MYCrypto: MYCryptoTest.m@058394513f33 (annotated)

snej@0	1	//
snej@0	2	// MYCryptoTest.m
snej@0	3	// MYCrypto-iPhone
snej@0	4	//
snej@0	5	// Created by Jens Alfke on 4/1/09.
snej@0	6	// Copyright 2009 Jens Alfke. All rights reserved.
snej@0	7	//
snej@0	8
snej@3	9	#import "MYPublicKey.h"
snej@3	10	#import "MYPrivateKey.h"
snej@0	11	#import "MYKeychain.h"
snej@0	12	#import "MYDigest.h"
snej@4	13	#import "MYIdentity.h"
snej@12	14	#if !TARGET_OS_IPHONE
snej@8	15	#import "MYCrypto+Cocoa.h"
snej@12	16	#endif
snej@0	17	#import "MYCrypto_Private.h"
snej@0	18
snej@0	19
snej@0	20	#if DEBUG
snej@0	21
snej@11	22
snej@11	23	#define kTestCaseRSAKeySize 2048
snej@11	24
snej@0	25	#pragma mark -
snej@0	26	#pragma mark KEYCHAIN:
snej@0	27
snej@0	28
snej@0	29	TestCase(MYKeychain) {
snej@0	30	MYKeychain *kc = [MYKeychain defaultKeychain];
snej@0	31	Log(@"Default keychain = %@", kc);
snej@0	32	CAssert(kc);
snej@2	33	#if !MYCRYPTO_USE_IPHONE_API
snej@0	34	CAssert(kc.path);
snej@0	35	#endif
snej@0	36
snej@0	37	kc = [MYKeychain allKeychains];
snej@0	38	Log(@"All-keychains = %@", kc);
snej@0	39	CAssert(kc);
snej@2	40	#if !MYCRYPTO_USE_IPHONE_API
snej@0	41	CAssertEq(kc.path,nil);
snej@1	42	#endif
snej@0	43	}
snej@0	44
snej@0	45
snej@0	46	TestCase(EnumerateKeys) {
snej@0	47	RequireTestCase(MYKeychain);
snej@0	48	NSEnumerator *e = [[MYKeychain allKeychains] enumeratePublicKeys];
snej@0	49	Log(@"Public Key Enumerator = %@", e);
snej@0	50	CAssert(e);
snej@0	51	for (MYPublicKey *key in e) {
snej@0	52	Log(@"Found %@ -- name=%@", key, key.name);
snej@0	53	}
snej@0	54
snej@3	55	e = [[MYKeychain allKeychains] enumeratePrivateKeys];
snej@0	56	Log(@"Key-Pair Enumerator = %@", e);
snej@0	57	CAssert(e);
snej@3	58	for (MYPrivateKey *key in e) {
snej@0	59	Log(@"Found %@ -- name=%@", key, key.name);
snej@0	60	}
snej@0	61
snej@0	62	e = [[MYKeychain allKeychains] enumerateSymmetricKeys];
snej@0	63	Log(@"Symmetric Key Enumerator = %@", e);
snej@0	64	CAssert(e);
snej@0	65	for (MYSymmetricKey *key in e) {
snej@0	66	Log(@"Found %@ -- name=%@", key, key.name);
snej@0	67	}
snej@0	68	}
snej@0	69
snej@0	70
snej@0	71	TestCase(EnumerateCerts) {
snej@0	72	RequireTestCase(MYKeychain);
snej@0	73	NSEnumerator *e = [[MYKeychain allKeychains] enumerateCertificates];
snej@0	74	Log(@"Enumerator = %@", e);
snej@0	75	CAssert(e);
snej@0	76	for (MYCertificate *cert in e) {
snej@0	77	//Log(@"Found %@ -- name=%@, email=%@", cert, cert.commonName, cert.emailAddresses);
snej@0	78	}
snej@0	79	}
snej@0	80
snej@4	81	TestCase(EnumerateIdentities) {
snej@4	82	RequireTestCase(MYKeychain);
snej@4	83	NSEnumerator *e = [[MYKeychain allKeychains] enumerateIdentities];
snej@4	84	Log(@"Enumerator = %@", e);
snej@4	85	CAssert(e);
snej@4	86	for (MYIdentity *ident in e) {
snej@8	87	Log(@"Found %@\n\tcommonName=%@\n\temails=(%@)\n\tkey=%@",
snej@4	88	ident, ident.commonName,
