MYCrypto: MYCryptoTest.m@6856e071d25a (annotated)

snej@0	1	//
snej@0	2	// MYCryptoTest.m
snej@0	3	// MYCrypto-iPhone
snej@0	4	//
snej@0	5	// Created by Jens Alfke on 4/1/09.
snej@0	6	// Copyright 2009 Jens Alfke. All rights reserved.
snej@0	7	//
snej@0	8
snej@3	9	#import "MYPublicKey.h"
snej@3	10	#import "MYPrivateKey.h"
snej@0	11	#import "MYKeychain.h"
snej@0	12	#import "MYDigest.h"
snej@4	13	#import "MYIdentity.h"
snej@12	14	#if !TARGET_OS_IPHONE
snej@8	15	#import "MYCrypto+Cocoa.h"
snej@12	16	#endif
snej@0	17	#import "MYCrypto_Private.h"
snej@0	18
snej@0	19
snej@0	20	#if DEBUG
snej@0	21
snej@11	22
snej@11	23	#define kTestCaseRSAKeySize 2048
snej@11	24
snej@0	25	#pragma mark -
snej@0	26	#pragma mark KEYCHAIN:
snej@0	27
snej@0	28
snej@0	29	TestCase(MYKeychain) {
snej@0	30	MYKeychain *kc = [MYKeychain defaultKeychain];
snej@0	31	Log(@"Default keychain = %@", kc);
snej@0	32	CAssert(kc);
snej@2	33	#if !MYCRYPTO_USE_IPHONE_API
snej@0	34	CAssert(kc.path);
snej@0	35	#endif
snej@0	36
snej@0	37	kc = [MYKeychain allKeychains];
snej@0	38	Log(@"All-keychains = %@", kc);
snej@0	39	CAssert(kc);
snej@2	40	#if !MYCRYPTO_USE_IPHONE_API
snej@0	41	CAssertEq(kc.path,nil);
snej@1	42	#endif
snej@0	43	}
snej@0	44
snej@0	45
jens@23	46	TestCase(Enumerate) {
jens@23	47	RequireTestCase(EnumeratePublicKeys);
jens@23	48	RequireTestCase(EnumeratePrivateKeys);
jens@23	49	RequireTestCase(EnumerateSymmetricKeys);
jens@23	50	RequireTestCase(EnumerateCerts);
jens@23	51	RequireTestCase(EnumerateIdentities);
jens@23	52	}
jens@23	53
jens@23	54
jens@23	55	TestCase(EnumeratePublicKeys) {
snej@0	56	RequireTestCase(MYKeychain);
snej@0	57	NSEnumerator *e = [[MYKeychain allKeychains] enumeratePublicKeys];
snej@0	58	Log(@"Public Key Enumerator = %@", e);
snej@0	59	CAssert(e);
snej@0	60	for (MYPublicKey *key in e) {
jens@23	61	Log(@"Trying public key %@", key.keyRef);
jens@23	62	@try{
jens@23	63	Log(@"Found %@ -- name=%@", key, key.name);
jens@23	64	}@catch (NSException *x) {
jens@23	65	Warn(@"Caught %@",x); //TEMP
jens@23	66	}
snej@0	67	}
jens@23	68	}
jens@23	69
jens@23	70	TestCase(EnumeratePrivateKeys) {
jens@23	71	RequireTestCase(MYKeychain);
jens@23	72	NSEnumerator *e = [[MYKeychain allKeychains] enumeratePrivateKeys];
snej@0	73	Log(@"Key-Pair Enumerator = %@", e);
snej@0	74	CAssert(e);
snej@3	75	for (MYPrivateKey *key in e) {
jens@23	76	Log(@"Found %@ -- name=%@ --> %@", key, key.name, key.publicKey);
jens@23	77	CAssert(key.publicKey);
snej@0	78	}
jens@23	79	}
jens@23	80
jens@23	81	TestCase(EnumerateSymmetricKeys) {
jens@23	82	RequireTestCase(MYKeychain);
jens@23	83	NSEnumerator *e = [[MYKeychain allKeychains] enumerateSymmetricKeys];
snej@0	84	Log(@"Symmetric Key Enumerator = %@", e);
snej@0	85	CAssert(e);
snej@0	86	for (MYSymmetricKey *key in e) {
snej@0	87	Log(@"Found %@ -- name=%@", key, key.name);
snej@0	88	}
snej@0	89	}
snej@0	90
snej@0	91
snej@0	92	TestCase(EnumerateCerts) {
snej@0	93	RequireTestCase(MYKeychain);
snej@0	94	NSEnumerator *e = [[MYKeychain allKeychains] enumerateCertificates];
snej@0	95	Log(@"Enumerator = %@", e);
