keychain-commit Mailing List for Keychain Framework (Page 3)
Status: Abandoned
Brought to you by:
wadetregaskis
Menu
▾
▴
keychain-commit — SVN commit notices
You can subscribe to this list here.
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(65) |
Nov
|
Dec
(15) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2008 |
Jan
(2) |
Feb
|
Mar
(5) |
Apr
|
May
|
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2009 |
Jan
(7) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <wad...@us...> - 2007-10-21 19:42:36
|
Revision: 414
http://keychain.svn.sourceforge.net/keychain/?rev=414&view=rev
Author: wadetregaskis
Date: 2007-10-21 12:42:41 -0700 (Sun, 21 Oct 2007)
Log Message:
-----------
* Added test_modifyInternetPasswords() with one password thus far. Looks like setting attributes doesn't work at all. D'oh. :(
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-21 19:41:46 UTC (rev 413)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-21 19:42:41 UTC (rev 414)
@@ -252,6 +252,159 @@
END_TEST();
}
+void test_modifyInternetPasswords(Keychain *testKeychain) {
+ START_TEST("Modify internet passwords");
+
+ NSDate *testStart = [NSDate date];
+
+ KeychainItem *currentItem;
+
+ currentItem = [testKeychain addInternetPassword:@"smeg" onServer:@"reddwarf.org" forAccount:@"lister" port:997 path:@"/StarBug/2/Pilot's Log" inSecurityDomain:@"Red Dwarf" protocol:kSecProtocolTypeFTPS auth:kSecAuthenticationTypeDefault replaceExisting:NO];
+ TEST(nil != currentItem, "Can create FTP password");
+
+ if (nil != currentItem) {
+ TEST_ISEQUAL([currentItem dataAsString], @"smeg", "\tPassword is correct");
+
+ TEST_ISEQUAL([currentItem account], @"lister", "\tAccount is correct");
+ TEST_ISEQUAL([currentItem domain], @"Red Dwarf", "\tDomain is correct (none)");
+ TEST_ISEQUAL([currentItem server], @"reddwarf.org", "\tServer is correct");
+ TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeDefault, nameOfAuthenticationTypeConstant, "\tAuthentication type is correct");
+ TEST_INTSEQUAL([currentItem port], 997, "\tPort is correct");
+ TEST_ISEQUAL([currentItem path], @"/StarBug/2/Pilot's Log", "\tPath is correct");
+ TEST_INTSEQUAL_F([currentItem protocol], kSecProtocolTypeFTPS, nameOfProtocolConstant, "\tProtocol is correct");
+
+ TEST([currentItem passwordIsValid], "\tPassword is noted as valid");
+ TEST([currentItem isVisible], "\tPassword is visible");
+ TEST(![currentItem hasCustomIcon], "\tDoesn't have custom icon");
+
+ NSDate *creationDate = [currentItem creationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDate, >=, testStart, "\tCreation date is the same time as or after this test started");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDate, <=, [NSDate date], "\tCreation date is the same time as or earlier than right now");
+
+ NSDate *modificationDate = [currentItem creationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, >=, testStart, "\tModification date is the same time as or after this test started");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, <=, [NSDate date], "\tModification date is the same time as or earlier than right now");
+
+ TEST_ISEQUAL([currentItem typeDescription], @"", "\tHas no type description");
+ TEST_ISEQUAL([currentItem comment], @"", "\tHas no comment");
+ TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator");
+ TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type");
+ //TEST_ISEQUAL([currentItem label], @"", "\tHas no label"); // A label is set by default ("localhost", in this example, at present), which is valid.. but I don't want to test against it explicitly, because really any default is valid.
+ TEST_ISEQUAL([currentItem alias], @"", "\tHas no alias");
+
+ TEST_ISNIL([currentItem service], "\tDoesn't have a service (not applicable to interest passwords)");
+ TEST_ISNIL([currentItem userDefinedAttribute], "\tDoesn't have user-defined attribute (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareVolume], "\tDoesn't have AppleShare volume (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareAddress], "\tDoesn't have AppleShare address (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareSignatureData], "\tDoesn't have AppleShare signature (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateType], CSSM_CERT_UNKNOWN, nameOfCertificateTypeConstant, "\tDoesn't have a certificate type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tDoesn't have a certificate encoding (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tDoesn't have a CRL type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tDoesn't have a CRL encoding (not applicable to internet passwords)");
+
+
+ // Now, try modifying each and every attribute.
+
+ [currentItem setDataString:@"rimmerisanacehole"];
+ TEST_ISEQUAL([currentItem dataAsString], @"rimmerisanacehole", "\tCan change password");
+
+ NSDate *newCreationDate = [NSDate dateWithNaturalLanguageString:@"12 hours ago"];
+ [currentItem setCreationDate:newCreationDate];
+ NSDate *creationDateAsSet = [currentItem creationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDateAsSet, ==, newCreationDate, "\tCan change creation date");
+
+ NSDate *newModificationDate = [NSDate dateWithNaturalLanguageString:@"10 minutes ago"];
+ [currentItem setModificationDate:newModificationDate];
+ NSDate *modificationDateAsSet = [currentItem creationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDateAsSet, ==, newModificationDate, "\tCan change modification date");
+
+ [currentItem setTypeDescription:@"FTP password for Lister's pilot log on Red Dwarf"]; // Note that I don't think this is a good example, as it's not really the purpose of the type description afaik.
+ TEST_ISEQUAL([currentItem typeDescription], @"FTP password for Lister's pilot log on Red Dwarf", "\tCan change type description");
+
+ [currentItem setComment:@"Like this will ever get used"];
+ TEST_ISEQUAL([currentItem comment], @"Like this will ever get used", "\tCan change comment");
+
+ [currentItem setCreator:'Lstr']; // Again, not a good example, since the creator is the Mac Creator Code of the application that created the keychain item.
+ TEST_INTSEQUAL([currentItem creator], 'Lstr', "\tCan change creator (using FourCharCode)");
+
+ [currentItem setCreatorFromString:@"Admn"];
+ TEST_ISEQUAL([currentItem creatorAsString], @"Admn", "\tCan change creator (using string)");
+
+ [currentItem setType:'PLog'];
+ TEST_INTSEQUAL([currentItem type], 'PLog', "\tCan change type (using FourCharCode)");
+
+ [currentItem setTypeFromString:@"RedD"];
+ TEST_ISEQUAL([currentItem typeAsString], @"RedD", "\tCan change type (using string)");
+
+ [currentItem setLabel:@"Lister's log access password"];
+ TEST_ISEQUAL([currentItem label], @"Lister's log access password", "\tCan change label");
+
+ [currentItem setIsVisible:NO];
+ TEST(![currentItem isVisible], "\tCan change visibility");
+
+ [currentItem setIsValid:NO];
+ TEST(![currentItem passwordIsValid], "\tCan change password validity");
+
+ [currentItem setHasCustomIcon:YES];
+ TEST([currentItem hasCustomIcon], "\tCan change custom icon flag");
+
+ [currentItem setAccount:@"Lister"];
+ TEST_ISEQUAL([currentItem account], @"Lister", "\tCan change account");
+
+ [currentItem setService:@"Impossible"];
+ TEST_ISEQUAL([currentItem service], @"Impossible", "\tCan change service");
+
+ NSData *userDefinedAttribute = [NSData dataWithBytes:"Arbitrary" length:9];
+ [currentItem setUserDefinedAttribute:userDefinedAttribute];
+ TEST_ISEQUAL([currentItem userDefinedAttribute], userDefinedAttribute, "\tCan change user-defined attribute");
+
+ [currentItem setDomain:@"Red Dwarf Pilots"];
+ TEST_ISEQUAL([currentItem domain], @"Red Dwarf Pilots", "\tCan change domain");
+
+ [currentItem setServer:@"reddwarf.net"];
+ TEST_ISEQUAL([currentItem server], @"reddwarf.net", "\tCan change server");
+
+ [currentItem setAuthenticationType:kSecAuthenticationTypeRPA];
+ TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeRPA, nameOfAuthenticationTypeConstant, "\tCan change authentication type");
+
+ [currentItem setPort:21];
+ TEST_INTSEQUAL([currentItem port], 21, "\tCan change port");
+
+ [currentItem setPath:@"/StarBug2/Logs/Pilot"];
+ TEST_ISEQUAL([currentItem path], @"/StarBug2/Logs/Pilot", "\tCan change path");
+
+ [currentItem setAppleShareVolume:@"DwarfServer"];
+ TEST_ISNIL([currentItem appleShareVolume], "\tCannot change AppleShare address (not applicable to Internet passwords)");
+
+ [currentItem setAppleShareAddress:@"ab:cd:ef"];
+ TEST_ISNIL([currentItem appleShareAddress], "\tCannot change AppleShare address (not applicable to Internet passwords)");
+
+ SecAFPServerSignature signature = {0, 3, 5, 7, 9, 255, 245, 235, 225, 215, 3, 5, 7, 11, 13, 17};
+ [currentItem setAppleShareSignature:&signature];
+ TEST_ISNULL([currentItem appleShareSignature], "\tCannot change AppleShare signature (not applicable to Internet passwords)");
+
+ [currentItem setProtocol:kSecProtocolTypeFTP];
+ TEST_INTSEQUAL_F([currentItem protocol], kSecProtocolTypeFTP, nameOfProtocolConstant, "\tCan change protocol");
+
+ [currentItem setCertificateType:CSSM_CERT_X_509v3];
+ TEST_INTSEQUAL_F([currentItem certificateType], CSSM_CERT_UNKNOWN, nameOfCertificateTypeConstant, "\tCannot change certificate type");
+
+ [currentItem setCertificateEncoding:CSSM_CERT_ENCODING_BER];
+ TEST_INTSEQUAL_F([currentItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tCannot change certificate encoding (not applicable to Internet passwords)");
+
+ [currentItem setCRLtype:CSSM_CRL_TYPE_X_509v2];
+ TEST_INTSEQUAL_F([currentItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tCannot change CRL type (not applicable to Internet passwords)");
+
+ [currentItem setCRLencoding:CSSM_CRL_ENCODING_DER];
+ TEST_INTSEQUAL_F([currentItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tCannot change CRL encoding (not applicable to Internet passwords)");
+
+ [currentItem setAlias:@"Get lost, Rimmer"];
+ TEST_ISNIL([currentItem alias], "\tCannot change alias (not applicable to Internet passwords)");
+ }
+
+ END_TEST();
+}
+
int main(int argc, char const *argv[]) {
#pragma unused (argc, argv) // We have no need for these right now.
@@ -266,6 +419,7 @@
if (nil != testKeychain) {
test_addInternetPasswords(testKeychain);
+ test_modifyInternetPasswords(testKeychain);
}
test_deleteKeychain(keychainPath, testKeychain);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-21 19:41:46
|
Revision: 413
http://keychain.svn.sourceforge.net/keychain/?rev=413&view=rev
Author: wadetregaskis
Date: 2007-10-21 12:41:46 -0700 (Sun, 21 Oct 2007)
Log Message:
-----------
* Added TEST_ISNULL.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/TestingCommon.h
Modified: trunk/Frameworks/Keychain/Testers/TestingCommon.h
===================================================================
--- trunk/Frameworks/Keychain/Testers/TestingCommon.h 2007-10-21 06:38:40 UTC (rev 412)
+++ trunk/Frameworks/Keychain/Testers/TestingCommon.h 2007-10-21 19:41:46 UTC (rev 413)
@@ -75,6 +75,20 @@
} \
})
+#define TEST_ISNULL(testValue, description, ...) ({ \
+ typeof(testValue) _testValue = (testValue); \
+ printf("\t"); \
+ printf((description), ## __VA_ARGS__); \
+ printf(" - "); \
+ fflush(stdout); \
+ if (NULL == _testValue) { \
+ printf("passed.\n"); \
+ } else { \
+ ++errors; \
+ printf("%s", [[NSString stringWithFormat:@"FAILED. Received: %p\n", (void*)_testValue] UTF8String]); \
+ } \
+ })
+
#define TEST_COMPAREORDER(testValue, expectedValue, requiredOrder, description, ...) ({ \
id _testValue = (testValue); \
id _expectedValue = (expectedValue); \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-21 06:38:36
|
Revision: 412
http://keychain.svn.sourceforge.net/keychain/?rev=412&view=rev
Author: wadetregaskis
Date: 2007-10-20 23:38:40 -0700 (Sat, 20 Oct 2007)
Log Message:
-----------
* Added Chinese Internet password to test_addInternetPasswords(), and verified it works (yay!).
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-21 05:47:58 UTC (rev 411)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-21 06:38:40 UTC (rev 412)
@@ -197,6 +197,58 @@
TEST_ISEQUAL([currentItem dataAsString], @"overwritten", "\tOriginal item's password reflects the change");
}
+
+#pragma mark -- Chinese Internet password
+
+ NSString *chinesePassword = [NSString stringWithUTF8String:"我姓王"];
+ NSString *chineseAccount = [NSString stringWithUTF8String:"你贵姓"];
+ NSString *chineseServer = [NSString stringWithUTF8String:"中文。com"];
+ NSString *chinesePath = [NSString stringWithUTF8String:"/美国/"];
+
+ currentItem = [testKeychain addInternetPassword:chinesePassword onServer:chineseServer forAccount:chineseAccount port:1337 path:chinesePath inSecurityDomain:nil protocol:kSecProtocolTypeHTTPS auth:kSecAuthenticationTypeHTTPDigest replaceExisting:NO];
+ TEST(nil != currentItem, "Can create Chinese Internet password");
+
+ if (nil != currentItem) {
+ TEST_ISEQUAL([currentItem dataAsString], chinesePassword, "\tPassword is correct");
+
+ TEST_ISEQUAL([currentItem account], chineseAccount, "\tAccount is correct");
+ TEST_ISEQUAL([currentItem domain], @"", "\tDomain is correct (none)");
+ TEST_ISEQUAL([currentItem server], chineseServer, "\tServer is correct");
+ TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeHTTPDigest, nameOfAuthenticationTypeConstant, "\tAuthentication type is correct");
+ TEST_INTSEQUAL([currentItem port], 1337, "\tPort is correct");
+ TEST_ISEQUAL([currentItem path], chinesePath, "\tPath is correct");
+ TEST_INTSEQUAL_F([currentItem protocol], kSecProtocolTypeHTTPS, nameOfProtocolConstant, "\tProtocol is correct");
+
+ TEST([currentItem passwordIsValid], "\tPassword is noted as valid");
+ TEST([currentItem isVisible], "\tPassword is visible");
+ TEST(![currentItem hasCustomIcon], "\tDoesn't have custom icon");
+
+ NSDate *creationDate = [currentItem creationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDate, >=, testStart, "\tCreation date is the same time as or after this test started");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDate, <=, [NSDate date], "\tCreation date is the same time as or earlier than right now");
+
+ NSDate *modificationDate = [currentItem creationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, >=, testStart, "\tModification date is the same time as or after this test started");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, <=, [NSDate date], "\tModification date is the same time as or earlier than right now");
+
+ TEST_ISEQUAL([currentItem typeDescription], @"", "\tHas no type description");
+ TEST_ISEQUAL([currentItem comment], @"", "\tHas no comment");
+ TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator");
+ TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type");
+ //TEST_ISEQUAL([currentItem label], @"", "\tHas no label"); // A label is set by default ("localhost", in this example, at present), which is valid.. but I don't want to test against it explicitly, because really any default is valid.
+ TEST_ISEQUAL([currentItem alias], @"", "\tHas no alias");
+
+ TEST_ISNIL([currentItem service], "\tDoesn't have a service (not applicable to interest passwords)");
+ TEST_ISNIL([currentItem userDefinedAttribute], "\tDoesn't have user-defined attribute (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareVolume], "\tDoesn't have AppleShare volume (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareAddress], "\tDoesn't have AppleShare address (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareSignatureData], "\tDoesn't have AppleShare signature (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateType], CSSM_CERT_UNKNOWN, nameOfCertificateTypeConstant, "\tDoesn't have a certificate type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tDoesn't have a certificate encoding (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tDoesn't have a CRL type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tDoesn't have a CRL encoding (not applicable to internet passwords)");
+ }
+
END_TEST();
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-21 05:47:53
|
Revision: 411
http://keychain.svn.sourceforge.net/keychain/?rev=411&view=rev
Author: wadetregaskis
Date: 2007-10-20 22:47:58 -0700 (Sat, 20 Oct 2007)
Log Message:
-----------
* No longer test label, since it's value for new items is defined (yet, at least).
* Added tests after the two modification attempts to ensure everything is as expected.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-21 05:34:25 UTC (rev 410)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-21 05:47:58 UTC (rev 411)
@@ -59,12 +59,14 @@
NSDate *testStart = [NSDate date];
- KeychainItem *currentItem;
+ KeychainItem *originalItem, *currentItem;
- currentItem = [testKeychain addInternetPassword:@"test123" onServer:@"localhost" forAccount:@"test" port:123 path:@"/" inSecurityDomain:nil protocol:kSecProtocolTypeHTTP auth:kSecAuthenticationTypeDefault replaceExisting:NO];
+ originalItem = currentItem = [testKeychain addInternetPassword:@"test123" onServer:@"localhost" forAccount:@"test" port:123 path:@"/" inSecurityDomain:nil protocol:kSecProtocolTypeHTTP auth:kSecAuthenticationTypeDefault replaceExisting:NO];
TEST(nil != currentItem, "Can create HTTP password");
if (nil != currentItem) {
+ TEST_ISEQUAL([currentItem dataAsString], @"test123", "\tPassword is correct");
+
TEST_ISEQUAL([currentItem account], @"test", "\tAccount is correct");
TEST_ISEQUAL([currentItem domain], @"", "\tDomain is correct (none)");
TEST_ISEQUAL([currentItem server], @"localhost", "\tServer is correct");
@@ -89,7 +91,7 @@
TEST_ISEQUAL([currentItem comment], @"", "\tHas no comment");
TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator");
TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type");
- TEST_ISEQUAL([currentItem label], @"", "\tHas no label");
+ //TEST_ISEQUAL([currentItem label], @"", "\tHas no label"); // A label is set by default ("localhost", in this example, at present), which is valid.. but I don't want to test against it explicitly, because really any default is valid.
