| Index: crypto/mock_apple_keychain_mac.cc
|
| diff --git a/crypto/mock_apple_keychain_mac.cc b/crypto/mock_apple_keychain_mac.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..5f33e5b20993256d50eb9c5c5540e2db0a9b4e9f
|
| --- /dev/null
|
| +++ b/crypto/mock_apple_keychain_mac.cc
|
| @@ -0,0 +1,519 @@
|
| +// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "base/logging.h"
|
| +#include "base/time/time.h"
|
| +#include "crypto/mock_apple_keychain.h"
|
| +
|
| +namespace crypto {
|
| +
|
| +// static
|
| +const SecKeychainSearchRef MockAppleKeychain::kDummySearchRef =
|
| + reinterpret_cast<SecKeychainSearchRef>(1000);
|
| +
|
| +MockAppleKeychain::MockAppleKeychain()
|
| + : locked_(false),
|
| + next_item_key_(0),
|
| + search_copy_count_(0),
|
| + keychain_item_copy_count_(0),
|
| + attribute_data_copy_count_(0),
|
| + find_generic_result_(noErr),
|
| + called_add_generic_(false),
|
| + password_data_count_(0) {}
|
| +
|
| +void MockAppleKeychain::InitializeKeychainData(MockKeychainItemType key) const {
|
| + UInt32 tags[] = { kSecAccountItemAttr,
|
| + kSecServerItemAttr,
|
| + kSecPortItemAttr,
|
| + kSecPathItemAttr,
|
| + kSecProtocolItemAttr,
|
| + kSecAuthenticationTypeItemAttr,
|
| + kSecSecurityDomainItemAttr,
|
| + kSecCreationDateItemAttr,
|
| + kSecNegativeItemAttr,
|
| + kSecCreatorItemAttr };
|
| + keychain_attr_list_[key] = SecKeychainAttributeList();
|
| + keychain_data_[key] = KeychainPasswordData();
|
| + keychain_attr_list_[key].count = arraysize(tags);
|
| + keychain_attr_list_[key].attr = static_cast<SecKeychainAttribute*>(
|
| + calloc(keychain_attr_list_[key].count, sizeof(SecKeychainAttribute)));
|
| + for (unsigned int i = 0; i < keychain_attr_list_[key].count; ++i) {
|
| + keychain_attr_list_[key].attr[i].tag = tags[i];
|
| + size_t data_size = 0;
|
| + switch (tags[i]) {
|
| + case kSecPortItemAttr:
|
| + data_size = sizeof(UInt32);
|
| + break;
|
| + case kSecProtocolItemAttr:
|
| + data_size = sizeof(SecProtocolType);
|
| + break;
|
| + case kSecAuthenticationTypeItemAttr:
|
| + data_size = sizeof(SecAuthenticationType);
|
| + break;
|
| + case kSecNegativeItemAttr:
|
| + data_size = sizeof(Boolean);
|
| + break;
|
| + case kSecCreatorItemAttr:
|
| + data_size = sizeof(OSType);
|
| + break;
|
| + }
|
| + if (data_size > 0) {
|
| + keychain_attr_list_[key].attr[i].length = data_size;
|
| + keychain_attr_list_[key].attr[i].data = calloc(1, data_size);
|
| + }
|
| + }
|
| +}
|
| +
|
| +MockAppleKeychain::~MockAppleKeychain() {
|
| + for (MockKeychainAttributesMap::iterator it = keychain_attr_list_.begin();
|
| + it != keychain_attr_list_.end();
|
| + ++it) {
|
| + for (unsigned int i = 0; i < it->second.count; ++i) {
|
| + if (it->second.attr[i].data)
|
| + free(it->second.attr[i].data);
|
| + }
|
| + free(it->second.attr);
|
| + if (keychain_data_[it->first].data)
|
| + free(keychain_data_[it->first].data);
|
| + }
|
| + keychain_attr_list_.clear();
|
| + keychain_data_.clear();
|
| +}
|
| +
|
| +SecKeychainAttribute* MockAppleKeychain::AttributeWithTag(
|
| + const SecKeychainAttributeList& attribute_list,
|
| + UInt32 tag) {
|
| + int attribute_index = -1;
|
| + for (unsigned int i = 0; i < attribute_list.count; ++i) {
|
| + if (attribute_list.attr[i].tag == tag) {
|
