summaryrefslogtreecommitdiffstats
path: root/src/t_auth.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/t_auth.c')
-rw-r--r--src/t_auth.c125
1 files changed, 125 insertions, 0 deletions
diff --git a/src/t_auth.c b/src/t_auth.c
new file mode 100644
index 0000000..22c78ae
--- /dev/null
+++ b/src/t_auth.c
@@ -0,0 +1,125 @@
+/*
+ * iperf, Copyright (c) 2020, The Regents of the University of
+ * California, through Lawrence Berkeley National Laboratory (subject
+ * to receipt of any required approvals from the U.S. Dept. of
+ * Energy). All rights reserved.
+ *
+ * If you have questions about your rights to use or distribute this
+ * software, please contact Berkeley Lab's Technology Transfer
+ * Department at TTD@lbl.gov.
+ *
+ * NOTICE. This software is owned by the U.S. Department of Energy.
+ * As such, the U.S. Government has been granted for itself and others
+ * acting on its behalf a paid-up, nonexclusive, irrevocable,
+ * worldwide license in the Software to reproduce, prepare derivative
+ * works, and perform publicly and display publicly. Beginning five
+ * (5) years after the date permission to assert copyright is obtained
+ * from the U.S. Department of Energy, and subject to any subsequent
+ * five (5) year renewals, the U.S. Government is granted for itself
+ * and others acting on its behalf a paid-up, nonexclusive,
+ * irrevocable, worldwide license in the Software to reproduce,
+ * prepare derivative works, distribute copies to the public, perform
+ * publicly and display publicly, and to permit others to do so.
+ *
+ * This code is distributed under a BSD style license, see the LICENSE
+ * file for complete information.
+ */
+#include "iperf_config.h"
+
+#include <assert.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#include <stdio.h>
+#include <string.h>
+
+#include "iperf.h"
+#include "iperf_api.h"
+#if defined(HAVE_SSL)
+#include "iperf_auth.h"
+#endif /* HAVE_SSL */
+
+#include "version.h"
+
+#include "units.h"
+
+#if defined(HAVE_SSL)
+int test_authtoken(const char *authUser, const char *authPassword, EVP_PKEY *pubkey, EVP_PKEY *privkey);
+
+int
+main(int argc, char **argv)
+{
+ /* sha256 */
+ void sha256(const char *string, char outputBuffer[65]);
+ const char sha256String[] = "This is a SHA256 test.";
+ const char sha256Digest[] = "4816482f8b4149f687a1a33d61a0de6b611364ec0fb7adffa59ff2af672f7232"; /* echo -n "This is a SHA256 test." | shasum -a256 */
+ char sha256Output[65];
+
+ sha256(sha256String, sha256Output);
+ assert(strcmp(sha256Output, sha256Digest) == 0);
+
+ /* Base64{Encode,Decode} */
+ int Base64Encode(const unsigned char* buffer, const size_t length, char** b64text);
+ int Base64Decode(const char* b64message, unsigned char** buffer, size_t* length);
+ const char base64String[] = "This is a Base64 test.";
+ char *base64Text;
+ char *base64Decode;
+ size_t base64DecodeLength;
+ const char base64EncodeCheck[] = "VGhpcyBpcyBhIEJhc2U2NCB0ZXN0Lg=="; /* echo -n "This is a Base64 test." | b64encode -r - */
+
+ assert(Base64Encode((unsigned char *) base64String, strlen(base64String), &base64Text) == 0);
+ assert(strcmp(base64Text, base64EncodeCheck) == 0);
+ assert(Base64Decode(base64Text, (unsigned char **) &base64Decode, &base64DecodeLength) == 0);
+ assert(strcmp(base64String, base64Decode) == 0);
+
+ /* public/private key tests */
+ const char *pubkeyfile = "public.pem";
+ const char *privkeyfile = "private.pem";
+
+ /* built-in tests */
+ assert(test_load_pubkey_from_file(pubkeyfile) == 0);
+ assert(test_load_private_key_from_file(privkeyfile) == 0);
+
+ /* load public key pair for use in further tests */
+ EVP_PKEY *pubkey, *privkey;
+ pubkey = load_pubkey_from_file(pubkeyfile);
+ assert(pubkey);
+ privkey = load_privkey_from_file(privkeyfile);
+ assert(privkey);
+
+ /* authentication token tests */
+ assert(test_authtoken("kilroy", "fubar", pubkey, privkey) == 0);
+
+ /* This should fail because the data is way too long for the RSA key */
+ /* assert(test_authtoken("kilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroykilroy", "fubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubarfubar", pubkey, privkey) < 0); */
+
+ return 0;
+}
+
+int
+test_authtoken(const char *authUser, const char *authPassword, EVP_PKEY *pubkey, EVP_PKEY *privkey) {
+ char *authToken;
+ char *decodeUser;
+ char *decodePassword;
+ time_t decodeTime;
+
+ assert(encode_auth_setting(authUser, authPassword, pubkey, &authToken) == 0);
+ assert(decode_auth_setting(0, authToken, privkey, &decodeUser, &decodePassword, &decodeTime) == 0);
+
+ assert(strcmp(decodeUser, authUser) == 0);
+ assert(strcmp(decodePassword, authPassword) == 0);
+
+ time_t now = time(NULL);
+
+ assert(now - decodeTime >= 0); /* time has to go forwards */
+ assert(now - decodeTime <= 1); /* shouldn't take more than a second to run */
+
+ return 0;
+}
+#else
+int
+main(int argc, char **argv)
+{
+ return 0;
+}
+#endif /* HAVE_SSL */