)\n");
- exit(1);
-}
-
-#define FEE_PRIV_DATA_SIZE 20
-
-/*
- * NULL wrap, error tolerant.
- */
-CSSM_RETURN cspNullWrapKey(
- CSSM_CSP_HANDLE cspHand,
- const CSSM_KEY *refKey,
- CSSM_KEY_PTR rawKey) // RETURNED on success, caller must FreeKey
-{
- CSSM_CC_HANDLE ccHand;
- CSSM_RETURN crtn;
- CSSM_ACCESS_CREDENTIALS creds;
- CSSM_DATA descData = {0, 0};
-
- memset(rawKey, 0, sizeof(CSSM_KEY));
- memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
- crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
- CSSM_ALGID_NONE,
- CSSM_ALGMODE_NONE,
- &creds, // passPhrase,
- NULL, // wrappingKey,
- NULL, // initVector,
- CSSM_PADDING_NONE,
- 0, // Params
- &ccHand);
- if(crtn) {
- printError("cspNullWrapKey/CreateContext", crtn);
- return crtn;
- }
- crtn = CSSM_WrapKey(ccHand,
- &creds,
- refKey,
- &descData, // DescriptiveData
- rawKey);
- if(CSSM_DeleteContext(ccHand)) {
- printf("CSSM_DeleteContext failure\n");
- }
- return crtn;
-}
-
-
-/*
- * Generate key pair, default size. This is like cspGenKeyPair in cspwrap.c,
- * tweaked for this test To allow varying permanent attribute.
- */
-static CSSM_RETURN genKeyPair(CSSM_CSP_HANDLE cspHand,
- CSSM_DL_HANDLE dlHand,
- CSSM_DB_HANDLE dbHand,
- const CSSM_DATA_PTR keyLabel,
- CSSM_KEY_PTR pubKey, // mallocd by caller
- uint32 pubKeyUsage, // CSSM_KEYUSE_ENCRYPT, etc.
- uint32 pubKeyAttr,
- CSSM_KEY_PTR privKey, // mallocd by caller
- uint32 privKeyUsage, // CSSM_KEYUSE_DECRYPT, etc.
- uint32 privKeyAttr,
- uint32 keyGenAlg)
-{
- CSSM_RETURN crtn;
- CSSM_CC_HANDLE ccHand;
- CSSM_RETURN ocrtn = CSSM_OK;
- uint32 keySize;
-
- if(keyGenAlg == CSSM_ALGID_FEE) {
- keySize = CSP_FEE_KEY_SIZE_DEFAULT;
- }
- else {
- keySize = CSP_RSA_KEY_SIZE_DEFAULT;
- }
- memset(pubKey, 0, sizeof(CSSM_KEY));
- memset(privKey, 0, sizeof(CSSM_KEY));
-
- crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
- keyGenAlg,
- keySize,
- NULL, // Seed
- NULL, // Salt
- NULL, // StartDate
- NULL, // EndDate
- NULL, // Params
- &ccHand);
- if(crtn) {
- printError("CSSM_CSP_CreateKeyGenContext", crtn);
- ocrtn = crtn;
- goto abort;
- }
-
- /* add in DL/DB to context */
- crtn = cspAddDlDbToContext(ccHand, dlHand, dbHand);
- if(crtn) {
- ocrtn = crtn;
- goto abort;
- }
- crtn = CSSM_GenerateKeyPair(ccHand,
- pubKeyUsage,
- pubKeyAttr,
- keyLabel,
- pubKey,
- privKeyUsage,
- privKeyAttr,
- keyLabel, // same labels
- NULL, // cred/acl
- privKey);
- if(crtn) {
- printError("CSSM_GenerateKeyPair", crtn);
- ocrtn = crtn;
- goto abort;
- }
-
- /* basic checks...*/
- if(privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
- printf("privKey blob type: exp %u got %u\n",
- CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
- }
- if(pubKeyAttr & CSSM_KEYATTR_RETURN_REF) {
- if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
- printf("pubKey blob type: exp %u got %u\n",
- CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
- ocrtn = -1;