| + attribute_index = i;
|
| + break;
|
| + }
|
| + }
|
| + if (attribute_index == -1) {
|
| + NOTREACHED() << "Unsupported attribute: " << tag;
|
| + return NULL;
|
| + }
|
| + return &(attribute_list.attr[attribute_index]);
|
| +}
|
| +
|
| +void MockAppleKeychain::SetTestDataBytes(MockKeychainItemType item,
|
| + UInt32 tag,
|
| + const void* data,
|
| + size_t length) {
|
| + SecKeychainAttribute* attribute = AttributeWithTag(keychain_attr_list_[item],
|
| + tag);
|
| + attribute->length = length;
|
| + if (length > 0) {
|
| + if (attribute->data)
|
| + free(attribute->data);
|
| + attribute->data = malloc(length);
|
| + CHECK(attribute->data);
|
| + memcpy(attribute->data, data, length);
|
| + } else {
|
| + attribute->data = NULL;
|
| + }
|
| +}
|
| +
|
| +void MockAppleKeychain::SetTestDataString(MockKeychainItemType item,
|
| + UInt32 tag,
|
| + const char* value) {
|
| + SetTestDataBytes(item, tag, value, value ? strlen(value) : 0);
|
| +}
|
| +
|
| +void MockAppleKeychain::SetTestDataPort(MockKeychainItemType item,
|
| + UInt32 value) {
|
| + SecKeychainAttribute* attribute = AttributeWithTag(keychain_attr_list_[item],
|
| + kSecPortItemAttr);
|
| + UInt32* data = static_cast<UInt32*>(attribute->data);
|
| + *data = value;
|
| +}
|
| +
|
| +void MockAppleKeychain::SetTestDataProtocol(MockKeychainItemType item,
|
| + SecProtocolType value) {
|
| + SecKeychainAttribute* attribute = AttributeWithTag(keychain_attr_list_[item],
|
| + kSecProtocolItemAttr);
|
| + SecProtocolType* data = static_cast<SecProtocolType*>(attribute->data);
|
| + *data = value;
|
| +}
|
| +
|
| +void MockAppleKeychain::SetTestDataAuthType(MockKeychainItemType item,
|
| + SecAuthenticationType value) {
|
| + SecKeychainAttribute* attribute = AttributeWithTag(
|
| + keychain_attr_list_[item], kSecAuthenticationTypeItemAttr);
|
| + SecAuthenticationType* data = static_cast<SecAuthenticationType*>(
|
| + attribute->data);
|
| + *data = value;
|
| +}
|
| +
|
| +void MockAppleKeychain::SetTestDataNegativeItem(MockKeychainItemType item,
|
| + Boolean value) {
|
| + SecKeychainAttribute* attribute = AttributeWithTag(keychain_attr_list_[item],
|
| + kSecNegativeItemAttr);
|
| + Boolean* data = static_cast<Boolean*>(attribute->data);
|
| + *data = value;
|
| +}
|
| +
|
| +void MockAppleKeychain::SetTestDataCreator(MockKeychainItemType item,
|
| + OSType value) {
|
| + SecKeychainAttribute* attribute = AttributeWithTag(keychain_attr_list_[item],
|
| + kSecCreatorItemAttr);
|
| + OSType* data = static_cast<OSType*>(attribute->data);
|
| + *data = value;
|
| +}
|
| +
|
| +void MockAppleKeychain::SetTestDataPasswordBytes(MockKeychainItemType item,
|
| + const void* data,
|
| + size_t length) {
|
| + keychain_data_[item].length = length;
|
| + if (length > 0) {
|
| + if (keychain_data_[item].data)
|
| + free(keychain_data_[item].data);
|
| + keychain_data_[item].data = malloc(length);
|
| + memcpy(keychain_data_[item].data, data, length);
|
| + } else {
|
| + keychain_data_[item].data = NULL;
|
| + }
|
| +}
|
| +
|
| +void MockAppleKeychain::SetTestDataPasswordString(MockKeychainItemType item,
|
| + const char* value) {
|
| + SetTestDataPasswordBytes(item, value, value ? strlen(value) : 0);
|
| +}
|
| +
|
| +OSStatus MockAppleKeychain::ItemCopyAttributesAndData(