snej@0	96	CAssert(e);
snej@0	97	for (MYCertificate *cert in e) {
jens@23	98	Log(@"Found %@ -- name=%@, email=%@", cert, cert.commonName, cert.emailAddresses);
jens@23	99	CAssert(cert.publicKey);
snej@0	100	}
snej@0	101	}
snej@0	102
snej@4	103	TestCase(EnumerateIdentities) {
snej@4	104	RequireTestCase(MYKeychain);
snej@4	105	NSEnumerator *e = [[MYKeychain allKeychains] enumerateIdentities];
snej@4	106	Log(@"Enumerator = %@", e);
snej@4	107	CAssert(e);
snej@4	108	for (MYIdentity *ident in e) {
snej@8	109	Log(@"Found %@\n\tcommonName=%@\n\temails=(%@)\n\tkey=%@",
snej@4	110	ident, ident.commonName,
snej@5	111	#if TARGET_OS_IPHONE
snej@5	112	nil,
snej@5	113	#else
snej@4	114	[ident.emailAddresses componentsJoinedByString: @", "],
snej@5	115	#endif
snej@4	116	ident.privateKey);
snej@4	117	}
snej@4	118	}
snej@4	119
snej@0	120
snej@0	121	#pragma mark -
snej@0	122	#pragma mark SYMMETRIC KEYS:
snej@0	123
snej@0	124
snej@12	125	static void testSymmetricKey( CCAlgorithm algorithm, unsigned sizeInBits, MYKeychain *inKeychain ) {
snej@2	126	NSAutoreleasePool *pool = [NSAutoreleasePool new];
snej@12	127	MYSymmetricKey *key = nil;
snej@12	128	@try{
snej@12	129	Log(@"--- Testing %3u-bit #%i %s", sizeInBits, (int)algorithm,
snej@12	130	(inKeychain ?", in keychain" :""));
snej@12	131	// Generate key:
snej@12	132	if (inKeychain)
snej@12	133	key = [inKeychain generateSymmetricKeyOfSize: sizeInBits algorithm: algorithm];
snej@12	134	else
snej@12	135	key = [MYSymmetricKey generateSymmetricKeyOfSize: sizeInBits algorithm: algorithm];
snej@12	136	Log(@"Created %@", key);
jens@23	137	CAssert(key);
snej@12	138	CAssertEq(key.algorithm, algorithm);
snej@12	139	CAssertEq(key.keySizeInBits, sizeInBits);
snej@12	140	#if !TARGET_OS_IPHONE
snej@12	141	CAssert(key.cssmKey != NULL);
snej@12	142	#endif
snej@12	143
snej@12	144	NSData *keyData = key.keyData;
snej@12	145	Log(@"Key data = %@", keyData);
snej@12	146	CAssertEq(keyData.length, sizeInBits/8);
snej@12	147
snej@12	148	// Encrypt a small amount of text:
snej@12	149	Log(@"Testing encryption / decryption ...");
snej@12	150	NSData *cleartext = [@"This is a test. This is only a test." dataUsingEncoding: NSUTF8StringEncoding];
snej@12	151	NSData *encrypted = [key encryptData: cleartext];
snej@12	152	Log(@"Encrypted = %u bytes: %@", encrypted.length, encrypted);
snej@12	153	CAssert(encrypted.length >= cleartext.length);
snej@12	154	NSData *decrypted = [key decryptData: encrypted];
snej@12	155	CAssertEqual(decrypted, cleartext);
snej@12	156
snej@12	157	// Encrypt large binary data:
snej@12	158	cleartext = [NSData dataWithContentsOfFile: @"/Library/Desktop Pictures/Nature/Zen Garden.jpg"];
snej@12	159	CAssert(cleartext);
snej@12	160	encrypted = [key encryptData: cleartext];
snej@12	161	Log(@"Encrypted = %u bytes", encrypted.length);
snej@12	162	CAssert(encrypted.length >= cleartext.length);
snej@12	163	decrypted = [key decryptData: encrypted];
snej@12	164	CAssertEqual(decrypted, cleartext);
snej@12	165
snej@12	166	#if 1
snej@12	167	Log(@"Testing initWithKeyData:...");