- goto abort;
- }
- }
- else {
- if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_RAW) {
- printf("pubKey blob type: exp %u got %u\n",
- CSSM_KEYBLOB_RAW, (unsigned)privKey->KeyHeader.BlobType);
- ocrtn = -1;
- goto abort;
- }
- }
-
-abort:
- if(ccHand != 0) {
- crtn = CSSM_DeleteContext(ccHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- }
- return ocrtn;
-}
-
-#define KEY_LABEL "testKey"
-
-/*
- * when true, keyref in key obtained from DL differs from
- * keyref in key from CSP
- */
-#define DL_REF_KEYS_DIFFER 1
-
-/*
- * ObtainPrivateKeyFromPublicKey doesn't work yet
- */
-#define DO_OBTAIN_FROM_PUB CSPDL_OBTAIN_PRIV_FROM_PUB
-
-/* we're assumed to be logged in for access to private objects */
-static int doTest(CSSM_CSP_HANDLE cspHand,
- CSSM_DL_HANDLE dlHand,
- CSSM_DB_HANDLE dbHand,
- CSSM_BOOL pubIsPerm, // pub is permanent
- CSSM_BOOL privIsPerm, // priv is permanent
- CSSM_BOOL privIsExtractable,
- CSSM_BOOL permKeys, // leave them in the KC
- CSSM_BOOL doSignVerify,
- CSSM_BOOL doFailedLookup,
- CSSM_DATA_PTR ptext,
- CSSM_BOOL verbose,
- CSSM_BOOL quiet,
- uint32 keyGenAlg,
- uint32 sigAlg)
-{
- CSSM_KEY pubKey; // from GenerateKeyPair
- CSSM_KEY privKey;
- CSSM_KEY_PTR lookUpPub; // from cspLookUpKeyByLabel, etc.
- CSSM_KEY_PTR lookUpPriv;
- CSSM_RETURN crtn;
- CSSM_DATA sig;
- CSSM_DATA labelData;
- CSSM_KEY obtainedPriv;
- uint32 pubAttr;
- uint32 privAttr;
- CSSM_KEY rawPrivKey;
- labelData.Data = (uint8 *)KEY_LABEL;
- labelData.Length = strlen(KEY_LABEL);
- CSSM_BOOL doLookup;
-
- /* create key pair */
- if(verbose) {
- printf(" ...generating key pair (pubIsPerm %d privIsPerm %d privIsExtract"
- " %d)\n", (int)pubIsPerm, (int)privIsPerm, (int)privIsExtractable);
- }
- pubAttr = CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_RETURN_REF;
- if(pubIsPerm) {
- pubAttr |= CSSM_KEYATTR_PERMANENT;
- }
-
- /*
- * To use a NULL wrap to test detection of !EXTRACTABLE, we're relying on
- * being able to create !SENSITIVE private keys. We'll make 'em sensitive
- * if we're not trying to null wrap them.
- */
- privAttr = CSSM_KEYATTR_RETURN_REF;
- if(privIsPerm) {
- privAttr |= CSSM_KEYATTR_PERMANENT;
- }
- if(privIsExtractable) {
- privAttr |= CSSM_KEYATTR_EXTRACTABLE;
- }
- else {
- privAttr |= CSSM_KEYATTR_SENSITIVE;
- }
- #if CSPDL_KEYATTR_PRIVATE
- privAttr |= CSSM_KEYATTR_PRIVATE;
- #endif
- crtn = genKeyPair(cspHand,
- dlHand,
- dbHand,
- &labelData,
- &pubKey,
- CSSM_KEYUSE_VERIFY, // pubKeyUsage
- pubAttr,
- &privKey,
- CSSM_KEYUSE_SIGN,
- privAttr,
- keyGenAlg);
- if(crtn) {
- return testError(quiet);
- }
-
- /* lookUpPub = lookup pub by label; */
- doLookup = CSSM_TRUE;
- if(verbose) {
- if(pubIsPerm) {
- printf(" ...lookup pub by label\n");
- }
- else {
- if(doFailedLookup) {
- printf(" ...lookup (nonexistent) pub by label\n");
- }
- else {
- doLookup = CSSM_FALSE;
- lookUpPub = NULL;
- }
- }
- }
- if(doLookup) {