|
| + SecKeychainItemRef itemRef,
|
| + SecKeychainAttributeInfo* info,
|
| + SecItemClass* itemClass,
|
| + SecKeychainAttributeList** attrList,
|
| + UInt32* length,
|
| + void** outData) const {
|
| + DCHECK(itemRef);
|
| + MockKeychainItemType key =
|
| + reinterpret_cast<MockKeychainItemType>(itemRef) - 1;
|
| + if (keychain_attr_list_.find(key) == keychain_attr_list_.end())
|
| + return errSecInvalidItemRef;
|
| +
|
| + DCHECK(!itemClass); // itemClass not implemented in the Mock.
|
| + if (locked_ && outData)
|
| + return errSecAuthFailed;
|
| +
|
| + if (attrList)
|
| + *attrList = &(keychain_attr_list_[key]);
|
| + if (outData) {
|
| + *outData = keychain_data_[key].data;
|
| + DCHECK(length);
|
| + *length = keychain_data_[key].length;
|
| + }
|
| +
|
| + ++attribute_data_copy_count_;
|
| + return noErr;
|
| +}
|
| +
|
| +OSStatus MockAppleKeychain::ItemModifyAttributesAndData(
|
| + SecKeychainItemRef itemRef,
|
| + const SecKeychainAttributeList* attrList,
|
| + UInt32 length,
|
| + const void* data) const {
|
| + DCHECK(itemRef);
|
| + if (locked_)
|
| + return errSecAuthFailed;
|
| + const char* fail_trigger = "fail_me";
|
| + if (length == strlen(fail_trigger) &&
|
| + memcmp(data, fail_trigger, length) == 0) {
|
| + return errSecAuthFailed;
|
| + }
|
| +
|
| + MockKeychainItemType key =
|
| + reinterpret_cast<MockKeychainItemType>(itemRef) - 1;
|
| + if (keychain_attr_list_.find(key) == keychain_attr_list_.end())
|
| + return errSecInvalidItemRef;
|
| +
|
| + MockAppleKeychain* mutable_this = const_cast<MockAppleKeychain*>(this);
|
| + if (attrList) {
|
| + for (UInt32 change_attr = 0; change_attr < attrList->count; ++change_attr) {
|
| + if (attrList->attr[change_attr].tag == kSecCreatorItemAttr) {
|
| + void* data = attrList->attr[change_attr].data;
|
| + mutable_this->SetTestDataCreator(key, *(static_cast<OSType*>(data)));
|
| + } else {
|
| + NOTIMPLEMENTED();
|
| + }
|
| + }
|
| + }
|
| + if (data)
|
| + mutable_this->SetTestDataPasswordBytes(key, data, length);
|
| + return noErr;
|
| +}
|
| +
|
| +OSStatus MockAppleKeychain::ItemFreeAttributesAndData(
|
| + SecKeychainAttributeList* attrList,
|
| + void* data) const {
|
| + --attribute_data_copy_count_;
|
| + return noErr;
|
| +}
|
| +
|
| +OSStatus MockAppleKeychain::ItemDelete(SecKeychainItemRef itemRef) const {
|
| + if (locked_)
|
| + return errSecAuthFailed;
|
| + MockKeychainItemType key =
|
| + reinterpret_cast<MockKeychainItemType>(itemRef) - 1;
|
| +
|
| + for (unsigned int i = 0; i < keychain_attr_list_[key].count; ++i) {
|
| + if (keychain_attr_list_[key].attr[i].data)
|
| + free(keychain_attr_list_[key].attr[i].data);
|
| + }
|
| + free(keychain_attr_list_[key].attr);
|
| + if (keychain_data_[key].data)
|
| + free(keychain_data_[key].data);
|
| +
|
| + keychain_attr_list_.erase(key);
|
| + keychain_data_.erase(key);
|
| + added_via_api_.erase(key);
|
| + return noErr;
|
| +}
|
| +
|
| +OSStatus MockAppleKeychain::SearchCreateFromAttributes(
|
| + CFTypeRef keychainOrArray,
|
| + SecItemClass itemClass,
|
| + const SecKeychainAttributeList* attrList,
|
| + SecKeychainSearchRef* searchRef) const {
|
| + // Figure out which of our mock items matches, and set up the array we'll use
|
| + // to generate results out of SearchCopyNext.