snej@5	89	#if TARGET_OS_IPHONE
snej@5	90	nil,
snej@5	91	#else
snej@4	92	[ident.emailAddresses componentsJoinedByString: @", "],
snej@5	93	#endif
snej@4	94	ident.privateKey);
snej@4	95	}
snej@4	96	}
snej@4	97
snej@0	98
snej@0	99	#pragma mark -
snej@0	100	#pragma mark SYMMETRIC KEYS:
snej@0	101
snej@0	102
snej@12	103	static void testSymmetricKey( CCAlgorithm algorithm, unsigned sizeInBits, MYKeychain *inKeychain ) {
snej@2	104	NSAutoreleasePool *pool = [NSAutoreleasePool new];
snej@12	105	MYSymmetricKey *key = nil;
snej@12	106	@try{
snej@12	107	Log(@"--- Testing %3u-bit #%i %s", sizeInBits, (int)algorithm,
snej@12	108	(inKeychain ?", in keychain" :""));
snej@12	109	// Generate key:
snej@12	110	if (inKeychain)
snej@12	111	key = [inKeychain generateSymmetricKeyOfSize: sizeInBits algorithm: algorithm];
snej@12	112	else
snej@12	113	key = [MYSymmetricKey generateSymmetricKeyOfSize: sizeInBits algorithm: algorithm];
snej@12	114	Log(@"Created %@", key);
snej@2	115	CAssert(key);
snej@12	116	CAssertEq(key.algorithm, algorithm);
snej@12	117	CAssertEq(key.keySizeInBits, sizeInBits);
snej@12	118	#if !TARGET_OS_IPHONE
snej@12	119	CAssert(key.cssmKey != NULL);
snej@12	120	#endif
snej@12	121
snej@12	122	NSData *keyData = key.keyData;
snej@12	123	Log(@"Key data = %@", keyData);
snej@12	124	CAssertEq(keyData.length, sizeInBits/8);
snej@12	125
snej@12	126	// Encrypt a small amount of text:
snej@12	127	Log(@"Testing encryption / decryption ...");
snej@12	128	NSData *cleartext = [@"This is a test. This is only a test." dataUsingEncoding: NSUTF8StringEncoding];
snej@12	129	NSData *encrypted = [key encryptData: cleartext];
snej@12	130	Log(@"Encrypted = %u bytes: %@", encrypted.length, encrypted);
snej@12	131	CAssert(encrypted.length >= cleartext.length);
snej@12	132	NSData *decrypted = [key decryptData: encrypted];
snej@12	133	CAssertEqual(decrypted, cleartext);
snej@12	134
snej@12	135	// Encrypt large binary data:
snej@12	136	cleartext = [NSData dataWithContentsOfFile: @"/Library/Desktop Pictures/Nature/Zen Garden.jpg"];
snej@12	137	CAssert(cleartext);
snej@12	138	encrypted = [key encryptData: cleartext];
snej@12	139	Log(@"Encrypted = %u bytes", encrypted.length);
snej@12	140	CAssert(encrypted.length >= cleartext.length);
snej@12	141	decrypted = [key decryptData: encrypted];
snej@12	142	CAssertEqual(decrypted, cleartext);
snej@12	143
snej@12	144	#if 1
snej@12	145	Log(@"Testing initWithKeyData:...");
snej@12	146	MYSymmetricKey *key2 = [[MYSymmetricKey alloc] initWithKeyData: keyData algorithm: algorithm];
snej@12	147	CAssert(key2);
snej@12	148	Log(@"Key from data = %@",key2);
snej@12	149	CAssertEqual(key2.keyData, keyData);
snej@12	150	CAssertEq(key2.algorithm, algorithm);
snej@12	151	CAssertEq(key2.keySizeInBits, sizeInBits);
snej@2	152	decrypted = [key2 decryptData: encrypted];
snej@2	153	CAssertEqual(decrypted, cleartext);
