1 /* $NetBSD: test_commonauth.c,v 1.1.1.2 2014/04/24 12:45:51 pettai Exp $ */
2
3 /*
4 * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
7 *
8 * Portions Copyright (c) 2010 Apple Inc. All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 *
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 *
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 *
21 * 3. Neither the name of the Institute nor the names of its contributors
22 * may be used to endorse or promote products derived from this software
23 * without specific prior written permission.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * SUCH DAMAGE.
36 */
37
38 #include <stdio.h>
39 #include <stdlib.h>
40 #include <unistd.h>
41 #include <krb5/roken.h>
42 #include "heim-auth.h"
43
44 static int
test_sasl_digest_md5(void)45 test_sasl_digest_md5(void)
46 {
47 heim_digest_t ctx;
48 const char *user;
49 char *r;
50
51 if ((ctx = heim_digest_create(1, HEIM_DIGEST_TYPE_AUTO)) == NULL)
52 abort();
53
54 if (heim_digest_parse_challenge(ctx, "realm=\"elwood.innosoft.com\",nonce=\"OA6MG9tEQGm2hh\",qop=\"auth\",algorithm=md5-sess,charset=utf-8"))
55 abort();
56 if (heim_digest_parse_response(ctx, "charset=utf-8,username=\"chris\",realm=\"elwood.innosoft.com\",nonce=\"OA6MG9tEQGm2hh\",nc=00000001,cnonce=\"OA6MHXh6VqTrRk\",digest-uri=\"imap/elwood.innosoft.com\",response=d388dad90d4bbd760a152321f2143af7,qop=auth"))
57 abort();
58
59 if ((user = heim_digest_get_key(ctx, "username")) == NULL)
60 abort();
61 if (strcmp(user, "chris") != 0)
62 abort();
63
64 heim_digest_set_key(ctx, "password", "secret");
65
66 if (heim_digest_verify(ctx, &r))
67 abort();
68
69 if (strcmp(r, "rspauth=ea40f60335c427b5527b84dbabcdfffd") != 0)
70 abort();
71
72 free(r);
73
74 heim_digest_release(ctx);
75
76 return 0;
77 }
78
79 static int
test_http_digest_md5(void)80 test_http_digest_md5(void)
81 {
82 heim_digest_t ctx;
83 const char *user;
84
85 if ((ctx = heim_digest_create(1, HEIM_DIGEST_TYPE_AUTO)) == NULL)
86 abort();
87
88 if (heim_digest_parse_challenge(ctx, "realm=\"testrealm@host.com\","
89 "nonce=\"dcd98b7102dd2f0e8b11d0f600bfb0c093\","
90 "opaque=\"5ccc069c403ebaf9f0171e9517f40e41\""))
91 abort();
92
93 if (heim_digest_parse_response(ctx, "username=\"Mufasa\","
94 "realm=\"testrealm@host.com\","
95 "nonce=\"dcd98b7102dd2f0e8b11d0f600bfb0c093\","
96 "uri=\"/dir/index.html\","
97 "response=\"1949323746fe6a43ef61f9606e7febea\","
98 "opaque=\"5ccc069c403ebaf9f0171e9517f40e41\""))
99 abort();
100
101 if ((user = heim_digest_get_key(ctx, "username")) == NULL)
102 abort();
103 if (strcmp(user, "Mufasa") != 0)
104 abort();
105
106 heim_digest_set_key(ctx, "password", "CircleOfLife");
107
108 if (heim_digest_verify(ctx, NULL))
109 abort();
110
111 heim_digest_release(ctx);
112
113 return 0;
114 }
115
116 static int
test_cram_md5(void)117 test_cram_md5(void)
118 {
119 const char *chal = "<1896.697170952@postoffice.reston.mci.net>";
120 const char *secret = "tanstaaftanstaaf";
121 const char *resp = "b913a602c7eda7a495b4e6e7334d3890";
122 heim_CRAM_MD5_STATE state;
123 heim_cram_md5 ctx;
124 char *t;
125
126 const uint8_t *prestate = (uint8_t *)
127 "\x87\x1E\x24\x10\xB4\x0C\x72\x5D\xA3\x95\x2D\x5B\x8B\xFC\xDD\xE1"
128 "\x29\x90\xCB\xA7\x66\xF6\xB3\x40\xE8\xAC\x48\x2C\xE4\xE3\xA4\x40";
129
130 /*
131 * Test prebuild blobs
132 */
133
134 if (sizeof(state) != 32)
135 abort();
136
137 heim_cram_md5_export("foo", &state);
138
139 if (memcmp(prestate, &state, 32) != 0)
140 abort();
141
142 /*
143 * Check example
144 */
145
146
147 if (heim_cram_md5_verify(chal, secret, resp) != 0)
148 abort();
149
150
151 /*
152 * Do it ourself
153 */
154
155 t = heim_cram_md5_create(chal, secret);
156 if (t == NULL)
157 abort();
158
159 if (strcmp(resp, t) != 0)
160 abort();
161
162 heim_cram_md5_export(secret, &state);
163
164 /* here you can store the memcpy-ed version of state somewhere else */
165
166 ctx = heim_cram_md5_import(&state, sizeof(state));
167
168 memset(&state, 0, sizeof(state));
169
170 if (heim_cram_md5_verify_ctx(ctx, chal, resp) != 0)
171 abort();
172
173 heim_cram_md5_free(ctx);
174
175 free(t);
176
177 return 0;
178 }
179
180 static int
test_apop(void)181 test_apop(void)
182 {
183 const char *chal = "<1896.697170952@dbc.mtview.ca.us>";
184 const char *secret = "tanstaaf";
185 const char *resp = "c4c9334bac560ecc979e58001b3e22fb";
186 char *t;
187
188
189 t = heim_apop_create(chal, secret);
190 if (t == NULL)
191 abort();
192
193 if (strcmp(resp, t) != 0)
194 abort();
195
196 if (heim_apop_verify(chal, secret, resp) != 0)
197 abort();
198
199 free(t);
200
201 return 0;
202 }
203
204
205 int
main(int argc,char ** argv)206 main(int argc, char **argv)
207 {
208 int ret = 0;
209
210 ret |= test_sasl_digest_md5();
211 ret |= test_http_digest_md5();
212 ret |= test_cram_md5();
213 ret |= test_apop();
214
215 system("bash");
216
217 return ret;
218 }
219