|
| + remaining_search_results_.clear();
|
| + for (MockKeychainAttributesMap::const_iterator it =
|
| + keychain_attr_list_.begin();
|
| + it != keychain_attr_list_.end();
|
| + ++it) {
|
| + bool mock_item_matches = true;
|
| + for (UInt32 search_attr = 0; search_attr < attrList->count; ++search_attr) {
|
| + SecKeychainAttribute* mock_attribute =
|
| + AttributeWithTag(it->second, attrList->attr[search_attr].tag);
|
| + if (mock_attribute->length != attrList->attr[search_attr].length ||
|
| + memcmp(mock_attribute->data, attrList->attr[search_attr].data,
|
| + attrList->attr[search_attr].length) != 0) {
|
| + mock_item_matches = false;
|
| + break;
|
| + }
|
| + }
|
| + if (mock_item_matches)
|
| + remaining_search_results_.push_back(it->first);
|
| + }
|
| +
|
| + DCHECK(searchRef);
|
| + *searchRef = kDummySearchRef;
|
| + ++search_copy_count_;
|
| + return noErr;
|
| +}
|
| +
|
| +bool MockAppleKeychain::AlreadyContainsInternetPassword(
|
| + UInt32 serverNameLength,
|
| + const char* serverName,
|
| + UInt32 securityDomainLength,
|
| + const char* securityDomain,
|
| + UInt32 accountNameLength,
|
| + const char* accountName,
|
| + UInt32 pathLength,
|
| + const char* path,
|
| + UInt16 port,
|
| + SecProtocolType protocol,
|
| + SecAuthenticationType authenticationType) const {
|
| + for (MockKeychainAttributesMap::const_iterator it =
|
| + keychain_attr_list_.begin();
|
| + it != keychain_attr_list_.end();
|
| + ++it) {
|
| + SecKeychainAttribute* attribute;
|
| + attribute = AttributeWithTag(it->second, kSecServerItemAttr);
|
| + if ((attribute->length != serverNameLength) ||
|
| + (attribute->data == NULL && *serverName != '\0') ||
|
| + (attribute->data != NULL && *serverName == '\0') ||
|
| + strncmp(serverName,
|
| + (const char*) attribute->data,
|
| + serverNameLength) != 0) {
|
| + continue;
|
| + }
|
| + attribute = AttributeWithTag(it->second, kSecSecurityDomainItemAttr);
|
| + if ((attribute->length != securityDomainLength) ||
|
| + (attribute->data == NULL && *securityDomain != '\0') ||
|
| + (attribute->data != NULL && *securityDomain == '\0') ||
|
| + strncmp(securityDomain,
|
| + (const char*) attribute->data,
|
| + securityDomainLength) != 0) {
|
| + continue;
|
| + }
|
| + attribute = AttributeWithTag(it->second, kSecAccountItemAttr);
|
| + if ((attribute->length != accountNameLength) ||
|
| + (attribute->data == NULL && *accountName != '\0') ||
|
| + (attribute->data != NULL && *accountName == '\0') ||
|