snej@12	154	[key2 release];
snej@12	155	#endif
snej@12	156
snej@12	157	#if !TARGET_OS_IPHONE
jens@16	158	#if 1 // TEMP-ORARILY OUT OF ORDER
snej@12	159	// Try exporting and importing a wrapped key:
snej@12	160	Log(@"Testing export/import...");
snej@13	161	NSData *exported = [key exportWrappedKeyWithPassphrasePrompt: @"Export symmetric key with passphrase:"];
snej@12	162	Log(@"Exported key: %@", exported);
snej@13	163	#if 1
snej@12	164	CAssert(exported);
snej@12	165	#else
snej@12	166	if (!exported)
snej@12	167	Warn(@"Unable to export wrapped key");
snej@12	168	else
snej@12	169	#endif
snej@12	170	{
snej@12	171	CAssert(exported);
jens@16	172	MYSymmetricKey *key2 = [[MYSymmetricKey alloc] initWithWrappedKeyData: exported];
snej@12	173	Log(@"Reconstituted as %@", key2);
snej@12	174	CAssertEqual(key2.keyData,key.keyData);
snej@12	175	decrypted = [key2 decryptData: encrypted];
snej@12	176	CAssertEqual(decrypted, cleartext);
snej@12	177	}
snej@13	178	#endif 0
snej@12	179	#endif
snej@12	180	}@finally{
snej@12	181	[key removeFromKeychain];
snej@12	182	}
snej@2	183	[pool drain];
snej@2	184	}
snej@2	185
snej@2	186
snej@0	187	TestCase(MYSymmetricKey) {
snej@0	188	#define kNTests 11
snej@0	189	static const CCAlgorithm kTestAlgorithms[kNTests] = {
snej@0	190	kCCAlgorithmAES128, kCCAlgorithmAES128, kCCAlgorithmAES128,
snej@0	191	kCCAlgorithmDES, kCCAlgorithm3DES,
snej@0	192	kCCAlgorithmCAST, kCCAlgorithmCAST, kCCAlgorithmCAST,
snej@0	193	kCCAlgorithmRC4, kCCAlgorithmRC4, kCCAlgorithmRC4};
snej@0	194
snej@0	195	static const unsigned kTestBitSizes[kNTests] = {
snej@0	196	128, 192, 256,
snej@0	197	64, 3*64,
snej@0	198	40, 80, 128,
snej@0	199	32, 200, 512*8};
snej@0	200
snej@12	201	for (int useKeychain=0; useKeychain<=1; useKeychain++)
snej@12	202	for (int testNo=0; testNo<kNTests; testNo++)
snej@12	203	testSymmetricKey(kTestAlgorithms[testNo],
snej@12	204	kTestBitSizes[testNo],
snej@12	205	useKeychain ?[MYKeychain defaultKeychain] :nil);
snej@12	206	}
snej@12	207
snej@12	208
snej@14	209	#if !TARGET_OS_IPHONE
snej@12	210	TestCase(MYSymmetricKeyPassphrase) {
snej@12	211	Log(@"Prompting for raw passphrase --");
snej@12	212	NSString *rawPassphrase = [MYSymmetricKey promptForPassphraseWithAlertTitle: @"Raw Passphrase Test"
snej@12	213	alertPrompt: @"Enter the passphrase 'Testing':"
snej@12	214	creating: YES];
snej@12	215	Log(@"You entered: '%@'", rawPassphrase);
snej@12	216	CAssertEqual(rawPassphrase, @"Testing");
snej@12	217
snej@12	218	Log(@"Prompting for passphrase for key --");
snej@12	219	MYSymmetricKey *key = [MYSymmetricKey generateFromUserPassphraseWithAlertTitle: @"Symmetric Key Passphrase Test Case"
snej@12	220	alertPrompt: @"Please enter a passphrase to generate a key:"
snej@12	221	creating: YES
snej@12	222	salt: @"wahooma"];
snej@12	223	Log(@"Key from passphrase = %@", key);
