X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/e3d460c9de4426da6c630c3ae3f46173a99f82d8..07691282a056c4efea71e1e505527601e8cc166b:/OSX/libsecurity_keychain/regressions/kc-30-xara-item-helpers.h diff --git a/OSX/libsecurity_keychain/regressions/kc-30-xara-item-helpers.h b/OSX/libsecurity_keychain/regressions/kc-30-xara-item-helpers.h index e2f523c1..87c6f2f4 100644 --- a/OSX/libsecurity_keychain/regressions/kc-30-xara-item-helpers.h +++ b/OSX/libsecurity_keychain/regressions/kc-30-xara-item-helpers.h @@ -22,6 +22,7 @@ */ #include "kc-30-xara-helpers.h" +#include "kc-item-helpers.h" #ifndef kc_30_xara_item_helpers_h #define kc_30_xara_item_helpers_h @@ -32,98 +33,14 @@ #pragma clang diagnostic ignored "-Wunused-variable" #pragma clang diagnostic ignored "-Wunused-function" - -static CFMutableDictionaryRef makeBaseItemDictionary(CFStringRef itemclass) { - CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); - CFDictionaryAddValue(query, kSecReturnRef, kCFBooleanTrue); - CFDictionarySetValue(query, kSecClass, itemclass); - - if(CFEqual(itemclass, kSecClassInternetPassword)) { - CFDictionarySetValue(query, kSecAttrServer, CFSTR("test_service")); - CFDictionarySetValue(query, kSecAttrAuthenticationType, CFSTR("dflt")); // Default, I guess? - } else { - // Generic passwords have services - CFDictionarySetValue(query, kSecAttrService, CFSTR("test_service")); - } - return query; -} - -static CFMutableDictionaryRef makeQueryItemDictionary(SecKeychainRef kc, CFStringRef itemclass) { - CFMutableDictionaryRef query = makeBaseItemDictionary(itemclass); - - CFMutableArrayRef searchList = (CFMutableArrayRef) CFArrayCreateMutable(kCFAllocatorDefault, 1, &kCFTypeArrayCallBacks); - CFArrayAppendValue((CFMutableArrayRef)searchList, kc); - CFDictionarySetValue(query, kSecMatchSearchList, searchList); - - CFDictionarySetValue(query, kSecMatchLimit, kSecMatchLimitAll); - - return query; -} - -static CFMutableDictionaryRef makeQueryCustomItemDictionary(SecKeychainRef kc, CFStringRef itemclass, CFStringRef label) { - CFMutableDictionaryRef query = makeQueryItemDictionary(kc, itemclass); - CFDictionarySetValue(query, kSecAttrLabel, label); - return query; -} - -static CFMutableDictionaryRef makeAddCustomItemDictionary(SecKeychainRef kc, CFStringRef itemclass, CFStringRef label, CFStringRef account) { - CFMutableDictionaryRef query = makeBaseItemDictionary(itemclass); - - CFDictionaryAddValue(query, kSecUseKeychain, kc); - CFDictionarySetValue(query, kSecAttrAccount, account); - CFDictionarySetValue(query, kSecAttrComment, CFSTR("a comment")); - CFDictionarySetValue(query, kSecAttrLabel, label); - CFDictionarySetValue(query, kSecValueData, CFDataCreate(NULL, (void*)"data", 4)); - return query; -} - -static CFMutableDictionaryRef makeAddItemDictionary(SecKeychainRef kc, CFStringRef itemclass, CFStringRef label) { - return makeAddCustomItemDictionary(kc, itemclass, label, CFSTR("test_account")); -} - -static SecKeychainItemRef makeCustomItem(const char* name, SecKeychainRef kc, CFDictionaryRef addDictionary) { - CFTypeRef result = NULL; - ok_status(SecItemAdd(addDictionary, &result), "%s: SecItemAdd", name); - ok(result != NULL, "%s: SecItemAdd returned a result", name); - - SecKeychainItemRef item = (SecKeychainItemRef) result; - ok(item != NULL, "%s: Couldn't convert into SecKeychainItemRef", name); - - return item; -} -#define makeCustomItemTests 3 - -static SecKeychainItemRef makeItem(const char* name, SecKeychainRef kc, CFStringRef itemclass, CFStringRef label) { - CFMutableDictionaryRef query = makeAddItemDictionary(kc, itemclass, label); - - SecKeychainItemRef item = makeCustomItem(name, kc, query); - - CFReleaseNull(query); - return item; -} -#define makeItemTests makeCustomItemTests - -static void makeCustomDuplicateItem(const char* name, SecKeychainRef kc, CFStringRef itemclass, CFStringRef label) { - CFMutableDictionaryRef query = makeAddItemDictionary(kc, itemclass, label); - - CFTypeRef result = NULL; - is(SecItemAdd(query, &result), errSecDuplicateItem, "%s: SecItemAdd (duplicate)", name); - - CFReleaseNull(query); -} -#define makeCustomDuplicateItemTests 1 - -static void makeDuplicateItem(const char* name, SecKeychainRef kc, CFStringRef itemclass) { - return makeCustomDuplicateItem(name, kc, itemclass, CFSTR("test_label")); -} -#define makeDuplicateItemTests makeCustomDuplicateItemTests - static void makeCustomItemWithIntegrity(const char* name, SecKeychainRef kc, CFStringRef itemclass, CFStringRef label, CFStringRef expectedHash) { SecKeychainItemRef item = makeItem(name, kc, itemclass, label); checkIntegrityHash(name, item, expectedHash); + checkPartitionIDs(name, (SecKeychainItemRef) item, 1); + CFReleaseNull(item); } -#define makeCustomItemWithIntegrityTests (makeItemTests + checkIntegrityHashTests) +#define makeCustomItemWithIntegrityTests (makeItemTests + checkIntegrityHashTests + checkPartitionIDsTests) static void makeItemWithIntegrity(const char* name, SecKeychainRef kc, CFStringRef itemclass, CFStringRef expectedHash) { makeCustomItemWithIntegrity(name, kc, itemclass, CFSTR("test_label"), expectedHash); @@ -133,38 +50,41 @@ static void makeItemWithIntegrity(const char* name, SecKeychainRef kc, CFStringR static void testAddItem(CFStringRef itemclass, CFStringRef expectedHash) { char name[100]; sprintf(name, "testAddItem[%s]", CFStringGetCStringPtr(itemclass, kCFStringEncodingUTF8)); - secdebugfunc("integrity", "************************************* %s", name); + secnotice("integrity", "************************************* %s", name); SecKeychainRef kc = newKeychain(name); makeItemWithIntegrity(name, kc, itemclass, expectedHash); ok_status(SecKeychainDelete(kc), "%s: SecKeychainDelete", name); + CFReleaseNull(kc); } #define testAddItemTests (newKeychainTests + makeItemWithIntegrityTests + 1) static void testCopyMatchingItem(CFStringRef itemclass, CFStringRef expectedHash) { char name[100]; sprintf(name, "testCopyMatchingItem[%s]", CFStringGetCStringPtr(itemclass, kCFStringEncodingUTF8)); - secdebugfunc("integrity", "************************************* %s", name); + secnotice("integrity", "************************************* %s", name); SecKeychainRef kc = newKeychain(name); makeItemWithIntegrity(name, kc, itemclass, expectedHash); - SecKeychainItemRef item = checkN(name, makeQueryItemDictionary(kc, itemclass), 1); + SecKeychainItemRef item = checkNCopyFirst(name, createQueryItemDictionary(kc, itemclass), 1); checkIntegrityHash(name, item, expectedHash); ok_status(SecKeychainDelete(kc), "%s: SecKeychainDelete", name); + CFReleaseNull(item); + CFReleaseNull(kc); } #define testCopyMatchingItemTests (newKeychainTests + makeItemWithIntegrityTests + checkNTests + checkIntegrityHashTests + 1) static void testUpdateItem(CFStringRef itemclass, CFStringRef expectedHashOrig, CFStringRef expectedHashAfter) { char name[100]; sprintf(name, "testUpdateItem[%s]", CFStringGetCStringPtr(itemclass, kCFStringEncodingUTF8)); - secdebugfunc("integrity", "************************************* %s", name); + secnotice("integrity", "************************************* %s", name); SecKeychainRef kc = newKeychain(name); makeItemWithIntegrity(name, kc, itemclass, expectedHashOrig); - CFMutableDictionaryRef query = makeQueryItemDictionary(kc, itemclass); + CFMutableDictionaryRef query = createQueryItemDictionary(kc, itemclass); CFMutableDictionaryRef update = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); CFDictionarySetValue(update, kSecAttrComment, CFSTR("a modification")); CFDictionarySetValue(update, kSecAttrAccount, CFSTR("a account modification")); @@ -173,32 +93,37 @@ static void testUpdateItem(CFStringRef itemclass, CFStringRef expectedHashOrig, CFReleaseNull(update); - SecKeychainItemRef item = checkN(name, makeQueryItemDictionary(kc, itemclass), 1); + SecKeychainItemRef item = checkNCopyFirst(name, createQueryItemDictionary(kc, itemclass), 1); checkIntegrityHash(name, item, expectedHashAfter); CFReleaseNull(item); // Check that updating data works update = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); - CFDictionarySetValue(update, kSecValueData, CFDataCreate(NULL, (void*)"data", 4)); + CFDataRef data = CFDataCreate(NULL, (void*)"data", 4); + CFDictionarySetValue(update, kSecValueData, data); + CFReleaseNull(data); ok_status(SecItemUpdate(query, update), "%s: SecItemUpdate", name); - item = checkN(name, makeQueryItemDictionary(kc, itemclass), 1); + item = checkNCopyFirst(name, createQueryItemDictionary(kc, itemclass), 1); checkIntegrityHash(name, item, expectedHashAfter); + checkPartitionIDs(name, item, 1); CFReleaseNull(query); CFReleaseNull(update); + CFReleaseNull(item); ok_status(SecKeychainDelete(kc), "%s: SecKeychainDelete", name); + CFReleaseNull(kc); } #define testUpdateItemTests (newKeychainTests + makeItemWithIntegrityTests \ + 1 + checkNTests + checkIntegrityHashTests \ - + 1 + checkNTests + checkIntegrityHashTests \ + + 1 + checkNTests + checkIntegrityHashTests + checkPartitionIDsTests \ + 1) static void testAddDuplicateItem(CFStringRef itemclass, CFStringRef expectedHash) { char name[100]; sprintf(name, "testAddDuplicateItem[%s]", CFStringGetCStringPtr(itemclass, kCFStringEncodingUTF8)); - secdebugfunc("integrity", "************************************* %s", name); + secnotice("integrity", "************************************* %s", name); SecKeychainRef kc = newKeychain(name); makeItemWithIntegrity(name, kc, itemclass, expectedHash); @@ -206,23 +131,26 @@ static void testAddDuplicateItem(CFStringRef itemclass, CFStringRef expectedHash makeDuplicateItem(name, kc, itemclass); ok_status(SecKeychainDelete(kc), "%s: SecKeychainDelete", name); + CFReleaseNull(kc); } #define testAddDuplicateItemTests (newKeychainTests + makeItemWithIntegrityTests + makeDuplicateItemTests + 1) static void testDeleteItem(CFStringRef itemclass, CFStringRef expectedHash) { char name[100]; sprintf(name, "testDeleteItem[%s]", CFStringGetCStringPtr(itemclass, kCFStringEncodingUTF8)); - secdebugfunc("integrity", "************************************* %s", name); + secnotice("integrity", "************************************* %s", name); SecKeychainRef kc = newKeychain(name); makeItemWithIntegrity(name, kc, itemclass, expectedHash); - SecKeychainItemRef item = checkN(name, makeQueryItemDictionary(kc, itemclass), 1); + SecKeychainItemRef item = checkNCopyFirst(name, createQueryItemDictionary(kc, itemclass), 1); checkIntegrityHash(name, item, expectedHash); ok_status(SecKeychainItemDelete(item), "%s: SecKeychainItemDelete", name); - checkN(name, makeQueryItemDictionary(kc, itemclass), 0); + checkN(name, createQueryItemDictionary(kc, itemclass), 0); ok_status(SecKeychainDelete(kc), "%s: SecKeychainDelete", name); + CFReleaseNull(kc); + CFReleaseNull(item); } #define testDeleteItemTests (newKeychainTests + makeItemWithIntegrityTests + checkNTests + checkIntegrityHashTests + 1 + checkNTests + 1) @@ -241,56 +169,57 @@ static void writeEmptyV512Keychain(const char* name, const char* keychainFile); static void testUpdateRetainedItem(CFStringRef itemclass) { char name[100]; sprintf(name, "testUpdateRetainedItem[%s]", CFStringGetCStringPtr(itemclass, kCFStringEncodingUTF8)); - secdebugfunc("integrity", "************************************* %s", name); + secnotice("integrity", "************************************* %s", name); - writeEmptyV512Keychain(name, keychainFile); - SecKeychainRef kc = openCustomKeychain(name, "test.keychain", "password"); + writeEmptyV512Keychain(name, keychainDbFile); + SecKeychainRef kc = openCustomKeychain(name, keychainName, "password"); - SecKeychainItemRef item = makeCustomItem(name, kc, makeAddCustomItemDictionary(kc, itemclass, CFSTR("test_label"), CFSTR("account1"))); + SecKeychainItemRef item = createCustomItem(name, kc, createAddCustomItemDictionary(kc, itemclass, CFSTR("test_label"), CFSTR("account1"))); - CFRelease(checkN(name, makeQueryCustomItemDictionary(kc, itemclass, CFSTR("test_label")), 1)); + checkN(name, createQueryCustomItemDictionary(kc, itemclass, CFSTR("test_label")), 