snej@12	168	MYSymmetricKey *key2 = [[MYSymmetricKey alloc] initWithKeyData: keyData algorithm: algorithm];
snej@12	169	CAssert(key2);
snej@12	170	Log(@"Key from data = %@",key2);
snej@12	171	CAssertEqual(key2.keyData, keyData);
snej@12	172	CAssertEq(key2.algorithm, algorithm);
snej@12	173	CAssertEq(key2.keySizeInBits, sizeInBits);
snej@2	174	decrypted = [key2 decryptData: encrypted];
snej@2	175	CAssertEqual(decrypted, cleartext);
snej@12	176	[key2 release];
snej@12	177	#endif
snej@12	178
snej@12	179	#if !TARGET_OS_IPHONE
jens@16	180	#if 1 // TEMP-ORARILY OUT OF ORDER
snej@12	181	// Try exporting and importing a wrapped key:
snej@12	182	Log(@"Testing export/import...");
snej@13	183	NSData *exported = [key exportWrappedKeyWithPassphrasePrompt: @"Export symmetric key with passphrase:"];
snej@12	184	Log(@"Exported key: %@", exported);
snej@13	185	#if 1
snej@12	186	CAssert(exported);
snej@12	187	#else
snej@12	188	if (!exported)
snej@12	189	Warn(@"Unable to export wrapped key");
snej@12	190	else
snej@12	191	#endif
snej@12	192	{
snej@12	193	CAssert(exported);
jens@16	194	MYSymmetricKey *key2 = [[MYSymmetricKey alloc] initWithWrappedKeyData: exported];
snej@12	195	Log(@"Reconstituted as %@", key2);
snej@12	196	CAssertEqual(key2.keyData,key.keyData);
snej@12	197	decrypted = [key2 decryptData: encrypted];
snej@12	198	CAssertEqual(decrypted, cleartext);
snej@12	199	}
snej@13	200	#endif 0
snej@12	201	#endif
snej@12	202	}@finally{
snej@12	203	[key removeFromKeychain];
snej@12	204	}
snej@2	205	[pool drain];
snej@2	206	}
snej@2	207
snej@2	208
snej@0	209	TestCase(MYSymmetricKey) {
snej@0	210	#define kNTests 11
snej@0	211	static const CCAlgorithm kTestAlgorithms[kNTests] = {
snej@0	212	kCCAlgorithmAES128, kCCAlgorithmAES128, kCCAlgorithmAES128,
snej@0	213	kCCAlgorithmDES, kCCAlgorithm3DES,
snej@0	214	kCCAlgorithmCAST, kCCAlgorithmCAST, kCCAlgorithmCAST,
snej@0	215	kCCAlgorithmRC4, kCCAlgorithmRC4, kCCAlgorithmRC4};
snej@0	216
snej@0	217	static const unsigned kTestBitSizes[kNTests] = {
snej@0	218	128, 192, 256,
snej@0	219	64, 3*64,
snej@0	220	40, 80, 128,
snej@0	221	32, 200, 512*8};
snej@0	222
snej@12	223	for (int useKeychain=0; useKeychain<=1; useKeychain++)
snej@12	224	for (int testNo=0; testNo<kNTests; testNo++)
snej@12	225	testSymmetricKey(kTestAlgorithms[testNo],
snej@12	226	kTestBitSizes[testNo],
snej@12	227	useKeychain ?[MYKeychain defaultKeychain] :nil);
snej@12	228	}
snej@12	229
snej@12	230
snej@14	231	#if !TARGET_OS_IPHONE
snej@12	232	TestCase(MYSymmetricKeyPassphrase) {
snej@12	233	Log(@"Prompting for raw passphrase --");
snej@12	234	NSString *rawPassphrase = [MYSymmetricKey promptForPassphraseWithAlertTitle: @"Raw Passphrase Test"
snej@12	235	alertPrompt: @"Enter the passphrase 'Testing':"
snej@12	236	creating: YES];
snej@12	237	Log(@"You entered: '%@'", rawPassphrase);
snej@12	238	CAssertEqual(rawPassphrase, @"Testing");
snej@12	239
snej@12	240	Log(@"Prompting for passphrase for key --");
snej@12	241	MYSymmetricKey *key = [MYSymmetricKey generateFromUserPassphraseWithAlertTitle: @"Symmetric Key Passphrase Test Case"