snej@12	224	CAssert(key);
snej@12	225
snej@12	226	// Encrypt a small amount of text:
snej@12	227	Log(@"Testing encryption / decryption ...");
snej@12	228	NSData *cleartext = [@"This is a test. This is only a test." dataUsingEncoding: NSUTF8StringEncoding];
snej@12	229	NSData *encrypted = [key encryptData: cleartext];
snej@12	230	Log(@"Encrypted = %u bytes: %@", encrypted.length, encrypted);
snej@12	231	CAssert(encrypted.length >= cleartext.length);
snej@12	232	NSData *decrypted = [key decryptData: encrypted];
snej@12	233	CAssertEqual(decrypted, cleartext);
snej@12	234
snej@12	235	// Now test decryption by re-entered passphrase:
snej@12	236	Log(@"Testing decryption using re-entered passphrase...");
snej@12	237	MYSymmetricKey *key2 = [MYSymmetricKey generateFromUserPassphraseWithAlertTitle: @"Symmetric Key Passphrase Test Case"
snej@12	238	alertPrompt: @"Please re-enter the same passphrase:"
snej@12	239	creating: NO
snej@12	240	salt: @"wahooma"];
snej@12	241	Log(@"Key from passphrase = %@", key2);
snej@12	242	CAssert(key2);
snej@12	243	decrypted = [key2 decryptData: encrypted];
snej@12	244	CAssertEqual(decrypted, cleartext);
snej@0	245	}
snej@14	246	#endif
snej@0	247
snej@0	248
snej@0	249	#pragma mark -
snej@0	250	#pragma mark KEY-PAIRS:
snej@0	251
snej@0	252
snej@8	253	static void TestUseKeyPair(MYPrivateKey *pair) {
snej@8	254	Log(@"---- TestUseKeyPair { %@ , %@ }.", pair, pair.publicKey);
snej@0	255	CAssert(pair);
snej@0	256	CAssert(pair.keyRef);
snej@3	257	MYPublicKey *publicKey = pair.publicKey;
snej@3	258	CAssert(publicKey.keyRef);
snej@0	259
snej@8	260	NSData *pubKeyData = publicKey.keyData;
snej@8	261	Log(@"Public key = %@ (%u bytes)",pubKeyData,pubKeyData.length);
snej@8	262	CAssert(pubKeyData);
snej@8	263
jens@21	264	NSData *modulus;
jens@21	265	unsigned exponent;
jens@21	266	CAssert([publicKey getModulus: &modulus exponent: &exponent]);
jens@21	267	Log(@"Modulus = %@", modulus);
jens@21	268	Log(@"Exponent = %u", exponent);
jens@21	269	CAssertEq(modulus.length, 2048U/8);
jens@21	270	CAssertEq(exponent,65537U); // this is what CDSA always seems to use
jens@21	271
snej@8	272	MYSHA1Digest *pubKeyDigest = publicKey.publicKeyDigest;
snej@8	273	Log(@"Public key digest = %@",pubKeyDigest);
snej@8	274	CAssertEqual(pair.publicKeyDigest, pubKeyDigest);
snej@8	275
snej@8	276	Log(@"SHA1 of pub key = %@", pubKeyData.my_SHA1Digest.asData);
snej@14	277	CAssertEqual(pubKeyData.my_SHA1Digest,pubKeyDigest);
snej@8	278
snej@8	279	// Let's sign data:
snej@8	280	NSData *data = [@"This is a test. This is only a test!" dataUsingEncoding: NSUTF8StringEncoding];
snej@8	281	NSData *sig = [pair signData: data];
snej@8	282	Log(@"Signature = %@ (%u bytes)",sig,sig.length);
snej@8	283	CAssert(sig);
snej@8	284	CAssert( [publicKey verifySignature: sig ofData: data] );
snej@8	285
snej@8	286	// Now let's encrypt...
