Added tests for userdigest and userhash calculations

author: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2022-09-04 12:30:16 +0300
committer: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2022-09-04 12:37:01 +0300
commit: 87fe3bdd88ff78267a72c81f23d89e8877a0baa5 (patch)
tree: f827a8e5bd9fddafe4825139bbe516646086f752 /src
parent: 62175acf7cdb5804da98cbfa0364a8b6b6cfed54 (diff)
download: libmicrohttpd-87fe3bdd88ff78267a72c81f23d89e8877a0baa5.tar.gz
libmicrohttpd-87fe3bdd88ff78267a72c81f23d89e8877a0baa5.zip
4 files changed, 976 insertions, 1 deletions
diff --git a/src/microhttpd/.gitignore b/src/microhttpd/.gitignore
index 1353f1ec..8b16c7a9 100644
--- a/src/microhttpd/.gitignore
+++ b/src/microhttpd/.gitignore
@@ -83,3 +83,5 @@ test_postprocessor_md
 /test_str_base64
 /test_str_pct
 /test_str_bin_hex
+/test_dauth_userdigest
+/test_dauth_userhash
diff --git a/src/microhttpd/Makefile.am b/src/microhttpd/Makefile.am
index b4339f08..fbc545eb 100644
--- a/src/microhttpd/Makefile.am
+++ b/src/microhttpd/Makefile.am
@@ -263,7 +263,9 @@ check_PROGRAMS += \
 endif
 if ENABLE_DAUTH
 check_PROGRAMS += \
-  test_str_quote
+  test_str_quote \
+  test_dauth_userdigest \
+  test_dauth_userhash
 endif
 if ENABLE_BAUTH
 check_PROGRAMS += \
@@ -535,4 +537,14 @@ test_set_panic_SOURCES = \
 test_set_panic_LDADD = \
  libmicrohttpd.la
+test_dauth_userdigest_SOURCES = \
+  test_dauth_userdigest.c
+test_dauth_userdigest_LDADD = \
+  libmicrohttpd.la
+test_dauth_userhash_SOURCES = \
+  test_dauth_userhash.c
+test_dauth_userhash_LDADD = \
+  libmicrohttpd.la
 .PHONY: update-po-POTFILES.in
diff --git a/src/microhttpd/test_dauth_userdigest.c b/src/microhttpd/test_dauth_userdigest.c
new file mode 100644
index 00000000..3af45156
--- /dev/null
+++ b/src/microhttpd/test_dauth_userdigest.c
@@ -0,0 +1,432 @@
+/*
+  This file is part of libmicrohttpd
+  Copyright (C) 2022 Evgeny Grin (Karlson2)
+  This test tool is free software; you can redistribute it and/or
+  modify it under the terms of the GNU General Public License as
+  published by the Free Software Foundation; either version 2, or
+  (at your option) any later version.
+  This test tool is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+  Lesser General Public License for more details.
+  You should have received a copy of the GNU Lesser General Public
+  License along with this library; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+/**
+ * @file microhttpd/test_dauth_userdigest.c
+ * @brief  Tests for Digest Auth calculations of userdigest
+ * @author Karlson2k (Evgeny Grin)
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "microhttpd.h"
+#include "test_helpers.h"
+static int verbose = 1; /* verbose level (0-1)*/
+/* Declarations and data */
+struct data_md5
+{
+  unsigned int line_num;
+  const char *const username;
+  const char *const realm;
+  const char *const password;
+  const uint8_t hash[MHD_MD5_DIGEST_SIZE];
+};
+static const struct data_md5 md5_tests[] = {
+  {__LINE__,
+   "u", "r", "p",
+   {0x44, 0xad, 0xd2, 0x2b, 0x6f, 0x31, 0x79, 0xb7, 0x51, 0xea, 0xfd, 0x68,
+    0xee, 0x37, 0x0f, 0x7d}},
+  {__LINE__,
+   "testuser", "testrealm", "testpass",
+   {0xeb, 0xff, 0x22, 0x5e, 0x1c, 0xeb, 0x73, 0xe0, 0x26, 0xfc, 0xc6, 0x45,
+    0xaf, 0x3e, 0x84, 0xf6}},