TEST_ISEQUAL([currentItem alias], @"", "\tHas no alias");
TEST_ISNIL([currentItem service], "\tDoesn't have a service (not applicable to interest passwords)");
@@ -106,9 +108,95 @@
currentItem = [testKeychain addInternetPassword:@"test123" onServer:@"localhost" forAccount:@"test" port:123 path:@"/" inSecurityDomain:nil protocol:kSecProtocolTypeHTTP auth:kSecAuthenticationTypeDefault replaceExisting:NO];
TEST(nil == currentItem, "Cannot accidentally overwrite previous password");
+ if (nil != originalItem) {
+ TEST_ISEQUAL([originalItem dataAsString], @"test123", "\tOriginal item's password is unchanged");
+
+ TEST_ISEQUAL([originalItem account], @"test", "\tOriginal item's account is still correct");
+ TEST_ISEQUAL([originalItem domain], @"", "\tOriginal item's domain is still correct (none)");
+ TEST_ISEQUAL([originalItem server], @"localhost", "\tOriginal item's server is still correct");
+ TEST_INTSEQUAL_F([originalItem authenticationType], kSecAuthenticationTypeDefault, nameOfAuthenticationTypeConstant, "\tOriginal item's authentication type is still correct");
+ TEST_INTSEQUAL([originalItem port], 123, "\tOriginal item's port is still correct");
+ TEST_ISEQUAL([originalItem path], @"/", "\tOriginal item's path is still correct");
+ TEST_INTSEQUAL_F([originalItem protocol], kSecProtocolTypeHTTP, nameOfProtocolConstant, "\tOriginal item's protocol is still correct");
+
+ TEST([originalItem passwordIsValid], "\tOriginal item's password is still noted as valid");
+ TEST([originalItem isVisible], "\tOriginal item's password is still visible");
+ TEST(![originalItem hasCustomIcon], "\tOriginal item's still doesn't have custom icon");
+
+ NSDate *creationDate = [originalItem creationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDate, >=, testStart, "\tOriginal item's creation date is the same time as or after this test started");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDate, <=, [NSDate date], "\tOriginal item's creation date is the same time as or earlier than right now");
+
+ NSDate *modificationDate = [originalItem creationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, >=, testStart, "\tOriginal item's modification date is the same time as or after this test started");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, <=, [NSDate date], "\tOriginal item's modification date is the same time as or earlier than right now");
+
+ TEST_ISEQUAL([originalItem typeDescription], @"", "\tOriginal item still has no type description");
+ TEST_ISEQUAL([originalItem comment], @"", "\tOriginal item still has no comment");
+ TEST_ISEQUAL([originalItem creatorAsString], @"", "\tOriginal item still has no creator");
+ TEST_ISEQUAL([originalItem typeAsString], @"", "\tOriginal item still has no type");
+ //TEST_ISEQUAL([currentItem label], @"", "\tOriginal item's Has no label"); // A label is set by default ("localhost", in this example, at present), which is valid.. but I don't want to test against it explicitly, because really any default is valid.
+ TEST_ISEQUAL([originalItem alias], @"", "\tOriginal item still has no alias");
+
+ TEST_ISNIL([originalItem service], "\tOriginal item still doesn't have a service (not applicable to interest passwords)");
+ TEST_ISNIL([originalItem userDefinedAttribute], "\tOriginal item still doesn't have user-defined attribute (not applicable to internet passwords)");
+ TEST_ISNIL([originalItem appleShareVolume], "\tOriginal item still doesn't have AppleShare volume (not applicable to internet passwords)");
+ TEST_ISNIL([originalItem appleShareAddress], "\tOriginal item still doesn't have AppleShare address (not applicable to internet passwords)");
+ TEST_ISNIL([originalItem appleShareSignatureData], "\tOriginal item still doesn't have AppleShare signature (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([originalItem certificateType], CSSM_CERT_UNKNOWN, nameOfCertificateTypeConstant, "\tOriginal item still doesn't have a certificate type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([originalItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tOriginal item still doesn't have a certificate encoding (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([originalItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tOriginal item still doesn't have a CRL type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([originalItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tOriginal item still doesn't have a CRL encoding (not applicable to internet passwords)");
+ }
+
currentItem = [testKeychain addInternetPassword:@"overwritten" onServer:@"localhost" forAccount:@"test" port:123 path:@"/" inSecurityDomain:nil protocol:kSecProtocolTypeHTTP auth:kSecAuthenticationTypeDefault replaceExisting:YES];
TEST(nil != currentItem, "Can intentionally overwrite previous password");
+ if (nil != currentItem) {
+ TEST_ISEQUAL([currentItem dataAsString], @"overwritten", "\tPassword is correct");
+
+ TEST_ISEQUAL([currentItem account], @"test", "\tAccount is correct");
+ TEST_ISEQUAL([currentItem domain], @"", "\tDomain is correct (none)");
+ TEST_ISEQUAL([currentItem server], @"localhost", "\tServer is correct");
+ TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeDefault, nameOfAuthenticationTypeConstant, "\tAuthentication type is correct");
+ TEST_INTSEQUAL([currentItem port], 123, "\tPort is correct");
+ TEST_ISEQUAL([currentItem path], @"/", "\tPath is correct");
+ TEST_INTSEQUAL_F([currentItem protocol], kSecProtocolTypeHTTP, nameOfProtocolConstant, "\tProtocol is correct");
+
+ TEST([currentItem passwordIsValid], "\tPassword is noted as valid");
+ TEST([currentItem isVisible], "\tPassword is visible");
+ TEST(![currentItem hasCustomIcon], "\tDoesn't have custom icon");
+
+ NSDate *creationDate = [currentItem creationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDate, >=, testStart, "\tCreation date is the same time as or after this test started");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDate, <=, [NSDate date], "\tCreation date is the same time as or earlier than right now");
+
+ NSDate *modificationDate = [currentItem creationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, >=, testStart, "\tModification date is the same time as or after this test started");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, <=, [NSDate date], "\tModification date is the same time as or earlier than right now");
+
+ TEST_ISEQUAL([currentItem typeDescription], @"", "\tHas no type description");
+ TEST_ISEQUAL([currentItem comment], @"", "\tHas no comment");
+ TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator");
+ TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type");
+ //TEST_ISEQUAL([currentItem label], @"", "\tHas no label"); // A label is set by default ("localhost", in this example, at present), which is valid.. but I don't want to test against it explicitly, because really any default is valid.
+ TEST_ISEQUAL([currentItem alias], @"", "\tHas no alias");
+
+ TEST_ISNIL([currentItem service], "\tDoesn't have a service (not applicable to interest passwords)");
+ TEST_ISNIL([currentItem userDefinedAttribute], "\tDoesn't have user-defined attribute (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareVolume], "\tDoesn't have AppleShare volume (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareAddress], "\tDoesn't have AppleShare address (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareSignatureData], "\tDoesn't have AppleShare signature (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateType], CSSM_CERT_UNKNOWN, nameOfCertificateTypeConstant, "\tDoesn't have a certificate type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tDoesn't have a certificate encoding (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tDoesn't have a CRL type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tDoesn't have a CRL encoding (not applicable to internet passwords)");
+ }
+
+ if (nil != originalItem) {
+ TEST_ISEQUAL([currentItem dataAsString], @"overwritten", "\tOriginal item's password reflects the change");
+ }
+
END_TEST();
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-21 05:34:27
|
Revision: 410
http://keychain.svn.sourceforge.net/keychain/?rev=410&view=rev
Author: wadetregaskis
Date: 2007-10-20 22:34:25 -0700 (Sat, 20 Oct 2007)
Log Message:
-----------
* Moved -[KeychainItem alias] back to use SecKeychainItemCopyContent, because it appears that this is another case - as for kSecLabelItemAttr - where SecKeychainItemCopyAttributesAndData doesn't work properly. Haven't changed the setter yet because I haven't tested whether it is also broken or not.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-20 23:09:03 UTC (rev 409)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-21 05:34:25 UTC (rev 410)
@@ -917,7 +917,39 @@
}
- (NSString*)alias {
- return [self _attributeOfType:kSecAlias asStringUsingEncoding:NSUTF8StringEncoding];
+ // This SHOULD be just the line below, except for an apparent bug in the Security framework. rdar://problem/5551704
+ //return [self _attributeOfType:kSecAlias asStringUsingEncoding:NSUTF8StringEncoding];
+
+ SecKeychainAttributeList list;
+ SecKeychainAttribute attr;
+ NSString *result = nil;
+
+ list.count = 1;
+ list.attr = &attr;
+
+ attr.tag = kSecAlias;
+ attr.data = NULL;
+ attr.length = 0;
+
+ _error = SecKeychainItemCopyContent(_keychainItem, NULL, &list, NULL, NULL);
+
+ if (noErr == _error) {
+ result = [[[NSString alloc] initWithBytes:attr.data length:attr.length encoding:NSUTF8StringEncoding] autorelease];
+
+ OSStatus _localError = SecKeychainItemFreeContent(&list, NULL);
+
+ if (noErr != _localError) {
+ PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
+ PDEBUG(@"SecKeychainItemFreeContent(%p, NULL) returned error %@.\n", &list, OSStatusAsString(_localError));
+ }
+ } else {
+ if ((errSecNoSuchAttr != _error) || KeychainFrameworkWarnForMissingKeychainItemAttributes) {
+ PSYSLOGND(LOG_ERR, @"Unable to get KeychainItem alias - error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecKeychainItemCopyContent(%p, NULL, %p, NULL, NULL) returned error %@.\n", _keychainItem, &list, OSStatusAsString(_error));
+ }
+ }
+
+ return result;
}
- (void)setAccess:(Access*)acc {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-20 23:08:59
|
Revision: 409
http://keychain.svn.sourceforge.net/keychain/?rev=409&view=rev
Author: wadetregaskis
Date: 2007-10-20 16:09:03 -0700 (Sat, 20 Oct 2007)
Log Message:
-----------
* Now check that the 'service' attribute is nil (i.e. N/A) instead of @"".
* Made use of new TEST_ISNIL macro.
* Updated for recent changes to KeychainItem methods 'creator' and 'type' (now use 'creatorAsString' and 'typeAsString').
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-20 23:07:43 UTC (rev 408)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-20 23:09:03 UTC (rev 409)
@@ -85,18 +85,18 @@
TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, >=, testStart, "\tModification date is the same time as or after this test started");
TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, <=, [NSDate date], "\tModification date is the same time as or earlier than right now");
- TEST_ISEQUAL([currentItem service], @"", "\tHas no service (not applicable to interest passwords)");
TEST_ISEQUAL([currentItem typeDescription], @"", "\tHas no type description");
TEST_ISEQUAL([currentItem comment], @"", "\tHas no comment");
- TEST_ISEQUAL([currentItem creator], @"", "\tHas no creator");
- TEST_ISEQUAL([currentItem type], @"", "\tHas no type");
+ TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator");
+ TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type");
TEST_ISEQUAL([currentItem label], @"", "\tHas no label");
TEST_ISEQUAL([currentItem alias], @"", "\tHas no alias");
- TEST(nil == [currentItem userDefinedAttribute], "\tDoesn't have user-defined attribute (not applicable to internet passwords)");
- TEST(nil == [currentItem appleShareVolume], "\tDoesn't have AppleShare volume (not applicable to internet passwords)");
- TEST(nil == [currentItem appleShareAddress], "\tDoesn't have AppleShare address (not applicable to internet passwords)");
- TEST(NULL == [currentItem appleShareSignature], "\tDoesn't have AppleShare signature (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem service], "\tDoesn't have a service (not applicable to interest passwords)");
+ TEST_ISNIL([currentItem userDefinedAttribute], "\tDoesn't have user-defined attribute (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareVolume], "\tDoesn't have AppleShare volume (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareAddress], "\tDoesn't have AppleShare address (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareSignatureData], "\tDoesn't have AppleShare signature (not applicable to internet passwords)");
TEST_INTSEQUAL_F([currentItem certificateType], CSSM_CERT_UNKNOWN, nameOfCertificateTypeConstant, "\tDoesn't have a certificate type (not applicable to internet passwords)");
TEST_INTSEQUAL_F([currentItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tDoesn't have a certificate encoding (not applicable to internet passwords)");
TEST_INTSEQUAL_F([currentItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tDoesn't have a CRL type (not applicable to internet passwords)");
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-20 23:07:39
|
Revision: 408
http://keychain.svn.sourceforge.net/keychain/?rev=408&view=rev
Author: wadetregaskis
Date: 2007-10-20 16:07:43 -0700 (Sat, 20 Oct 2007)
Log Message:
-----------
* Added TEST_ISNIL.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/TestingCommon.h
Modified: trunk/Frameworks/Keychain/Testers/TestingCommon.h
===================================================================
--- trunk/Frameworks/Keychain/Testers/TestingCommon.h 2007-10-20 23:06:05 UTC (rev 407)
+++ trunk/Frameworks/Keychain/Testers/TestingCommon.h 2007-10-20 23:07:43 UTC (rev 408)
@@ -61,6 +61,20 @@
} \
})
+#define TEST_ISNIL(testValue, description, ...) ({ \
+ id _testValue = (testValue); \
+ printf("\t"); \
+ printf((description), ## __VA_ARGS__); \
+ printf(" - "); \
+ fflush(stdout); \
+ if (nil == _testValue) { \
+ printf("passed.\n"); \
+ } else { \
+ ++errors; \
+ printf("%s", [[NSString stringWithFormat:@"FAILED. Received: %@\n", _testValue] UTF8String]); \
+ } \
+ })
+
#define TEST_COMPAREORDER(testValue, expectedValue, requiredOrder, description, ...) ({ \
id _testValue = (testValue); \
id _expectedValue = (expectedValue); \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-20 23:06:01
|
Revision: 407
http://keychain.svn.sourceforge.net/keychain/?rev=407&view=rev
Author: wadetregaskis
Date: 2007-10-20 16:06:05 -0700 (Sat, 20 Oct 2007)
Log Message:
-----------
* Now set the creator code of keychain items we create to the main bundle's creator code (if any; otherwise set the code to 0). This applies to the methods:
-[KeychainItem addNewItemWithClass:access:]
-[KeychainItem addCertificate:withName:]
-[KeychainItem addKey:withName:isPermanent:isPrivate:publicKeyHash:]
-[KeychainItem addGenericPassword:onService:forAccount:replaceExisting:]
-[KeychainItem addInternetPassword:onServer:forAccount:port:path:inSecurityDomain:protocol:auth:replaceExisting:]
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/Keychain.m
Modified: trunk/Frameworks/Keychain/Keychain/Keychain.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/Keychain.m 2007-10-20 22:58:05 UTC (rev 406)
+++ trunk/Frameworks/Keychain/Keychain/Keychain.m 2007-10-20 23:06:05 UTC (rev 407)
@@ -621,11 +621,12 @@
SecKeychainItemRef keychainItem;
SecKeychainAttributeList attributes = {0, nil};
SecAccessRef accessRef = [initialAccess accessRef];
+ KeychainItem *result = nil;
_error = SecKeychainItemCreateFromContent(itemClass, &attributes, 0, nil, _keychain, accessRef, &keychainItem);
if (noErr == _error) {
- return [KeychainItem keychainItemWithKeychainItemRef:keychainItem];
+ result = [KeychainItem keychainItemWithKeychainItemRef:keychainItem];
} else {
PSYSLOGND(LOG_ERR, @"Unable to add new item of class %@, error %@.\n", nameOfKeychainItemClassConstant(itemClass), OSStatusAsString(_error));
PDEBUG(@"SecKeychainItemCreateFromContent(%@, %p, 0, nil, %p, %p, %p) returned error %@.\n",
@@ -635,9 +636,24 @@
accessRef,
&keychainItem,
OSStatusAsString(_error));
-
- return nil;
}
+
+ if (nil != result) {
+ CFBundleRef mainBundle = CFBundleGetMainBundle();
+ FourCharCode creatorCode = 0;
+
+ if (NULL != mainBundle) {
+ CFBundleGetPackageInfo(mainBundle, NULL, &creatorCode);
+
+ if ('????' == creatorCode) {
+ creatorCode = 0;
+ }
+ }
+
+ [result setCreator:creatorCode];
+ }
+
+ return result;
}
/*- (void)importCertificateBundle:(CertificateBundle*)bundle {
@@ -673,11 +689,22 @@
NSEnumerator *resultEnumerator = [resultArray objectEnumerator];
SecKeychainItemRef itemRef;
+ CFBundleRef mainBundle = CFBundleGetMainBundle();
+ FourCharCode creatorCode = 0;
+ if (NULL != mainBundle) {
+ CFBundleGetPackageInfo(mainBundle, NULL, &creatorCode);
+
+ if ('????' == creatorCode) {
+ creatorCode = 0;
+ }
+ }
+
while (itemRef = (SecKeychainItemRef)[resultEnumerator nextObject]) {
result = [KeychainItem keychainItemWithKeychainItemRef:itemRef];
-
+
[result setLabel:name];
+ [result setCreator:creatorCode];
}
} else {
PSYSLOGND(LOG_ERR, @"No keychain items created by import of certificate.\n");
@@ -1070,6 +1097,21 @@
PDEBUG(@"SecKeychainGetDLDBHandle(%p, %p [%"PRIdldbHandle"]) returned error %@.\n", _keychain, &DLDBHandle, DLDBHandle, CSSMErrorAsString(_error));
}
+ if (nil != result) {
+ CFBundleRef mainBundle = CFBundleGetMainBundle();
+ FourCharCode creatorCode = 0;
+
+ if (NULL != mainBundle) {
+ CFBundleGetPackageInfo(mainBundle, NULL, &creatorCode);
+
+ if ('????' == creatorCode) {
+ creatorCode = 0;
+ }
+ }
+
+ [result setCreator:creatorCode];
+ }
+
return result;
}
@@ -1190,6 +1232,21 @@
PDEBUG(@"SecKeychainAddGenericPassword(%p, %u, \"%@\", %u, \"%@\", <hidden>, <hidden>, NULL) returned error %@.\n", _keychain, serviceStringLength, service, accountStringLength, account, OSStatusAsString(_error));
}
+ if (nil != result) {
+ CFBundleRef mainBundle = CFBundleGetMainBundle();
+ FourCharCode creatorCode = 0;
+
+ if (NULL != mainBundle) {
+ CFBundleGetPackageInfo(mainBundle, NULL, &creatorCode);
+
+ if ('????' == creatorCode) {
+ creatorCode = 0;
+ }
+ }
+
+ [result setCreator:creatorCode];
+ }
+
return result;
}
@@ -1275,6 +1332,21 @@
OSStatusAsString(_error));
}
+ if (nil != result) {
+ CFBundleRef mainBundle = CFBundleGetMainBundle();
+ FourCharCode creatorCode = 0;
+
+ if (NULL != mainBundle) {
+ CFBundleGetPackageInfo(mainBundle, NULL, &creatorCode);
+
+ if ('????' == creatorCode) {
+ creatorCode = 0;
+ }
+ }
+
+ [result setCreator:creatorCode];
+ }
+
return result;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-20 22:58:02
|
Revision: 406
http://keychain.svn.sourceforge.net/keychain/?rev=406&view=rev
Author: wadetregaskis
Date: 2007-10-20 15:58:05 -0700 (Sat, 20 Oct 2007)
Log Message:
-----------
* Changed -[KeychainItem setCreator:], -[KeychainItem setType:], -[KeychainItem creator] and -[KeychainItem type] to deal with FourCharCodes, and added -[KeychainItem setCreatorFromString:], -[KeychainItem setTypeFromString:], -[KeychainItem creatorAsString] and -[KeychainItem typeAsString] to provide the old behaviour.