- lookUpPub = cspLookUpKeyByLabel(dlHand, dbHand, &labelData, CKT_Public);
- }
- if(pubIsPerm) {
- if(lookUpPub == NULL) {
- printf("lookup pub by label failed\n");
- return testError(quiet);
- }
-
- /* sign some data with priv; */
- sig.Data = NULL;
- sig.Length = 0;
- if(doSignVerify) {
- if(cspSign(cspHand,
- sigAlg,
- &privKey,
- ptext,
- &sig)) {
- return testError(quiet);
- }
- }
- /* verify header compare */
- if(memcmp(&lookUpPub->KeyHeader, &pubKey.KeyHeader,
- sizeof(CSSM_KEYHEADER))) {
- printf("**pubKey header miscompare\n");
- return testError(quiet);
- }
-
- /* vfy with lookUpPub; */
- if(doSignVerify) {
- if(cspSigVerify(cspHand,
- sigAlg,
- lookUpPub,
- ptext,
- &sig,
- CSSM_OK)) {
- return testError(quiet);
- }
-
- CSSM_FREE(sig.Data);
- sig.Data = NULL;
- sig.Data = 0;
- }
- }
- else {
- if(doLookup && (lookUpPub != NULL)) {
- printf("***Unexpected success on cspLookUpKeyByLabel(pub, not perm)\n");
- return testError(quiet);
- }
- }
-
- /*
- * Ensure proper behavior of extractable bit
- */
- if(verbose) {
- printf(" ...null wrap %s private key\n",
- privIsExtractable ? "EXTRACTABLE" : "!EXTRACTABLE");
- }
- crtn = cspNullWrapKey(cspHand, &privKey, &rawPrivKey);
- if(privIsExtractable) {
- if(crtn) {
- printError("Null Wrap(extractable private key)", crtn);
- return testError(quiet);
- }
- if(verbose) {
- printf(" ...free rawPrivKey\n");
- }
- cspFreeKey(cspHand, &rawPrivKey);
- }
- else {
- if(crtn != CSSMERR_CSP_INVALID_KEYATTR_MASK) {
- printError("Null Wrap of !extractable private key: expected "
- "INVALID_KEYATTR_MASK, got", crtn);
- if(crtn == CSSM_OK) {
- cspFreeKey(cspHand, &rawPrivKey);
- }
- return testError(quiet);
- }
- }
- /* lookUpPriv = lookup priv by label; ensure == privKey; */
- doLookup = CSSM_TRUE;
- if(verbose) {
- if(privIsPerm) {
- printf(" ...lookup priv by label\n");
- }
- else {
- if(doFailedLookup) {
- printf(" ...lookup (nonexistent) priv by label\n");
- }
- else {
- doLookup = CSSM_FALSE;
- lookUpPriv = NULL;
- }
- }
- }
- if(doLookup) {
- lookUpPriv = cspLookUpKeyByLabel(dlHand, dbHand, &labelData, CKT_Private);
- }
- if(privIsPerm) {
- if(lookUpPriv == NULL) {
- printf("lookup priv by label failed\n");
- return testError(quiet);
- }
-
- /* note we "know" that both keys are ref keys...*/
- if(lookUpPriv->KeyData.Length != privKey.KeyData.Length) {
- printf("priv key data length mismatch\n");
- return testError(quiet);
- }
- #if DL_REF_KEYS_DIFFER
- if(!memcmp(lookUpPriv->KeyData.Data, privKey.KeyData.Data,
- privKey.KeyData.Length)) {
- printf("priv key ref data mismatch\n");
- return testError(quiet);
- }
- #else /* DL_REF_KEYS_DIFFER */
- if(memcmp(lookUpPriv->KeyData.Data, privKey.KeyData.Data,
- privKey.KeyData.Length)) {
- printf("unexpected priv key ref data match\n");
- return testError(quiet);
- }
- #endif /* DL_REF_KEYS_DIFFER */
-
- /* verify header compare in any case */
- if(memcmp(&lookUpPriv->KeyHeader, &privKey.KeyHeader,
