testutils.cpp   [plain text]

/*
 * Copyright (c) 2000-2001,2003-2004 Apple Computer, Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */


//
// testutils - utilities for unit test drivers
//
#include "testutils.h"

using namespace CssmClient;

bool verbose = false;


//
// Error and diagnostic drivers
//
void error(const char *msg = NULL, ...)
{
	if (msg) {
		va_list args;
		va_start(args, msg);
		vfprintf(stderr, msg, args);
		va_end(args);
		putc('\n', stderr);
	}
	abort();
}

void error(const CssmCommonError &err, const char *msg = NULL, ...)
{
	if (msg) {
		va_list args;
		va_start(args, msg);
		vfprintf(stderr, msg, args);
		va_end(args);
		fprintf(stderr, ": %s", cssmErrorString(err.cssmError()).c_str());
		putc('\n', stderr);
	}
	abort();
}

void detail(const char *msg = NULL, ...)
{
	if (verbose) {
		va_list args;
		va_start(args, msg);
		vfprintf(stdout, msg, args);
		va_end(args);
		putc('\n', stdout);
	}
}

void detail(const CssmCommonError &err, const char *msg)
{
	if (verbose)
		printf("%s (ok): %s\n", msg, cssmErrorString(err).c_str());
}

void prompt(const char *msg)
{
	if (isatty(fileno(stdin)))
		printf("[%s]", msg);
}

void prompt()
{
	if (isatty(fileno(stdin)))
		printf(" OK\n");
}


//
// FakeContext management
//
FakeContext::FakeContext(CSSM_CONTEXT_TYPE type, CSSM_ALGORITHMS alg, uint32 count)
: Context(type, alg)
{
	NumberOfAttributes = count;
	ContextAttributes = new Attr[count];
}


FakeContext::FakeContext(CSSM_CONTEXT_TYPE type, CSSM_ALGORITHMS alg, ...) 
: Context(type, alg)
{
	// count arguments
	va_list args;
	va_start(args, alg);
	uint32 count = 0;
	while (va_arg(args, Attr *))
		count++;
	va_end(args);
	
	// make vector
	NumberOfAttributes = count;
	ContextAttributes = new Attr[count];
	
	// stuff vector
	va_start(args, alg);
	for (uint32 n = 0; n < count; n++)
		(*this)[n] = *va_arg(args, Attr *);
	va_end(args);
}


//
// ACL test driver class
//
AclTester::AclTester(ClientSession &ss, const AclEntryInput *acl) : session(ss)
{
	// make up a DES key
	StringData keyBits("Tweedle!");
	CssmKey key(keyBits);
	key.header().KeyClass = CSSM_KEYCLASS_SESSION_KEY;
	
	// wrap in the key
	CssmData unwrappedData;
	FakeContext unwrapContext(CSSM_ALGCLASS_SYMMETRIC, CSSM_ALGID_NONE, 0);
    CssmKey::Header keyHeader;
    ss.unwrapKey(noDb, unwrapContext, noKey, noKey,
		key,
		CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_DECRYPT,
		CSSM_KEYATTR_EXTRACTABLE,
		NULL /*cred*/, acl,
		unwrappedData, keyRef, keyHeader);
	detail("Key seeded with ACL");
}


void AclTester::testWrap(const AccessCredentials *cred, const char *howWrong)
{
	FakeContext wrapContext(CSSM_ALGCLASS_SYMMETRIC, CSSM_ALGID_NONE, 0);
	CssmWrappedKey wrappedKey;
	try {
		session.wrapKey(wrapContext, noKey, keyRef,
			cred, NULL /*descriptive*/, wrappedKey);
		if (howWrong) {
			error("WRAP MISTAKENLY SUCCEEDED: %s", howWrong);
		}
		detail("extract OK");
	} catch (const CssmCommonError &err) {
		if (!howWrong)
			error(err, "FAILED TO EXTRACT KEY");
		detail(err, "extract failed OK");
	}
}

void AclTester::testEncrypt(const AccessCredentials *cred, const char *howWrong)
{
    CssmKey keyForm; memset(&keyForm, 0, sizeof(keyForm));
    StringData iv("Aardvark");
    StringData clearText("blah");
	CssmData remoteCipher;
    try {
        if (cred) {
            FakeContext cryptoContext(CSSM_ALGCLASS_SYMMETRIC, CSSM_ALGID_DES,
                &::Context::Attr(CSSM_ATTRIBUTE_KEY, keyForm),
                &::Context::Attr(CSSM_ATTRIBUTE_INIT_VECTOR, iv),
                &::Context::Attr(CSSM_ATTRIBUTE_MODE, CSSM_ALGMODE_CBC_IV8),
                &::Context::Attr(CSSM_ATTRIBUTE_PADDING, CSSM_PADDING_PKCS1),
                &::Context::Attr(CSSM_ATTRIBUTE_ACCESS_CREDENTIALS, *cred),
                NULL);
            session.encrypt(cryptoContext, keyRef, clearText, remoteCipher);
        } else {
            FakeContext cryptoContext(CSSM_ALGCLASS_SYMMETRIC, CSSM_ALGID_DES,
                &::Context::Attr(CSSM_ATTRIBUTE_KEY, keyForm),
                &::Context::Attr(CSSM_ATTRIBUTE_INIT_VECTOR, iv),
                &::Context::Attr(CSSM_ATTRIBUTE_MODE, CSSM_ALGMODE_CBC_IV8),
                &::Context::Attr(CSSM_ATTRIBUTE_PADDING, CSSM_PADDING_PKCS1),
                NULL);
            session.encrypt(cryptoContext, keyRef, clearText, remoteCipher);
        }
		if (howWrong) {
			error("ENCRYPT MISTAKENLY SUCCEEDED: %s", howWrong);
		}
		detail("encrypt OK");
	} catch (CssmCommonError &err) {
		if (!howWrong)
			error(err, "FAILED TO ENCRYPT");
		detail(err, "encrypt failed");
	}
}


//
// Database test driver class
//
DbTester::DbTester(ClientSession &ss, const char *path,
	const AccessCredentials *cred, int timeout, bool sleepLock) 
: session(ss), dbId(ssuid, path, NULL)
{
	params.idleTimeout = timeout;
	params.lockOnSleep = sleepLock;
	dbRef = ss.createDb(dbId, cred, NULL, params);
	detail("Database %s created", path);
}


void DbTester::unlock(const char *howWrong)
{
	session.lock(dbRef);
	try {
		session.unlock(dbRef);
		if (howWrong)
			error("DATABASE MISTAKENLY UNLOCKED: %s", howWrong);
	} catch (CssmError &err) {
		if (!howWrong)
			error(err, howWrong);
		detail(err, howWrong);
	}
}

void DbTester::changePassphrase(const AccessCredentials *cred, const char *howWrong)
{
	session.lock(dbRef);
	try {
		session.changePassphrase(dbRef, cred);
		if (howWrong)
			error("PASSPHRASE CHANGE MISTAKENLY SUCCEEDED: %s", howWrong);
	} catch (CssmError &err) {
		if (!howWrong)
			error(err, howWrong);
		detail(err, howWrong);
	}
}