snej@13	287	NSData *crypted = [publicKey rawEncryptData: data];
snej@8	288	Log(@"Encrypted = %@ (%u bytes)",crypted,crypted.length);
snej@8	289	CAssert(crypted);
snej@13	290	CAssertEqual([pair rawDecryptData: crypted], data);
snej@8	291	Log(@"Verified decryption.");
snej@8	292
snej@8	293	// Test creating a standalone public key:
snej@8	294	MYPublicKey *pub = [[MYPublicKey alloc] initWithKeyRef: publicKey.keyRef];
snej@8	295	CAssert( [pub verifySignature: sig ofData: data] );
snej@8	296	Log(@"Verified signature.");
snej@8	297
snej@8	298	// Test creating a public key from data:
snej@8	299	Log(@"Reconstituting public key from data...");
snej@8	300	pub = [[MYPublicKey alloc] initWithKeyData: pubKeyData];
snej@8	301	CAssert(pub);
snej@8	302	CAssertEqual(pub.keyData, pubKeyData);
snej@8	303	CAssertEqual(pub.publicKeyDigest, pubKeyDigest);
snej@8	304	CAssert( [pub verifySignature: sig ofData: data] );
jens@21	305	[pub release];
snej@8	306	Log(@"Verified signature from reconstituted key.");
jens@21	307
jens@21	308	// Test creating a public key from modulus+exponent:
jens@21	309	Log(@"Reconstituting public key from modulus+exponent...");
jens@21	310	pub = [[MYPublicKey alloc] initWithModulus: modulus exponent: exponent];
jens@21	311	CAssertEqual(pub.keyData, pubKeyData);
jens@21	312	[pub release];
snej@8	313	}
snej@8	314
snej@8	315
snej@14	316	static void TestWrapSessionKey( MYPrivateKey *privateKey ) {
snej@14	317	#if !TARGET_OS_IPHONE
snej@13	318	MYSymmetricKey *sessionKey = [MYSymmetricKey generateSymmetricKeyOfSize: 128 algorithm:kCCAlgorithmAES128];
snej@13	319	CAssert(sessionKey);
snej@14	320	NSData *cleartext = [@"This is a test. This is only a test." dataUsingEncoding: NSUTF8StringEncoding];
snej@14	321	NSData *encrypted = [sessionKey encryptData: cleartext];
snej@14	322
snej@13	323	Log(@"Wrapping session key %@, %@", sessionKey, sessionKey.keyData);
snej@13	324	NSData *wrapped = [privateKey.publicKey wrapSessionKey: sessionKey];
snej@13	325	Log(@"Wrapped session key = %u bytes: %@", wrapped.length,wrapped);
snej@13	326	CAssert(wrapped.length >= 128/8);
snej@13	327
snej@13	328	MYSymmetricKey *unwrappedKey = [privateKey unwrapSessionKey: wrapped
snej@13	329	withAlgorithm: kCCAlgorithmAES128
snej@13	330	sizeInBits: 128];
snej@13	331	Log(@"Unwrapped session key = %@, %@", unwrappedKey, unwrappedKey.keyData);
snej@13	332	CAssert(unwrappedKey);
snej@14	333	CAssertEq(unwrappedKey.algorithm, sessionKey.algorithm);
snej@14	334	CAssertEq(unwrappedKey.keySizeInBits, sessionKey.keySizeInBits);
snej@13	335	CAssertEqual(unwrappedKey.keyData, sessionKey.keyData);
snej@14	336
snej@14	337	Log(@"Verifying that unwrapped key works");
snej@14	338	NSData *decrypted = [unwrappedKey decryptData: encrypted];
snej@14	339	CAssertEqual(decrypted, cleartext);
snej@14	340	#endif
snej@13	341	}
snej@13	342
snej@13	343
snej@8	344	TestCase(MYGenerateKeyPair) {
snej@8	345	RequireTestCase(MYKeychain);
snej@8	346
snej@8	347	Log(@"Generating key pair...");
snej@11	348	MYPrivateKey *pair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: kTestCaseRSAKeySize];
