X-Git-Url: http://www.average.org/gitweb/?p=pam_pcsc_cr.git;a=blobdiff_plain;f=test_auth.c;h=5a826e812186e7a7873f2ecc4856f09ac4ee6992;hp=0251b47f29e33962892c45556f7c1074e162ac5c;hb=da2a84904dd17e4ed70a6497c0d18f69d004d453;hpb=f58e5aa7a6302c73e94f4cb5f5d8a3cbc199e0b3

diff --git a/test_auth.c b/test_auth.c
index 0251b47..5a826e8 100644
--- a/test_auth.c
+++ b/test_auth.c
@@ -1,53 +1,120 @@
+/*
+Copyright (c) 2013 Eugene Crosser
+
+This software is provided 'as-is', without any express or implied
+warranty. In no event will the authors be held liable for any damages
+arising from the use of this software.
+
+Permission is granted to anyone to use this software for any purpose,
+including commercial applications, and to alter it and redistribute it
+freely, subject to the following restrictions:
+
+    1. The origin of this software must not be misrepresented; you must
+    not claim that you wrote the original software. If you use this
+    software in a product, an acknowledgment in the product documentation
+    would be appreciated but is not required.
+
+    2. Altered source versions must be plainly marked as such, and must
+    not be misrepresented as being the original software.
+
+    3. This notice may not be removed or altered from any source
+    distribution.
+*/
+
 #include <stdio.h>
 #include <string.h>
+#include <stdlib.h>
 #include "authobj.h"
 #include "crypto.h"
+#include "pcsc_cr.h"
+
+unsigned char secret[] = {
+	0xb4, 0x62, 0xf2, 0x60, 0x87, 0x78, 0x16, 0x87, 0xde, 0xce,
+	0x80, 0x09, 0x24, 0x0b, 0x93, 0xfc, 0xa0, 0xfc, 0x56, 0x56
+};
+
+static struct _auth_chunk
+conjure_key(const unsigned char *challenge, const int challengesize)
+{
+	struct _auth_chunk ho = {0};
+	long rc;
+	int keysize = sizeof(ho.data);
+
+	if ((rc = hmac(secret, sizeof(secret), challenge, challengesize,
+						&ho.data, &keysize))) {
+		ho.err = crypto_errstr(rc);
+	} else if (keysize != sizeof(ho.data)) {
+		ho.err = "make_key: hash size is wrong";
+	}
+	return ho;
+}
+
+static struct _auth_chunk
+token_key(const unsigned char *challenge, const int challengesize)
+{
+	struct _auth_chunk ho = {0};
+	long rc;
+	int keysize = sizeof(ho.data);
+
+	if ((rc = pcsc_cr(challenge, challengesize, ho.data, &keysize))) {
+		ho.err = pcsc_errstr(rc);
+	}
+	return ho;
+}
 
 int main(int argc, char *argv[])
 {
 	const char *id = "testuser";
 	const char *pass = "testpassword";
 	const char *nonce = "1";
-	const unsigned char secret[] = {0xb4, 0x62, 0xf2, 0x60, 0x87,
-					0x78, 0x16, 0x87, 0xde, 0xce,
-					0x80, 0x09, 0x24, 0x0b, 0x93,
-					0xfc, 0xa0, 0xfc, 0x56, 0x56};
 	const unsigned char *payload = (unsigned char *)
 					"To authorize or not to authorize?";
-	unsigned char authobj[128];
-	int authsize = sizeof(authobj);
-	unsigned char challenge[128];
-	int challengesize = sizeof(challenge);
-	int rc;
-	unsigned char key[20];
-	int keysize = sizeof(key);
-	unsigned char newsecret[20];
-	int newsecsize = sizeof(newsecret);
-	unsigned char newload[128];
-	int newloadsize=sizeof(newload);
-
-	rc = make_authobj(id, pass, nonce, secret, sizeof(secret),
+	int i;
+	struct _auth_obj ao;
+	struct _auth_obj nao;
+	struct _auth_chunk (*fetch_key)(const unsigned char *challenge,
+					const int challengesize);
+
+	if (argc == 2 && strlen(argv[1]) == 40 &&
+			strspn(argv[1], "0123456789abcdefABCDEF") == 40) {
+		for (i = 0; i < sizeof(secret); i++)
+			sscanf(&argv[1][i*2], "%2hhx", &secret[i]);
+		fetch_key = token_key;
+	} else {
+		fetch_key = conjure_key;
+	}
+
+	ao = authobj(id, pass, NULL, nonce, secret, sizeof(secret),
 			payload, strlen((char *)payload),
-			authobj, &authsize);
-	printf("make_authobj() rc=%d size=%d\n", rc, authsize);
-	if (rc) return rc;
-
-	rc = make_challenge(id, pass, nonce, challenge, &challengesize);
-	printf("make_challenge() rc=%d size=%d\n", rc, challengesize);
-	if (rc) return rc;
-	rc = hmac(secret, sizeof(secret), challenge, challengesize,
-		&key, &keysize);
-	printf("hmac(secret, challenge) rc=%d new_key_size=%d\n",
-		rc, keysize);
-	if (rc) return rc;
-
-	rc = parse_authobj(key, sizeof(key), authobj, authsize,
-			newsecret, &newsecsize, newload, &newloadsize);
-	printf("parse_authobj() rc=%d secretsize=%d payload=\"%.*s\" (%d)\n",
-		rc, newsecsize, newloadsize, newload, newloadsize);
-	if (memcmp(secret, newsecret, newsecsize)) {
-		printf("extracted secret does not match\n");
-		return -1;
+			NULL, 0, NULL);
+	printf("new_authobj err=%s\n", ao.err?ao.err:"<no error>");
+	printf("data(%d):", ao.datasize);
+	for (i = 0; i < ao.datasize; i++) printf(" %02x", ao.data[i]);
+	printf("\npayload(%d): \"%.*s\"\n", ao.paylsize, ao.paylsize,
+		ao.payload?(char*)ao.payload:"");
+	if (ao.err) {
+		if (ao.buffer) free(ao.buffer);
+		return 1;
+	}
+
+	nao = authobj(id, pass, nonce, nonce, NULL, 0, NULL, 0,
+			ao.data, ao.datasize, fetch_key);
+	printf("verify_authobj err=%s\n", nao.err?nao.err:"<no error>");
+	printf("data(%d):", nao.datasize);
+	for (i = 0; i < nao.datasize; i++) printf(" %02x", nao.data[i]);
+	printf("\npayload(%d): \"%.*s\"\n", nao.paylsize, nao.paylsize,
+		nao.payload?(char*)nao.payload:"");
+	if (nao.err) {
+		if (nao.buffer) free(nao.buffer);
+		return 1;
+	}
+	if (ao.paylsize != nao.paylsize ||
+			memcmp(ao.payload, nao.payload, ao.paylsize)) {
+		printf("payload does not match");
+		return 1;
 	}
+
+	if (ao.buffer) free(ao.buffer);
+	if (nao.buffer) free(nao.buffer);
 	return 0;
 }