- sizeof(CSSM_KEYHEADER))) {
- printf("**privKey header miscompare\n");
- return testError(quiet);
- }
-
- /* sign with lookUpPriv, verify with pubKey */
- sig.Data = NULL;
- sig.Length = 0;
- if(doSignVerify) {
- if(verbose) {
- printf(" ...sign with lookup priv\n");
- }
- if(cspSign(cspHand,
- sigAlg,
- lookUpPriv,
- ptext,
- &sig)) {
- return testError(quiet);
- }
- if(verbose) {
- printf(" ...verify with pub\n");
- }
- if(cspSigVerify(cspHand,
- sigAlg,
- &pubKey,
- ptext,
- &sig,
- CSSM_OK)) {
- printf("***sign with lookUpPriv, vfy with pub FAILED\n");
- return testError(quiet);
- }
- CSSM_FREE(sig.Data);
- sig.Data = NULL;
- sig.Data = 0;
- }
-
- /* free lookUpPriv from cache, but it's permanent */
- if(verbose) {
- printf(" ...free lookupPriv\n");
- }
- if(cspFreeKey(cspHand, lookUpPriv)) {
- printf("Error on cspFreeKey(lookUpPriv)\n");
- return testError(quiet);
- }
- CSSM_FREE(lookUpPriv); // mallocd during lookup
- lookUpPriv = NULL;
-
- #if DO_OBTAIN_FROM_PUB
- /* obtainedPriv = obtainPubFromPriv(pub); ensure == priv; */
- if(verbose) {
- printf(" ...ObtainPrivateKeyFromPublicKey\n");
- }
- obtainedPriv.KeyData.Data = NULL;
- obtainedPriv.KeyData.Length = 0;
- crtn = CSSM_CSP_ObtainPrivateKeyFromPublicKey(cspHand,
- lookUpPub,
- &obtainedPriv);
- if(crtn) {
- printError("ObtainPrivateKeyFromPublicKey", crtn);
- return testError(quiet);
- }
-
- /* free obtainedPriv from cache, but it's permanent */
- if(verbose) {
- printf(" ...free obtainedPriv\n");
- }
- if(cspFreeKey(cspHand, &obtainedPriv)) {
- printf("Error on cspFreeKey(obtainedPriv)\n");
- return testError(quiet);
- }
-
- #endif /* DO_OBTAIN_FROM_PUB */
-
- if(!permKeys) {
- /* delete priv - implies freeKey as well */
- if(verbose) {
- printf(" ...delete privKey\n");
- }
- crtn = cspDeleteKey(cspHand, dlHand, dbHand, &labelData, &privKey);
- if(crtn) {
- printf("Error deleting priv\n");
- return testError(quiet);
- }
-
- /* lookUpPriv = lookup priv by label; verify fail; */
- if(doFailedLookup) {
- if(verbose) {
- printf(" ...lookup (nonexistent) priv by label\n");
- }
- lookUpPriv = cspLookUpKeyByLabel(dlHand, dbHand, &labelData, CKT_Private);
- if(lookUpPriv != NULL) {
- printf("Unexpected success on cspLookUpKeyByLabel(priv)\n");
- return testError(quiet);
- }
- }
- else {
- lookUpPriv = NULL;
- }
- }
- }
- else if(doLookup) {
- /* !privIsPerm - just free it and it's all gone */
- if(lookUpPriv != NULL) {
- printf("***Unexpected success on cspLookUpKeyByLabel(priv, not perm)\n");
- return testError(quiet);
- }
- if(verbose) {
- printf(" ...free privKey\n");
- }
- if(cspFreeKey(cspHand, &privKey)) {
- printf("Error on cspFreeKey(privKey)\n");
- return testError(quiet);
- }
- }
- /* CSP, DL have no knowledge of privKey or its variations */
-
- /* obtainedPriv = obtainPubFromPriv(pub); verify fail;*/
- /* Note this should be safe even if DO_OBTAIN_FROM_PUB == 0 */
