1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/MYCertificateTest.m Tue Jul 21 10:13:08 2009 -0700
1.3 @@ -0,0 +1,196 @@
1.4 +//
1.5 +// MYCertificateTest.m
1.6 +// MYCrypto-iPhone
1.7 +//
1.8 +// Created by Jens Alfke on 6/15/09.
1.9 +// Copyright 2009 Jens Alfke. All rights reserved.
1.10 +//
1.11 +
1.12 +#import "MYCertificateInfo.h"
1.13 +#import "MYCrypto.h"
1.14 +#import "MYCrypto_Private.h"
1.15 +
1.16 +
1.17 +#if DEBUG
1.18 +
1.19 +
1.20 +static MYCertificateInfo* testCertData(NSData *certData, BOOL selfSigned) {
1.21 + //Log(@"Cert Data =\n%@", certData);
1.22 + CAssert(certData!=nil);
1.23 + NSError *error = nil;
1.24 + MYCertificateInfo *pcert = [[MYCertificateInfo alloc] initWithCertificateData: certData
1.25 + error: &error];
1.26 + CAssertNil(error);
1.27 + CAssert(pcert != nil);
1.28 +
1.29 + CAssertEq(pcert.isRoot, selfSigned);
1.30 +
1.31 + MYCertificateName *subject = pcert.subject;
1.32 + Log(@"Common Name = %@", subject.commonName);
1.33 + Log(@"Given Name = %@", subject.givenName);
1.34 + Log(@"Surname = %@", subject.surname);
1.35 + Log(@"Desc = %@", subject.nameDescription);
1.36 + Log(@"Email = %@", subject.emailAddress);
1.37 + CAssert(subject.commonName);
1.38 +
1.39 + MYPublicKey *pcertKey = pcert.subjectPublicKey;
1.40 + Log(@"Subject Public Key = %@", pcertKey);
1.41 + CAssert(pcertKey);
1.42 +
1.43 + // Now go through MYCertificate:
1.44 + Log(@"Creating a MYCertificate from the data...");
1.45 + MYCertificate *cert = [[MYCertificate alloc] initWithCertificateData: certData];
1.46 + Log(@"MYCertificate = %@", cert);
1.47 + CAssert(cert);
1.48 + CAssertEqual(cert.info, pcert);
1.49 + Log(@"Trust = %@", MYTrustResultDescribe([cert evaluateTrust]));
1.50 +
1.51 + MYPublicKey *certKey = cert.publicKey;
1.52 + Log(@"MYCertificate public key = ", certKey);
1.53 + CAssertEqual(certKey.keyData, pcert.subjectPublicKey.keyData);
1.54 + [cert release];
1.55 + /*TEMP
1.56 + Log(@"Adding to keychain...");
1.57 + cert = [[MYKeychain defaultKeychain] importCertificate: certData];
1.58 + Log(@"Imported as %@", cert);
1.59 + //CAssert(cert);
1.60 + if (cert) {
1.61 + Log(@"Removing from keychain...");
1.62 + CAssert([cert removeFromKeychain]);
1.63 + }
1.64 + */
1.65 + return pcert;
1.66 +}
1.67 +
1.68 +static NSData* readTestFile(NSString *filename) {
1.69 +#if TARGET_OS_IPHONE
1.70 + filename = [[NSBundle mainBundle] pathForResource: filename ofType: @"cer"];
1.71 +#else
1.72 + filename = [[@"../../Tests/" stringByAppendingPathComponent: filename]
1.73 + stringByAppendingPathExtension: @"cer"];
1.74 +#endif
1.75 + Log(@"--- Testing certificate file %@", filename);
1.76 + NSData *data = [NSData dataWithContentsOfFile: filename];
1.77 + CAssert(data, @"Couldn't read file %@", filename);
1.78 + return data;
1.79 +}
1.80 +
1.81 +static MYCertificateInfo* testCert(NSString *filename, BOOL selfSigned) {
1.82 + return testCertData(readTestFile(filename), selfSigned);
1.83 +}
1.84 +
1.85 +
1.86 +TestCase(ParsedCert) {
1.87 + testCert(@"selfsigned", YES);
1.88 + testCert(@"iphonedev", NO);
1.89 +
1.90 + // Now test a self-signed cert with a bad signature:
1.91 + MYCertificate *cert = [[MYCertificate alloc] initWithCertificateData: readTestFile(@"selfsigned_altered")];
1.92 + Log(@"MYCertificate = %@", cert);
1.93 + CAssertNil(cert);
1.94 +}
1.95 +
1.96 +
1.97 +#import "MYCrypto_Private.h"
1.98 +
1.99 +TestCase(CreateCert) {
1.100 + MYPrivateKey *privateKey = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: 512];
1.101 + CAssert(privateKey);
1.102 + Log(@"---- Generated key-pair with %@, %@", privateKey.publicKey, privateKey);
1.103 + MYIdentity *identity = nil;
1.104 + @try{
1.105 + MYCertificateRequest *pcert = [[MYCertificateRequest alloc] initWithPublicKey: privateKey.publicKey];
1.106 + MYCertificateName *subject = pcert.subject;
1.107 + subject.commonName = @"testcase";
1.108 + subject.givenName = @"Test";
1.109 + subject.surname = @"Case";
1.110 + subject.nameDescription = @"Just a test certificate created by MYCrypto";
1.111 + subject.emailAddress = @"testcase@example.com";
1.112 +
