1// 2// secd-55-account-circle.c 3// sec 4// 5// Created by Mitch Adler on 1/25/12. 6// 7// 8 9 10 11#include <Security/SecBase.h> 12#include <Security/SecItem.h> 13 14#include <CoreFoundation/CFDictionary.h> 15 16#include <SecureObjectSync/SOSAccount.h> 17#include <SecureObjectSync/SOSCloudCircle.h> 18#include <SecureObjectSync/SOSInternal.h> 19#include <SecureObjectSync/SOSUserKeygen.h> 20 21#include <stdlib.h> 22#include <unistd.h> 23 24#include "secd_regressions.h" 25#include "SOSTestDataSource.h" 26 27#include "SOSRegressionUtilities.h" 28#include <utilities/SecCFWrappers.h> 29#include <Security/SecKeyPriv.h> 30 31#include <securityd/SOSCloudCircleServer.h> 32 33#include "SOSAccountTesting.h" 34 35 36static int kTestTestCount = 9; 37 38static void tests(void) 39{ 40 CFErrorRef error = NULL; 41 CFDataRef cfpassword = CFDataCreate(NULL, (uint8_t *) "FooFooFoo", 10); 42 CFDataRef cfwrong_password = CFDataCreate(NULL, (uint8_t *) "NotFooFooFoo", 10); 43 CFStringRef cfaccount = CFSTR("test@test.org"); 44 CFStringRef data_name = CFSTR("TestSource"); 45 CFStringRef circle_key_name = SOSCircleKeyCreateWithName(data_name, NULL); 46 47 CFMutableDictionaryRef changes = CFDictionaryCreateMutableForCFTypes(kCFAllocatorDefault); 48 49 SOSAccountRef alice_account = CreateAccountForLocalChanges(changes, CFSTR("Alice"), data_name); 50 SOSAccountRef bob_account = CreateAccountForLocalChanges(changes, CFSTR("Bob"), data_name); 51 SOSAccountRef carol_account = CreateAccountForLocalChanges(changes, CFSTR("Carol"), data_name); 52 53 ok(SOSAccountAssertUserCredentials(bob_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error); 54 55 // Bob wins writing at this point, feed the changes back to alice. 56 57 FeedChangesToMulti(changes, alice_account, carol_account, NULL); 58 59 ok(SOSAccountAssertUserCredentials(alice_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error); 60 CFReleaseNull(error); 61 ok(SOSAccountTryUserCredentials(alice_account, cfaccount, cfpassword, &error), "Credential trying (%@)", error); 62 CFReleaseNull(error); 63 CFReleaseNull(cfpassword); 64 65 ok(!SOSAccountTryUserCredentials(alice_account, cfaccount, cfwrong_password, &error), "Credential failing (%@)", error); 66 CFReleaseNull(cfwrong_password); 67 is(error ? CFErrorGetCode(error) : 0, kSOSErrorWrongPassword, "Expected SOSErrorWrongPassword"); 68 CFReleaseNull(error); 69 70 CFDataRef incompatibleDER = SOSCircleCreateIncompatibleCircleDER(&error); 71 72 CFDictionarySetValue(changes, circle_key_name, incompatibleDER); 73 74 FeedChangesTo(changes, alice_account); 75 CFReleaseNull(incompatibleDER); 76 CFReleaseNull(circle_key_name); 77 is(SOSAccountIsInCircles(alice_account, &error), kSOSCCError, "Is in circle"); 78 CFReleaseNull(error); 79 80#if 0 81 ok(SOSAccountResetToOffering(alice_account, &error), "Reset to offering (%@)", error); 82 CFReleaseNull(error); 83 84 FeedChangesTo(changes, bob_account); 85 86 ok(SOSAccountJoinCircles(bob_account, &error), "Bob Applies (%@)", error); 87 CFReleaseNull(error); 88 89 FeedChangesTo(changes, alice_account); 90 91 { 92 CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error); 93 94 ok(applicants && CFArrayGetCount(applicants) == 1, "See one applicant %@ (%@)", applicants, error); 95 ok(SOSAccountAcceptApplicants(alice_account, applicants, &error), "Alice accepts (%@)", error); 96 CFReleaseNull(error); 97 CFReleaseNull(applicants); 98 } 99 100 101 