* Added internal method -[KeychainItem _attributeOfType:asInteger:ofExpectedLength:] and made use of it in several places to greatly reduce redundancy.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-20 21:34:28 UTC (rev 405)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-20 22:58:05 UTC (rev 406)
@@ -176,8 +176,10 @@
@abstract Sets the creator code of the receiver.
@discussion The creator code should */
-- (void)setCreator:(NSString*)creator;
-- (void)setType:(NSString*)type;
+- (void)setCreator:(FourCharCode)creator;
+- (void)setCreatorFromString:(NSString*)creator;
+- (void)setType:(FourCharCode)type;
+- (void)setTypeFromString:(NSString*)type;
- (void)setLabel:(NSString*)label;
- (void)setIsVisible:(BOOL)visible;
- (void)setIsValid:(BOOL)valid;
@@ -204,8 +206,10 @@
- (NSCalendarDate*)modificationDate;
- (NSString*)typeDescription;
- (NSString*)comment;
-- (NSString*)creator;
-- (NSString*)type;
+- (FourCharCode)creator;
+- (NSString*)creatorAsString;
+- (FourCharCode)type;
+- (NSString*)typeAsString;
- (NSString*)label;
- (BOOL)isVisible;
- (BOOL)passwordIsValid;
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-20 21:34:28 UTC (rev 405)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-20 22:58:05 UTC (rev 406)
@@ -270,7 +270,13 @@
}
}
-- (void)setCreator:(NSString*)creator {
+- (void)setCreator:(FourCharCode)creator {
+ if (![self _setAttribute:kSecCreatorItemAttr bytes:(const void*)&creator length:sizeof(FourCharCode)]) {
+ PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's creator - error %@.\n", self, OSStatusAsString(_error));
+ }
+}
+
+- (void)setCreatorFromString:(NSString*)creator {
if ((nil != creator) && (4 != [creator length]) && (0 != [creator length])) {
PDEBUG(@"Warning: \"%@\" is not a valid creator code - should be 4 bytes long.\n", creator);
}
@@ -280,7 +286,13 @@
}
}
-- (void)setType:(NSString*)type {
+- (void)setType:(FourCharCode)type {
+ if (![self _setAttribute:kSecTypeItemAttr bytes:(const void*)&type length:sizeof(FourCharCode)]) {
+ PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's type - error %@.\n", self, OSStatusAsString(_error));
+ }
+}
+
+- (void)setTypeFromString:(NSString*)type {
if ((nil != type) && (4 != [type length]) && (0 != [type length])) {
PDEBUG(@"Warning: \"%@\" is not a valid type code - should be 4 bytes long.\n", type);
}
@@ -522,6 +534,66 @@
//return [[[NSString alloc] initWithData:[self _attribute:type] encoding:encoding] autorelease];
}
+- (BOOL)_attributeOfType:(SecKeychainAttrType)type asInteger:(unsigned long long*)value ofExpectedLength:(unsigned int)expectedLength {
+ BOOL successful = NO;
+ unsigned long long result = 0;
+
+ if (0 == expectedLength) {
+ PSYSLOG(LOG_ERR, @"Asked for integer attribute of expected length 0, which is bogus.\n");
+ _error = EINVAL;
+ } else if (expectedLength > sizeof(unsigned long long)) {
+ PSYSLOG(LOG_ERR, @"Asked for integer attribute of expected length %u, but that's larger than the maximum supported length of %u.\n", expectedLength, sizeof(unsigned long long));
+ _error = EINVAL;
+ } else {
+ SecKeychainAttributeList *list = [self _attributesOfType:type];
+
+ if (nil != list) {
+ if (1 == list->count) {
+ if (expectedLength != list->attr->length) {
+ PDEBUG(@"Expected result to have length %u for attribute %@, but it has length %"PRIu32".\n", expectedLength, nameOfKeychainAttributeConstant(type), list->attr->length);
+ }
+
+ uint32_t i;
+
+#if __BIG_ENDIAN__
+ for (i = 0; i < list->attr->length; ++i) {
+ result <<= 8;
+ result |= ((uint8_t*)(list->attr->data))[i];
+ }
+#elif __LITTLE_ENDIAN__
+ for (i = list->attr->length; i > 0; --i) {
+ result <<= 8;
+ result |= ((uint8_t*)(list->attr->data))[i - 1];
+ }
+#else
+#error Unknown endianness.
+#endif
+
+ successful = YES;
+ } else if (0 == list->count) {
+ PDEBUG(@"No results for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(type), self, _keychainItem);
+ _error = errSecDataNotAvailable;
+ } else {
+ PSYSLOG(LOG_ERR, @"Multiple (%lu) results returned for attribute %@ of KeychainItem %p (SecRef = %p); cannot handle.\n", (unsigned long)(list->count), nameOfKeychainAttribute(type), self, _keychainItem);
+ _error = errSecDuplicateItem;
+ }
+
+ OSStatus _localError = SecKeychainItemFreeAttributesAndData(list, NULL);
+
+ if (noErr != _localError) {
+ PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
+ PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", result, OSStatusAsString(_localError));
+ }
+ } // else don't worry about it; appropriate logging and setting of _error will have been performed by _attributesOfType:
+ }
+
+ if (successful) {
+ *value = result;
+ }
+
+ return successful;
+}
+
- (BOOL)_attributeOfType:(SecKeychainAttrType)type boolValue:(BOOL*)value {
SecKeychainAttributeList *list = [self _attributesOfType:type];
BOOL successful = NO;
@@ -600,14 +672,50 @@
return [self _attributeOfType:kSecCommentItemAttr asStringUsingEncoding:NSUTF8StringEncoding];
}
-- (NSString*)creator {
- return [self _attributeOfType:kSecCreatorItemAttr asStringUsingEncoding:NSUTF8StringEncoding];
+- (FourCharCode)creator {
+ unsigned long long value = 0;
+
+ [self _attributeOfType:kSecCreatorItemAttr asInteger:&value ofExpectedLength:sizeof(FourCharCode)];
+
+ return (FourCharCode)value;
}
-- (NSString*)type {
- return [self _attributeOfType:kSecTypeItemAttr asStringUsingEncoding:NSUTF8StringEncoding];
+- (NSString*)creatorAsString {
+ FourCharCode creator = [self creator];
+
+ if (noErr == [self lastError]) {
+ if (0 == creator) {
+ return @"";
+ } else {
+ return [NSString stringWithFormat:@"%4.4s", (char*)(&creator)];
+ }
+ } else {
+ return nil;
+ }
}
+- (FourCharCode)type {
+ unsigned long long value = 0;
+
+ [self _attributeOfType:kSecTypeItemAttr asInteger:&value ofExpectedLength:sizeof(FourCharCode)];
+
+ return (FourCharCode)value;
+}
+
+- (NSString*)typeAsString {
+ FourCharCode type = [self type];
+
+ if (noErr == [self lastError]) {
+ if (0 == type) {
+ return @"";
+ } else {
+ return [NSString stringWithFormat:@"%4.4s", (char*)(&type)];
+ }
+ } else {
+ return nil;
+ }
+}
+
- (NSString*)label {
// This SHOULD be just the line below, except for a bug in the Security framework. rdar://problem/3425797
//return [self _attributeOfType:kSecLabelItemAttr asStringUsingEncoding:NSUTF8StringEncoding];
@@ -705,67 +813,19 @@
}
- (SecAuthenticationType)authenticationType {
- SecKeychainAttributeList *list = [self _attributesOfType:kSecAuthenticationTypeItemAttr];
- SecAuthenticationType result = 0;
+ unsigned long long value = 0;
- if (nil != list) {
- if (1 == list->count) {
- if (sizeof(SecAuthenticationType) == list->attr->length) {
- result = *(SecAuthenticationType*)(list->attr->data);
- } else {
- PSYSLOG(LOG_ERR, @"Sizes don't match in result - expected a SecAuthenticationType which is %u bytes, but the data returned is %lu bytes long.\n", sizeof(SecAuthenticationType), (unsigned long)(list->attr->length));
- _error = errSecUnknownFormat;
- }
- } else if (0 == list->count) {
- PDEBUG(@"No results for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(kSecAuthenticationTypeItemAttr), self, _keychainItem);
- _error = errSecDataNotAvailable;
- } else {
- PSYSLOG(LOG_ERR, @"Multiple (%lu) results returned for attribute %@ of KeychainItem %p (SecRef = %p); cannot handle.\n", (unsigned long)(list->count), nameOfKeychainAttribute(kSecAuthenticationTypeItemAttr), self, _keychainItem);
- _error = errSecDuplicateItem;
- }
-
- OSStatus _localError = SecKeychainItemFreeAttributesAndData(list, NULL);
-
- if (noErr != _localError) {
- PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
- PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", result, OSStatusAsString(_localError));
- }
- } // else don't worry about it; appropriate logging and setting of _error will have been performed by _attributesOfType:
+ [self _attributeOfType:kSecAuthenticationTypeItemAttr asInteger:&value ofExpectedLength:sizeof(SecAuthenticationType)];
- return result;
+ return (SecAuthenticationType)value;
}
- (uint32_t)port {
- SecKeychainAttributeList *list = [self _attributesOfType:kSecPortItemAttr];
- UInt16 result = 0;
+ unsigned long long value = 0;
- if (nil != list) {
- if (1 == list->count) {
- if (sizeof(UInt16) == list->attr->length) {
- result = *(UInt16*)(list->attr->data);
- } else if (sizeof(uint32_t) == list->attr->length) {
- result = *(uint32_t*)(list->attr->data);
- } else {
- PSYSLOG(LOG_ERR, @"Sizes don't match in result - expected a UInt16 which is %u bytes, but the data returned is %lu bytes long.\n", sizeof(UInt16), (unsigned long)(list->attr->length));
- _error = errSecUnknownFormat;
- }
- } else if (0 == list->count) {
- PDEBUG(@"No results for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(kSecPortItemAttr), self, _keychainItem);
- _error = errSecDataNotAvailable;
- } else {
- PSYSLOG(LOG_ERR, @"Multiple (%lu) results returned for attribute %@ of KeychainItem %p (SecRef = %p); cannot handle.\n", (unsigned long)(list->count), nameOfKeychainAttribute(kSecPortItemAttr), self, _keychainItem);
- _error = errSecDuplicateItem;
- }
-
- OSStatus _localError = SecKeychainItemFreeAttributesAndData(list, NULL);
-
- if (noErr != _localError) {
- PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
- PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", result, OSStatusAsString(_localError));
- }
- } // else don't worry about it; appropriate logging and setting of _error will have been performed by _attributesOfType:
+ [self _attributeOfType:kSecPortItemAttr asInteger:&value ofExpectedLength:sizeof(uint32_t)];
- return result;
+ return (uint32_t)value;
}
- (NSString*)path {
@@ -817,158 +877,43 @@
}
- (SecProtocolType)protocol {
- SecKeychainAttributeList *list = [self _attributesOfType:kSecProtocolItemAttr];
- SecProtocolType result = 0;
+ unsigned long long value = 0;
- if (nil != list) {
- if (1 == list->count) {
- if (sizeof(SecProtocolType) == list->attr->length) {
- result = *(SecProtocolType*)(list->attr->data);
- } else {
- PSYSLOG(LOG_ERR, @"Sizes don't match in result - expected a SecProtocolType which is %u bytes, but the data returned is %lu bytes long.\n", sizeof(SecProtocolType), (unsigned long)(list->attr->length));
- _error = errSecUnknownFormat;
- }
- } else if (0 == list->count) {
- PDEBUG(@"No results for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(kSecProtocolItemAttr), self, _keychainItem);
- _error = errSecDataNotAvailable;
- } else {
- PSYSLOG(LOG_ERR, @"Multiple (%lu) results returned for attribute %@ of KeychainItem %p (SecRef = %p); cannot handle.\n", (unsigned long)(list->count), nameOfKeychainAttribute(kSecProtocolItemAttr), self, _keychainItem);
- _error = errSecDuplicateItem;
- }
-
- OSStatus _localError = SecKeychainItemFreeAttributesAndData(list, NULL);
-
- if (noErr != _localError) {
- PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
- PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", result, OSStatusAsString(_localError));
- }
- } // else don't worry about it; appropriate logging and setting of _error will have been performed by _attributesOfType:
+ [self _attributeOfType:kSecProtocolItemAttr asInteger:&value ofExpectedLength:sizeof(SecProtocolType)];
- return result;
+ return (SecProtocolType)value;
}
- (CSSM_CERT_TYPE)certificateType {
- SecKeychainAttributeList *list = [self _attributesOfType:kSecCertificateType];
- CSSM_CERT_TYPE result = 0;
+ unsigned long long value = CSSM_CERT_UNKNOWN;
- if (nil != list) {
- if (1 == list->count) {
- if (sizeof(CSSM_CERT_TYPE) == list->attr->length) {
- result = *(CSSM_CERT_TYPE*)(list->attr->data);
- } else {
- PSYSLOG(LOG_ERR, @"Sizes don't match in result - expected a CSSM_CERT_TYPE which is %u bytes, but the data returned is %lu bytes long.\n", sizeof(CSSM_CERT_TYPE), (unsigned long)(list->attr->length));
- _error = errSecUnknownFormat;
- }
- } else if (0 == list->count) {
- PDEBUG(@"No results for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(kSecCertificateType), self, _keychainItem);
- _error = errSecDataNotAvailable;
- } else {
- PSYSLOG(LOG_ERR, @"Multiple (%lu) results returned for attribute %@ of KeychainItem %p (SecRef = %p); cannot handle.\n", (unsigned long)(list->count), nameOfKeychainAttribute(kSecCertificateType), self, _keychainItem);
- _error = errSecDuplicateItem;
- }
-
- OSStatus _localError = SecKeychainItemFreeAttributesAndData(list, NULL);
-
- if (noErr != _localError) {
- PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
- PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", result, OSStatusAsString(_localError));
- }
- } // else don't worry about it; appropriate logging and setting of _error will have been performed by _attributesOfType:
+ [self _attributeOfType:kSecCertificateType asInteger:&value ofExpectedLength:sizeof(CSSM_CERT_TYPE)];
- return result;
+ return (CSSM_CERT_TYPE)value;
}
- (CSSM_CERT_ENCODING)certificateEncoding {
- SecKeychainAttributeList *list = [self _attributesOfType:kSecCertificateEncoding];
- CSSM_CERT_ENCODING result = 0;
+ unsigned long long value = CSSM_CERT_ENCODING_UNKNOWN;
- if (nil != list) {
- if (1 == list->count) {
- if (sizeof(CSSM_CERT_ENCODING) == list->attr->length) {
- result = *(CSSM_CERT_ENCODING*)(list->attr->data);
- } else {
- PSYSLOG(LOG_ERR, @"Sizes don't match in result - expected a CSSM_CERT_ENCODING which is %u bytes, but the data returned is %lu bytes long.\n", sizeof(CSSM_CERT_ENCODING), (unsigned long)(list->attr->length));
- _error = errSecUnknownFormat;
- }
- } else if (0 == list->count) {
- PDEBUG(@"No results for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(kSecCertificateEncoding), self, _keychainItem);
- _error = errSecDataNotAvailable;
- } else {
- PSYSLOG(LOG_ERR, @"Multiple (%lu) results returned for attribute %@ of KeychainItem %p (SecRef = %p); cannot handle.\n", (unsigned long)(list->count), nameOfKeychainAttribute(kSecCertificateEncoding), self, _keychainItem);
- _error = errSecDuplicateItem;
- }
-
- OSStatus _localError = SecKeychainItemFreeAttributesAndData(list, NULL);
-
- if (noErr != _localError) {
- PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
- PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", result, OSStatusAsString(_localError));
- }
- } // else don't worry about it; appropriate logging and setting of _error will have been performed by _attributesOfType:
+ [self _attributeOfType:kSecCertificateEncoding asInteger:&value ofExpectedLength:sizeof(CSSM_CERT_ENCODING)];
- return result;
+ return (CSSM_CERT_ENCODING)value;
}
- (CSSM_CRL_TYPE)CRLType {
- SecKeychainAttributeList *list = [self _attributesOfType:kSecCrlType];
- CSSM_CRL_TYPE result = 0;
+ unsigned long long value = CSSM_CRL_TYPE_UNKNOWN;
- if (nil != list) {
- if (1 == list->count) {
- if (sizeof(CSSM_CRL_TYPE) == list->attr->length) {
- result = *(CSSM_CRL_TYPE*)(list->attr->data);
- } else {
- PSYSLOG(LOG_ERR, @"Sizes don't match in result - expected a CSSM_CRL_TYPE which is %u bytes, but the data returned is %lu bytes long.\n", sizeof(CSSM_CRL_TYPE), (unsigned long)(list->attr->length));
- _error = errSecUnknownFormat;
- }
- } else if (0 == list->count) {
- PDEBUG(@"No results for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(kSecCrlType), self, _keychainItem);
- _error = errSecDataNotAvailable;
- } else {
- PSYSLOG(LOG_ERR, @"Multiple (%lu) results returned for attribute %@ of KeychainItem %p (SecRef = %p); cannot handle.\n", (unsigned long)(list->count), nameOfKeychainAttribute(kSecCrlType), self, _keychainItem);
- _error = errSecDuplicateItem;
- }
-
- OSStatus _localError = SecKeychainItemFreeAttributesAndData(list, NULL);
-
- if (noErr != _localError) {
- PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
- PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", result, OSStatusAsString(_localError));
- }
- } // else don't worry about it; appropriate logging and setting of _error will have been performed by _attributesOfType:
+ [self _attributeOfType:kSecCrlType asInteger:&value ofExpectedLength:sizeof(CSSM_CRL_TYPE)];
- return result;
+ return (CSSM_CRL_TYPE)value;
}
- (CSSM_CRL_ENCODING)CRLEncoding {
- SecKeychainAttributeList *list = [self _attributesOfType:kSecCrlEncoding];
- CSSM_CRL_ENCODING result = 0;
+ unsigned long long value = CSSM_CRL_ENCODING_UNKNOWN;
- if (nil != list) {
- if (1 == list->count) {
- if (sizeof(CSSM_CRL_ENCODING) == list->attr->length) {
- result = *(CSSM_CRL_ENCODING*)(list->attr->data);
- } else {
- PSYSLOG(LOG_ERR, @"Sizes don't match in result - expected a CSSM_CRL_ENCODING which is %u bytes, but the data returned is %lu bytes long.\n", sizeof(CSSM_CRL_ENCODING), (unsigned long)(list->attr->length));
- _error = errSecUnknownFormat;
- }
- } else if (0 == list->count) {
- PDEBUG(@"No results for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(kSecCrlEncoding), self, _keychainItem);