1.113 + subject = pcert.subject;
1.114 + CAssertEqual(subject.commonName, @"testcase");
1.115 + CAssertEqual(subject.givenName, @"Test");
1.116 + CAssertEqual(subject.surname, @"Case");
1.117 + CAssertEqual(subject.nameDescription, @"Just a test certificate created by MYCrypto");
1.118 + CAssertEqual(subject.emailAddress, @"testcase@example.com");
1.119 +
1.120 + CAssertEqual(pcert.subjectPublicKey.keyData, privateKey.publicKey.keyData);
1.121 +
1.122 + Log(@"---- Signing...");
1.123 + NSError *error;
1.124 + NSData *certData = [pcert selfSignWithPrivateKey: privateKey error: &error];
1.125 + Log(@"Generated cert = \n%@", certData);
1.126 + CAssert(certData);
1.127 + CAssertNil(error);
1.128 + CAssert(certData);
1.129 + MYCertificateInfo *pcert2 = testCertData(certData, YES);
1.130 +
1.131 + Log(@"---- Verifying Info...");
1.132 + MYCertificateName *subject2 = pcert2.subject;
1.133 + CAssertEqual(subject2,subject);
1.134 + CAssertEqual(subject2.commonName, @"testcase");
1.135 + CAssertEqual(subject2.givenName, @"Test");
1.136 + CAssertEqual(subject2.surname, @"Case");
1.137 + CAssertEqual(subject2.nameDescription, @"Just a test certificate created by MYCrypto");
1.138 + CAssertEqual(subject2.emailAddress, @"testcase@example.com");
1.139 +
1.140 + Log(@"---- Creating MYCertificate object...");
1.141 + MYCertificate *cert = [[MYCertificate alloc] initWithCertificateData: certData];
1.142 + Log(@"Loaded %@", cert);
1.143 + CAssert(cert);
1.144 + MYPublicKey *certKey = cert.publicKey;
1.145 + Log(@"Its public key has name %@", certKey.name);//TEMP
1.146 + Log(@"Its public key = %@", certKey);
1.147 + CAssertEqual(certKey.keyData, privateKey.publicKey.keyData);
1.148 + Log(@"X.509 trust = %@", MYTrustResultDescribe([cert evaluateTrust]));
1.149 + Log(@"SSL trust = %@", MYTrustResultDescribe([cert evaluateTrustWithPolicy: [MYCertificate SSLPolicy]]));
1.150 +
1.151 + Log(@"---- Adding cert to keychain...");
1.152 + MYCertificate *addedCert = [[MYKeychain defaultKeychain] importCertificate: certData];
1.153 + Log(@"Imported as %@", addedCert);
1.154 + //CAssert(addedCert);
1.155 + if (addedCert)
1.156 + CAssert([addedCert removeFromKeychain]);
1.157 +
1.158 + Log(@"---- Creating Identity...");
1.159 + identity = [pcert createSelfSignedIdentityWithPrivateKey: privateKey error: &error];
1.160 + Log(@"Identity = %@", identity);
1.161 + CAssert(identity);
1.162 + CAssertNil(error);
1.163 + CAssertEqual(identity.keychain, [MYKeychain defaultKeychain]);
1.164 + CAssertEqual(identity.privateKey.publicKeyDigest, privateKey.publicKeyDigest);
1.165 + CAssert([identity isEqualToCertificate: cert]);
1.166 +
1.167 + [pcert release];
1.168 +
1.169 + } @finally {
1.170 + // [privateKey removeFromKeychain];
1.171 + // [identity removeFromKeychain];
1.172 + // Currently I'm leaving them in, so the EnumerateXXX tests can chew on them later.
1.173 + }
1.174 +}
1.175 +
1.176 +#endif
1.177 +
1.178 +
1.179 +/*
1.180 + Copyright (c) 2009, Jens Alfke <jens@mooseyard.com>. All rights reserved.
1.181 +
1.182 + Redistribution and use in source and binary forms, with or without modification, are permitted
1.183 + provided that the following conditions are met:
1.184 +
1.185 + * Redistributions of source code must retain the above copyright notice, this list of conditions
1.186 + and the following disclaimer.
1.187 + * Redistributions in binary form must reproduce the above copyright notice, this list of conditions
1.188 + and the following disclaimer in the documentation and/or other materials provided with the
1.189 + distribution.
1.190 +
1.191 + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR
1.192 + IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
1.193 + FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRI-
1.194 + BUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
1.195 + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
1.196 + PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
1.197 + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
1.198 + THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
1.199 + */