libpurple/protocols/jabber/tests/test_jabber_scram.c

   1 #include <string.h>
   2
   3 #include "tests.h"
   4 #include "util.h"
   5 #include "protocols/jabber/auth_scram.h"
   6 #include "protocols/jabber/jutil.h"
   7
   8 static JabberScramHash sha1_mech = { "-SHA-1", G_CHECKSUM_SHA1 };
   9
  10 #define assert_pbkdf2_equal(password, salt, count, expected) { \
  11         GString *p = g_string_new(password); \
  12         GString *s = g_string_new(salt); \
  13         guchar *result = jabber_scram_hi(&sha1_mech, p, s, count); \
  14         g_assert_nonnull(result); \
  15         g_assert_cmpmem(result, 20, expected, 20); \
  16         g_string_free(s, TRUE); \
  17         g_string_free(p, TRUE); \
  18 }
  19
  20 static void
  21 test_jabber_scram_pbkdf2(void) {
  22         assert_pbkdf2_equal("password", "salt", 1, "\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9\xb5\x24\xaf\x60\x12\x06\x2f\xe0\x37\xa6");
  23         assert_pbkdf2_equal("password", "salt", 2, "\xea\x6c\x01\x4d\xc7\x2d\x6f\x8c\xcd\x1e\xd9\x2a\xce\x1d\x41\xf0\xd8\xde\x89\x57");
  24         assert_pbkdf2_equal("password", "salt", 4096, "\x4b\x00\x79\x01\xb7\x65\x48\x9a\xbe\xad\x49\xd9\x26\xf7\x21\xd0\x65\xa4\x29\xc1");
  25         /* This test is insane and takes forever, so it's disabled */
  26         /*
  27         assert_pbkdf2_equal("password", "salt", 16777216, "\xee\xfe\x3d\x61\xcd\x4d\xa4\xe4\xe9\x94\x5b\x3d\x6b\xa2\x15\x8c\x26\x34\xe9\x84");
  28         */
  29 }
  30
  31 static void
  32 test_jabber_scram_proofs(void) {
  33         JabberScramData *data = g_new0(JabberScramData, 1);
  34         gboolean ret;
  35         GString *salt;
  36         const char *client_proof;
  37 /*      const char *server_signature; */
  38
  39         data->hash = &sha1_mech;
  40         data->password = g_strdup("password");
  41         data->auth_message = g_string_new("n=username@jabber.org,r=8jLxB5515dhFxBil5A0xSXMH,"
  42                         "r=8jLxB5515dhFxBil5A0xSXMHabc,s=c2FsdA==,i=1,"
  43                         "c=biws,r=8jLxB5515dhFxBil5A0xSXMHabc");
  44         client_proof = "\x48\x61\x30\xa5\x61\x0b\xae\xb9\xe4\x11\xa8\xfd\xa5\xcd\x34\x1d\x8a\x3c\x28\x17";
  45
  46         salt = g_string_new("salt");
  47         ret = jabber_scram_calc_proofs(data, salt, 1);
  48         g_assert_true(ret);
  49
  50         g_assert_cmpmem(client_proof, 20, data->client_proof->str, 20);
  51         g_string_free(salt, TRUE);
  52
  53         jabber_scram_data_destroy(data);
  54 }
  55
  56 #define assert_successful_exchange(pw, nonce, start_data, challenge1, response1, success) { \
  57         JabberScramData *data = g_new0(JabberScramData, 1); \
  58         gboolean ret; \
  59         gchar *out; \
  60         \
  61         data->step = 1; \
  62         data->hash = &sha1_mech; \
  63         data->password = jabber_saslprep(pw); \
  64         g_assert_nonnull(data->password); \
  65         data->cnonce = g_strdup(nonce); \
  66         data->auth_message = g_string_new(start_data); \
  67         \
  68         ret = jabber_scram_feed_parser(data, challenge1, &out); \
  69         g_assert_true(ret); \
  70         g_assert_cmpstr(response1, ==, out); \
  71         g_free(out); \
  72         \
  73         data->step = 2; \
  74         ret = jabber_scram_feed_parser(data, success, &out); \
  75         g_assert_true(ret); \
  76         g_assert_null(out); \
  77         \
  78         jabber_scram_data_destroy(data); \
  79 }
  80
  81 static void
  82 test_jabber_scram_exchange(void) {
  83         assert_successful_exchange("password", "H7yDYKAWBCrM2Fa5SxGa4iez",
  84                         "n=paul,r=H7yDYKAWBCrM2Fa5SxGa4iez",
  85                         "r=H7yDYKAWBCrM2Fa5SxGa4iezFPVDPpDUcGxPkH3RzP,s=3rXeErP/os7jUNqU,i=4096",
  86                         "c=biws,r=H7yDYKAWBCrM2Fa5SxGa4iezFPVDPpDUcGxPkH3RzP,p=pXkak78EuwwOEwk2/h/OzD7NkEI=",
  87                         "v=ldX4EBNnOgDnNTOCmbSfBHAUCOs=");
  88
  89 #ifdef USE_IDN
  90         assert_successful_exchange("pass½word", "GNb2HsNI7VnTv8ABsE5AnY8W",
  91                         "n=paul,r=GNb2HsNI7VnTv8ABsE5AnY8W",
  92                         "r=GNb2HsNI7VnTv8ABsE5AnY8W/w/I3eRKM0I7jxFWOH,s=ysAriUjPzFqOXnMQ,i=4096",
  93                         "c=biws,r=GNb2HsNI7VnTv8ABsE5AnY8W/w/I3eRKM0I7jxFWOH,p=n/CtgdWjOYnLQ4m9Na+wPn9D2uY=",
  94                         "v=4TkZwKWy6JHNmrUbU2+IdAaXtos=");
  95 #endif
  96 }
  97
  98 gint
  99 main(gint argc, gchar **argv) {
 100         g_test_init(&argc, &argv, NULL);
 101
 102         g_test_add_func("/jabber/scram/pbkdf2",
 103                         test_jabber_scram_pbkdf2);
 104         g_test_add_func("/jabber/scram/proofs",
 105                         test_jabber_scram_proofs);
 106         g_test_add_func("/jabber/scram/exchange",
 107                         test_jabber_scram_exchange);
 108
 109         return g_test_run();
 110 }