- obtainedPriv.KeyData.Data = NULL;
- obtainedPriv.KeyData.Length = 0;
- if(verbose) {
- printf(" ...obtain (nonexistent) priv by public\n");
- }
- crtn = CSSM_CSP_ObtainPrivateKeyFromPublicKey(cspHand,
- &pubKey,
- &obtainedPriv);
- switch(crtn) {
- case CSSM_OK:
- printf("Unexpected success on ObtainPrivateKeyFromPublicKey\n");
- return testError(quiet);
- case CSSMERR_CSP_PRIVATE_KEY_NOT_FOUND:
- break;
- #if !CSPDL_OBTAIN_PRIV_FROM_PUB
- case CSSMERR_CSP_FUNCTION_NOT_IMPLEMENTED:
- /* OK */
- break;
- #endif
- default:
- printf("Unexpected err ObtainPrivateKeyFromPublicKey\n");
- printError("got this", crtn);
- return testError(quiet);
- }
-
- /* free one or both copies of pub as appropriate */
- if(verbose) {
- printf(" ...free pubKey\n");
- }
- crtn = cspFreeKey(cspHand, &pubKey);
- if(crtn) {
- printf("Error freeing pubKey\n");
- return testError(quiet);
- }
- if(pubIsPerm) {
- if(verbose) {
- printf(" ...free lookUpPub\n");
- }
- crtn = cspFreeKey(cspHand, lookUpPub);
- if(crtn) {
- printf("Error freeing lookUpPub\n");
- return testError(quiet);
- }
- }
- if(lookUpPub) {
- CSSM_FREE(lookUpPub); // mallocd by lookup in any case
- }
-
- if(pubIsPerm) {
- /* pub should still be there in DL */
- /* lookUpPub = lookup pub by label; verify OK; */
- if(verbose) {
- printf(" ...lookup pub by label (2)\n");
- }
- lookUpPub = cspLookUpKeyByLabel(dlHand, dbHand, &labelData, CKT_Public);
- if(lookUpPub == NULL) {
- printf("lookup pub by label (2) failed\n");
- return testError(quiet);
- }
-
- if(!permKeys) {
- /* now really delete it */
- if(verbose) {
- printf(" ...delete lookUpPub\n");
- }
- crtn = cspDeleteKey(cspHand, dlHand, dbHand, &labelData, lookUpPub);
- if(crtn) {
- printf("Error deleting lookUpPub\n");
- return testError(quiet);
- }
- CSSM_FREE(lookUpPub); // mallocd by lookup
- }
- }
- /* else freeKey should have removed all trace */
-
- if(!permKeys && doFailedLookup) {
- /* lookUpPub = lookup pub by label; verify fail; */
- if(verbose) {
- printf(" ...lookup (nonexistent) pub by label\n");
- }
- lookUpPub = cspLookUpKeyByLabel(dlHand, dbHand, &labelData, CKT_Public);
- if(lookUpPub != NULL) {
- printf("Unexpected success on cspLookUpKeyByLabel(pub) (2)\n");
- return testError(quiet);
- }
- }
- return 0;
-}
-
-int main(int argc, char **argv)
-{
- int arg;
- char *argp;
- unsigned loop;
- CSSM_DATA ptext;
- CSSM_CSP_HANDLE cspHand;
- CSSM_DB_HANDLE dbHand;
- CSSM_DL_HANDLE dlHand;
- CSSM_BOOL pubIsPerm;
- CSSM_BOOL privIsPerm;
- CSSM_BOOL privIsExtractable;
- uint32 keyGenAlg = CSSM_ALGID_FEE;
- uint32 sigAlg = CSSM_ALGID_FEE_MD5;
- int rtn = 0;
- CSSM_RETURN crtn;
-
- /*
- * User-spec'd params
- */
- unsigned loops = LOOPS_DEF;
- CSSM_BOOL verbose = CSSM_FALSE;
- CSSM_BOOL quiet = CSSM_FALSE;
- CSSM_BOOL permKeys = CSSM_FALSE;
- char dbName[100]; /* DB_NAME_pid */
- CSSM_BOOL useExistDb = CSSM_FALSE;
- CSSM_BOOL doPause = CSSM_FALSE;
- CSSM_BOOL doSignVerify = CSSM_TRUE;