+  {__LINE__,  /* Values from testcurl/test_digestauth2.c */
+   "test_user", "TestRealm", "test pass",
+   {0xd8, 0xb4, 0xa6, 0xd0, 0x01, 0x13, 0x07, 0xb7, 0x67, 0x94, 0xea, 0x66,
+    0x86, 0x03, 0x6b, 0x43}},
+  {__LINE__,
+   "Mufasa", "myhost@testrealm.com", "CircleOfLife",
+   {0x7e, 0xbe, 0xcc, 0x07, 0x18, 0xa5, 0x4a, 0xb4, 0x7e, 0x21, 0x65, 0x69,
+    0x07, 0x66, 0x41, 0x6a}},
+  {__LINE__,
+   "Mufasa", "myhost@example.com", "Circle Of Life",
+   {0x6a, 0x6d, 0x4e, 0x7c, 0xd7, 0x15, 0x18, 0x68, 0xf9, 0xb8, 0xc7, 0xc8,
+    0xd1, 0xcd, 0xd4, 0xe0}},
+  {__LINE__,
+   "Mufasa", "http-auth@example.org", "Circle of Life",
+   {0x3d, 0x78, 0x80, 0x7d, 0xef, 0xe7, 0xde, 0x21, 0x57, 0xe2, 0xb0, 0xb6,
+    0x57, 0x3a, 0x85, 0x5f}},
+  {__LINE__,
+   "J" "\xC3\xA4" "s" "\xC3\xB8" "n Doe" /* "Jäsøn Doe" */,
+   "api@example.org", "Secret, or not?",
+   {0x83, 0xa3, 0xf7, 0xf6, 0xb8, 0x3f, 0x71, 0xc5, 0xc2, 0xeb, 0x7c, 0x6d,
+    0xd2, 0xdd, 0x4c, 0x4b}}
+};
+struct data_sha256
+{
+  unsigned int line_num;
+  const char *const username;
+  const char *const realm;
+  const char *const password;
+  const uint8_t hash[MHD_SHA256_DIGEST_SIZE];
+};
+static const struct data_sha256 sha256_tests[] = {
+  {__LINE__,
+   "u", "r", "p",
+   {0xdc, 0xb0, 0x21, 0x10, 0x2e, 0x49, 0x1e, 0x70, 0x1a, 0x4a, 0x23, 0x6d,
+    0xaa, 0x89, 0x23, 0xaf, 0x21, 0x61, 0x44, 0x7b, 0xce, 0x7b, 0xb7, 0x26,
+    0x0a, 0x35, 0x1e, 0xe8, 0x3e, 0x9f, 0x81, 0x54}},
+  {__LINE__,
+   "testuser", "testrealm", "testpass",
+   {0xa9, 0x2e, 0xf6, 0x3b, 0x3d, 0xec, 0x38, 0x95, 0xb0, 0x8f, 0x3d, 0x4d,
+    0x67, 0x33, 0xf0, 0x70, 0x74, 0xcb, 0xe6, 0xd4, 0xa0, 0x01, 0x27, 0xf5,
+    0x74, 0x1a, 0x77, 0x4f, 0x05, 0xf9, 0xd4, 0x99}},
+  {__LINE__,  /* Values from testcurl/test_digestauth2.c */
+   "test_user", "TestRealm", "test pass",
+   {0xc3, 0x4e, 0x16, 0x5a, 0x17, 0x0f, 0xe5, 0xac, 0x04, 0xf1, 0x6e, 0x46,
+    0x48, 0x2b, 0xa0, 0xc6, 0x56, 0xc1, 0xfb, 0x8f, 0x66, 0xa6, 0xd6, 0x3f,
+    0x91, 0x12, 0xf8, 0x56, 0xa5, 0xec, 0x6d, 0x6d}},
+  {__LINE__,
+   "Mufasa", "myhost@testrealm.com", "CircleOfLife",
+   {0x8e, 0x64, 0x1f, 0xaa, 0x71, 0x7d, 0x20, 0x70, 0x5a, 0xd7, 0x3c, 0x54,
+    0xfb, 0x04, 0x9e, 0x32, 0x6a, 0xe1, 0x1c, 0x80, 0xd6, 0x05, 0x9f, 0xc3,
+    0x7e, 0xbb, 0x2d, 0x7b, 0x60, 0x6c, 0x11, 0xb9}},
+  {__LINE__,
+   "Mufasa", "myhost@example.com", "Circle Of Life",
+   {0x8b, 0xc5, 0xa8, 0xed, 0xe3, 0x02, 0x15, 0x6b, 0x9f, 0x51, 0xce, 0x97,
+    0x81, 0xb5, 0x26, 0xff, 0x99, 0x29, 0x0b, 0xb2, 0xc3, 0xe4, 0x41, 0x71,
+    0x8e, 0xa3, 0xa1, 0x7e, 0x5a, 0xd9, 0xd6, 0x49}},
+  {__LINE__,
+   "Mufasa", "http-auth@example.org", "Circle of Life",
+   {0x79, 0x87, 0xc6, 0x4c, 0x30, 0xe2, 0x5f, 0x1b, 0x74, 0xbe, 0x53, 0xf9,
+    0x66, 0xb4, 0x9b, 0x90, 0xf2, 0x80, 0x8a, 0xa9, 0x2f, 0xaf, 0x9a, 0x00,
+    0x26, 0x23, 0x92, 0xd7, 0xb4, 0x79, 0x42, 0x32}},
+  {__LINE__,
+   "J" "\xC3\xA4" "s" "\xC3\xB8" "n Doe" /* "Jäsøn Doe" */,
+   "api@example.org", "Secret, or not?",
+   {0xfd, 0x0b, 0xe3, 0x93, 0x9d, 0xca, 0x4b, 0x5c, 0x2d, 0x46, 0xe8, 0xfa,
+    0x6a, 0x3d, 0x16, 0xdb, 0xea, 0x82, 0x47, 0x4c, 0xb9, 0xa5, 0x88, 0xd4,
+    0xcb, 0x14, 0x9c, 0x54, 0xf3, 0x7c, 0xff, 0x37}}
+};
+/*
+ *  Helper functions
+ */
+/**
+ * Print bin as lower case hex
+ *
+ * @param bin binary data