| + strncmp(accountName,
|
| + (const char*) attribute->data,
|
| + accountNameLength) != 0) {
|
| + continue;
|
| + }
|
| + attribute = AttributeWithTag(it->second, kSecPathItemAttr);
|
| + if ((attribute->length != pathLength) ||
|
| + (attribute->data == NULL && *path != '\0') ||
|
| + (attribute->data != NULL && *path == '\0') ||
|
| + strncmp(path,
|
| + (const char*) attribute->data,
|
| + pathLength) != 0) {
|
| + continue;
|
| + }
|
| + attribute = AttributeWithTag(it->second, kSecPortItemAttr);
|
| + if ((attribute->data == NULL) ||
|
| + (port != *(static_cast<UInt32*>(attribute->data)))) {
|
| + continue;
|
| + }
|
| + attribute = AttributeWithTag(it->second, kSecProtocolItemAttr);
|
| + if ((attribute->data == NULL) ||
|
| + (protocol != *(static_cast<SecProtocolType*>(attribute->data)))) {
|
| + continue;
|
| + }
|
| + attribute = AttributeWithTag(it->second, kSecAuthenticationTypeItemAttr);
|
| + if ((attribute->data == NULL) ||
|
| + (authenticationType !=
|
| + *(static_cast<SecAuthenticationType*>(attribute->data)))) {
|
| + continue;
|
| + }
|
| + // The keychain already has this item, since all fields other than the
|
| + // password match.
|
| + return true;
|
| + }
|
| + return false;
|
| +}
|
| +
|
| +OSStatus MockAppleKeychain::AddInternetPassword(
|
| + SecKeychainRef keychain,
|
| + UInt32 serverNameLength,
|
| + const char* serverName,
|
| + UInt32 securityDomainLength,
|
| + const char* securityDomain,
|
| + UInt32 accountNameLength,
|
| + const char* accountName,
|
| + UInt32 pathLength,
|
| + const char* path,
|
| + UInt16 port,
|
| + SecProtocolType protocol,
|
| + SecAuthenticationType authenticationType,
|
| + UInt32 passwordLength,
|
| + const void* passwordData,
|
| + SecKeychainItemRef* itemRef) const {
|
| + if (locked_)
|
| + return errSecAuthFailed;
|
| +
|
| + // Check for the magic duplicate item trigger.
|
| + if (strcmp(serverName, "some.domain.com") == 0)
|
| + return errSecDuplicateItem;
|
| +
|
| + // If the account already exists in the keychain, we don't add it.
|
| + if (AlreadyContainsInternetPassword(serverNameLength, serverName,
|
| + securityDomainLength, securityDomain,
|
| + accountNameLength, accountName,
|
| + pathLength, path,
|
| + port, protocol,
|
| + authenticationType)) {
|
| + return errSecDuplicateItem;
|
| + }
|
| +
|
| + // Pick the next unused slot.
|
| + MockKeychainItemType key = next_item_key_++;
|
| +
|
| + // Initialize keychain data storage at the target location.
