1//
2//  secd-55-account-circle.c
3//  sec
4//
5//  Created by Mitch Adler on 1/25/12.
6//
7//
8
9
10
11#include <Security/SecBase.h>
12#include <Security/SecItem.h>
13
14#include <CoreFoundation/CFDictionary.h>
15
16#include <SecureObjectSync/SOSAccount.h>
17#include <SecureObjectSync/SOSCloudCircle.h>
18#include <SecureObjectSync/SOSInternal.h>
19#include <SecureObjectSync/SOSUserKeygen.h>
20
21#include <stdlib.h>
22#include <unistd.h>
23
24#include "secd_regressions.h"
25#include "SOSTestDataSource.h"
26
27#include "SOSRegressionUtilities.h"
28#include <utilities/SecCFWrappers.h>
29#include <Security/SecKeyPriv.h>
30
31#include <securityd/SOSCloudCircleServer.h>
32
33#include "SOSAccountTesting.h"
34
35
36static int kTestTestCount = 9;
37
38static void tests(void)
39{
40    CFErrorRef error = NULL;
41    CFDataRef cfpassword = CFDataCreate(NULL, (uint8_t *) "FooFooFoo", 10);
42    CFDataRef cfwrong_password = CFDataCreate(NULL, (uint8_t *) "NotFooFooFoo", 10);
43    CFStringRef cfaccount = CFSTR("test@test.org");
44    CFStringRef data_name = CFSTR("TestSource");
45    CFStringRef circle_key_name = SOSCircleKeyCreateWithName(data_name, NULL);
46
47    CFMutableDictionaryRef changes = CFDictionaryCreateMutableForCFTypes(kCFAllocatorDefault);
48
49    SOSAccountRef alice_account = CreateAccountForLocalChanges(changes, CFSTR("Alice"), data_name);
50    SOSAccountRef bob_account = CreateAccountForLocalChanges(changes, CFSTR("Bob"), data_name);
51    SOSAccountRef carol_account = CreateAccountForLocalChanges(changes, CFSTR("Carol"), data_name);
52
53    ok(SOSAccountAssertUserCredentials(bob_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
54
55    // Bob wins writing at this point, feed the changes back to alice.
56
57    FeedChangesToMulti(changes, alice_account, carol_account, NULL);
58
59    ok(SOSAccountAssertUserCredentials(alice_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
60    CFReleaseNull(error);
61    ok(SOSAccountTryUserCredentials(alice_account, cfaccount, cfpassword, &error), "Credential trying (%@)", error);
62    CFReleaseNull(error);
63    CFReleaseNull(cfpassword);
64
65    ok(!SOSAccountTryUserCredentials(alice_account, cfaccount, cfwrong_password, &error), "Credential failing (%@)", error);
66    CFReleaseNull(cfwrong_password);
67    is(error ? CFErrorGetCode(error) : 0, kSOSErrorWrongPassword, "Expected SOSErrorWrongPassword");
68    CFReleaseNull(error);
69
70    CFDataRef incompatibleDER = SOSCircleCreateIncompatibleCircleDER(&error);
71
72    CFDictionarySetValue(changes, circle_key_name, incompatibleDER);
73
74    FeedChangesTo(changes, alice_account);
75    CFReleaseNull(incompatibleDER);
76    CFReleaseNull(circle_key_name);
77    is(SOSAccountIsInCircles(alice_account, &error), kSOSCCError, "Is in circle");
78    CFReleaseNull(error);
79
80#if 0
81    ok(SOSAccountResetToOffering(alice_account, &error), "Reset to offering (%@)", error);
82    CFReleaseNull(error);
83
84    FeedChangesTo(changes, bob_account);
85
86    ok(SOSAccountJoinCircles(bob_account, &error), "Bob Applies (%@)", error);
87    CFReleaseNull(error);
88
89    FeedChangesTo(changes, alice_account);
90
91    {
92        CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
93
94        ok(applicants && CFArrayGetCount(applicants) == 1, "See one applicant %@ (%@)", applicants, error);
95        ok(SOSAccountAcceptApplicants(alice_account, applicants, &error), "Alice accepts (%@)", error);
96        CFReleaseNull(error);
97        CFReleaseNull(applicants);
98    }
99
100
101    FeedChangesTo(changes, bob_account); // Bob sees he's accepted
102
103    FeedChangesTo(changes, alice_account); // Alice sees bob-concurring
104
105    ok(CFDictionaryGetCount(changes) == 0, "We converged. (%@)", changes);
106
107    accounts_agree("bob&alice pair", bob_account, alice_account);
108
109    CFArrayRef peers = SOSAccountCopyPeers(alice_account, &error);
110    ok(peers && CFArrayGetCount(peers) == 2, "See two peers %@ (%@)", peers, error);
111    CFReleaseNull(peers);
112
113    CFDictionaryRef alice_new_gestalt = SOSCreatePeerGestaltFromName(CFSTR("Alice, but different"));
114
115    ok(SOSAccountUpdateGestalt(alice_account, alice_new_gestalt), "Update gestalt %@ (%@)", alice_account, error);