snej@12	242	alertPrompt: @"Please enter a passphrase to generate a key:"
snej@12	243	creating: YES
snej@12	244	salt: @"wahooma"];
snej@12	245	Log(@"Key from passphrase = %@", key);
snej@12	246	CAssert(key);
snej@12	247
snej@12	248	// Encrypt a small amount of text:
snej@12	249	Log(@"Testing encryption / decryption ...");
snej@12	250	NSData *cleartext = [@"This is a test. This is only a test." dataUsingEncoding: NSUTF8StringEncoding];
snej@12	251	NSData *encrypted = [key encryptData: cleartext];
snej@12	252	Log(@"Encrypted = %u bytes: %@", encrypted.length, encrypted);
snej@12	253	CAssert(encrypted.length >= cleartext.length);
snej@12	254	NSData *decrypted = [key decryptData: encrypted];
snej@12	255	CAssertEqual(decrypted, cleartext);
snej@12	256
snej@12	257	// Now test decryption by re-entered passphrase:
snej@12	258	Log(@"Testing decryption using re-entered passphrase...");
snej@12	259	MYSymmetricKey *key2 = [MYSymmetricKey generateFromUserPassphraseWithAlertTitle: @"Symmetric Key Passphrase Test Case"
snej@12	260	alertPrompt: @"Please re-enter the same passphrase:"
snej@12	261	creating: NO
snej@12	262	salt: @"wahooma"];
snej@12	263	Log(@"Key from passphrase = %@", key2);
snej@12	264	CAssert(key2);
snej@12	265	decrypted = [key2 decryptData: encrypted];
snej@12	266	CAssertEqual(decrypted, cleartext);
snej@0	267	}
snej@14	268	#endif
snej@0	269
snej@0	270
snej@0	271	#pragma mark -
snej@0	272	#pragma mark KEY-PAIRS:
snej@0	273
snej@0	274
snej@8	275	static void TestUseKeyPair(MYPrivateKey *pair) {
snej@8	276	Log(@"---- TestUseKeyPair { %@ , %@ }.", pair, pair.publicKey);
snej@0	277	CAssert(pair);
snej@0	278	CAssert(pair.keyRef);
snej@3	279	MYPublicKey *publicKey = pair.publicKey;
snej@3	280	CAssert(publicKey.keyRef);
snej@0	281
snej@8	282	NSData *pubKeyData = publicKey.keyData;
snej@8	283	Log(@"Public key = %@ (%u bytes)",pubKeyData,pubKeyData.length);
snej@8	284	CAssert(pubKeyData);
snej@8	285
jens@21	286	NSData *modulus;
jens@21	287	unsigned exponent;
jens@21	288	CAssert([publicKey getModulus: &modulus exponent: &exponent]);
jens@21	289	Log(@"Modulus = %@", modulus);
jens@21	290	Log(@"Exponent = %u", exponent);
jens@21	291	CAssertEq(modulus.length, 2048U/8);
jens@21	292	CAssertEq(exponent,65537U); // this is what CDSA always seems to use
jens@21	293
snej@8	294	MYSHA1Digest *pubKeyDigest = publicKey.publicKeyDigest;
snej@8	295	Log(@"Public key digest = %@",pubKeyDigest);
snej@8	296	CAssertEqual(pair.publicKeyDigest, pubKeyDigest);
snej@8	297
snej@8	298	Log(@"SHA1 of pub key = %@", pubKeyData.my_SHA1Digest.asData);
snej@14	299	CAssertEqual(pubKeyData.my_SHA1Digest,pubKeyDigest);
snej@8	300
snej@8	301	// Let's sign data:
snej@8	302	NSData *data = [@"This is a test. This is only a test!" dataUsingEncoding: NSUTF8StringEncoding];
snej@8	303	NSData *sig = [pair signData: data];
snej@8	304	Log(@"Signature = %@ (%u bytes)",sig,sig.length);
snej@8	305	CAssert(sig);
snej@8	306	CAssert( [publicKey verifySignature: sig ofData: data] );
snej@8	307
snej@8	308	// Now let's encrypt...