+ * @param len number of bytes in bin
+ * @param hex pointer to len*2+1 bytes buffer
+ */
+static void
+bin2hex (const uint8_t *bin,
+         size_t len,
+         char *hex)
+{
+  while (len-- > 0)
+  {
+    unsigned int b1, b2;
+    b1 = (*bin >> 4) & 0xf;
+    *hex++ = (char) ((b1 > 9) ? (b1 + 'a' - 10) : (b1 + '0'));
+    b2 = *bin++ & 0xf;
+    *hex++ = (char) ((b2 > 9) ? (b2 + 'a' - 10) : (b2 + '0'));
+  }
+  *hex = 0;
+}
+/* Tests */
+static unsigned int
+check_md5 (const struct data_md5 *const data)
+{
+  static const enum MHD_DigestAuthAlgo3 algo3 = MHD_DIGEST_AUTH_ALGO3_MD5;
+  uint8_t hash_bin[MHD_MD5_DIGEST_SIZE];
+  char hash_hex[MHD_MD5_DIGEST_SIZE * 2 + 1];
+  char expected_hex[MHD_MD5_DIGEST_SIZE * 2 + 1];
+  const char *func_name;
+  unsigned int failed = 0;
+  func_name = "MHD_digest_auth_calc_userdigest";
+  if (MHD_YES != MHD_digest_auth_calc_userdigest (algo3,
+                                                  data->username,
+                                                  data->realm,
+                                                  data->password,
+                                                  hash_bin, sizeof(hash_bin)))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_YES.\n",
+             func_name);
+  }
+  else if (0 != memcmp (hash_bin, data->hash, sizeof(data->hash)))
+  {
+    failed++;
+    bin2hex (hash_bin, sizeof(hash_bin), hash_hex);
+    bin2hex (data->hash, sizeof(data->hash), expected_hex);
+    fprintf (stderr,
+             "FAILED: %s() produced wrong hash. "
+             "Calculated digest %s, expected digest %s.\n",
+             func_name,
+             hash_hex, expected_hex);
+  }
+  if (failed)
+  {
+    fprintf (stderr,
+             "The check failed for data located at line: %u.\n",
+             data->line_num);
+    fflush (stderr);
+  }
+  else if (verbose)
+  {
+    printf ("PASSED: check for data at line: %u.\n",
+            data->line_num);
+  }
+  return failed ? 1 : 0;
+}
+static unsigned int
+test_md5 (void)
+{
+  unsigned int num_failed = 0;
+  size_t i;
+  for (i = 0; i < sizeof(md5_tests) / sizeof(md5_tests[0]); i++)
+    num_failed += check_md5 (md5_tests + i);
+  return num_failed;
+}
+static unsigned int
+test_md5_failure (void)
+{
+  static const enum MHD_DigestAuthAlgo3 algo3 = MHD_DIGEST_AUTH_ALGO3_MD5;
+  uint8_t hash_bin[MHD_MD5_DIGEST_SIZE];
+  const char *func_name;
+  unsigned int failed = 0;
+  func_name = "MHD_digest_auth_calc_userdigest";
+  if (MHD_NO != MHD_digest_auth_calc_userdigest (algo3,
+                                                 "u", "r", "p",
+                                                 hash_bin, sizeof(hash_bin)
+                                                 - 1))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO != MHD_digest_auth_calc_userdigest (algo3,
+                                                 "u", "r", "p",
+                                                 hash_bin, 0))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO == MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_MD5))
+  {
+    if (MHD_NO != MHD_digest_auth_calc_userdigest (algo3,
+                                                   "u", "r", "p",
+                                                   hash_bin, sizeof(hash_bin)))
+    {
