add test_auth
authorEugene Crosser <crosser@average.org>
Wed, 6 Nov 2013 22:45:58 +0000 (02:45 +0400)
committerEugene Crosser <crosser@average.org>
Wed, 6 Nov 2013 22:45:58 +0000 (02:45 +0400)
.gitignore
Makefile.am
authobj.c
test_auth.c [new file with mode: 0644]

index a8a0d9a4c6c07b9836448637cdebb44b2e4170b1..d27e9fb1c5af2625d8fd90e849aba30e4a8f5b42 100644 (file)
@@ -31,3 +31,5 @@ test_crypto
 test_crypto.trs
 test_serial
 test_serial.trs
+test_auth
+test_auth.trs
index 68070791c2f024c6c835c1ed7bad07df75f1b71a..d543a482f19e45406632bae7239f7da079e4fa83 100644 (file)
@@ -15,11 +15,12 @@ lib_LTLIBRARIES = pam_pcsc_cr.la
 pam_pcsc_cr_la_LDFLAGS = -module -avoid-version
 pam_pcsc_cr_la_LIBADD = libpcsc_cr.la
 
-check_PROGRAMS = test_serial test_crypto test_chalresp
+check_PROGRAMS = test_auth test_serial test_crypto test_chalresp
+test_auth_LDADD = libpcsc_cr.la
 test_serial_LDADD = libpcsc_cr.la
 test_crypto_LDADD = libpcsc_cr.la
 test_chalresp_LDADD = libpcsc_cr.la
 
 EXTRA_DIST = autogen.sh README_CR
 
-TESTS = test_serial test_crypto test_chalresp
+TESTS = test_auth test_serial test_crypto test_chalresp
index cb6f4f35321ce0abb3b12486b529df69449f4b8d..f06de57f4542191ad040178570fa2903be90cfd2 100644 (file)
--- a/authobj.c
+++ b/authobj.c
@@ -58,10 +58,15 @@ int make_authobj(const char *id, const char *pass, const char *nonce,
 
        if (hmac(secret, secsize, challenge, challengesize,
                key, &keysize)) return -1;
+#if 0
+       int i;
+       for (i = 0; i < keysize; i++) printf(", 0x%02x", key[i]);
+       printf("\n");
+#endif
 
        if (*bufsize < datasize) return -1;
        *bufsize = datasize;
-       if (encrypt(key, keysize, data, buffer, datasize)) return -1;
+       if (encrypt(key, CBLKSIZE, data, buffer, datasize)) return -1;
 
        return 0;
 }
@@ -80,7 +85,7 @@ int parse_authobj(const unsigned char *key, const int keysize,
        unsigned char theirhash[HASHSIZE];
        int theirhashsize = HASHSIZE;
 
-       if (decrypt(key, keysize, buffer, data, datasize))
+       if (decrypt(key, CBLKSIZE, buffer, data, datasize))
                return -1;
        if (serial_init(&srl, data, datasize)) return -1;
        tsize = *secsize;
diff --git a/test_auth.c b/test_auth.c
new file mode 100644 (file)
index 0000000..55911c7
--- /dev/null
@@ -0,0 +1,49 @@
+#include <stdio.h>
+#include <string.h>
+#include "authobj.h"
+
+int main(int argc, char *argv[])
+{
+       const char *id = "testuser";
+       const char *pass = "testpassword";
+       const char *nonce = "1";
+       const unsigned char secret[] = {0x52, 0xf3, 0xbe, 0x1f, 0x3e,
+                                       0x22, 0xa8, 0xee, 0xdf, 0x10,
+                                       0x86, 0xf2, 0x17, 0xd7, 0x21,
+                                       0x9d, 0x08, 0x14, 0x48, 0x38};
+       const unsigned char *payload = (unsigned char *)
+                                       "To authorize or not to authorize?";
+       unsigned char authobj[512];
+       int authsize = sizeof(authobj);
+       unsigned char challenge[128];
+       int challengesize = sizeof(challenge);
+       int rc;
+       const unsigned char key[] =    {0xcc, 0x21, 0xaa, 0xb7, 0xf5,
+                                       0x76, 0xd6, 0xe7, 0xed, 0x90,
+                                       0x69, 0x51, 0x3d, 0x9b, 0x3a,
+                                       0x9d, 0xa8, 0xcf, 0xf9, 0x2f};
+       unsigned char newsecret[20];
+       int newsecsize = sizeof(newsecret);
+       unsigned char newload[128];
+       int newloadsize=sizeof(newload);
+
+       rc = make_authobj(id, pass, nonce, secret, sizeof(secret),
+                       payload, strlen((char *)payload),
+                       authobj, &authsize);
+       printf("make_authobj() rc=%d size=%d\n", rc, authsize);
+       if (rc) return rc;
+
+       rc = make_challenge(id, pass, nonce, challenge, &challengesize);
+       printf("make_challenge() rc=%d size=%d\n", rc, challengesize);
+       if (rc) return rc;
+
+       rc = parse_authobj(key, sizeof(key), authobj, authsize,
+                       newsecret, &newsecsize, newload, &newloadsize);
+       printf("parse_authobj() rc=%d secretsize=%d payload=\"%.*s\" (%d)\n",
+               rc, newsecsize, newloadsize, newload, newloadsize);
+       if (memcmp(secret, newsecret, newsecsize)) {
+               printf("extracted secret does not match\n");
+               return -1;
+       }
+       return 0;
+}