snej@13	309	NSData *crypted = [publicKey rawEncryptData: data];
snej@8	310	Log(@"Encrypted = %@ (%u bytes)",crypted,crypted.length);
snej@8	311	CAssert(crypted);
snej@13	312	CAssertEqual([pair rawDecryptData: crypted], data);
snej@8	313	Log(@"Verified decryption.");
snej@8	314
snej@8	315	// Test creating a standalone public key:
snej@8	316	MYPublicKey *pub = [[MYPublicKey alloc] initWithKeyRef: publicKey.keyRef];
snej@8	317	CAssert( [pub verifySignature: sig ofData: data] );
snej@8	318	Log(@"Verified signature.");
snej@8	319
snej@8	320	// Test creating a public key from data:
snej@8	321	Log(@"Reconstituting public key from data...");
snej@8	322	pub = [[MYPublicKey alloc] initWithKeyData: pubKeyData];
snej@8	323	CAssert(pub);
snej@8	324	CAssertEqual(pub.keyData, pubKeyData);
snej@8	325	CAssertEqual(pub.publicKeyDigest, pubKeyDigest);
snej@8	326	CAssert( [pub verifySignature: sig ofData: data] );
jens@21	327	[pub release];
snej@8	328	Log(@"Verified signature from reconstituted key.");
jens@21	329
jens@21	330	// Test creating a public key from modulus+exponent:
jens@21	331	Log(@"Reconstituting public key from modulus+exponent...");
jens@21	332	pub = [[MYPublicKey alloc] initWithModulus: modulus exponent: exponent];
jens@21	333	CAssertEqual(pub.keyData, pubKeyData);
jens@21	334	[pub release];
snej@8	335	}
snej@8	336
snej@8	337
snej@14	338	static void TestWrapSessionKey( MYPrivateKey *privateKey ) {
snej@14	339	#if !TARGET_OS_IPHONE
snej@13	340	MYSymmetricKey *sessionKey = [MYSymmetricKey generateSymmetricKeyOfSize: 128 algorithm:kCCAlgorithmAES128];
snej@13	341	CAssert(sessionKey);
snej@14	342	NSData *cleartext = [@"This is a test. This is only a test." dataUsingEncoding: NSUTF8StringEncoding];
snej@14	343	NSData *encrypted = [sessionKey encryptData: cleartext];
snej@14	344
snej@13	345	Log(@"Wrapping session key %@, %@", sessionKey, sessionKey.keyData);
snej@13	346	NSData *wrapped = [privateKey.publicKey wrapSessionKey: sessionKey];
snej@13	347	Log(@"Wrapped session key = %u bytes: %@", wrapped.length,wrapped);
snej@13	348	CAssert(wrapped.length >= 128/8);
snej@13	349
snej@13	350	MYSymmetricKey *unwrappedKey = [privateKey unwrapSessionKey: wrapped
snej@13	351	withAlgorithm: kCCAlgorithmAES128
snej@13	352	sizeInBits: 128];
snej@13	353	Log(@"Unwrapped session key = %@, %@", unwrappedKey, unwrappedKey.keyData);
snej@13	354	CAssert(unwrappedKey);
snej@14	355	CAssertEq(unwrappedKey.algorithm, sessionKey.algorithm);
snej@14	356	CAssertEq(unwrappedKey.keySizeInBits, sessionKey.keySizeInBits);
snej@13	357	CAssertEqual(unwrappedKey.keyData, sessionKey.keyData);
snej@14	358
snej@14	359	Log(@"Verifying that unwrapped key works");
snej@14	360	NSData *decrypted = [unwrappedKey decryptData: encrypted];
snej@14	361	CAssertEqual(decrypted, cleartext);
snej@14	362	#endif
snej@13	363	}
snej@13	364
snej@13	365
snej@8	366	TestCase(MYGenerateKeyPair) {
snej@8	367	RequireTestCase(MYKeychain);
snej@8	368
snej@8	369	Log(@"Generating key pair...");
snej@11	370	MYPrivateKey *pair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: kTestCaseRSAKeySize];