+      failed++;
+      fprintf (stderr,
+               "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+               func_name, (unsigned) __LINE__);
+    }
+  }
+  if (! failed && verbose)
+  {
+    printf ("PASSED: all checks with expected MHD_NO result near line: %u.\n",
+            (unsigned) __LINE__);
+  }
+  return failed ? 1 : 0;
+}
+static unsigned int
+check_sha256 (const struct data_sha256 *const data)
+{
+  static const enum MHD_DigestAuthAlgo3 algo3 = MHD_DIGEST_AUTH_ALGO3_SHA256;
+  uint8_t hash_bin[MHD_SHA256_DIGEST_SIZE];
+  char hash_hex[MHD_SHA256_DIGEST_SIZE * 2 + 1];
+  char expected_hex[MHD_SHA256_DIGEST_SIZE * 2 + 1];
+  const char *func_name;
+  unsigned int failed = 0;
+  func_name = "MHD_digest_auth_calc_userdigest";
+  if (MHD_YES != MHD_digest_auth_calc_userdigest (algo3,
+                                                  data->username,
+                                                  data->realm,
+                                                  data->password,
+                                                  hash_bin, sizeof(hash_bin)))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_YES.\n",
+             func_name);
+  }
+  else if (0 != memcmp (hash_bin, data->hash, sizeof(data->hash)))
+  {
+    failed++;
+    bin2hex (hash_bin, sizeof(hash_bin), hash_hex);
+    bin2hex (data->hash, sizeof(data->hash), expected_hex);
+    fprintf (stderr,
+             "FAILED: %s() produced wrong hash. "
+             "Calculated digest %s, expected digest %s.\n",
+             func_name,
+             hash_hex, expected_hex);
+  }
+  if (failed)
+  {
+    fprintf (stderr,
+             "The check failed for data located at line: %u.\n",
+             data->line_num);
+    fflush (stderr);
+  }
+  else if (verbose)
+  {
+    printf ("PASSED: check for data at line: %u.\n",
+            data->line_num);
+  }
+  return failed ? 1 : 0;
+}
+static unsigned int
+test_sha256 (void)
+{
+  unsigned int num_failed = 0;
+  size_t i;
+  for (i = 0; i < sizeof(sha256_tests) / sizeof(sha256_tests[0]); i++)
+    num_failed += check_sha256 (sha256_tests + i);
+  return num_failed;
+}
+static unsigned int
+test_sha256_failure (void)
+{
+  static const enum MHD_DigestAuthAlgo3 algo3 = MHD_DIGEST_AUTH_ALGO3_SHA256;
+  uint8_t hash_bin[MHD_SHA256_DIGEST_SIZE];
+  char hash_hex[MHD_SHA256_DIGEST_SIZE * 2 + 1];
+  const char *func_name;
+  unsigned int failed = 0;
+  func_name = "MHD_digest_auth_calc_userhash";
+  if (MHD_NO != MHD_digest_auth_calc_userhash (algo3,
+                                               "u", "r",
+                                               hash_bin, sizeof(hash_bin) - 1))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO != MHD_digest_auth_calc_userhash (algo3,
+                                               "u", "r",
+                                               hash_bin, 0))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO == MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_MD5))
+  {
+    if (MHD_NO != MHD_digest_auth_calc_userhash (algo3,
+                                                 "u", "r",
+                                                 hash_bin, sizeof(hash_bin)))
+    {
+      failed++;
+      fprintf (stderr,