1); - is(CFGetRetainCount(item), 1, "%s: CFGetRetainCount(item)", name); + cmp_ok(CFGetRetainCount(item), >=, 1, "%s: CFGetRetainCount(item)", name); // Bump our local database version number a few times, so we'll re-read the database when we reset it later - CFReleaseSafe(makeCustomItem(name, kc, makeAddCustomItemDictionary(kc, itemclass, CFSTR("version"), CFSTR("version")))); - CFReleaseSafe(makeCustomItem(name, kc, makeAddCustomItemDictionary(kc, itemclass, CFSTR("bump"), CFSTR("bump")))); + CFReleaseSafe(createCustomItem(name, kc, createAddCustomItemDictionary(kc, itemclass, CFSTR("version"), CFSTR("version")))); + CFReleaseSafe(createCustomItem(name, kc, createAddCustomItemDictionary(kc, itemclass, CFSTR("bump"), CFSTR("bump")))); // Simulate another process deleting the items we just made, and us not receiving the notification - writeEmptyV512Keychain(name, keychainFile); + writeEmptyV512Keychain(name, keychainDbFile); // Generate some keychain notifications on a different keychain so the AppleDatabase will reload test.keychain SecKeychainRef kc2 = newCustomKeychain(name, "unrelated.keychain", "password"); - CFReleaseSafe(makeCustomItem(name, kc2, makeAddCustomItemDictionary(kc, itemclass, CFSTR("unrelated1_label"), CFSTR("unrelated1")))); + CFReleaseSafe(createCustomItem(name, kc2, createAddCustomItemDictionary(kc, itemclass, CFSTR("unrelated1_label"), CFSTR("unrelated1")))); ok_status(SecKeychainDelete(kc2), "%s: SecKeychainDelete", name); + CFReleaseNull(kc2); - secdebugfunc("integrity", "************************************* should reload database\n"); + secnotice("integrity", "************************************* should reload database\n"); - SecKeychainItemRef item2 = makeCustomItem(name, kc, makeAddCustomItemDictionary(kc, itemclass, CFSTR("not_a_test_label"), CFSTR("account2"))); - CFReleaseSafe(checkN(name, makeQueryCustomItemDictionary(kc, itemclass, CFSTR("not_a_test_label")), 1)); - is(CFGetRetainCount(item2), 1, "%s: CFGetRetainCount(item2)", name); + SecKeychainItemRef item2 = createCustomItem(name, kc, createAddCustomItemDictionary(kc, itemclass, CFSTR("not_a_test_label"), CFSTR("account2"))); + checkN(name, createQueryCustomItemDictionary(kc, itemclass, CFSTR("not_a_test_label")), 1); + cmp_ok(CFGetRetainCount(item2), >=, 1, "%s: CFGetRetainCount(item2)", name); // Now, update the second item so it would collide with the first - CFMutableDictionaryRef query = makeQueryCustomItemDictionary(kc, itemclass, CFSTR("not_a_test_label")); + CFMutableDictionaryRef query = createQueryCustomItemDictionary(kc, itemclass, CFSTR("not_a_test_label")); CFMutableDictionaryRef update = CFDictionaryCreateMutable(NULL, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); CFDictionarySetValue(update, kSecAttrAccount, CFSTR("account1")); CFDictionarySetValue(update, kSecAttrLabel, CFSTR("test_label")); ok_status(SecItemUpdate(query, update), "%s: SecItemUpdate", name); - is(CFGetRetainCount(item), 1, "%s: CFGetRetainCount(item)", name); + cmp_ok(CFGetRetainCount(item), >=, 1, "%s: CFGetRetainCount(item)", name); CFReleaseNull(item); - SecKeychainItemRef result = checkN(name, makeQueryCustomItemDictionary(kc, itemclass, CFSTR("test_label")), 1); - CFReleaseNull(result); + checkN(name, createQueryCustomItemDictionary(kc, itemclass, CFSTR("test_label")), 1); ok_status(SecKeychainDelete(kc), "%s: SecKeychainDelete", name); + CFReleaseNull(kc); } -#define testUpdateRetainedItemTests (openCustomKeychainTests + makeCustomItemTests + checkNTests \ - + 1 + makeCustomItemTests + makeCustomItemTests \ - + newCustomKeychainTests + makeCustomItemTests + 1 \ - + makeCustomItemTests + checkNTests + 1 \ +#define testUpdateRetainedItemTests (openCustomKeychainTests + createCustomItemTests + checkNTests \ + + 1 + createCustomItemTests + createCustomItemTests \ + + newCustomKeychainTests + createCustomItemTests + 1 \ + + createCustomItemTests + checkNTests + 1 \ + 1 + 1 + checkNTests + 1) -#pragma clang pop +#pragma clang diagnostic pop #else #endif /* TARGET_OS_MAC */