]> git.saurik.com Git - apple/security.git/blobdiff - OSX/sec/Security/Regressions/secitem/si-21-sectrust-asr.c
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-57740.1.18.tar.gz
[apple/security.git] / OSX / sec / Security / Regressions / secitem / si-21-sectrust-asr.c
diff --git a/OSX/sec/Security/Regressions/secitem/si-21-sectrust-asr.c b/OSX/sec/Security/Regressions/secitem/si-21-sectrust-asr.c
index b8e1c56e2598c0f87b07ea0ad20fe9ca8c9f2806..0e7e535071c0a99ccbb96693518bf95918fce979 100644 (file)
--- a/OSX/sec/Security/Regressions/secitem/si-21-sectrust-asr.c
+++ b/OSX/sec/Security/Regressions/secitem/si-21-sectrust-asr.c
@@ -12,14 +12,17 @@
 #include <Security/SecPolicyPriv.h>
 #include <Security/SecTrust.h>
 #include <Security/SecKey.h>
-#include <Security/SecInternal.h>
+#include <Security/SecKeyPriv.h>
 #include <CommonCrypto/CommonDigest.h>
 #include <CommonCrypto/CommonDigestSPI.h>
 
 #include <stdlib.h>
 #include <unistd.h>
 
-#include "Security_regressions.h"
+#include "shared_regressions.h"
+
+#define CFReleaseSafe(CF) { CFTypeRef _cf = (CF); if (_cf) CFRelease(_cf); }
+#define CFReleaseNull(CF) { CFTypeRef _cf = (CF); if (_cf) CFRelease(_cf); (CF) = NULL; }
 
 static const UInt8 sITunesStoreRootCertificate[] =
 {
@@ -133,7 +136,9 @@ static void tests(void)
     CFDataRef signature = CFDictionaryGetValue(urlBagDict, CFSTR("signature"));
        CFDataRef bag = CFDictionaryGetValue(urlBagDict, CFSTR("bag"));
     unsigned char sha1_hash[CC_SHA1_DIGEST_LENGTH];
+    CFDataRef sha1Data = NULL;
     CCDigest(kCCDigestSHA1, CFDataGetBytePtr(bag), CFDataGetLength(bag), sha1_hash);
+    sha1Data = CFDataCreate(NULL, sha1_hash, sizeof(sha1_hash));
 
     isnt(policy = SecPolicyCreateBasicX509(), NULL, "create policy instance");
 
@@ -148,9 +153,14 @@ static void tests(void)
     }
        SecKeyRef pub_key_leaf;
        isnt(pub_key_leaf = SecTrustCopyPublicKey(trust), NULL, "get leaf pub key");
-       ok_status(SecKeyRawVerify(pub_key_leaf, kSecPaddingPKCS1SHA1, sha1_hash, sizeof(sha1_hash), CFDataGetBytePtr(signature), CFDataGetLength(signature)),
-               "verify signature on bag");
-
+    if (!pub_key_leaf) { goto errOut; }
+    CFErrorRef error = NULL;
+    ok(SecKeyVerifySignature(pub_key_leaf, kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA1, sha1Data, signature, &error),
+              "verify signature on bag");
+    CFReleaseNull(error);
+
+errOut:
+    CFReleaseSafe(sha1Data);
     CFReleaseSafe(pub_key_leaf);
        CFReleaseSafe(urlBagDict);
     CFReleaseSafe(certs);
mirror of Security