snej@8	371	MYPublicKey *publicKey = pair.publicKey;
snej@8	372	Log(@"...created { %@ , %@ }.", pair, publicKey);
snej@8	373
snej@0	374	@try{
snej@8	375	TestUseKeyPair(pair);
snej@14	376	TestWrapSessionKey(pair);
snej@3	377
snej@3	378	[pair setName: @"Test KeyPair Label"];
snej@3	379	CAssertEqual(pair.name, @"Test KeyPair Label");
snej@3	380	CAssertEqual(publicKey.name, @"Test KeyPair Label");
snej@3	381	#if !TARGET_OS_IPHONE
snej@3	382	[pair setComment: @"This key-pair was generated automatically by a test case."];
snej@3	383	CAssertEqual(pair.comment, @"This key-pair was generated automatically by a test case.");
snej@3	384	CAssertEqual(publicKey.comment, @"This key-pair was generated automatically by a test case.");
snej@3	385	#endif
snej@3	386	[pair setAlias: @"TestCase@mooseyard.com"];
snej@3	387	CAssertEqual(pair.alias, @"TestCase@mooseyard.com");
snej@3	388	CAssertEqual(publicKey.alias, @"TestCase@mooseyard.com");
snej@0	389
snej@0	390	CAssert([pair removeFromKeychain]);
snej@0	391	Log(@"Removed key-pair.");
snej@0	392	pair = nil;
snej@0	393
snej@0	394	}@finally {
snej@0	395	if (pair) {
snej@0	396	if ([pair removeFromKeychain])
snej@0	397	Log(@"Removed key-pair from keychain.");
snej@0	398	else
snej@0	399	Warn(@"Unable to remove test key-pair from keychain");
snej@0	400	}
snej@0	401	}
snej@0	402	}
snej@0	403
snej@0	404
snej@12	405	#if !TARGET_OS_IPHONE
snej@8	406	TestCase(MYUseIdentity) {
snej@8	407	MYIdentity *me = nil;//[MYIdentity preferredIdentityForName: @"MYCryptoTest"];
snej@8	408	if (!me) {
snej@8	409	NSArray *idents = [[[MYKeychain allKeychains] enumerateIdentities] allObjects];
snej@8	410	SFChooseIdentityPanel *panel = [SFChooseIdentityPanel sharedChooseIdentityPanel];
snej@8	411	[panel setAlternateButtonTitle: @"Cancel"];
snej@8	412	if ([panel my_runModalForIdentities: idents
snej@8	413	message: @"Choose an identity for the MYEncoder test case:"]
snej@8	414	!= NSOKButton) {
snej@8	415	[NSException raise: NSGenericException format: @"User canceled"];
snej@8	416	}
snej@8	417	me = [panel my_identity];
snej@8	418	[me makePreferredIdentityForName: @"MYCryptoTest"];
snej@8	419	}
snej@8	420	CAssert(me,@"No default identity has been set up in the Keychain");
snej@8	421	TestUseKeyPair(me.privateKey);
snej@8	422	}
snej@12	423	#endif
snej@8	424
snej@0	425
snej@0	426	#pragma mark -
snej@0	427	#pragma mark KEYPAIR EXPORT:
snej@0	428
snej@0	429
snej@0	430	static void testKeyPairExportWithPrompt(BOOL withPrompt) {
snej@0	431	MYKeychain *keychain = [MYKeychain allKeychains];
snej@0	432	Log(@"Generating key pair...");
snej@11	433	MYPrivateKey *pair = [keychain generateRSAKeyPairOfSize: kTestCaseRSAKeySize];
snej@0	434	CAssert(pair);
snej@0	435	CAssert(pair.keyRef);
snej@3	436	CAssert(pair.publicKey.keyRef);
snej@0	437	Log(@"...created pair.");
snej@0	438
snej@0	439	@try{
snej@3	440	NSData *pubKeyData = pair.publicKey.keyData;
snej@11	441	CAssert(pubKeyData.length >= kTestCaseRSAKeySize/8);
snej@0	442	[pair setName: @"Test KeyPair Label"];
snej@0	443	CAssertEqual(pair.name, @"Test KeyPair Label");
snej@0	444	#if !TARGET_OS_IPHONE