- _error = errSecDataNotAvailable;
- } else {
- PSYSLOG(LOG_ERR, @"Multiple (%lu) results returned for attribute %@ of KeychainItem %p (SecRef = %p); cannot handle.\n", (unsigned long)(list->count), nameOfKeychainAttribute(kSecCrlEncoding), self, _keychainItem);
- _error = errSecDuplicateItem;
- }
-
- OSStatus _localError = SecKeychainItemFreeAttributesAndData(list, NULL);
-
- if (noErr != _localError) {
- PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
- PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", result, OSStatusAsString(_localError));
- }
- } // else don't worry about it; appropriate logging and setting of _error will have been performed by _attributesOfType:
+ [self _attributeOfType:kSecCrlEncoding asInteger:&value ofExpectedLength:sizeof(CSSM_CRL_ENCODING)];
- return result;
+ return (CSSM_CRL_ENCODING)value;
}
- (NSString*)alias {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-20 21:34:30
|
Revision: 405
http://keychain.svn.sourceforge.net/keychain/?rev=405&view=rev
Author: wadetregaskis
Date: 2007-10-20 14:34:28 -0700 (Sat, 20 Oct 2007)
Log Message:
-----------
* Updated test_addInternetPasswords() to use newer test macros that print useful info (e.g. expected and actual values) if they fail.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-20 21:31:50 UTC (rev 404)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-20 21:34:28 UTC (rev 405)
@@ -12,6 +12,8 @@
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#import <Keychain/Keychain.h>
+#import <Keychain/SecurityUtils.h>
+
#import <Foundation/Foundation.h>
#import "TestingCommon.h"
@@ -63,40 +65,42 @@
TEST(nil != currentItem, "Can create HTTP password");
if (nil != currentItem) {
- TEST([[currentItem account] isEqualToString:@"test"], "\tAccount is correct");
- TEST([[currentItem domain] isEqualToString:@""], "\tDomain is correct (none)");
- TEST([[currentItem server] isEqualToString:@"localhost"], "\tServer is correct");
- TEST(kSecAuthenticationTypeDefault == [currentItem authenticationType], "\tAuthentication type is correct");
- TEST(123 == [currentItem port], "\tPort is correct");
- TEST([[currentItem path] isEqualToString:@"/"], "\tPath is correct");
- TEST(kSecProtocolTypeHTTP == [currentItem protocol], "\tProtocol is correct");
+ TEST_ISEQUAL([currentItem account], @"test", "\tAccount is correct");
+ TEST_ISEQUAL([currentItem domain], @"", "\tDomain is correct (none)");
+ TEST_ISEQUAL([currentItem server], @"localhost", "\tServer is correct");
+ TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeDefault, nameOfAuthenticationTypeConstant, "\tAuthentication type is correct");
+ TEST_INTSEQUAL([currentItem port], 123, "\tPort is correct");
+ TEST_ISEQUAL([currentItem path], @"/", "\tPath is correct");
+ TEST_INTSEQUAL_F([currentItem protocol], kSecProtocolTypeHTTP, nameOfProtocolConstant, "\tProtocol is correct");
TEST([currentItem passwordIsValid], "\tPassword is noted as valid");
TEST([currentItem isVisible], "\tPassword is visible");
TEST(![currentItem hasCustomIcon], "\tDoesn't have custom icon");
NSDate *creationDate = [currentItem creationDate];
- TEST((NSOrderedDescending == [creationDate compare:testStart]) && (NSOrderedAscending == [creationDate compare:[NSDate date]]), "\tCreation date is plausible");
-
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDate, >=, testStart, "\tCreation date is the same time as or after this test started");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDate, <=, [NSDate date], "\tCreation date is the same time as or earlier than right now");
+
NSDate *modificationDate = [currentItem creationDate];
- TEST((NSOrderedDescending == [modificationDate compare:testStart]) && (NSOrderedAscending == [modificationDate compare:[NSDate date]]), "\tModification date is plausible");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, >=, testStart, "\tModification date is the same time as or after this test started");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDate, <=, [NSDate date], "\tModification date is the same time as or earlier than right now");
+
+ TEST_ISEQUAL([currentItem service], @"", "\tHas no service (not applicable to interest passwords)");
+ TEST_ISEQUAL([currentItem typeDescription], @"", "\tHas no type description");
+ TEST_ISEQUAL([currentItem comment], @"", "\tHas no comment");
+ TEST_ISEQUAL([currentItem creator], @"", "\tHas no creator");
+ TEST_ISEQUAL([currentItem type], @"", "\tHas no type");
+ TEST_ISEQUAL([currentItem label], @"", "\tHas no label");
+ TEST_ISEQUAL([currentItem alias], @"", "\tHas no alias");
- TEST([[currentItem service] isEqualToString:@""], "\tHas no service (not applicable to interest passwords)");
- TEST([[currentItem typeDescription] isEqualToString:@""], "\tHas no type description");
- TEST([[currentItem comment] isEqualToString:@""], "\tHas no comment");
- TEST([[currentItem creator] isEqualToString:@""], "\tHas no creator");
- TEST([[currentItem type] isEqualToString:@""], "\tHas no type");
- TEST([[currentItem label] isEqualToString:@""], "\tHas no label");
- TEST([[currentItem alias] isEqualToString:@""], "\tHas no alias");
-
TEST(nil == [currentItem userDefinedAttribute], "\tDoesn't have user-defined attribute (not applicable to internet passwords)");
TEST(nil == [currentItem appleShareVolume], "\tDoesn't have AppleShare volume (not applicable to internet passwords)");
TEST(nil == [currentItem appleShareAddress], "\tDoesn't have AppleShare address (not applicable to internet passwords)");
TEST(NULL == [currentItem appleShareSignature], "\tDoesn't have AppleShare signature (not applicable to internet passwords)");
- TEST(CSSM_CERT_UNKNOWN == [currentItem certificateType], "\tDoesn't have a certificate type (not applicable to internet passwords)");
- TEST(CSSM_CERT_ENCODING_UNKNOWN == [currentItem certificateEncoding], "\tDoesn't have a certificate encoding (not applicable to internet passwords)");
- TEST(CSSM_CRL_TYPE_UNKNOWN == [currentItem CRLType], "\tDoesn't have a CRL type (not applicable to internet passwords)");
- TEST(CSSM_CRL_ENCODING_UNKNOWN == [currentItem CRLEncoding], "\tDoesn't have a CRL encoding (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateType], CSSM_CERT_UNKNOWN, nameOfCertificateTypeConstant, "\tDoesn't have a certificate type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tDoesn't have a certificate encoding (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tDoesn't have a CRL type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tDoesn't have a CRL encoding (not applicable to internet passwords)");
}
currentItem = [testKeychain addInternetPassword:@"test123" onServer:@"localhost" forAccount:@"test" port:123 path:@"/" inSecurityDomain:nil protocol:kSecProtocolTypeHTTP auth:kSecAuthenticationTypeDefault replaceExisting:NO];
@@ -111,6 +115,8 @@
int main(int argc, char const *argv[]) {
#pragma unused (argc, argv) // We have no need for these right now.
+ srandom(time(NULL));
+
NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init];
Keychain *testKeychain;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-20 21:31:46
|
Revision: 404
http://keychain.svn.sourceforge.net/keychain/?rev=404&view=rev
Author: wadetregaskis
Date: 2007-10-20 14:31:50 -0700 (Sat, 20 Oct 2007)
Log Message:
-----------
* Added TEST_WITH_LOG_VALUE, TEST_ISEQUAL, TEST_COMPAREORDER, TEST_COMPARE_DATES_WITHOUT_SUBSECONDS, TEST_INTSEQUAL and TEST_INTSEQUAL_F.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/TestingCommon.h
Modified: trunk/Frameworks/Keychain/Testers/TestingCommon.h
===================================================================
--- trunk/Frameworks/Keychain/Testers/TestingCommon.h 2007-10-20 17:46:43 UTC (rev 403)
+++ trunk/Frameworks/Keychain/Testers/TestingCommon.h 2007-10-20 21:31:50 UTC (rev 404)
@@ -31,9 +31,99 @@
printf("passed.\n"); \
} else { \
++errors; \
- printf("FAILED (file %s, function %s, line %d).\n", __FILE__, __func__, __LINE__); \
+ printf("FAILED.\n"); \
}
+#define TEST_WITH_LOG_VALUE(condition, value, description, ...) \
+ printf("\t"); \
+ printf((description), ## __VA_ARGS__); \
+ printf(" - "); \
+ fflush(stdout); \
+ if (condition) { \
+ printf("passed.\n"); \
+ } else { \
+ ++errors; \
+ printf("FAILED. Received: %@\n", (value)); \
+ }
+
+#define TEST_ISEQUAL(testValue, expectedValue, description, ...) ({ \
+ id _testValue = (testValue); \
+ id _expectedValue = (expectedValue); \
+ printf("\t"); \
+ printf((description), ## __VA_ARGS__); \
+ printf(" - "); \
+ fflush(stdout); \
+ if ([_testValue isEqual:_expectedValue]) { \
+ printf("passed.\n"); \
+ } else { \
+ ++errors; \
+ printf("%s", [[NSString stringWithFormat:@"FAILED. Expected: %@, received: %@\n", _expectedValue, _testValue] UTF8String]); \
+ } \
+ })
+
+#define TEST_COMPAREORDER(testValue, expectedValue, requiredOrder, description, ...) ({ \
+ id _testValue = (testValue); \
+ id _expectedValue = (expectedValue); \
+ NSComparisonResult _requiredOrder = (requiredOrder); \
+ printf("\t"); \
+ printf((description), ## __VA_ARGS__); \
+ printf(" - "); \
+ fflush(stdout); \
+ NSComparisonResult _actualOrder = [_testValue compare:_expectedValue]; \
+ if (_requiredOrder == _actualOrder) { \
+ printf("passed.\n"); \
+ } else { \
+ ++errors; \
+ printf("%s", [[NSString stringWithFormat:@"FAILED. Expected %s %@, received: %@\n", ((0 == _requiredOrder) ? "==" : ((0 > _requiredOrder) ? "<" : ">")), _expectedValue, _testValue] UTF8String]); \
+ } \
+ })
+
+#define TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(testValue, comparator, expectedValue, description, ...) ({ \
+ id _testValue = (testValue); \
+ id _expectedValue = (expectedValue); \
+ printf("\t"); \
+ printf((description), ## __VA_ARGS__); \
+ printf(" - "); \
+ fflush(stdout); \
+ NSTimeInterval _interval = floor([_expectedValue timeIntervalSinceDate:_testValue]); \
+ if (0.0 comparator _interval) { \
+ printf("passed.\n"); \
+ } else { \
+ ++errors; \
+ printf("%s", [[NSString stringWithFormat:@"FAILED. Received date %@, which is not " #comparator " %@\n", _testValue, _expectedValue] UTF8String]); \
+ } \
+ })
+
+#define TEST_INTSEQUAL(testValue, expectedValue, description, ...) ({ \
+ typeof(testValue) _testValue = (testValue); \
+ typeof(expectedValue) _expectedValue = (expectedValue); \
+ printf("\t"); \
+ printf((description), ## __VA_ARGS__); \
+ printf(" - "); \
+ fflush(stdout); \
+ if ((unsigned long long)_testValue == (unsigned long long)_expectedValue) { \
+ printf("passed.\n"); \
+ } else { \
+ ++errors; \
+ printf("FAILED. Expected: %lld / %llu, received: %lld / %llu\n", (long long)_expectedValue, (unsigned long long)_expectedValue, (long long)_testValue, (unsigned long long)_testValue); \
+ } \
+ })
+
+#define TEST_INTSEQUAL_F(testValue, expectedValue, formatter, description, ...) ({ \
+ typeof(testValue) _testValue = (testValue); \
+ typeof(expectedValue) _expectedValue = (expectedValue); \
+ printf("\t"); \
+ printf((description), ## __VA_ARGS__); \
+ printf(" - "); \
+ fflush(stdout); \
+ if ((unsigned long long)_testValue == (unsigned long long)_expectedValue) { \
+ printf("passed.\n"); \
+ } else { \
+ ++errors; \
+ printf("%s", [[NSString stringWithFormat:@"FAILED. Expected: %@, received: %@\n", formatter(_expectedValue), formatter(_testValue)] UTF8String]); \
+ } \
+ })
+
#define TEST_NOTE(description, ...) \
printf("\t"); \
printf((description), ## __VA_ARGS__); \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-20 17:46:40
|
Revision: 403
http://keychain.svn.sourceforge.net/keychain/?rev=403&view=rev
Author: wadetregaskis
Date: 2007-10-20 10:46:43 -0700 (Sat, 20 Oct 2007)
Log Message:
-----------
* Moved the fflush() in FINAL_SUMMARY() to where it'll actually be executed. Duh.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/TestingCommon.h
Modified: trunk/Frameworks/Keychain/Testers/TestingCommon.h
===================================================================
--- trunk/Frameworks/Keychain/Testers/TestingCommon.h 2007-10-16 04:33:27 UTC (rev 402)
+++ trunk/Frameworks/Keychain/Testers/TestingCommon.h 2007-10-20 17:46:43 UTC (rev 403)
@@ -49,8 +49,9 @@
#define FINAL_SUMMARY() \
if (0 < totalErrors) { \
printf("\nTotal number of errors: %d.\n", totalErrors); \
+ fflush(stdout); \
return -1; \
} else { \
+ fflush(stdout); \
return 0; \
- } \
- fflush(stdout);
+ }
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-16 04:33:24
|
Revision: 402
http://keychain.svn.sourceforge.net/keychain/?rev=402&view=rev
Author: wadetregaskis
Date: 2007-10-15 21:33:27 -0700 (Mon, 15 Oct 2007)
Log Message:
-----------
* Added tests to ensure the newly added KeychainItem in test_addInternetPasswords() is setup as expected.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-16 04:09:52 UTC (rev 401)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-16 04:33:27 UTC (rev 402)
@@ -55,11 +55,50 @@
void test_addInternetPasswords(Keychain *testKeychain) {
START_TEST("Add internet passwords");
+ NSDate *testStart = [NSDate date];
+
KeychainItem *currentItem;
currentItem = [testKeychain addInternetPassword:@"test123" onServer:@"localhost" forAccount:@"test" port:123 path:@"/" inSecurityDomain:nil protocol:kSecProtocolTypeHTTP auth:kSecAuthenticationTypeDefault replaceExisting:NO];
TEST(nil != currentItem, "Can create HTTP password");
+ if (nil != currentItem) {
+ TEST([[currentItem account] isEqualToString:@"test"], "\tAccount is correct");
+ TEST([[currentItem domain] isEqualToString:@""], "\tDomain is correct (none)");
+ TEST([[currentItem server] isEqualToString:@"localhost"], "\tServer is correct");
+ TEST(kSecAuthenticationTypeDefault == [currentItem authenticationType], "\tAuthentication type is correct");
+ TEST(123 == [currentItem port], "\tPort is correct");
+ TEST([[currentItem path] isEqualToString:@"/"], "\tPath is correct");
+ TEST(kSecProtocolTypeHTTP == [currentItem protocol], "\tProtocol is correct");
+
+ TEST([currentItem passwordIsValid], "\tPassword is noted as valid");
+ TEST([currentItem isVisible], "\tPassword is visible");
+ TEST(![currentItem hasCustomIcon], "\tDoesn't have custom icon");
+
+ NSDate *creationDate = [currentItem creationDate];
+ TEST((NSOrderedDescending == [creationDate compare:testStart]) && (NSOrderedAscending == [creationDate compare:[NSDate date]]), "\tCreation date is plausible");
+
+ NSDate *modificationDate = [currentItem creationDate];
+ TEST((NSOrderedDescending == [modificationDate compare:testStart]) && (NSOrderedAscending == [modificationDate compare:[NSDate date]]), "\tModification date is plausible");
+
+ TEST([[currentItem service] isEqualToString:@""], "\tHas no service (not applicable to interest passwords)");
+ TEST([[currentItem typeDescription] isEqualToString:@""], "\tHas no type description");
+ TEST([[currentItem comment] isEqualToString:@""], "\tHas no comment");
+ TEST([[currentItem creator] isEqualToString:@""], "\tHas no creator");
+ TEST([[currentItem type] isEqualToString:@""], "\tHas no type");
+ TEST([[currentItem label] isEqualToString:@""], "\tHas no label");
+ TEST([[currentItem alias] isEqualToString:@""], "\tHas no alias");
+
+ TEST(nil == [currentItem userDefinedAttribute], "\tDoesn't have user-defined attribute (not applicable to internet passwords)");
+ TEST(nil == [currentItem appleShareVolume], "\tDoesn't have AppleShare volume (not applicable to internet passwords)");
+ TEST(nil == [currentItem appleShareAddress], "\tDoesn't have AppleShare address (not applicable to internet passwords)");
+ TEST(NULL == [currentItem appleShareSignature], "\tDoesn't have AppleShare signature (not applicable to internet passwords)");
+ TEST(CSSM_CERT_UNKNOWN == [currentItem certificateType], "\tDoesn't have a certificate type (not applicable to internet passwords)");
+ TEST(CSSM_CERT_ENCODING_UNKNOWN == [currentItem certificateEncoding], "\tDoesn't have a certificate encoding (not applicable to internet passwords)");
+ TEST(CSSM_CRL_TYPE_UNKNOWN == [currentItem CRLType], "\tDoesn't have a CRL type (not applicable to internet passwords)");
+ TEST(CSSM_CRL_ENCODING_UNKNOWN == [currentItem CRLEncoding], "\tDoesn't have a CRL encoding (not applicable to internet passwords)");
+ }
+
currentItem = [testKeychain addInternetPassword:@"test123" onServer:@"localhost" forAccount:@"test" port:123 path:@"/" inSecurityDomain:nil protocol:kSecProtocolTypeHTTP auth:kSecAuthenticationTypeDefault replaceExisting:NO];
TEST(nil == currentItem, "Cannot accidentally overwrite previous password");
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-16 04:09:48
|
Revision: 401
http://keychain.svn.sourceforge.net/keychain/?rev=401&view=rev
Author: wadetregaskis
Date: 2007-10-15 21:09:52 -0700 (Mon, 15 Oct 2007)
Log Message:
-----------
* Fixed header info (creation & copyright dates, and file name).
