kc-05-find-existing-items.c [plain text]
#import <Security/Security.h>
#import <Security/SecCertificatePriv.h>
#include "keychain_regressions.h"
#include "kc-helpers.h"
#include "kc-item-helpers.h"
#include "kc-key-helpers.h"
static void tests()
{
SecKeychainRef kc = getPopulatedTestKeychain();
CFMutableDictionaryRef query = NULL;
SecKeychainItemRef item = NULL;
query = createQueryCustomItemDictionaryWithService(kc, kSecClassInternetPassword, CFSTR("test_service"), CFSTR("test_service"));
item = checkNCopyFirst(testName, query, 1);
readPasswordContents(item, CFSTR("test_password"));
CFReleaseNull(item);
checkPrompts(0, "after reading a password");
query = createQueryCustomItemDictionaryWithService(kc, kSecClassInternetPassword, CFSTR("test_service_restrictive_acl"), CFSTR("test_service_restrictive_acl"));
item = checkNCopyFirst(testName, query, 1);
readPasswordContentsWithResult(item, errSecAuthFailed, NULL); CFReleaseNull(item);
checkPrompts(1, "trying to read password without access");
query = createQueryCustomItemDictionaryWithService(kc, kSecClassGenericPassword, CFSTR("test_service"), CFSTR("test_service"));
item = checkNCopyFirst(testName, query, 1);
readPasswordContents(item, CFSTR("test_password"));
CFReleaseNull(item);
checkPrompts(0, "after reading a password");
query = createQueryCustomItemDictionaryWithService(kc, kSecClassGenericPassword, CFSTR("test_service_restrictive_acl"), CFSTR("test_service_restrictive_acl"));
item = checkNCopyFirst(testName, query, 1);
readPasswordContentsWithResult(item, errSecAuthFailed, NULL); CFReleaseNull(item);
checkPrompts(1, "trying to read password without access");
query = createQueryKeyDictionary(kc, kSecAttrKeyClassSymmetric);
item = checkNCopyFirst(testName, query, 2);
CFReleaseNull(item);
query = createQueryKeyDictionary(kc, kSecAttrKeyClassPublic);
item = checkNCopyFirst(testName, query, 2);
CFReleaseNull(item);
query = createQueryKeyDictionary(kc, kSecAttrKeyClassPrivate);
item = checkNCopyFirst(testName, query, 2);
CFReleaseNull(item);
query = makeBaseQueryDictionary(kc, kSecClassCertificate);
item = checkNCopyFirst(testName, query, 3);
CFReleaseNull(item);
query = makeBaseQueryDictionary(kc, kSecClassCertificate);
CFDictionarySetValue(query, kSecMatchSubjectWholeString, CFSTR("test_codesigning"));
item = checkNCopyFirst(testName, query, 1);
const unsigned char expectedSHA1[] = { 0x94, 0xdf, 0x22, 0x4a, 0x4d, 0x49, 0x33, 0x27, 0x9e, 0xc5, 0x7e, 0x91, 0x95, 0xcc, 0xbd, 0x51, 0x3d, 0x59, 0xae, 0x34 };
CFDataRef expectedSHAData = CFDataCreateWithBytesNoCopy(NULL, expectedSHA1, sizeof(expectedSHA1), kCFAllocatorNull);
eq_cf(SecCertificateGetSHA1Digest((SecCertificateRef) item), expectedSHAData, "%s: expected SHA1 of certificate does not match", testName);
CFReleaseNull(item);
CFReleaseNull(expectedSHAData);
checkPrompts(0, "searching keys and certificates");
ok_status(SecKeychainDelete(kc), "%s: SecKeychainDelete", testName);
CFReleaseNull(kc);
}
#define nTests (getPopulatedTestKeychainTests + \
checkNTests + readPasswordContentsTests + checkPromptsTests + \
checkNTests + readPasswordContentsTests + checkPromptsTests + \
checkNTests + readPasswordContentsTests + checkPromptsTests + \
checkNTests + readPasswordContentsTests + checkPromptsTests + \
checkNTests + \
checkNTests + \
checkNTests + \
checkNTests + \
checkNTests + 1 + \
checkPromptsTests + 1)
int kc_05_find_existing_items(int argc, char *const *argv)
{
plan_tests(nTests);
initializeKeychainTests(__FUNCTION__);
tests();
deleteTestFiles();
return 0;
}