snej@0	445	[pair setComment: @"This key-pair was generated automatically by a test case."];
snej@0	446	CAssertEqual(pair.comment, @"This key-pair was generated automatically by a test case.");
snej@0	447	#endif
snej@0	448	[pair setAlias: @"TestCase@mooseyard.com"];
snej@0	449	CAssertEqual(pair.alias, @"TestCase@mooseyard.com");
snej@0	450
snej@0	451	#if !TARGET_OS_IPHONE
snej@0	452	Log(@"Exporting key-pair...");
snej@0	453	NSString *passphrase = @"passphrase";
snej@0	454	NSData *privKeyData;
snej@0	455	if (withPrompt)
snej@3	456	privKeyData = [pair exportKey];
snej@0	457	else
snej@3	458	privKeyData = [pair _exportKeyInFormat: kSecFormatWrappedOpenSSL
snej@3	459	withPEM: YES
snej@3	460	passphrase: passphrase];
snej@0	461	Log(@"Exported data = %@ (%u bytes)", privKeyData,privKeyData.length);
snej@0	462	CAssert(privKeyData);
snej@0	463	[privKeyData writeToFile: @"ExportedPrivKey" atomically: YES];
snej@0	464	#endif
snej@0	465
snej@0	466	// Check key lookup:
snej@0	467	Log(@"Looking up public key of pair in keychain...");
snej@0	468	MYSHA1Digest *digest = pair.publicKeyDigest;
snej@0	469	MYPublicKey *foundKey = [keychain publicKeyWithDigest: digest];
snej@3	470	CAssertEqual(foundKey, pair.publicKey);
snej@3	471	CAssert([keychain.enumeratePublicKeys.allObjects containsObject: pair.publicKey]);
snej@3	472	MYPrivateKey *foundPair = [keychain privateKeyWithDigest: digest];
snej@0	473	CAssertEqual(foundPair, pair);
snej@3	474	CAssert([keychain.enumeratePrivateKeys.allObjects containsObject: pair]);
snej@0	475
snej@0	476	Log(@"Removing key-pair from keychain...");
snej@0	477	CAssert([pair removeFromKeychain]);
snej@0	478	pair = nil;
snej@0	479	CAssert([keychain publicKeyWithDigest: digest] == nil);
snej@0	480
snej@0	481	#if !TARGET_OS_IPHONE
snej@0	482	Log(@"Importing key-pair...");
snej@0	483	if (withPrompt) {
snej@0	484	pair = [keychain importPublicKey: pubKeyData
snej@0	485	privateKey: privKeyData];
snej@0	486	} else {
snej@3	487	pair = [[[MYPrivateKey alloc] _initWithKeyData: privKeyData
snej@3	488	publicKeyData: pubKeyData
snej@3	489	forKeychain: keychain.keychainRefOrDefault
snej@3	490	passphrase: passphrase]
snej@0	491	autorelease];
snej@0	492	}
snej@0	493	CAssert(pair);
snej@3	494	CAssertEqual(pair.publicKey.keyData, pubKeyData);
snej@0	495	#endif
snej@0	496	}@finally {
snej@0	497	if (pair) {
snej@0	498	if ([pair removeFromKeychain])
snej@0	499	Log(@"Removed key-pair from keychain.");
snej@0	500	else
snej@0	501	Warn(@"Unable to remove test key-pair from keychain");
snej@0	502	}
snej@0	503	}
snej@0	504	}
snej@0	505
snej@0	506	TestCase(KeyPairExport) {
snej@0	507	RequireTestCase(MYKeychain);
snej@12	508	RequireTestCase(MYGenerateKeyPair);
snej@0	509	testKeyPairExportWithPrompt(NO);
snej@0	510	}
snej@0	511
snej@0	512	TestCase(KeyPairExportWithUI) {
snej@0	513	RequireTestCase(KeyPairExport);
snej@0	514	testKeyPairExportWithPrompt(YES);
snej@0	515	}
snej@0	516
snej@0	517
snej@0	518	#endif DEBUG
snej@0	519

author	Jens Alfke <jens@mooseyard.com>
	Tue Jun 09 23:58:03 2009 -0700 (2009-06-09)
changeset 24	6856e071d25a
parent 21	2c300b15b381
child 26	d9c2a06d4e4e
permissions	-rw-r--r--