secd-70-engine-corrupt.c [plain text]
#include <Regressions/SOSTestDevice.h>
#include <Regressions/SOSTestDataSource.h>
#include "secd_regressions.h"
#include "SecdTestKeychainUtilities.h"
#include <SecureObjectSync/SOSDigestVector.h>
#include <SecureObjectSync/SOSEngine.h>
#include <SecureObjectSync/SOSPeer.h>
#include <Security/SecBase64.h>
#include <Security/SecItem.h>
#include <Security/SecItemPriv.h>
#include <corecrypto/ccsha2.h>
#include <securityd/SecItemServer.h>
#include <securityd/SecItemDataSource.h>
#include <utilities/SecCFWrappers.h>
#include <utilities/SecIOFormat.h>
#include <utilities/SecFileLocations.h>
#include <AssertMacros.h>
#include <stdint.h>
static int kTestTestCount = 125;
static void nosha1(void) {
__block int iteration = 0;
__block CFErrorRef error = NULL;
SOSTestDeviceListTestSync("nosha1", test_directive, test_reason, 0, true, ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest) {
iteration++;
if (iteration <= 6) {
CFStringRef account = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("item%d"), iteration);
SOSTestDeviceAddGenericItem(source, account, CFSTR("nosha1"));
CFReleaseSafe(account);
if (iteration == 4) {
ok(SecDbPerformWrite(source->db, &error, ^(SecDbConnectionRef dbconn) {
ok(SecDbTransaction(dbconn, kSecDbExclusiveTransactionType, &error, ^(bool *commit) {
ok(SecDbExec(dbconn, CFSTR("UPDATE genp SET sha1=X'0000000000000000000000000000000000000000' WHERE rowid=5;"), &error),
"Corrupting rowid 5 by zeroing sha1: %@", error);
CFReleaseNull(error);
}), "SecDbTransaction: %@", error);
CFReleaseNull(error);
}), "SecDbPerformWrite: %@", error);
CFReleaseNull(error);
return true;
}
return true;
}
return false;
}, ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest, SOSMessageRef message) {
return false;
}, CFSTR("Bad"), CFSTR("Good"), NULL);
}
static void drop_item(void) {
__block int iteration = 0;
__block CFErrorRef error = NULL;
SOSTestDeviceListTestSync("drop_item", test_directive, test_reason, 0, true, ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest) {
iteration++;
if (iteration <= 6) {
CFStringRef account = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("item%d"), iteration);
SOSTestDeviceAddGenericItem(source, account, CFSTR("drop_item"));
CFReleaseSafe(account);
if (iteration == 4) {
ok(SecDbPerformWrite(source->db, &error, ^(SecDbConnectionRef dbconn) {
ok(SecDbTransaction(dbconn, kSecDbExclusiveTransactionType, &error, ^(bool *commit) {
ok(SecDbExec(dbconn, CFSTR("DELETE FROM genp WHERE rowid=5;"), &error),
"Corrupting rowid 5 by deleting object: %@", error);
CFReleaseNull(error);
}), "SecDbTransaction: %@", error);
CFReleaseNull(error);
}), "SecDbPerformWrite: %@", error);
CFReleaseNull(error);
return true;
}
return true;
}
return false;
}, ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest, SOSMessageRef message) {
return false;
}, CFSTR("Abegail"), CFSTR("Billy"), NULL);
}
static void drop_manifest(void) {
__block int iteration = 0;
SOSTestDeviceListTestSync("drop_manifest", test_directive, test_reason, 0, true, ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest) {
iteration++;
if (iteration <= 9) {
CFStringRef account = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("item%d"), iteration / 2);
SOSTestDeviceAddGenericItem(source, account, CFSTR("drop_manifest"));
CFReleaseSafe(account);
if (iteration == 4) {
SOSEngineRef engine = SOSDataSourceGetSharedEngine(source->ds, NULL);
SOSManifestRef mf = SOSEngineCopyManifest(engine, NULL);
struct SOSDigestVector empty = SOSDigestVectorInit;
ok(SOSEngineUpdateLocalManifest(engine, kSOSDataSourceSOSTransaction,
(struct SOSDigestVector *)SOSManifestGetDigestVector(mf), &empty, NULL),
"droped manifest from %@", source);
CFReleaseNull(mf);
return true;
}
return true;
}
return false;
}, ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest, SOSMessageRef message) {