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainSearchInternal.h
Modified: trunk/Frameworks/Keychain/Keychain/KeychainSearchInternal.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainSearchInternal.h 2007-10-16 04:05:47 UTC (rev 400)
+++ trunk/Frameworks/Keychain/Keychain/KeychainSearchInternal.h 2007-10-16 04:09:52 UTC (rev 401)
@@ -1,10 +1,10 @@
//
-// KeychainSearch.h
+// KeychainSearchInternal.h
// Keychain
//
-// Created by Wade Tregaskis on Fri Jan 24 2003.
+// Created by Wade Tregaskis on Sun Oct 14 2007.
//
-// Copyright (c) 2003 - 2007, Wade Tregaskis. All rights reserved.
+// Copyright (c) 2007, Wade Tregaskis. All rights reserved.
// Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
// * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-16 04:06:03
|
Revision: 400
http://keychain.svn.sourceforge.net/keychain/?rev=400&view=rev
Author: wadetregaskis
Date: 2007-10-15 21:05:47 -0700 (Mon, 15 Oct 2007)
Log Message:
-----------
* Added in a bit of whitespace to the test outputs.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/TestingCommon.h
Modified: trunk/Frameworks/Keychain/Testers/TestingCommon.h
===================================================================
--- trunk/Frameworks/Keychain/Testers/TestingCommon.h 2007-10-16 04:01:38 UTC (rev 399)
+++ trunk/Frameworks/Keychain/Testers/TestingCommon.h 2007-10-16 04:05:47 UTC (rev 400)
@@ -20,7 +20,7 @@
{ \
int errors = 0; \
const char *TEST_DESCRIPTION = (description); \
- printf("Testing: %s.\n", TEST_DESCRIPTION);
+ printf("\nTesting: %s.\n", TEST_DESCRIPTION);
#define TEST(condition, description, ...) \
printf("\t"); \
@@ -48,7 +48,7 @@
#define FINAL_SUMMARY() \
if (0 < totalErrors) { \
- printf("Total number of errors: %d.\n", totalErrors); \
+ printf("\nTotal number of errors: %d.\n", totalErrors); \
return -1; \
} else { \
return 0; \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-16 04:01:36
|
Revision: 399
http://keychain.svn.sourceforge.net/keychain/?rev=399&view=rev
Author: wadetregaskis
Date: 2007-10-15 21:01:38 -0700 (Mon, 15 Oct 2007)
Log Message:
-----------
* Added [back] in the all-import "successful = YES" to -[KeychainItem _attributeOfType:boolValue:]. It now works again.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-15 06:07:55 UTC (rev 398)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-16 04:01:38 UTC (rev 399)
@@ -538,6 +538,8 @@
break;
}
}
+
+ successful = YES;
} else if (0 == list->count) {
PDEBUG(@"No results for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(type), self, _keychainItem);
_error = errSecDataNotAvailable;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-15 06:07:51
|
Revision: 398
http://keychain.svn.sourceforge.net/keychain/?rev=398&view=rev
Author: wadetregaskis
Date: 2007-10-14 23:07:55 -0700 (Sun, 14 Oct 2007)
Log Message:
-----------
* Fixed typo in logging.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/AccessControlList.m
Modified: trunk/Frameworks/Keychain/Keychain/AccessControlList.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/AccessControlList.m 2007-10-15 06:05:36 UTC (rev 397)
+++ trunk/Frameworks/Keychain/Keychain/AccessControlList.m 2007-10-15 06:07:55 UTC (rev 398)
@@ -65,7 +65,7 @@
if (noErr == _error) {
CFRetain(acc);
} else {
- PSYSLOGND(@"Unable to create SecACLRef for new AccessControlList, error %@.\n", OSStatusAsString(_error));
+ PSYSLOGND(LOG_ERR, @"Unable to create SecACLRef for new AccessControlList, error %@.\n", OSStatusAsString(_error));
PDEBUG(@"SecACLCreateFromSimpleContents(%p, %p, \"%@\", %p [version = %"PRIu16", flags = %"PRIu16"], %p) returned error %@.\n", accessRef, applicationsAsSecRefs, name, &prompt, prompt.version, prompt.flags, &_ACL);
[self release];
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-15 06:05:34
|
Revision: 397
http://keychain.svn.sourceforge.net/keychain/?rev=397&view=rev
Author: wadetregaskis
Date: 2007-10-14 23:05:36 -0700 (Sun, 14 Oct 2007)
Log Message:
-----------
* Added additional logging to Access.
* Changed ivars of Access to have underscore prefix.
* Verified that all Access's methods set _error appropriately.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/Access.h
trunk/Frameworks/Keychain/Keychain/Access.m
Modified: trunk/Frameworks/Keychain/Keychain/Access.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/Access.h 2007-10-15 05:54:29 UTC (rev 396)
+++ trunk/Frameworks/Keychain/Keychain/Access.h 2007-10-15 06:05:36 UTC (rev 397)
@@ -23,8 +23,8 @@
*/
@interface Access : NSCachedObject {
- SecAccessRef access;
- int error;
+ SecAccessRef _access;
+ int _error;
}
// Q) Why isn't there a mechanism to retrieve the name after creation?
Modified: trunk/Frameworks/Keychain/Keychain/Access.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/Access.m 2007-10-15 05:54:29 UTC (rev 396)
+++ trunk/Frameworks/Keychain/Keychain/Access.m 2007-10-15 06:05:36 UTC (rev 397)
@@ -16,7 +16,11 @@
#import <Keychain/TrustedApplication.h>
#import <Keychain/AccessControlList.h>
+#import <Keychain/Logging.h>
+#import <Keychain/SecurityUtils.h>
+#import <Keychain/CSSMUtils.h>
+
@implementation Access
+ (Access*)accessWithName:(NSString*)name {
@@ -51,45 +55,53 @@
}
}
} else {
+ [self release];
return nil;
}
}
- error = SecAccessCreate((CFStringRef)name, convertedArray, &access); // Don't know whether name is permitted to be NULL, so make no assumptions
+ _error = SecAccessCreate((CFStringRef)name, convertedArray, &_access); // Don't know whether name is permitted to be NULL, so make no assumptions
+ if (noErr != _error) {
+ PSYSLOGND(LOG_ERR, @"Unable to create new Access, error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecAccessCreate(%p [\"%@\"], %p, %p) returned error %@.\n", name, name, convertedArray, &_access, OSStatusAsString(_error));
+
+ [self release];
+ self = nil;
+ }
+
if (convertedArray) {
CFRelease(convertedArray);
}
-
- return self;
- } else {
- [self release];
-
- return nil;
- }
+ }
+
+ return self;
}
- (Access*)initWithAccessRef:(SecAccessRef)acc {
- if (acc && (self = [super init])) {
- Access *existingObject;
-
- existingObject = [[self class] instanceWithKey:(id)acc from:@selector(accessRef) simpleKey:NO];
-
- if (existingObject) {
- [self release];
-
- return [existingObject retain];
- } else {
- CFRetain(acc);
- access = acc;
-
- return self;
- }
+ if (acc) {
+ if (self = [super init]) {
+ Access *existingObject;
+
+ existingObject = [[self class] instanceWithKey:(id)acc from:@selector(accessRef) simpleKey:NO];
+
+ if (existingObject) {
+ [self release];
+
+ self = [existingObject retain];
+ } else {
+ CFRetain(acc);
+ _access = acc;
+ }
+ }
} else {
+ PSYSLOG(LOG_ERR, @"Missing argument 'acc'.\n");
+
[self release];
-
- return nil;
+ self = nil;
}
+
+ return self;
}
- (Access*)init {
@@ -102,18 +114,23 @@
NSEnumerator *enumerator;
SecACLRef current;
- error = SecAccessCopyACLList(access, &results);
+ _error = SecAccessCopyACLList(_access, &results);
- if ((error == 0) && results) {
+ if ((noErr == _error) && results) {
enumerator = [(NSArray*)results objectEnumerator];
finalResults = [NSMutableArray arrayWithCapacity:CFArrayGetCount(results)];
while (current = (SecACLRef)[enumerator nextObject]) {
[finalResults addObject:[AccessControlList accessControlListWithACLRef:current]];
}
-
+ } else {
+ PSYSLOGND(LOG_ERR, @"Unable to get ACLs from Access, error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecAccessCopyACLList(%p, %p) returned error %@.\n", _access, &results, OSStatusAsString(_error));
+ }
+
+ if (NULL != results) {
CFRelease(results);
- }
+ }
return finalResults;
}
@@ -124,18 +141,23 @@
NSEnumerator *enumerator;
SecACLRef current;
- error = SecAccessCopySelectedACLList(access, action, &results);
+ _error = SecAccessCopySelectedACLList(_access, action, &results);
- if ((error == 0) && results) {
+ if ((noErr == _error) && results) {
enumerator = [(NSArray*)results objectEnumerator];
finalResults = [NSMutableArray arrayWithCapacity:CFArrayGetCount(results)];
while (current = (SecACLRef)[enumerator nextObject]) {
[finalResults addObject:[AccessControlList accessControlListWithACLRef:current]];
}
-
+ } else {
+ PSYSLOGND(LOG_ERR, @"Unable to get ACLs from Access, error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecAccessCopySelectedACLList(%p, %@, %p) returned error %@.\n", _access, nameOfAuthorizationConstant(action), &results, OSStatusAsString(_error));
+ }
+
+ if (NULL != results) {
CFRelease(results);
- }
+ }
return finalResults;
}
@@ -193,16 +215,17 @@
}
- (int)lastError {
- return error;
+ return _error;
}
- (SecAccessRef)accessRef {
- return access;
+ return _access;
}
- (void)dealloc {
- if (access) {
- CFRelease(access);
+ if (_access) {
+ CFRelease(_access);
+ _access = NULL;
}
[super dealloc];
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-15 05:54:25
|
Revision: 396
http://keychain.svn.sourceforge.net/keychain/?rev=396&view=rev
Author: wadetregaskis
Date: 2007-10-14 22:54:29 -0700 (Sun, 14 Oct 2007)
Log Message:
-----------
* Added additional logging to AccessControlList.
* Changed ivars of AccessControlList to have underscore prefix.
* Verified that all AccessControlList's methods set _error appropriately.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/AccessControlList.h
trunk/Frameworks/Keychain/Keychain/AccessControlList.m
Modified: trunk/Frameworks/Keychain/Keychain/AccessControlList.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/AccessControlList.h 2007-10-15 05:25:13 UTC (rev 395)
+++ trunk/Frameworks/Keychain/Keychain/AccessControlList.h 2007-10-15 05:54:29 UTC (rev 396)
@@ -26,8 +26,8 @@
@discussion An AccessControlList contains a list of authorizations, of various pre-defined types, and a list of TrustedApplication's to which these authorizations apply. AccessControlList's are usually grouped together, as appropriate, under an Access instance. */
@interface AccessControlList : NSCachedObject {
- SecACLRef ACL;
- int error;
+ SecACLRef _ACL;
+ int _error;
}
/*! @method accessControlListNamed:fromAccess:forApplications:requiringPassphrase:
Modified: trunk/Frameworks/Keychain/Keychain/AccessControlList.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/AccessControlList.m 2007-10-15 05:25:13 UTC (rev 395)
+++ trunk/Frameworks/Keychain/Keychain/AccessControlList.m 2007-10-15 05:54:29 UTC (rev 396)
@@ -47,7 +47,7 @@
applicationsAsSecRefs = [[self class] _arrayOfSecTrustedApplicationRefsFromArray:applications];
if (nil == applicationsAsSecRefs) {
- PSYSLOG(LOG_ERR, @"The given array of applications contains one or more objects which are not and cannot be converted to SecTrustedApplicationRefs. It's contents are: %@\n", applications);
+ PSYSLOG(LOG_ERR, @"The given array of applications contains one or more objects which are not and cannot be converted to SecTrustedApplicationRefs. Its contents are: %@\n", applications);
[self release];
self = nil;
}
@@ -55,22 +55,23 @@
if (nil != self) {
CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR prompt;
+ SecAccessRef accessRef = [acc accessRef];
prompt.version = CSSM_ACL_KEYCHAIN_PROMPT_CURRENT_VERSION;
prompt.flags = (reqPass) ? CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE : 0;
- error = SecACLCreateFromSimpleContents((SecAccessRef)[acc accessRef], (CFArrayRef)applicationsAsSecRefs, (CFStringRef)name, &prompt, &ACL);
+ _error = SecACLCreateFromSimpleContents(accessRef, (CFArrayRef)applicationsAsSecRefs, (CFStringRef)name, &prompt, &_ACL);
- if (noErr == error) {
+ if (noErr == _error) {
CFRetain(acc);
} else {
+ PSYSLOGND(@"Unable to create SecACLRef for new AccessControlList, error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecACLCreateFromSimpleContents(%p, %p, \"%@\", %p [version = %"PRIu16", flags = %"PRIu16"], %p) returned error %@.\n", accessRef, applicationsAsSecRefs, name, &prompt, prompt.version, prompt.flags, &_ACL);
+
[self release];
self = nil;
}
}
- } else {
- [self release];
- self = nil;
}
} else {
PSYSLOG(LOG_ERR, @"Cannot initialise an AccessControlList without an Access.\n");
@@ -94,12 +95,14 @@
} else {
if (self = [super init]) {
CFRetain(AC);
- ACL = AC;
+ _ACL = AC;
}
return self;
}
} else {
+ PSYSLOG(LOG_ERR, @"Missing 'AC' parameter.\n");
+
[self release];
return nil;
@@ -107,6 +110,8 @@
}
- (AccessControlList*)init {
+ PSYSLOG(LOG_ERR, @"'init' is not a valid initialiser for AccessControlList.\n");
+
[self release];
return nil;
}
@@ -183,6 +188,7 @@
if (nil == applicationsAsSecRefs) {
PSYSLOG(LOG_ERR, @"The given array of applications is invalid; it contains objects which cannot be converted to SecTrustedApplicationRefs. It contains: %@\n", applications);
+ _error = EINVAL;
return NO;
}
}
@@ -193,10 +199,18 @@
// Unfortunately SetACLSetSimpleContents() treats NULL arguments as meaning 'reset' those attributes, so - given we want to preserve the other attributes - we need to get the existing values and carry them through.