snej@8	349	MYPublicKey *publicKey = pair.publicKey;
snej@8	350	Log(@"...created { %@ , %@ }.", pair, publicKey);
snej@8	351
snej@0	352	@try{
snej@8	353	TestUseKeyPair(pair);
snej@14	354	TestWrapSessionKey(pair);
snej@3	355
snej@3	356	[pair setName: @"Test KeyPair Label"];
snej@3	357	CAssertEqual(pair.name, @"Test KeyPair Label");
snej@3	358	CAssertEqual(publicKey.name, @"Test KeyPair Label");
snej@3	359	#if !TARGET_OS_IPHONE
snej@3	360	[pair setComment: @"This key-pair was generated automatically by a test case."];
snej@3	361	CAssertEqual(pair.comment, @"This key-pair was generated automatically by a test case.");
snej@3	362	CAssertEqual(publicKey.comment, @"This key-pair was generated automatically by a test case.");
snej@3	363	#endif
snej@3	364	[pair setAlias: @"TestCase@mooseyard.com"];
snej@3	365	CAssertEqual(pair.alias, @"TestCase@mooseyard.com");
snej@3	366	CAssertEqual(publicKey.alias, @"TestCase@mooseyard.com");
snej@0	367
snej@0	368	CAssert([pair removeFromKeychain]);
snej@0	369	Log(@"Removed key-pair.");
snej@0	370	pair = nil;
snej@0	371
snej@0	372	}@finally {
snej@0	373	if (pair) {
snej@0	374	if ([pair removeFromKeychain])
snej@0	375	Log(@"Removed key-pair from keychain.");
snej@0	376	else
snej@0	377	Warn(@"Unable to remove test key-pair from keychain");
snej@0	378	}
snej@0	379	}
snej@0	380	}
snej@0	381
snej@0	382
snej@12	383	#if !TARGET_OS_IPHONE
snej@8	384	TestCase(MYUseIdentity) {
snej@8	385	MYIdentity *me = nil;//[MYIdentity preferredIdentityForName: @"MYCryptoTest"];
snej@8	386	if (!me) {
snej@8	387	NSArray *idents = [[[MYKeychain allKeychains] enumerateIdentities] allObjects];
snej@8	388	SFChooseIdentityPanel *panel = [SFChooseIdentityPanel sharedChooseIdentityPanel];
snej@8	389	[panel setAlternateButtonTitle: @"Cancel"];
snej@8	390	if ([panel my_runModalForIdentities: idents
snej@8	391	message: @"Choose an identity for the MYEncoder test case:"]
snej@8	392	!= NSOKButton) {
snej@8	393	[NSException raise: NSGenericException format: @"User canceled"];
snej@8	394	}
snej@8	395	me = [panel my_identity];
snej@8	396	[me makePreferredIdentityForName: @"MYCryptoTest"];
snej@8	397	}
snej@8	398	CAssert(me,@"No default identity has been set up in the Keychain");
snej@8	399	TestUseKeyPair(me.privateKey);
snej@8	400	}
snej@12	401	#endif
snej@8	402
snej@0	403
snej@0	404	#pragma mark -
snej@0	405	#pragma mark KEYPAIR EXPORT:
snej@0	406
snej@0	407
snej@0	408	static void testKeyPairExportWithPrompt(BOOL withPrompt) {
snej@0	409	MYKeychain *keychain = [MYKeychain allKeychains];
snej@0	410	Log(@"Generating key pair...");
snej@11	411	MYPrivateKey *pair = [keychain generateRSAKeyPairOfSize: kTestCaseRSAKeySize];
snej@0	412	CAssert(pair);
snej@0	413	CAssert(pair.keyRef);
snej@3	414	CAssert(pair.publicKey.keyRef);
snej@0	415	Log(@"...created pair.");
snej@0	416
snej@0	417	@try{
snej@3	418	NSData *pubKeyData = pair.publicKey.keyData;
snej@11	419	CAssert(pubKeyData.length >= kTestCaseRSAKeySize/8);
snej@0	420	[pair setName: @"Test KeyPair Label"];
snej@0	421	CAssertEqual(pair.name, @"Test KeyPair Label");
snej@0	422	#if !TARGET_OS_IPHONE