return false;
}, CFSTR("Ann"), CFSTR("Ben"), NULL);
}
static void add_sha1(void) {
TODO: {
__block int iteration = 0;
__block CFErrorRef error = NULL;
SOSTestDeviceListTestSync("add_sha1", test_directive, test_reason, 0, true, ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest) {
iteration++;
if (iteration <= 9) {
CFStringRef account = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("item%d"), iteration);
SOSTestDeviceAddGenericItem(source, account, CFSTR("add_sha1"));
CFReleaseSafe(account);
if (iteration == 4) {
ok(SecDbPerformWrite(source->db, &error, ^(SecDbConnectionRef dbconn) {
ok(SecDbTransaction(dbconn, kSecDbExclusiveTransactionType, &error, ^(bool *commit) {
ok(SecDbExec(dbconn, CFSTR("UPDATE genp SET sha1=X'0000000000000000000000000000000000000000' WHERE rowid=5;"), &error),
"Corrupting rowid 5 by zeroing sha1: %@", error);
CFReleaseNull(error);
}), "SecDbTransaction: %@", error);
CFReleaseNull(error);
}), "SecDbPerformWrite: %@", error);
CFReleaseNull(error);
SOSEngineRef engine = SOSDataSourceGetSharedEngine(source->ds, NULL);
struct SOSDigestVector del = SOSDigestVectorInit;
struct SOSDigestVector add = SOSDigestVectorInit;
uint8_t zeroDigest[20] = {};
SOSDigestVectorAppend(&add, zeroDigest);
ok(SOSEngineUpdateLocalManifest(engine, kSOSDataSourceSOSTransaction,
&del, &add, NULL), "corrupting manifest");
return true;
}
return true;
}
return false;
}, ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest, SOSMessageRef message) {
return false;
}, CFSTR("Andy"), CFSTR("Bill"), NULL);
}
}
static void change_sha1(void) {
TODO: {
__block int iteration = 0;
__block CFErrorRef error = NULL;
SOSTestDeviceListTestSync("change_sha1", test_directive, test_reason, 0, true, ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest) {
iteration++;
if (iteration <= 9) {
CFStringRef account = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("item%d"), iteration);
CFStringRef server = CFSTR("change_sha1");
if (!SOSDataSourceWithAPI(source->ds, true, &error, ^(SOSTransactionRef txn, bool *commit) {
SOSObjectRef object = SOSDataSourceCreateGenericItem(source->ds, account, server);
ok(SOSDataSourceMergeObject(source->ds, txn, object, NULL, &error), "%@ added API object %@", SOSTestDeviceGetID(source), error ? (CFTypeRef)error : (CFTypeRef)CFSTR("ok"));
if (iteration == 3) {
sqlite_int64 rowid = SecDbItemGetRowId((SecDbItemRef)object, NULL);
CFStringRef sql = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("UPDATE genp SET sha1=X'0000000000000000000000000000000000000000' WHERE rowid=%lld;"), rowid);
ok(SecDbExec((SecDbConnectionRef)txn, sql, &error),
"Corrupting rowid %lld by zeroing sha1: %@", rowid, error);
CFReleaseNull(sql);
SOSEngineRef engine = SOSDataSourceGetSharedEngine(source->ds, NULL);
struct SOSDigestVector del = SOSDigestVectorInit;
struct SOSDigestVector add = SOSDigestVectorInit;
uint8_t zeroDigest[20] = {};
SOSDigestVectorAppend(&add, zeroDigest);
CFDataRef digest = SOSObjectCopyDigest(source->ds, object, NULL);
const uint8_t *d = CFDataGetBytePtr(digest);
SOSDigestVectorAppend(&del, d);
ok(SOSEngineUpdateLocalManifest(engine, kSOSDataSourceSOSTransaction,
&del, &add, NULL), "corrupting manifest %lld %02X%02x%02x%02x",
rowid, d[0], d[1], d[2], d[3]);
CFReleaseSafe(digest);
}
CFReleaseSafe(object);
CFReleaseNull(error);
}))
fail("ds transaction %@", error);
CFReleaseNull(error);
CFReleaseNull(account);
return true;
}
return false;
}, ^bool(SOSTestDeviceRef source, SOSTestDeviceRef dest, SOSMessageRef message) {
if (iteration >= 3)
pass("%@", source);
return false;
}, CFSTR("Alice"), CFSTR("Bob"), NULL);
}
}
int secd_70_engine_corrupt(int argc, char *const *argv)
{
plan_tests(kTestTestCount);
secd_test_setup_temp_keychain("secd_70_engine_corrupt", NULL);
nosha1();
drop_item();
drop_manifest();
add_sha1();
change_sha1();
return 0;
}