- error = SecACLCopySimpleContents(ACL, &appList, &desc, &woop);
+ _error = SecACLCopySimpleContents(_ACL, &appList, &desc, &woop);
- if (noErr == error) {
- error = SecACLSetSimpleContents(ACL, (CFArrayRef)applicationsAsSecRefs, desc, &woop);
+ if (noErr == _error) {
+ _error = SecACLSetSimpleContents(_ACL, (CFArrayRef)applicationsAsSecRefs, desc, &woop);
+
+ if (noErr != _error) {
+ PSYSLOGND(LOG_ERR, @"Unable to modify applications list of ACL, error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecACLSetSimpleContents(%p, %p, %p, %p) returned error %@.\n", _ACL, applicationsAsSecRefs, desc, &woop, OSStatusAsString(_error));
+ }
+ } else {
+ PSYSLOGND(LOG_ERR, @"Unable to retrieve existing contents of ACL (in order to modify the applications list), error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecACLCopySimpleContents(%p, %p, %p, %p) returned error %@.\n", _ACL, &appList, &desc, &woop, OSStatusAsString(_error));
}
if (appList) {
@@ -207,7 +221,7 @@
CFRelease(desc);
}
- return (noErr == error);
+ return (noErr == _error);
}
//- (BOOL)addApplication:(id)application {
@@ -250,7 +264,7 @@
// if (noErr = err) {
// if (nil == currentApplications) {
// // We currently trust everything implicitly. Since we can't just magically construct a list of every application ever in existence less the one given, we fail here.
-// error = errSecACLNotSimple;
+// _error = errSecACLNotSimple;
// return NO;
// } else {
// TrustedApplication *targetApp = nil;
@@ -284,11 +298,19 @@
CFStringRef desc = NULL;
CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR woop;
- error = SecACLCopySimpleContents(ACL, &appList, &desc, &woop);
+ _error = SecACLCopySimpleContents(_ACL, &appList, &desc, &woop);
- if (error == 0) {
- error = SecACLSetSimpleContents(ACL, appList, (CFStringRef)name, &woop);
- }
+ if (noErr == _error) {
+ _error = SecACLSetSimpleContents(_ACL, appList, (CFStringRef)name, &woop);
+
+ if (noErr != _error) {
+ PSYSLOGND(LOG_ERR, @"Unable to modify name of ACL, error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecACLSetSimpleContents(%p, %p, %p [\"%@\"], %p) returned error %@.\n", _ACL, appList, name, name, &woop, OSStatusAsString(_error));
+ }
+ } else {
+ PSYSLOGND(LOG_ERR, @"Unable to retrieve existing contents of ACL (in order to modify the name), error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecACLCopySimpleContents(%p, %p, %p, %p) returned error %@.\n", _ACL, &appList, &desc, &woop, OSStatusAsString(_error));
+ }
if (appList) {
CFRelease(appList);
@@ -298,7 +320,7 @@
CFRelease(desc);
}
- return (noErr == error);
+ return (noErr == _error);
}
- (BOOL)setRequiresPassphrase:(BOOL)reqPass {
@@ -306,17 +328,27 @@
CFStringRef desc = NULL;
CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR woop;
- error = SecACLCopySimpleContents(ACL, &appList, &desc, &woop);
+ _error = SecACLCopySimpleContents(_ACL, &appList, &desc, &woop);
- if ((noErr == error) && (reqPass != (woop.flags & CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE))) {
- if (reqPass) {
- woop.flags |= CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE;
- } else {
- woop.flags &= !CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE;
- }
-
- error = SecACLSetSimpleContents(ACL, appList, desc, &woop);
- }
+ if (noErr == _error) {
+ if (reqPass != (woop.flags & CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE)) {
+ if (reqPass) {
+ woop.flags |= CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE;
+ } else {
+ woop.flags &= !CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE;
+ }
+
+ _error = SecACLSetSimpleContents(_ACL, appList, desc, &woop);
+
+ if (noErr != _error) {
+ PSYSLOGND(LOG_ERR, @"Unable to modify requires-passphrase flag of ACL, error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecACLSetSimpleContents(%p, %p, %p, %p) returned error %@.\n", _ACL, appList, desc, &woop, OSStatusAsString(_error));
+ }
+ }
+ } else {
+ PSYSLOGND(LOG_ERR, @"Unable to retrieve existing contents of ACL (in order to modify the requires-passphrase flag), error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecACLCopySimpleContents(%p, %p, %p, %p) returned error %@.\n", _ACL, &appList, &desc, &woop, OSStatusAsString(_error));
+ }
if (appList) {
CFRelease(appList);
@@ -326,7 +358,7 @@
CFRelease(desc);
}
- return (noErr == error);
+ return (noErr == _error);
}
- (NSArray*)applications {
@@ -336,20 +368,23 @@
NSArray *result = nil;
// Unfortunately we must provide non-NULL arguments for all parameters; required by the Security API.
- error = SecACLCopySimpleContents(ACL, &appList, &desc, &woop);
-
- if (desc) {
- CFRelease(desc);
- }
+ _error = SecACLCopySimpleContents(_ACL, &appList, &desc, &woop);
- if (noErr == error) {
+ if (noErr == _error) {
result = ((NULL != appList) ? [[self class] _arrayOfTrustedApplicationsFromArray:(NSArray*)appList] : nil);
+ } else {
+ PSYSLOGND(LOG_ERR, @"Unable to retrieve applications list of ACL, error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecACLCopySimpleContents(%p, %p, %p, %p) returned error %@.\n", _ACL, &appList, &desc, &woop, OSStatusAsString(_error));
}
if (appList) {
CFRelease(appList);
}
+ if (desc) {
+ CFRelease(desc);
+ }
+
return result;
}
@@ -357,29 +392,41 @@
CFArrayRef appList = NULL;
CFStringRef desc = NULL;
CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR woop;
+ NSString *result = nil;
// Unfortunately we must provide non-NULL arguments for all parameters; required by the Security API.
- error = SecACLCopySimpleContents(ACL, &appList, &desc, &woop);
+ _error = SecACLCopySimpleContents(_ACL, &appList, &desc, &woop);
+ if (noErr == _error) {
+ result = [(NSString*)desc autorelease];
+ } else {
+ PSYSLOGND(LOG_ERR, @"Unable to retrieve name of ACL, error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecACLCopySimpleContents(%p, %p, %p, %p) returned error %@.\n", _ACL, &appList, &desc, &woop, OSStatusAsString(_error));
+ }
+
if (appList) {
CFRelease(appList);
}
- if (error != 0) {
- return nil;
- } else {
- return [(NSString*)desc autorelease];
- }
+ return result;
}
- (BOOL)requiresPassphrase {
CFArrayRef appList = NULL;
CFStringRef desc = NULL;
CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR woop;
+ BOOL result = NO;
// Unfortunately we must provide non-NULL arguments for all parameters; required by the Security API.
- error = SecACLCopySimpleContents(ACL, &appList, &desc, &woop);
+ _error = SecACLCopySimpleContents(_ACL, &appList, &desc, &woop);
+ if (noErr == _error) {
+ result = (0 != (woop.flags & CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE));
+ } else {
+ PSYSLOGND(LOG_ERR, @"Unable to retrieve requires-passphrase flag of ACL, error %@.\n", OSStatusAsString(_error));
+ PDEBUG(@"SecACLCopySimpleContents(%p, %p, %p, %p) returned error %@.\n", _ACL, &appList, &desc, &woop, OSStatusAsString(_error));
+ }
+
if (appList) {
CFRelease(appList);
}
@@ -388,11 +435,7 @@
CFRelease(desc);
}
- if (error != 0) {
- return NO;
- } else {
- return (woop.flags & CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE);
- }
+ return result;
}
- (BOOL)setAuthorizations:(NSArray*)authorizations {
@@ -404,18 +447,18 @@
auths[i] = [[authorizations objectAtIndex:i] intValue];
}
- error = SecACLSetAuthorizations(ACL, auths, authorizationsCount);
+ _error = SecACLSetAuthorizations(_ACL, auths, authorizationsCount);
if (NULL != auths) {
free(auths);
}
- if (noErr != error) {
- PSYSLOGND(LOG_ERR, @"Unable to set new authorisations, error %@.", OSStatusAsString(error));
- PDEBUG(@"SecACLSetAuthorizations(%p, %p, %"PRIu32") returned error %@.", ACL, auths, authorizationsCount, OSStatusAsString(error));
+ if (noErr != _error) {
+ PSYSLOGND(LOG_ERR, @"Unable to set new authorisations, error %@.", OSStatusAsString(_error));
+ PDEBUG(@"SecACLSetAuthorizations(%p, %p, %"PRIu32") returned error %@.", _ACL, auths, authorizationsCount, OSStatusAsString(_error));
}
- return (noErr == error);
+ return (noErr == _error);
}
- (BOOL)setAuthorizesAction:(CSSM_ACL_AUTHORIZATION_TAG)action to:(BOOL)value {
@@ -428,10 +471,10 @@
count = capacity;
currentAuths = reallocf(currentAuths, sizeof(CSSM_ACL_AUTHORIZATION_TAG) * count);
- error = SecACLGetAuthorizations(ACL, currentAuths, &count);
- } while (errSecBufferTooSmall == error);
+ _error = SecACLGetAuthorizations(_ACL, currentAuths, &count);
+ } while (errSecBufferTooSmall == _error);
- if (noErr == error) {
+ if (noErr == _error) {
for (i = 0; i < count; ++i) {
if (currentAuths[i] == action) {
alreadySet = YES;
@@ -460,26 +503,26 @@
newCount = count;
}
- error = SecACLSetAuthorizations(ACL, newAuths, newCount);
+ _error = SecACLSetAuthorizations(_ACL, newAuths, newCount);
- if (noErr != error) {
- PSYSLOGND(LOG_ERR, @"Unable to apply changed authorisations, error %@.", OSStatusAsString(error));
- PDEBUG(@"SecACLSetAuthorizations(%p, %p, %"PRIu32") returned error %@.", ACL, newAuths, newCount, OSStatusAsString(error));
+ if (noErr != _error) {
+ PSYSLOGND(LOG_ERR, @"Unable to apply changed authorisations, error %@.", OSStatusAsString(_error));
+ PDEBUG(@"SecACLSetAuthorizations(%p, %p, %"PRIu32") returned error %@.", _ACL, newAuths, newCount, OSStatusAsString(_error));
}
if ((NULL != newAuths) && (newAuths != currentAuths)) {
free(newAuths);
}
} else {
- PSYSLOGND(LOG_ERR, @"Unable to get existing authorisations [in order to modify them], error %@.", OSStatusAsString(error));
- PDEBUG(@"SecACLGetAuthorizations(%p, %p, %p [%u->%u]) returned error %@.", ACL, currentAuths, &count, capacity, count, OSStatusAsString(error));
+ PSYSLOGND(LOG_ERR, @"Unable to get existing authorisations [in order to modify them], error %@.", OSStatusAsString(_error));
+ PDEBUG(@"SecACLGetAuthorizations(%p, %p, %p [%u->%u]) returned error %@.", _ACL, currentAuths, &count, capacity, count, OSStatusAsString(_error));
}
if (NULL != currentAuths) {
free(currentAuths);
}
- return (noErr == error);
+ return (noErr == _error);
}
- (BOOL)setAuthorizesEverything:(BOOL)value {
@@ -544,18 +587,18 @@
count = capacity;
auths = reallocf(auths, sizeof(CSSM_ACL_AUTHORIZATION_TAG) * count);
- error = SecACLGetAuthorizations(ACL, auths, &count);
- } while (errSecBufferTooSmall == error);
+ _error = SecACLGetAuthorizations(_ACL, auths, &count);
+ } while (errSecBufferTooSmall == _error);
- if (noErr == error) {
+ if (noErr == _error) {
result = [NSMutableArray arrayWithCapacity:count];
for (i = 0; i < count; ++i) {
[result addObject:[NSNumber numberWithInt:auths[i]]];
}
} else {
- PSYSLOGND(LOG_ERR, @"Unable to get authorisations, error %@.", OSStatusAsString(error));
- PDEBUG(@"SecACLGetAuthorizations(%p, %p, %p [%u->%u]) returned error %@.", ACL, auths, &count, capacity, count, OSStatusAsString(error));
+ PSYSLOGND(LOG_ERR, @"Unable to get authorisations, error %@.", OSStatusAsString(_error));
+ PDEBUG(@"SecACLGetAuthorizations(%p, %p, %p [%u->%u]) returned error %@.", _ACL, auths, &count, capacity, count, OSStatusAsString(_error));
}
return result;
@@ -571,10 +614,10 @@
count = capacity;
auths = reallocf(auths, sizeof(CSSM_ACL_AUTHORIZATION_TAG) * count);
- error = SecACLGetAuthorizations(ACL, auths, &count);
- } while (errSecBufferTooSmall == error);
+ _error = SecACLGetAuthorizations(_ACL, auths, &count);
+ } while (errSecBufferTooSmall == _error);
- if (noErr == error) {
+ if (noErr == _error) {
for (i = 0; i < count; ++i) {
if (auths[i] == action) {
result = YES;
@@ -582,8 +625,8 @@
}
}
} else {
- PSYSLOGND(LOG_ERR, @"Unable to get authorisations, error %@.", OSStatusAsString(error));
- PDEBUG(@"SecACLGetAuthorizations(%p, %p, %p [%u->%u]) returned error %@.", ACL, auths, &count, capacity, count, OSStatusAsString(error));
+ PSYSLOGND(LOG_ERR, @"Unable to get authorisations, error %@.", OSStatusAsString(_error));
+ PDEBUG(@"SecACLGetAuthorizations(%p, %p, %p [%u->%u]) returned error %@.", _ACL, auths, &count, capacity, count, OSStatusAsString(_error));
}
if (NULL != auths) {
@@ -646,20 +689,25 @@
}
- (void)deleteAccessControlList {
- error = SecACLRemove(ACL);
+ _error = SecACLRemove(_ACL);
+
+ if (noErr != _error) {
+ PSYSLOG(LOG_ERR, @"Unable to get delete ACL %p, error %@.", self, OSStatusAsString(_error));
+ }
}
- (OSStatus)lastError {
- return error;
+ return _error;
}
- (SecACLRef)ACLRef {
- return ACL;
+ return _ACL;
}
- (void)dealloc {
- if (ACL) {
- CFRelease(ACL);
+ if (_ACL) {
+ CFRelease(_ACL);
+ _ACL = NULL;
}
[super dealloc];
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-15 05:25:09
|
Revision: 395
http://keychain.svn.sourceforge.net/keychain/?rev=395&view=rev
Author: wadetregaskis
Date: 2007-10-14 22:25:13 -0700 (Sun, 14 Oct 2007)
Log Message:
-----------
* Added additional logging to Identity.
* Changed ivars of Identity to have underscore prefix.