116    CFReleaseNull(alice_new_gestalt);
117
118    FeedChangesTo(changes, bob_account); // Bob sees alice change her name.
119
120    FeedChangesTo(changes, alice_account); // Alice sees the fallout.
121
122    accounts_agree("Alice's name changed", bob_account, alice_account);
123
124    ok(SOSAccountLeaveCircles(alice_account, &error), "Alice Leaves (%@)", error);
125    CFReleaseNull(error);
126
127    FeedChangesTo(changes, bob_account); // Bob sees alice bail.
128
129    FeedChangesTo(changes, alice_account); // Alice sees the fallout.
130
131    accounts_agree("Alice bails", bob_account, alice_account);
132
133    peers = SOSAccountCopyPeers(alice_account, &error);
134    ok(peers && CFArrayGetCount(peers) == 1, "See one peer %@ (%@)", peers, error);
135    CFReleaseNull(peers);
136
137    ok(SOSAccountJoinCircles(alice_account, &error), "Alice re-applies (%@)", error);
138    CFReleaseNull(error);
139
140    FeedChangesTo(changes, bob_account);
141
142
143    {
144        CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
145
146        ok(applicants && CFArrayGetCount(applicants) == 1, "See one applicant %@ (%@)", applicants, error);
147        ok(SOSAccountAcceptApplicants(bob_account, applicants, &error), "Bob accepts (%@)", error);
148        CFReleaseNull(error);
149        CFReleaseNull(applicants);
150    }
151
152    FeedChangesTo(changes, alice_account); // Alice sees bob accepting
153
154    FeedChangesTo(changes, bob_account); // Bob sees Alice concurring
155
156    accounts_agree("Alice accepts' Bob", bob_account, alice_account);
157
158    ok(SOSAccountLeaveCircles(alice_account, &error), "Alice Leaves (%@)", error);
159    CFReleaseNull(error);
160    ok(SOSAccountJoinCircles(alice_account, &error), "Alice re-applies (%@)", error);
161    CFReleaseNull(error);
162
163    FeedChangesTo(changes, bob_account); // Bob sees Alice leaving and rejoining
164    FeedChangesTo(changes, alice_account); // Alice sees bob concurring
165
166    {
167        CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
168
169        ok(applicants && CFArrayGetCount(applicants) == 1, "See one applicant %@ (%@)", applicants, error);
170        ok(SOSAccountAcceptApplicants(bob_account, applicants, &error), "Bob accepts (%@)", error);
171        CFReleaseNull(error);
172        CFReleaseNull(applicants);
173    }
174
175    FeedChangesTo(changes, alice_account); // Alice sees bob accepting
176
177    FeedChangesTo(changes, bob_account); // Bob sees Alice concurring
178
179    accounts_agree("Bob accepts Alice", bob_account, alice_account);
180
181
182    CFReleaseNull(alice_new_gestalt);
183#endif
184
185    CFReleaseNull(bob_account);
186    CFReleaseNull(alice_account);
187    CFReleaseNull(carol_account);
188}
189
190int secd_55_account_incompatibility(int argc, char *const *argv)
191{
192    plan_tests(kTestTestCount);
193
194    tests();
195
196	return 0;
197}
198