diff -r 000000000000 -r 0a6527af039b MYCryptoTest.m --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/MYCryptoTest.m Sat Apr 04 20:42:03 2009 -0700 @@ -0,0 +1,295 @@ +// +// MYCryptoTest.m +// MYCrypto-iPhone +// +// Created by Jens Alfke on 4/1/09. +// Copyright 2009 Jens Alfke. All rights reserved. +// + +#import "MYKeyPair.h" +#import "MYKeychain.h" +#import "MYDigest.h" +#import "MYCrypto_Private.h" + + +#if DEBUG + +#pragma mark - +#pragma mark KEYCHAIN: + + +TestCase(MYKeychain) { + MYKeychain *kc = [MYKeychain defaultKeychain]; + Log(@"Default keychain = %@", kc); + CAssert(kc); +#if !USE_IPHONE_API + CAssert(kc.path); +#endif + + kc = [MYKeychain allKeychains]; + Log(@"All-keychains = %@", kc); + CAssert(kc); + CAssertEq(kc.path,nil); +} + + +TestCase(EnumerateKeys) { + RequireTestCase(MYKeychain); + NSEnumerator *e = [[MYKeychain allKeychains] enumeratePublicKeys]; + Log(@"Public Key Enumerator = %@", e); + CAssert(e); + for (MYPublicKey *key in e) { + Log(@"Found %@ -- name=%@", key, key.name); + } + + e = [[MYKeychain allKeychains] enumerateKeyPairs]; + Log(@"Key-Pair Enumerator = %@", e); + CAssert(e); + for (MYKeyPair *key in e) { + Log(@"Found %@ -- name=%@", key, key.name); + } + + e = [[MYKeychain allKeychains] enumerateSymmetricKeys]; + Log(@"Symmetric Key Enumerator = %@", e); + CAssert(e); + for (MYSymmetricKey *key in e) { + Log(@"Found %@ -- name=%@", key, key.name); + } +} + + +TestCase(EnumerateCerts) { + RequireTestCase(MYKeychain); + NSEnumerator *e = [[MYKeychain allKeychains] enumerateCertificates]; + Log(@"Enumerator = %@", e); + CAssert(e); + for (MYCertificate *cert in e) { + //Log(@"Found %@ -- name=%@, email=%@", cert, cert.commonName, cert.emailAddresses); + } +} + + +#pragma mark - +#pragma mark SYMMETRIC KEYS: + + +TestCase(MYSymmetricKey) { + #define kNTests 11 + static const CCAlgorithm kTestAlgorithms[kNTests] = { + kCCAlgorithmAES128, kCCAlgorithmAES128, kCCAlgorithmAES128, + kCCAlgorithmDES, kCCAlgorithm3DES, + kCCAlgorithmCAST, kCCAlgorithmCAST, kCCAlgorithmCAST, + kCCAlgorithmRC4, kCCAlgorithmRC4, kCCAlgorithmRC4}; + + static const unsigned kTestBitSizes[kNTests] = { + 128, 192, 256, + 64, 3*64, + 40, 80, 128, + 32, 200, 512*8}; + + for (int i=0; i= cleartext.length); + NSData *decrypted = [key decryptData: encrypted]; + CAssertEqual(decrypted, cleartext); + + // Encrypt large binary data: + cleartext = [NSData dataWithContentsOfFile: @"/Library/Desktop Pictures/Nature/Zen Garden.jpg"]; + CAssert(cleartext); + encrypted = [key encryptData: cleartext]; + Log(@"Encrypted = %u bytes", encrypted.length); + CAssert(encrypted.length >= cleartext.length); + decrypted = [key decryptData: encrypted]; + CAssertEqual(decrypted, cleartext); + + [pool drain]; + } +} + + +#pragma mark - +#pragma mark KEY-PAIRS: + + +TestCase(KeyPair) { + RequireTestCase(MYKeychain); + + Log(@"Generating key pair..."); + MYKeyPair *pair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: 512]; + CAssert(pair); + CAssert(pair.keyRef); + CAssert(pair.privateKeyRef); + Log(@"...created pair."); + + @try{ + [pair setName: @"Test KeyPair Label"]; + CAssertEqual(pair.name, @"Test KeyPair Label"); +#if !TARGET_OS_IPHONE + [pair setComment: @"This key-pair was generated automatically by a test case."]; + CAssertEqual(pair.comment, @"This key-pair was generated automatically by a test case."); +#endif + [pair setAlias: @"TestCase@mooseyard.com"]; + CAssertEqual(pair.alias, @"TestCase@mooseyard.com"); + + NSData *pubKeyData = pair.keyData; + Log(@"Public key = %@ (%u bytes)",pubKeyData,pubKeyData.length); + CAssert(pubKeyData); + + MYSHA1Digest *pubKeyDigest = pair.publicKeyDigest; + Log(@"Public key digest = %@",pubKeyDigest); + + Log(@"SHA1 of pub key = %@", pubKeyData.my_SHA1Digest.asData); + + NSData *data = [@"This is a test. This is only a test!" dataUsingEncoding: NSUTF8StringEncoding]; + NSData *sig = [pair signData: data]; + Log(@"Signature = %@ (%u