* Verified that all Identity's methods set _error appropriately.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/Identity.h
trunk/Frameworks/Keychain/Keychain/Identity.m
Modified: trunk/Frameworks/Keychain/Keychain/Identity.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/Identity.h 2007-10-15 05:14:03 UTC (rev 394)
+++ trunk/Frameworks/Keychain/Keychain/Identity.h 2007-10-15 05:25:13 UTC (rev 395)
@@ -24,8 +24,8 @@
@discussion This isn't currently used for anything. I suspect there's something coming in a future version of the Security framework (possibly in Panther) which actually makes use of it. */
@interface Identity : NSCachedObject {
- SecIdentityRef identity;
- int error;
+ SecIdentityRef _identity;
+ int _error;
}
/*! @method identityWithIdentityRef:
Modified: trunk/Frameworks/Keychain/Keychain/Identity.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/Identity.m 2007-10-15 05:14:03 UTC (rev 394)
+++ trunk/Frameworks/Keychain/Keychain/Identity.m 2007-10-15 05:25:13 UTC (rev 395)
@@ -14,6 +14,7 @@
#import <Keychain/Identity.h>
#import <Keychain/Logging.h>
+#import <Keychain/SecurityUtils.h>
@implementation Identity
@@ -71,7 +72,7 @@
} else {
if (self = [super init]) {
CFRetain(ident);
- identity = ident;
+ _identity = ident;
}
}
} else {
@@ -89,19 +90,20 @@
- (Certificate*)certificate {
SecCertificateRef result = NULL;
- Certificate *res;
+ Certificate *res = nil;
- error = SecIdentityCopyCertificate(identity, &result);
+ _error = SecIdentityCopyCertificate(_identity, &result);
- if ((error == 0) && result) {
+ if ((noErr == _error) && result) {
res = [Certificate certificateWithCertificateRef:result];
CFRelease(result);
-
- return res;
} else {
- return nil;
+ PSYSLOGND(LOG_ERR, @"Unable to retrieve certificate from identity %p, error %@.\n", _identity, OSStatusAsString(_error));
+ PDEBUG(@"SecIdentityCopyCertificate(%p, %p) returned error %@.\n", _identity, &result, OSStatusAsString(_error));
}
+
+ return res;
}
- (Key*)publicKey {
@@ -110,19 +112,20 @@
- (Key*)privateKey {
SecKeyRef result = NULL;
- Key *res;
+ Key *res = nil;
- error = SecIdentityCopyPrivateKey(identity, &result);
+ _error = SecIdentityCopyPrivateKey(_identity, &result);
- if ((error == 0) && result) {
+ if ((noErr == _error) && result) {
res = [Key keyWithKeyRef:result module:[[[self certificate] keychain] CSPModule]];
CFRelease(result);
-
- return res;
} else {
- return nil;
+ PSYSLOGND(LOG_ERR, @"Unable to retrieve private key from identity %p, error %@.\n", _identity, OSStatusAsString(_error));
+ PDEBUG(@"SecIdentityCopyPrivateKey(%p, %p) returned error %@.\n", _identity, &result, OSStatusAsString(_error));
}
+
+ return res;
}
- (NSString*)description {
@@ -130,16 +133,17 @@
}
- (int)lastError {
- return error;
+ return _error;
}
- (SecIdentityRef)identityRef {
- return identity;
+ return _identity;
}
- (void)dealloc {
- if (identity) {
- CFRelease(identity);
+ if (_identity) {
+ CFRelease(_identity);
+ _identity = NULL;
}
[super dealloc];
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-15 05:14:01
|
Revision: 394
http://keychain.svn.sourceforge.net/keychain/?rev=394&view=rev
Author: wadetregaskis
Date: 2007-10-14 22:14:03 -0700 (Sun, 14 Oct 2007)
Log Message:
-----------
* Added additional logging to TrustedApplication.
* Changed ivars of TrustedApplication to have underscore prefix.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/TrustedApplication.h
trunk/Frameworks/Keychain/Keychain/TrustedApplication.m
Modified: trunk/Frameworks/Keychain/Keychain/TrustedApplication.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/TrustedApplication.h 2007-10-15 04:57:19 UTC (rev 393)
+++ trunk/Frameworks/Keychain/Keychain/TrustedApplication.h 2007-10-15 05:14:03 UTC (rev 394)
@@ -27,8 +27,8 @@
While you can detect modifications to an application by comparing the data returned by the TrustedApplication instance, you should be aware of the race conditions that can arise. In particular, verifying the data of the application before manually launching it is <b>not</b> safe. At time of writing there is no machinery for doing this sort of operation atomically. */
@interface TrustedApplication : NSCachedObject {
- SecTrustedApplicationRef trustedApplication;
- int error;
+ SecTrustedApplicationRef _trustedApplication;
+ int _error;
}
/*! @method trustedApplicationWithPath:
@@ -71,16 +71,21 @@
- (TrustedApplication*)init;
/*! @method setData:
- @abstract Sets the opaque verification data for the receiver.
- @discussion The verification data is used to determine if the application has been modified since it was first seen. You will want to use the setData: method if you wish to accept the modifications, or if you are recreating a previous TrustedApplication using data from the network, previously stored, or similar.
- @param data The new verification data to use for the receiver. */
+ @abstract Sets the receiver's data.
+ @discussion The data of a TrustedApplication is inherently opaque, although it is known to contain at least the path of the application in question. Presumably if you're calling this method you know what you're doing (or you retrieved the data blob from an existing TrustedApplication, which is perfectly valid as well).
+
+ You will want to use the setData: method if you wish to accept the modifications (note to self: how does one get the appropriate data in this case?), or if you are recreating a previous TrustedApplication using data from the network, previously stored, or similar.
+ @param data The new data for the receiver.
+ @result Returns YES if successful, NO otherwise. You can retrieve an error code using lastError. */
-- (void)setData:(NSData*)data;
+- (BOOL)setData:(NSData*)data;
/*! @method data
- @abstract Returns the opaque verification data for the receiver.
- @discussion This method returns the original verification data for the receiver's application, which may or may not represent the actual data for the application on disk, depending on whether the application has been modified or not since the receiver was initialised. You can store this data for later comparison or use.
- @result Returns the opaque verification data for the receiver. */
+ @abstract Returns the receiver's data.
+ @discussion The data of a TrustedApplication is inherently opaque, although it is known to contain at least the path of the application in question. Presumably if you're calling this method you know what you're doing, and intend to parse or otherwise take responsibility for the data yourself. Otherwise, use the wrapper methods like 'path' instead.
+
+ This method returns the <i>original</i> data for the receiver's application, which may or may not represent the actual data for the application on disk, depending on whether the application has been modified or not since the receiver was initialised. You can store this data for later comparison or use.
+ @result Returns the data for the receiver, or nil if an error occurs. You can retrieve an error code using lastError. */
- (NSData*)data;
Modified: trunk/Frameworks/Keychain/Keychain/TrustedApplication.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/TrustedApplication.m 2007-10-15 04:57:19 UTC (rev 393)
+++ trunk/Frameworks/Keychain/Keychain/TrustedApplication.m 2007-10-15 05:14:03 UTC (rev 394)
@@ -14,6 +14,8 @@
#import "TrustedApplication.h"
#import <Keychain/UtilitySupport.h>
+#import <Keychain/Logging.h>
+#import <Keychain/SecurityUtils.h>
@implementation TrustedApplication
@@ -27,9 +29,9 @@
}
- (TrustedApplication*)initWithPath:(NSString*)path {
- error = SecTrustedApplicationCreateFromPath((path ? [path cString] : NULL), &trustedApplication);
+ _error = SecTrustedApplicationCreateFromPath([path UTF8String], &_trustedApplication);
- if (error == 0) {
+ if (noErr == _error) {
self = [super init];
return self;
@@ -53,7 +55,7 @@
} else {
if (self = [super init]) {
CFRetain(trustedApp);
- trustedApplication = trustedApp;
+ _trustedApplication = trustedApp;
}
return self;
@@ -69,18 +71,28 @@
return [self initWithPath:nil];
}
-- (void)setData:(NSData*)data {
- error = SecTrustedApplicationSetData(trustedApplication, (CFDataRef)data);
+- (BOOL)setData:(NSData*)data {
+ _error = SecTrustedApplicationSetData(_trustedApplication, (CFDataRef)data);
+
+ if (noErr != _error) {
+ PSYSLOGND(LOG_ERR, @"Unable to set data for TrustedApplication %p, error %@.\n", self, OSStatusAsString(_error));
+ PDEBUG(@"SecTrustedApplicationSetData(%p, %p) returned error %@.\n", _trustedApplication, data, OSStatusAsString(_error));
+ }
+
+ return (noErr == _error);
}
- (NSData*)data {
CFDataRef result;
- error = SecTrustedApplicationCopyData(trustedApplication, &result);
+ _error = SecTrustedApplicationCopyData(_trustedApplication, &result);
- if (error == 0) {
+ if (noErr == _error) {
return [(NSData*)result autorelease];
} else {
+ PSYSLOGND(LOG_ERR, @"Unable to retrieve the data of the TrustedApplication %p, error %@.\n", self, OSStatusAsString(_error));
+ PDEBUG(@"SecTrustedApplicationCopyData(%p, %p) returned error %@.\n", _trustedApplication, &result, OSStatusAsString(_error));
+
return nil;
}
}
@@ -90,16 +102,17 @@
}
- (int)lastError {
- return error;
+ return _error;
}
- (SecTrustedApplicationRef)trustedApplicationRef {
- return trustedApplication;
+ return _trustedApplication;
}
- (void)dealloc {
- if (trustedApplication) {
- CFRelease(trustedApplication);
+ if (_trustedApplication) {
+ CFRelease(_trustedApplication);
+ _trustedApplication = NULL;
}
[super dealloc];
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-15 04:57:17
|
Revision: 393
http://keychain.svn.sourceforge.net/keychain/?rev=393&view=rev
Author: wadetregaskis
Date: 2007-10-14 21:57:19 -0700 (Sun, 14 Oct 2007)
Log Message:
-----------
* Added nameOfExternalFormat(), nameOfExternalFormatConstant(), nameOfExternalItemType(), nameOfExternalItemTypeConstant(), and the associated strings files "External Format Constants.strings", "External Format Names.strings", "External Item Type Names.strings", "External Item Type Constants.strings".
* Added the above functions to StringsTester, and verified they function correctly.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/StringsTester.m
trunk/Frameworks/Keychain/Utilities/SecurityUtils.h
trunk/Frameworks/Keychain/Utilities/SecurityUtils.m
Added Paths:
-----------
trunk/Frameworks/Keychain/Resources/English.lproj/External Format Constants.strings
trunk/Frameworks/Keychain/Resources/English.lproj/External Format Names.strings
trunk/Frameworks/Keychain/Resources/English.lproj/External Item Type Constants.strings
trunk/Frameworks/Keychain/Resources/English.lproj/External Item Type Names.strings
Added: trunk/Frameworks/Keychain/Resources/English.lproj/External Format Constants.strings
===================================================================
--- trunk/Frameworks/Keychain/Resources/English.lproj/External Format Constants.strings (rev 0)
+++ trunk/Frameworks/Keychain/Resources/English.lproj/External Format Constants.strings 2007-10-15 04:57:19 UTC (rev 393)
@@ -0,0 +1,24 @@
+/* External Format Constants. */
+
+/* The key is the numeric value as defined in SecImportExport.h in Apple's Security framework. Last updated for 10.4.10. */
+/* The value is the constant corresponding to the given code. */
+
+0 = "kSecFormatUnknown";
+
+1 = "kSecFormatOpenSSL";
+2 = "kSecFormatSSH";
+3 = "kSecFormatBSAFE";
+
+4 = "kSecFormatRawKey";
+
+5 = "kSecFormatWrappedPKCS8";
+6 = "kSecFormatWrappedOpenSSL";
+7 = "kSecFormatWrappedSSH";
+8 = "kSecFormatWrappedLSH";
+
+9 = "kSecFormatX509Cert";
+
+10 = "kSecFormatPEMSequence";
+11 = "kSecFormatPKCS7";
+12 = "kSecFormatPKCS12";
+13 = "kSecFormatNetscapeCertSequence";
Added: trunk/Frameworks/Keychain/Resources/English.lproj/External Format Names.strings
===================================================================
--- trunk/Frameworks/Keychain/Resources/English.lproj/External Format Names.strings (rev 0)
+++ trunk/Frameworks/Keychain/Resources/English.lproj/External Format Names.strings 2007-10-15 04:57:19 UTC (rev 393)
@@ -0,0 +1,24 @@
+/* External Format Names. */
+
+/* The key is the numeric value as defined in SecImportExport.h in Apple's Security framework. Last updated for 10.4.10. */
+/* The value is a human-readable name for the given code. */
+
+0 = "Unknown";
+
+1 = "OpenSSL";
+2 = "SSH";
+3 = "BSAFE";
+
+4 = "Raw Key";
+
+5 = "Wrapped PKCS8";
+6 = "Wrapped OpenSSL";
+7 = "Wrapped SSH";
+8 = "Wrapped LSH";
+
+9 = "X.509 Certificate";
+
+10 = "PEM Sequence";
+11 = "PKCS7";
+12 = "PKCS12";
+13 = "Netscape Certificate Sequence";
Added: trunk/Frameworks/Keychain/Resources/English.lproj/External Item Type Constants.strings
===================================================================
--- trunk/Frameworks/Keychain/Resources/English.lproj/External Item Type Constants.strings (rev 0)
+++ trunk/Frameworks/Keychain/Resources/English.lproj/External Item Type Constants.strings 2007-10-15 04:57:19 UTC (rev 393)
@@ -0,0 +1,11 @@
+/* External Item Type Constants. */
+
+/* The key is the numeric value as defined in SecImportExport.h in Apple's Security framework. Last updated for 10.4.10. */
+/* The value is the constant corresponding to the given code. */
+
+0 = "kSecItemTypeUnknown";
+1 = "kSecItemTypePrivateKey";
+2 = "kSecItemTypePublicKey";
+3 = "kSecItemTypeSessionKey";
+4 = "kSecItemTypeCertificate";
+5 = "kSecItemTypeAggregate";
Added: trunk/Frameworks/Keychain/Resources/English.lproj/External Item Type Names.strings
===================================================================
--- trunk/Frameworks/Keychain/Resources/English.lproj/External Item Type Names.strings (rev 0)
+++ trunk/Frameworks/Keychain/Resources/English.lproj/External Item Type Names.strings 2007-10-15 04:57:19 UTC (rev 393)
@@ -0,0 +1,11 @@
+/* External Item Type Names. */
+
+/* The key is the numeric value as defined in SecImportExport.h in Apple's Security framework. Last updated for 10.4.10. */
+/* The value is the constant corresponding to the given code. */
+
+0 = "Unknown";
+1 = "Private Key";
+2 = "Public Key";
+3 = "Session Key";
+4 = "Certificate";
+5 = "Aggregate";
Modified: trunk/Frameworks/Keychain/Testers/StringsTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/StringsTester.m 2007-10-15 04:45:07 UTC (rev 392)
+++ trunk/Frameworks/Keychain/Testers/StringsTester.m 2007-10-15 04:57:19 UTC (rev 393)
@@ -563,7 +563,51 @@
END_TEST();
}
+void test_ImportExport(void) {
+ NSString *result;
+
+ START_TEST("Import/Export");
+
+ result = nameOfExternalFormat(kSecFormatWrappedOpenSSL);
+
+ TEST(nil != result, "nameOfExternalFormat(kSecFormatWrappedOpenSSL) returns result [External Format Names.strings]");
+
+ if (nil != result) {
+ TEST_NOTE("\tResult is: %s", [result UTF8String]);
+ TEST([result isEqualToString:@"Wrapped OpenSSL"], "\tResult is as expected");
+ }
+
+ result = nameOfExternalFormatConstant(kSecFormatX509Cert);
+
+ TEST(nil != result, "nameOfExternalFormatConstant(kSecFormatX509Cert) returns result [External Format Constants.strings]");
+
+ if (nil != result) {
+ TEST_NOTE("\tResult is: %s", [result UTF8String]);
+ TEST([result isEqualToString:@"kSecFormatX509Cert"], "\tResult is as expected");
+ }
+
+ result = nameOfExternalItemType(kSecItemTypeCertificate);
+
+ TEST(nil != result, "nameOfExternalItemType(kSecItemTypeCertificate) returns result [External Item Type Names.strings]");
+
+ if (nil != result) {
+ TEST_NOTE("\tResult is: %s", [result UTF8String]);
+ TEST([result isEqualToString:@"Certificate"], "\tResult is as expected");
+ }
+
+ result = nameOfExternalItemTypeConstant(kSecItemTypePrivateKey);
+
+ TEST(nil != result, "nameOfExternalItemTypeConstant(kSecItemTypePrivateKey) returns result [External Item Type Constants.strings]");
+
+ if (nil != result) {
+ TEST_NOTE("\tResult is: %s", [result UTF8String]);
+ TEST([result isEqualToString:@"kSecItemTypePrivateKey"], "\tResult is as expected");
+ }
+
+ END_TEST();
+}
+
#pragma mark Driver
int main(int argc, char const *argv[]) {
@@ -588,6 +632,7 @@
test_ProtocolTypeStrings();
test_KeychainItemAttributeStrings();
test_KeychainItemClassStrings();
+ test_ImportExport();
[pool release];
Modified: trunk/Frameworks/Keychain/Utilities/SecurityUtils.h
===================================================================
--- trunk/Frameworks/Keychain/Utilities/SecurityUtils.h 2007-10-15 04:45:07 UTC (rev 392)
+++ trunk/Frameworks/Keychain/Utilities/SecurityUtils.h 2007-10-15 04:57:19 UTC (rev 393)
@@ -126,3 +126,35 @@
@result Returns the given signature in a human-readable representation, or nil if nil was passed for the signature parameter. */
NSString* AFPServerSignatureAsString(SecAFPServerSignature *signature);
+
+/*! @method nameOfExternalFormat
+ @abstract Returns the human-readable name of a given external format.
+ @discussion The names returned are simple, short & human-readable. e.g. the format kSecFormatWrappedOpenSSL returns "Wrapped OpenSSL". The names may be localised.
+ @param format The format.
+ @result Returns the name of the given external format, or (localised) "Unknown (X)" - where X is the format as an integer value - if an unknown format is provided. */
+
+NSString* nameOfExternalFormat(SecExternalFormat format);
+
+/*! @method nameOfExternalFormatConstant
+ @abstract Returns the constant corresponding to the given external format.
+ @discussion The constants are defined in SecImportExport.h in Apple's Security framework.
+ @param format The format.