FeedChangesTo(changes, bob_account); // Bob sees he's accepted 102 103 FeedChangesTo(changes, alice_account); // Alice sees bob-concurring 104 105 ok(CFDictionaryGetCount(changes) == 0, "We converged. (%@)", changes); 106 107 accounts_agree("bob&alice pair", bob_account, alice_account); 108 109 CFArrayRef peers = SOSAccountCopyPeers(alice_account, &error); 110 ok(peers && CFArrayGetCount(peers) == 2, "See two peers %@ (%@)", peers, error); 111 CFReleaseNull(peers); 112 113 CFDictionaryRef alice_new_gestalt = SOSCreatePeerGestaltFromName(CFSTR("Alice, but different")); 114 115 ok(SOSAccountUpdateGestalt(alice_account, alice_new_gestalt), "Update gestalt %@ (%@)", alice_account, error); 116 CFReleaseNull(alice_new_gestalt); 117 118 FeedChangesTo(changes, bob_account); // Bob sees alice change her name. 119 120 FeedChangesTo(changes, alice_account); // Alice sees the fallout. 121 122 accounts_agree("Alice's name changed", bob_account, alice_account); 123 124 ok(SOSAccountLeaveCircles(alice_account, &error), "Alice Leaves (%@)", error); 125 CFReleaseNull(error); 126 127 FeedChangesTo(changes, bob_account); // Bob sees alice bail. 128 129 FeedChangesTo(changes, alice_account); // Alice sees the fallout. 130 131 accounts_agree("Alice bails", bob_account, alice_account); 132 133 peers = SOSAccountCopyPeers(alice_account, &error); 134 ok(peers && CFArrayGetCount(peers) == 1, "See one peer %@ (%@)", peers, error); 135 CFReleaseNull(peers); 136 137 ok(SOSAccountJoinCircles(alice_account, &error), "Alice re-applies (%@)", error); 138 CFReleaseNull(error); 139 140 FeedChangesTo(changes, bob_account); 141 142 143 { 144 CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error); 145 146 ok(applicants && CFArrayGetCount(applicants) == 1, "See one applicant %@ (%@)", applicants, error); 147 ok(SOSAccountAcceptApplicants(bob_account, applicants, &error), "Bob accepts (%@)", error); 148 CFReleaseNull(error); 149 CFReleaseNull(applicants); 150 } 151 152 FeedChangesTo(changes, alice_account); // Alice sees bob accepting 153 154 FeedChangesTo(changes, bob_account); // Bob sees Alice concurring 155 156 accounts_agree("Alice accepts' Bob", bob_account, alice_account); 157 158 ok(SOSAccountLeaveCircles(alice_account, &error), "Alice Leaves (%@)", error); 159 CFReleaseNull(error); 160 ok(SOSAccountJoinCircles(alice_account, &error), "Alice re-applies (%@)", error); 161 CFReleaseNull(error); 162 163 FeedChangesTo(changes, bob_account); // Bob sees Alice leaving and rejoining 164 FeedChangesTo(changes, alice_account); // Alice sees bob concurring 165 166 { 167 CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error); 168 169 ok(applicants && CFArrayGetCount(applicants) == 1, "See one applicant %@ (%@)", applicants, error); 170 ok(SOSAccountAcceptApplicants(bob_account, applicants, &error), "Bob accepts (%@)", error); 171 CFReleaseNull(error); 172 CFReleaseNull(applicants); 173 } 174 175 FeedChangesTo(changes, alice_account); // Alice sees bob accepting 176 177 FeedChangesTo(changes, bob_account); // Bob sees Alice concurring 178 179 accounts_agree("Bob accepts Alice", bob_account, alice_account); 180 181 182 CFReleaseNull(alice_new_gestalt); 183#endif 184 185 CFReleaseNull(bob_account); 186 CFReleaseNull(alice_account); 187 CFReleaseNull(carol_account); 188} 189 190int secd_55_account_incompatibility(int argc, char *const *argv) 191{ 192 plan_tests(kTestTestCount); 193 194 tests(); 195 196 return 0; 197} 198