X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/80e2389990082500d76eb566d4946be3e786c3ef..d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb:/SecurityTests/clxutils/cmsTime/cmsTime.cpp diff --git a/SecurityTests/clxutils/cmsTime/cmsTime.cpp b/SecurityTests/clxutils/cmsTime/cmsTime.cpp new file mode 100644 index 00000000..b87102aa --- /dev/null +++ b/SecurityTests/clxutils/cmsTime/cmsTime.cpp @@ -0,0 +1,156 @@ +/* + * cmsTime.cpp - measure performance of CMS decode & verify + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define LOOPS_DEF 100 +#define SIGNED_FILE "noRoot.p7" + +static void usage(char **argv) +{ + printf("usage: %s [options]\n", argv[0]); + printf("Options:\n"); + printf(" -l loops -- loops; default %d; 0=forever\n", LOOPS_DEF); + printf(" -i inFile -- input file; default is %s\n", SIGNED_FILE); + printf(" -K -- set empty KC list\n"); + /* etc. */ + exit(1); +} + +/* perform one CMS decode */ +static OSStatus doDecode( + const void *cmsData, + size_t cmsDataLen, + SecPolicyRef policyRef, + CFArrayRef kcArray) /* optional */ + +{ + OSStatus ortn; + CMSDecoderRef cmsDecoder = NULL; + + CMSDecoderCreate(&cmsDecoder); + if(kcArray) { + ortn = CMSDecoderSetSearchKeychain(cmsDecoder, kcArray); + if(ortn) { + cssmPerror("CMSDecoderSetSearchKeychain", ortn); + return ortn; + } + } + ortn = CMSDecoderUpdateMessage(cmsDecoder, cmsData, cmsDataLen); + if(ortn) { + cssmPerror("CMSDecoderUpdateMessage", ortn); + return ortn; + } + ortn = CMSDecoderFinalizeMessage(cmsDecoder); + if(ortn) { + cssmPerror("CMSDecoderFinalizeMessage", ortn); + return ortn; + } + + CMSSignerStatus signerStatus; + ortn = CMSDecoderCopySignerStatus(cmsDecoder, 0, policyRef, true, &signerStatus, NULL, NULL); + if(ortn) { + cssmPerror("CMSDecoderCopySignerStatus", ortn); + return ortn; + } + if(signerStatus != kCMSSignerValid) { + printf("***Bad signerStatus (%d)\n", (int)signerStatus); + ortn = -1; + } + CFRelease(cmsDecoder); + return ortn; +} + +int main(int argc, char **argv) +{ + unsigned dex; + + CFArrayRef emptyKCList = NULL; + unsigned char *blob = NULL; + unsigned blobLen; + SecPolicyRef policyRef = NULL; + + /* user-spec'd variables */ + unsigned loops = LOOPS_DEF; + char *blobFile = SIGNED_FILE; + bool emptyList = false; /* specify empty KC list */ + + extern char *optarg; + int arg; + while ((arg = getopt(argc, argv, "l:i:Kh")) != -1) { + switch (arg) { + case 'l': + loops = atoi(optarg); + break; + case 'i': + blobFile = optarg; + break; + case 'K': + emptyList = true; + emptyKCList = CFArrayCreate(NULL, NULL, 0, &kCFTypeArrayCallBacks); + break; + case 'h': + usage(argv); + } + } + if(optind != argc) { + usage(argv); + } + + if(readFile(blobFile, &blob, &blobLen)) { + printf("***Error reading %s\n", blobFile); + exit(1); + } + /* cook up reusable policy object */ + SecPolicySearchRef policySearch = NULL; + OSStatus ortn = SecPolicySearchCreate(CSSM_CERT_X_509v3, + &CSSMOID_APPLE_X509_BASIC, + NULL, // policy opts + &policySearch); + if(ortn) { + cssmPerror("SecPolicySearchCreate", ortn); + exit(1); + } + ortn = SecPolicySearchCopyNext(policySearch, &policyRef); + if(ortn) { + cssmPerror("SecPolicySearchCopyNext", ortn); + exit(1); + } + CFRelease(policySearch); + + CFAbsoluteTime startTimeFirst; + CFAbsoluteTime endTimeFirst; + CFAbsoluteTime startTimeMulti; + CFAbsoluteTime endTimeMulti; + + /* GO */ + startTimeFirst = CFAbsoluteTimeGetCurrent(); + if(doDecode(blob, blobLen, policyRef, emptyKCList)) { + exit(1); + } + endTimeFirst = CFAbsoluteTimeGetCurrent(); + + startTimeMulti = CFAbsoluteTimeGetCurrent(); + for(dex=0; dex