- CSSM_BOOL doFailedLookup = CSSM_TRUE;
- CSSM_BOOL privAlwaysExtractable = CSSM_FALSE;
-
- dbName[0] = '\0';
-
- for(arg=1; arg<argc; arg++) {
- argp = argv[arg];
- switch(argp[0]) {
- case 'l':
- loops = atoi(&argp[2]);
- break;
- case 'v':
- verbose = CSSM_TRUE;
- break;
- case 'q':
- quiet = CSSM_TRUE;
- break;
- case 'p':
- permKeys = CSSM_TRUE;
- loops = 1;
- break;
- case 'r':
- keyGenAlg = CSSM_ALGID_RSA;
- sigAlg = CSSM_ALGID_MD5WithRSA;
- break;
- case 'k':
- memmove(dbName, &argp[2], strlen(&argp[2]) + 1);
- useExistDb = CSSM_TRUE;
- break;
- case 'P':
- doPause = CSSM_TRUE;
- break;
- case 'n':
- doSignVerify = CSSM_FALSE;
- break;
- case 'N':
- doFailedLookup = CSSM_FALSE;
- break;
- case 'x':
- privAlwaysExtractable = CSSM_TRUE;
- break;
- case 'h':
- default:
- usage(argv);
- }
- }
-
- if(dbName[0] == '\0') {
- sprintf(dbName, "%s_%d", DB_NAME, (int)getpid());
- }
-
- ptext.Data = (uint8 *)CSSM_MALLOC(MAX_DATA_SIZE);
- ptext.Length = MAX_DATA_SIZE;
- /* data generated in test loop */
- if(ptext.Data == NULL) {
- printf("Insufficient heap\n");
- exit(1);
- }
-
- testStartBanner("keyStore", argc, argv);
-
- /* attach to CSP/DL */
- cspHand = cspDlDbStartup(CSSM_FALSE, NULL);
- if(cspHand == 0) {
- exit(1);
- }
- dlHand = dlStartup();
- if(dlHand == 0) {
- exit(1);
- }
- if(useExistDb) {
- /* this one may well require SecurityAgent UI */
- crtn = dbCreateOpen(dlHand, dbName, CSSM_FALSE, CSSM_FALSE, NULL,
- &dbHand);
- }
- else {
- /* hands-free test */
- crtn = dbCreateOpen(dlHand, dbName, CSSM_TRUE, CSSM_TRUE, dbName,
- &dbHand);
- }
- if(crtn) {
- exit(1);
- }
- for(loop=1; ; loop++) {
-
- if(!quiet) {
- printf("...loop %d\n", loop);
- }
- appGetRandomBytes(ptext.Data, ptext.Length);
-
- if(permKeys) {
- pubIsPerm = privIsPerm = CSSM_TRUE;
- }
- else {
- #if CSPDL_ALL_KEYS_ARE_PERMANENT
- pubIsPerm = CSSM_TRUE;
- privIsPerm = CSSM_TRUE;
- #else
-
- /* mix up pubIsPerm, privIsPerm */
- pubIsPerm = (loop & 1) ? CSSM_TRUE : CSSM_FALSE;
- privIsPerm = (loop & 2) ? CSSM_TRUE : CSSM_FALSE;
- #if FORCE_PUB_PERMANENT
- pubIsPerm = CSSM_TRUE;
- #endif
- #endif /* CSPDL_ALL_KEYS_ARE_PERMANENT */
- }
- privIsExtractable = ((loop & 4) || privAlwaysExtractable) ? CSSM_TRUE : CSSM_FALSE;
- if(doTest(cspHand,
- dlHand,
- dbHand,
- pubIsPerm,
- privIsPerm,
- privIsExtractable,
- permKeys,
- doSignVerify, doFailedLookup,
- &ptext,
- verbose,
- quiet,
- keyGenAlg,
- sigAlg)) {
- rtn = 1;
- break;
- }
- if(loops && (loop == loops)) {
- break;
- }
- if(doPause) {
- fpurge(stdin);
- printf("CR to continue: ");
- getchar();
- }
- }
-
- cspShutdown(cspHand, CSSM_FALSE);
- /* FIXME - DB close? DL shutdown? */
- if((rtn == 0) && !quiet) {
- printf("%s test complete\n", argv[0]);
- }
- if((rtn == 0) & !permKeys) {
- /* be nice: if we ran OK delete the cruft DB we created */
- unlink(dbName);
- }
- return rtn;
-}
projects / apple / security.git / blobdiff