|
| + InitializeKeychainData(key);
|
| +
|
| + MockAppleKeychain* mutable_this = const_cast<MockAppleKeychain*>(this);
|
| + mutable_this->SetTestDataBytes(key, kSecServerItemAttr, serverName,
|
| + serverNameLength);
|
| + mutable_this->SetTestDataBytes(key, kSecSecurityDomainItemAttr,
|
| + securityDomain, securityDomainLength);
|
| + mutable_this->SetTestDataBytes(key, kSecAccountItemAttr, accountName,
|
| + accountNameLength);
|
| + mutable_this->SetTestDataBytes(key, kSecPathItemAttr, path, pathLength);
|
| + mutable_this->SetTestDataPort(key, port);
|
| + mutable_this->SetTestDataProtocol(key, protocol);
|
| + mutable_this->SetTestDataAuthType(key, authenticationType);
|
| + mutable_this->SetTestDataPasswordBytes(key, passwordData,
|
| + passwordLength);
|
| + base::Time::Exploded exploded_time;
|
| + base::Time::Now().UTCExplode(&exploded_time);
|
| + char time_string[128];
|
| + snprintf(time_string, sizeof(time_string), "%04d%02d%02d%02d%02d%02dZ",
|
| + exploded_time.year, exploded_time.month, exploded_time.day_of_month,
|
| + exploded_time.hour, exploded_time.minute, exploded_time.second);
|
| + mutable_this->SetTestDataString(key, kSecCreationDateItemAttr, time_string);
|
| +
|
| + added_via_api_.insert(key);
|
| +
|
| + if (itemRef) {
|
| + *itemRef = reinterpret_cast<SecKeychainItemRef>(key + 1);
|
| + ++keychain_item_copy_count_;
|
| + }
|
| + return noErr;
|
| +}
|
| +
|
| +OSStatus MockAppleKeychain::SearchCopyNext(SecKeychainSearchRef searchRef,
|
| + SecKeychainItemRef* itemRef) const {
|
| + if (remaining_search_results_.empty())
|
| + return errSecItemNotFound;
|
| + MockKeychainItemType key = remaining_search_results_.front();
|
| + remaining_search_results_.erase(remaining_search_results_.begin());
|
| + *itemRef = reinterpret_cast<SecKeychainItemRef>(key + 1);
|
| + ++keychain_item_copy_count_;
|
| + return noErr;
|
| +}
|
| +
|
| +void MockAppleKeychain::Free(CFTypeRef ref) const {
|
| + if (!ref)
|
| + return;
|
| +
|
| + if (ref == kDummySearchRef) {
|
| + --search_copy_count_;
|
| + } else {
|
| + --keychain_item_copy_count_;
|
| + }
|
| +}
|
| +
|
| +int MockAppleKeychain::UnfreedSearchCount() const {
|
| + return search_copy_count_;
|
| +}
|
| +
|
| +int MockAppleKeychain::UnfreedKeychainItemCount() const {
|
| + return keychain_item_copy_count_;
|
| +}
|
| +
|
| +int MockAppleKeychain::UnfreedAttributeDataCount() const {
|
| + return attribute_data_copy_count_;
|
| +}
|
| +
|
| +bool MockAppleKeychain::CreatorCodesSetForAddedItems() const {
|
| + for (std::set<MockKeychainItemType>::const_iterator
|
| + i = added_via_api_.begin();
|
| + i != added_via_api_.end();
|
| + ++i) {
|
| + SecKeychainAttribute* attribute = AttributeWithTag(keychain_attr_list_[*i],
|
| + kSecCreatorItemAttr);
|
| + OSType* data = static_cast<OSType*>(attribute->data);
|
| + if (*data == 0)
|
| + return false;
|
| + }
|
| + return true;
|
| +}
|
| +
|
| +void MockAppleKeychain::AddTestItem(const KeychainTestData& item_data) {
|
| + MockKeychainItemType key = next_item_key_++;
|
| +
|
| + InitializeKeychainData(key);
|
| + SetTestDataAuthType(key, item_data.auth_type);
|
| + SetTestDataString(key, kSecServerItemAttr, item_data.server);
|
| + SetTestDataProtocol(key, item_data.protocol);
|
| + SetTestDataString(key, kSecPathItemAttr, item_data.path);
|
| + SetTestDataPort(key, item_data.port);
|
| + SetTestDataString(key, kSecSecurityDomainItemAttr,
|
| + item_data.security_domain);
|
| + SetTestDataString(key, kSecCreationDateItemAttr, item_data.creation_date);
|
| + SetTestDataString(key, kSecAccountItemAttr, item_data.username);
|
| + SetTestDataPasswordString(key, item_data.password);
|
| + SetTestDataNegativeItem(key, item_data.negative_item);
|
| +}
|
| +
|
| +} // namespace crypto
|
|
|
Chromium Code Reviews