+ @result Returns the constant corresponding to the given external format, or (localised) "Unknown (X)" - where X is the format as an integer value - if an unknown format is provided. */
+
+NSString* nameOfExternalFormatConstant(SecExternalFormat format);
+
+/*! @method nameOfExternalItemType
+ @abstract Returns the human-readable name of a given external item type.
+ @discussion The names returned are simple, short & human-readable. e.g. the type kSecItemTypePrivateKey returns "Private Key". The names may be localised.
+ @param format The format.
+ @result Returns the name of the given external format, or (localised) "Unknown (X)" - where X is the format as an integer value - if an unknown format is provided. */
+
+NSString* nameOfExternalItemType(SecExternalItemType type);
+
+/*! @method nameOfExternalItemTypeConstant
+ @abstract Returns the constant corresponding to the given external item type.
+ @discussion The constants are defined in SecImportExport.h in Apple's Security framework.
+ @param format The format.
+ @result Returns the constant corresponding to the given external format, or (localised) "Unknown (X)" - where X is the format as an integer value - if an unknown format is provided. */
+
+NSString* nameOfExternalItemTypeConstant(SecExternalItemType type);
Modified: trunk/Frameworks/Keychain/Utilities/SecurityUtils.m
===================================================================
--- trunk/Frameworks/Keychain/Utilities/SecurityUtils.m 2007-10-15 04:45:07 UTC (rev 392)
+++ trunk/Frameworks/Keychain/Utilities/SecurityUtils.m 2007-10-15 04:57:19 UTC (rev 393)
@@ -110,3 +110,19 @@
return result;
}
}
+
+NSString* nameOfExternalFormat(SecExternalFormat format) {
+ return localizedStringWithFallback([NSString stringWithFormat:@"%"PRIu32, format], @"External Format Names");
+}
+
+NSString* nameOfExternalFormatConstant(SecExternalFormat format) {
+ return localizedStringWithFallback([NSString stringWithFormat:@"%"PRIu32, format], @"External Format Constants");
+}
+
+NSString* nameOfExternalItemType(SecExternalItemType type) {
+ return localizedStringWithFallback([NSString stringWithFormat:@"%"PRIu32, type], @"External Item Type Names");
+}
+
+NSString* nameOfExternalItemTypeConstant(SecExternalItemType type) {
+ return localizedStringWithFallback([NSString stringWithFormat:@"%"PRIu32, type], @"External Item Type Constants");
+}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-15 04:45:37
|
Revision: 392
http://keychain.svn.sourceforge.net/keychain/?rev=392&view=rev
Author: wadetregaskis
Date: 2007-10-14 21:45:07 -0700 (Sun, 14 Oct 2007)
Log Message:
-----------
* Adding KeychainSearchInternal.h.
* Moved the interface for SearchAttribute from KeychainSearch.h to KeychainSearchInternal.h, as it's currently not useful to the end-developer and thus is only confusing.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainSearch.h
trunk/Frameworks/Keychain/Keychain/KeychainSearch.m
Added Paths:
-----------
trunk/Frameworks/Keychain/Keychain/KeychainSearchInternal.h
Modified: trunk/Frameworks/Keychain/Keychain/KeychainSearch.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainSearch.h 2007-10-15 04:38:05 UTC (rev 391)
+++ trunk/Frameworks/Keychain/Keychain/KeychainSearch.h 2007-10-15 04:45:07 UTC (rev 392)
@@ -27,36 +27,6 @@
NSArray* FindCertificatesMatchingPublicKeyHash(NSData *hash);
-/*! @class SearchAttribute
- @abstract A simple class representing a single search attribute.
- @discussion You use this class to specify attributes of interest in a KeychainSearch. This class is itself very straightforward; refer to the documentation for KeychainSearch for the details of searching.
-
- At present this class is used only internally within the KeychainSearch class. An API for specifying it manually may be provided, on KeychainSearch, at a later date. */
-
-@interface SearchAttribute : NSObject {
- SecKeychainAttribute attribute;
- BOOL freeWhenDone;
-}
-
-+ (SearchAttribute*)attributeWithTag:(SecKeychainAttrType)tag length:(UInt32)length data:(void*)data freeWhenDone:(BOOL)fre;
-+ (SearchAttribute*)attributeWithTag:(SecKeychainAttrType)tag length:(UInt32)length data:(const void *)data;
-
-- (SearchAttribute*)initWithTag:(SecKeychainAttrType)tag length:(UInt32)length data:(void*)data freeWhenDone:(BOOL)fre;
-- (SearchAttribute*)initWithTag:(SecKeychainAttrType)tag length:(UInt32)length data:(const void *)data;
-
-/*! @method init
- @abstract Reject initialiser.
- @discussion You cannot initialise a SearchAttribute using "init" - use one of the other initialisation methods.
- @result This method always releases the receiver and returns nil. */
-
-- (SearchAttribute*)init;
-
-- (SecKeychainAttributePtr)attributePtr;
-
-@end
-
-
-
/*! @class KeychainSearch
@abstract Provides a mechanism for searching through a group of keychains for items with particular attributes.
@discussion This is your general search mechanism for keychain items. You can specify all manner of attributes to search by. By default each new KeychainSearch instance has no parameters set, and will thus match all items in the searched keychains. After you create the instance, you'll probably want to use the appropriate methods to define what attributes you're looking for. When you're ready to collect your results, use any of the methods for acquiring results. */
Modified: trunk/Frameworks/Keychain/Keychain/KeychainSearch.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainSearch.m 2007-10-15 04:38:05 UTC (rev 391)
+++ trunk/Frameworks/Keychain/Keychain/KeychainSearch.m 2007-10-15 04:45:07 UTC (rev 392)
@@ -12,6 +12,7 @@
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#import <Keychain/KeychainSearch.h>
+#import <Keychain/KeychainSearchInternal.h>
#import <Keychain/SecurityUtils.h>
Added: trunk/Frameworks/Keychain/Keychain/KeychainSearchInternal.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainSearchInternal.h (rev 0)
+++ trunk/Frameworks/Keychain/Keychain/KeychainSearchInternal.h 2007-10-15 04:45:07 UTC (rev 392)
@@ -0,0 +1,44 @@
+//
+// KeychainSearch.h
+// Keychain
+//
+// Created by Wade Tregaskis on Fri Jan 24 2003.
+//
+// Copyright (c) 2003 - 2007, Wade Tregaskis. All rights reserved.
+// Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+// * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+// * Neither the name of Wade Tregaskis nor the names of any other contributors may be used to endorse or promote products derived from this software without specific prior written permission.
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#import <Foundation/Foundation.h>
+#import <Security/Security.h>
+
+
+/*! @class SearchAttribute
+ @abstract A simple class representing a single search attribute.
+ @discussion You use this class to specify attributes of interest in a KeychainSearch. This class is itself very straightforward; refer to the documentation for KeychainSearch for the details of searching.
+
+ At present this class is used only internally within the KeychainSearch class. An API for specifying it manually may be provided, on KeychainSearch, at a later date. */
+
+@interface SearchAttribute : NSObject {
+ SecKeychainAttribute attribute;
+ BOOL freeWhenDone;
+}
+
++ (SearchAttribute*)attributeWithTag:(SecKeychainAttrType)tag length:(UInt32)length data:(void*)data freeWhenDone:(BOOL)fre;
++ (SearchAttribute*)attributeWithTag:(SecKeychainAttrType)tag length:(UInt32)length data:(const void *)data;
+
+- (SearchAttribute*)initWithTag:(SecKeychainAttrType)tag length:(UInt32)length data:(void*)data freeWhenDone:(BOOL)fre;
+- (SearchAttribute*)initWithTag:(SecKeychainAttrType)tag length:(UInt32)length data:(const void *)data;
+
+/*! @method init
+ @abstract Reject initialiser.
+ @discussion You cannot initialise a SearchAttribute using "init" - use one of the other initialisation methods.
+ @result This method always releases the receiver and returns nil. */
+
+- (SearchAttribute*)init;
+
+- (SecKeychainAttributePtr)attributePtr;
+
+@end
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-15 04:38:08
|
Revision: 391
http://keychain.svn.sourceforge.net/keychain/?rev=391&view=rev
Author: wadetregaskis
Date: 2007-10-14 21:38:05 -0700 (Sun, 14 Oct 2007)
Log Message:
-----------
* Added TODO to -[KeychainItemPredicateProxy valueForKey:] noting the issue with it as it currently stands, where it returns the constants rather than human names of things..
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-15 04:30:53 UTC (rev 390)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-15 04:38:05 UTC (rev 391)
@@ -1327,6 +1327,8 @@
}
- (id)valueForKey:(NSString*)key {
+ // TODO: The problem with all these is that we use the constants. That's nice and precise and perfectly fine if you're working with the predicate strings programmatically. However, it'd be really sweet if we supported the case where you can just take a string from the user, and they're naturally going to want to use natural names like "private key" or "x.509" or "pkcs7" or whatever. We could return an array as the value, containing all the different representations for a given value, but then the user has to write "IN" instead of "=", which is unnatural... so we'd probably need to provide a method to suitably upgrade predicates... gah.
+
if ([key isEqualToString:@"authenticationType"]) {
return nameOfAuthenticationTypeConstant([_keychainItem authenticationType]);
} else if ([key isEqualToString:@"appleShareSignature"]) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-15 04:30:50
|
Revision: 390
http://keychain.svn.sourceforge.net/keychain/?rev=390&view=rev
Author: wadetregaskis
Date: 2007-10-14 21:30:53 -0700 (Sun, 14 Oct 2007)
Log Message:
-----------
* Changed the type for the 'port' attribute of KeychainItems from UInt16 to uint32_t (simply because the underlying storage is 32-bit).
* Updated -[KeychainItem _attributeOfType:boolValue:] to handle any return length (hey, it's a boolean, its actual size doesn't matter).
* General cleaning and whatnot.
* Ensured every method sets _error appropriately.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-15 04:02:14 UTC (rev 389)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-15 04:30:53 UTC (rev 390)
@@ -133,6 +133,8 @@
@abstract Returns the data of the receiver (e.g. the password) as a string.
@discussion The data for password items is the password itself. For certificates, the data is the raw certificate. You should use the 'data' method for retrieving certificate data, as it does not convert well to a string.
+ The data is assumed to be UTF-8 encoded. If it is not, this method may fail and return nil, or may return a string which is incorrect.
+
Note that unless your application is already in the receiver's Access with the appropriate privileges, the user will be prompted to enter their password and allow access to the receiver (unless of course you have disabled user interaction, in which case anything which requires user interaction will result in the operation failing). If the user denies access nil is returned.
@result The data of the receiver, or nil if an error occurs (including insufficient privileges to read the receiver). */
@@ -186,7 +188,7 @@
- (void)setDomain:(NSString*)domain;
- (void)setServer:(NSString*)server;
- (void)setAuthenticationType:(SecAuthenticationType)authType;
-- (void)setPort:(UInt16)port;
+- (void)setPort:(uint32_t)port;
- (void)setPath:(NSString*)path;
- (void)setAppleShareVolume:(NSString*)volume;
- (void)setAppleShareAddress:(NSString*)address;
@@ -214,7 +216,7 @@
- (NSString*)domain;
- (NSString*)server;
- (SecAuthenticationType)authenticationType;
-- (UInt16)port;
+- (uint32_t)port;
- (NSString*)path;
- (NSString*)appleShareVolume;
- (NSString*)appleShareAddress;
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-15 04:02:14 UTC (rev 389)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-15 04:30:53 UTC (rev 390)
@@ -130,7 +130,7 @@
_error = SecKeychainItemCopyContent(_keychainItem, &result, NULL, &unused, NULL);
- if (_error == 0) {
+ if (noErr == _error) {
return result;
} else {
PSYSLOGND(LOG_ERR, @"Unable to retrieve KeychainItem kind - error %@.\n", OSStatusAsString(_error));
@@ -182,11 +182,11 @@
if (noErr == _error) {
res = [NSData dataWithBytes:result length:length];
- _error = SecKeychainItemFreeContent(NULL, result);
+ OSStatus _freeError = SecKeychainItemFreeContent(NULL, result);
- if (noErr != _error) {
- PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem data - error %@.\n", OSStatusAsString(_error));
- PDEBUG(@"SecKeychainItemFreeContent(NULL, %p) returned error %@.\n", result, OSStatusAsString(_error));
+ if (noErr != _freeError) {
+ PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem data - error %@.\n", OSStatusAsString(_freeError));
+ PDEBUG(@"SecKeychainItemFreeContent(NULL, %p) returned error %@.\n", result, OSStatusAsString(_freeError));
}
} else {
PSYSLOGND(LOG_ERR, @"Unable to get KeychainItem data - error %@.\n", OSStatusAsString(_error));
@@ -197,7 +197,7 @@
}
- (NSString*)dataAsString {
- return [[[NSString alloc] initWithData:[self data] encoding:NSUTF8StringEncoding] autorelease];
+ return NSStringFromNSData([self data]);
}
- (BOOL)_setAttribute:(SecKeychainAttrType)type bytes:(const void*)data length:(uint32_t)length {
@@ -370,7 +370,7 @@
}
}
-- (void)setPort:(UInt16)port {
+- (void)setPort:(uint32_t)port {
UInt32 temp = port;
if (![self _setAttribute:kSecPortItemAttr bytes:(const void*)&temp length:sizeof(temp)]) {
@@ -488,7 +488,7 @@
PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", result, OSStatusAsString(_localError));
}
- } // else don't worry, appropriate logging will have been performed by _attributesOfType:
+ } // else don't worry, an error occurred, but appropriate logging will have been performed by _attributesOfType:
return result;
}
@@ -514,7 +514,7 @@
PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", result, OSStatusAsString(_localError));
}
- } // else don't worry, appropriate logging will have been performed by _attributesOfType:
+ } // else don't worry, an error occurred, but appropriate logging will have been performed by _attributesOfType:
return result;
@@ -528,22 +528,15 @@
if (nil != list) {
if (1 == list->count) {
- if (4 == list->attr->length) {
- *value = (0 != *((uint32_t*)(list->attr->data)));
- successful = YES;
- } else if (2 == list->attr->length) {
- *value = (0 != *((uint16_t*)(list->attr->data)));
- successful = YES;
- } else if (1 == list->attr->length) {
- *value = (0 != *((uint8_t*)(list->attr->data)));
- successful = YES;
- } else if (0 == list->attr->length) {
- // A zero-length value corresponds to NO, so say the Security guys on the apple-cdsa mailing list.
- *value = NO;
- successful = YES;
- } else {
- PSYSLOGND(LOG_ERR, @"Unable to interpret data returned for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(type), self, _keychainItem);
- PDEBUG(@"Data returned for supposedly boolean attribute %@ is %lu bytes long, not one of {1, 2, 4} as expected. KeychainItem = %p (SecRef = %p).\n", nameOfKeychainAttribute(type), (unsigned long)(list->attr->length), self, _keychainItem);
+ *value = NO; // It's no until we say otherwise. Note that a length of 0 for the returned attribute is perfectly valid, and means NO, so this is a suitable default.
+
+ uint32_t i;
+
+ for (i = 0; i < list->attr->length; ++i) {
+ if (0 != ((char*)(list->attr->data))[i]) {
+ *value = YES;
+ break;
+ }
}
} else if (0 == list->count) {
PDEBUG(@"No results for attribute %@ of KeychainItem %p (SecRef = %p).\n", nameOfKeychainAttribute(type), self, _keychainItem);
@@ -559,7 +552,7 @@
PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem attributes - error %@.\n", OSStatusAsString(_localError));
PDEBUG(@"SecKeychainItemFreeAttributesAndData(%p, NULL) returned error %@.\n", list, OSStatusAsString(_localError));
}
- } // else don't worry, appropriate logging will have been performed by _attributesOfType:
+ } // else don't worry, an error occurred, but appropriate logging will have been performed by _attributesOfType:
return successful;
}
@@ -740,7 +733,7 @@
return result;
}
-- (UInt16)port {
+- (uint32_t)port {
SecKeychainAttributeList *list = [self _attributesOfType:kSecPortItemAttr];
UInt16 result = 0;
@@ -749,8 +742,7 @@
if (sizeof(UInt16) == list->attr->length) {
result = *(UInt16*)(list->attr->data);
} else if (sizeof(uint32_t) == list->attr->length) {
- // For whatever reason the value is actually returned as a 4-byte unsigned integer. Ports are always 16-bits, though, so we can just clip.
- result = (UInt16)(0x00FF & *(uint32_t*)(list->attr->data));
+ result = *(uint32_t*)(list->attr->data);
} else {
PSYSLOG(LOG_ERR, @"Sizes don't match in result - expected a UInt16 which is %u bytes, but the data returned is %lu bytes long.\n", sizeof(UInt16), (unsigned long)(list->attr->length));
_error = errSecUnknownFormat;
@@ -1064,7 +1056,7 @@
- (NSString*)description {
Certificate *cert;
NSString *label, *account, *protocol, *server, *path, *comment, *typeDescription;
- int port = [self port];
+ uint32_t port = [self port];
NSMutableString *result = [[NSMutableString alloc] initWithCapacity:50];
switch ([self kind]) {
@@ -1096,7 +1088,7 @@
[result appendString:server];
if (port != 0) {
- [result appendString:[NSString stringWithFormat:@":%d", port]];
+ [result appendString:[NSString stringWithFormat:@":%"PRIu32, port]];
}
}
@@ -1145,7 +1137,7 @@
[result appendString:server];
if (port != 0) {
- [result appendString:[NSString stringWithFormat:@":%d", port]];
+ [result appendString:[NSString stringWithFormat:@":%"PRIu32, port]];
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