snej@0	423	[pair setComment: @"This key-pair was generated automatically by a test case."];
snej@0	424	CAssertEqual(pair.comment, @"This key-pair was generated automatically by a test case.");
snej@0	425	#endif
snej@0	426	[pair setAlias: @"TestCase@mooseyard.com"];
snej@0	427	CAssertEqual(pair.alias, @"TestCase@mooseyard.com");
snej@0	428
snej@0	429	#if !TARGET_OS_IPHONE
snej@0	430	Log(@"Exporting key-pair...");
snej@0	431	NSString *passphrase = @"passphrase";
snej@0	432	NSData *privKeyData;
snej@0	433	if (withPrompt)
snej@3	434	privKeyData = [pair exportKey];
snej@0	435	else
snej@3	436	privKeyData = [pair _exportKeyInFormat: kSecFormatWrappedOpenSSL
snej@3	437	withPEM: YES
snej@3	438	passphrase: passphrase];
snej@0	439	Log(@"Exported data = %@ (%u bytes)", privKeyData,privKeyData.length);
snej@0	440	CAssert(privKeyData);
snej@0	441	[privKeyData writeToFile: @"ExportedPrivKey" atomically: YES];
snej@0	442	#endif
snej@0	443
snej@0	444	// Check key lookup:
snej@0	445	Log(@"Looking up public key of pair in keychain...");
snej@0	446	MYSHA1Digest *digest = pair.publicKeyDigest;
snej@0	447	MYPublicKey *foundKey = [keychain publicKeyWithDigest: digest];
snej@3	448	CAssertEqual(foundKey, pair.publicKey);
snej@3	449	CAssert([keychain.enumeratePublicKeys.allObjects containsObject: pair.publicKey]);
snej@3	450	MYPrivateKey *foundPair = [keychain privateKeyWithDigest: digest];
snej@0	451	CAssertEqual(foundPair, pair);
snej@3	452	CAssert([keychain.enumeratePrivateKeys.allObjects containsObject: pair]);
snej@0	453
snej@0	454	Log(@"Removing key-pair from keychain...");
snej@0	455	CAssert([pair removeFromKeychain]);
snej@0	456	pair = nil;
snej@0	457	CAssert([keychain publicKeyWithDigest: digest] == nil);
snej@0	458
snej@0	459	#if !TARGET_OS_IPHONE
snej@0	460	Log(@"Importing key-pair...");
snej@0	461	if (withPrompt) {
snej@0	462	pair = [keychain importPublicKey: pubKeyData
snej@0	463	privateKey: privKeyData];
snej@0	464	} else {
snej@3	465	pair = [[[MYPrivateKey alloc] _initWithKeyData: privKeyData
snej@3	466	publicKeyData: pubKeyData
snej@3	467	forKeychain: keychain.keychainRefOrDefault
snej@3	468	passphrase: passphrase]
snej@0	469	autorelease];
snej@0	470	}
snej@0	471	CAssert(pair);
snej@3	472	CAssertEqual(pair.publicKey.keyData, pubKeyData);
snej@0	473	#endif
snej@0	474	}@finally {
snej@0	475	if (pair) {
snej@0	476	if ([pair removeFromKeychain])
snej@0	477	Log(@"Removed key-pair from keychain.");
snej@0	478	else
snej@0	479	Warn(@"Unable to remove test key-pair from keychain");
snej@0	480	}
snej@0	481	}
snej@0	482	}
snej@0	483
snej@0	484	TestCase(KeyPairExport) {
snej@0	485	RequireTestCase(MYKeychain);
snej@12	486	RequireTestCase(MYGenerateKeyPair);
snej@0	487	testKeyPairExportWithPrompt(NO);
snej@0	488	}
snej@0	489
snej@0	490	TestCase(KeyPairExportWithUI) {
snej@0	491	RequireTestCase(KeyPairExport);
snej@0	492	testKeyPairExportWithPrompt(YES);
snej@0	493	}
snej@0	494
snej@0	495
snej@0	496	#endif DEBUG
snej@0	497

author	Jens Alfke <jens@mooseyard.com>
	Sat Jun 06 15:36:35 2009 -0700 (2009-06-06)
changeset 22	058394513f33
parent 16	c409dbc4f068
child 23	39fec79de6e8
permissions	-rw-r--r--