bytes)",sig,sig.length); + CAssert(sig); + CAssert( [pair verifySignature: sig ofData: data] ); + + // Test creating a standalone public key: + MYPublicKey *pub = [[MYPublicKey alloc] initWithKeyRef: pair.keyRef]; + CAssert( [pub verifySignature: sig ofData: data] ); + Log(@"Verified signature."); + + // Test creating a public key from data: + Log(@"Reconstituting public key from data..."); + pub = [[MYPublicKey alloc] initWithKeyData: pubKeyData]; + CAssert(pub); + CAssertEqual(pub.keyData, pubKeyData); + CAssertEqual(pub.publicKeyDigest, pubKeyDigest); + CAssert( [pub verifySignature: sig ofData: data] ); + Log(@"Verified signature from reconstituted key."); + + // Now let's encrypt... + NSData *crypted = [pub encryptData: data]; + Log(@"Encrypted = %@ (%u bytes)",crypted,crypted.length); + CAssert(crypted); + + CAssertEqual([pair decryptData: crypted], data); + Log(@"Verified decryption."); + + CAssert([pair removeFromKeychain]); + Log(@"Removed key-pair."); + pair = nil; + + }@finally { + if (pair) { + if ([pair removeFromKeychain]) + Log(@"Removed key-pair from keychain."); + else + Warn(@"Unable to remove test key-pair from keychain"); + } + } +} + + + +#pragma mark - +#pragma mark KEYPAIR EXPORT: + + +static void testKeyPairExportWithPrompt(BOOL withPrompt) { + MYKeychain *keychain = [MYKeychain allKeychains]; + Log(@"Generating key pair..."); + MYKeyPair *pair = [keychain generateRSAKeyPairOfSize: 512]; + CAssert(pair); + CAssert(pair.keyRef); + CAssert(pair.privateKeyRef); + Log(@"...created pair."); + + @try{ + NSData *pubKeyData = pair.keyData; + CAssert(pubKeyData.length >= 512/8); + [pair setName: @"Test KeyPair Label"]; + CAssertEqual(pair.name, @"Test KeyPair Label"); +#if !TARGET_OS_IPHONE + [pair setComment: @"This key-pair was generated automatically by a test case."]; + CAssertEqual(pair.comment, @"This key-pair was generated automatically by a test case."); +#endif + [pair setAlias: @"TestCase@mooseyard.com"]; + CAssertEqual(pair.alias, @"TestCase@mooseyard.com"); + +#if !TARGET_OS_IPHONE + Log(@"Exporting key-pair..."); + NSString *passphrase = @"passphrase"; + NSData *privKeyData; + if (withPrompt) + privKeyData = [pair exportPrivateKey]; + else + privKeyData = [pair _exportPrivateKeyInFormat: kSecFormatWrappedOpenSSL + withPEM: YES + passphrase: passphrase]; + Log(@"Exported data = %@ (%u bytes)", privKeyData,privKeyData.length); + CAssert(privKeyData); + [privKeyData writeToFile: @"ExportedPrivKey" atomically: YES]; +#endif + + // Check key lookup: + Log(@"Looking up public key of pair in keychain..."); + MYSHA1Digest *digest = pair.publicKeyDigest; + MYPublicKey *foundKey = [keychain publicKeyWithDigest: digest]; + CAssertEqual(foundKey, pair.asPublicKey); + CAssert([keychain.enumeratePublicKeys.allObjects containsObject: pair.asPublicKey]); + MYKeyPair *foundPair = [keychain keyPairWithDigest: digest]; + CAssertEqual(foundPair, pair); + CAssert([keychain.enumerateKeyPairs.allObjects containsObject: pair]); + + Log(@"Removing key-pair from keychain..."); + CAssert([pair removeFromKeychain]); + pair = nil; + CAssert([keychain publicKeyWithDigest: digest] == nil); + +#if !TARGET_OS_IPHONE + Log(@"Importing key-pair..."); + if (withPrompt) { + pair = [keychain importPublicKey: pubKeyData + privateKey: privKeyData]; + } else { + pair = [[[MYKeyPair alloc] _initWithPublicKeyData: pubKeyData + privateKeyData: privKeyData + forKeychain: keychain.keychainRefOrDefault + passphrase: passphrase] + autorelease]; + } + CAssert(pair); + CAssertEqual(pair.keyData, pubKeyData); +#endif + }@finally { + if (pair) { + if ([pair removeFromKeychain]) + Log(@"Removed key-pair from keychain."); + else + Warn(@"Unable to remove test key-pair from keychain"); + } + } +} + +TestCase(KeyPairExport) { + RequireTestCase(MYKeychain); + RequireTestCase(KeyPair); + testKeyPairExportWithPrompt(NO); +} + +TestCase(KeyPairExportWithUI) { + RequireTestCase(KeyPairExport); + testKeyPairExportWithPrompt(YES); +} + + +#endif DEBUG +