+               "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+               func_name, (unsigned) __LINE__);
+    }
+  }
+  func_name = "MHD_digest_auth_calc_userhash_hex";
+  if (MHD_NO !=
+      MHD_digest_auth_calc_userhash_hex (algo3,
+                                         "u", "r",
+                                         hash_hex, sizeof(hash_hex) - 1))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO !=
+      MHD_digest_auth_calc_userhash_hex (algo3,
+                                         "u", "r",
+                                         hash_hex, 0))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO == MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_MD5))
+  {
+    if (MHD_NO !=
+        MHD_digest_auth_calc_userhash_hex (algo3,
+                                           "u", "r",
+                                           hash_hex, sizeof(hash_hex)))
+    {
+      failed++;
+      fprintf (stderr,
+               "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+               func_name, (unsigned) __LINE__);
+    }
+  }
+  if (! failed && verbose)
+  {
+    printf ("PASSED: all checks with expected MHD_NO result near line: %u.\n",
+            (unsigned) __LINE__);
+  }
+  return failed ? 1 : 0;
+}
+int
+main (int argc, char *argv[])
+{
+  unsigned int num_failed = 0;
+  (void) has_in_name; /* Mute compiler warning. */
+  if (has_param (argc, argv, "-s") || has_param (argc, argv, "--silent"))
+    verbose = 0;
+  if (MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_MD5))
+    num_failed += test_md5 ();
+  num_failed += test_md5_failure ();
+  if (MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_SHA256))
+    num_failed += test_sha256 ();
+  num_failed += test_sha256_failure ();
+  return num_failed ? 1 : 0;
+}
diff --git a/src/microhttpd/test_dauth_userhash.c b/src/microhttpd/test_dauth_userhash.c
new file mode 100644
index 00000000..6e525773
--- /dev/null
+++ b/src/microhttpd/test_dauth_userhash.c
@@ -0,0 +1,529 @@
+/*
+  This file is part of libmicrohttpd
+  Copyright (C) 2022 Evgeny Grin (Karlson2)
+  This test tool is free software; you can redistribute it and/or
+  modify it under the terms of the GNU General Public License as
+  published by the Free Software Foundation; either version 2, or
+  (at your option) any later version.
+  This test tool is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+  Lesser General Public License for more details.
+  You should have received a copy of the GNU Lesser General Public
+  License along with this library; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+/**
+ * @file microhttpd/test_dauth_userhash.c
+ * @brief  Tests for Digest Auth calculations of userhash
+ * @author Karlson2k (Evgeny Grin)
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "microhttpd.h"
+#include "test_helpers.h"
+static int verbose = 1; /* verbose level (0-1)*/
+/* Declarations and data */
+struct data_md5
+{
+  unsigned int line_num;
+  const char *const username;
+  const char *const realm;
+  const uint8_t hash[MHD_MD5_DIGEST_SIZE];
+};
+static const struct data_md5 md5_tests[] = {
+  {__LINE__,
+   "u", "r",
+   {0xba, 0x84, 0xbe, 0x20, 0x3f, 0xdf, 0xc7, 0xd3, 0x4e, 0x05, 0x4a, 0x76,
+    0xd2, 0x85, 0xd0, 0xc9}},
+  {__LINE__,
+   "testuser", "testrealm",
+   {0xab, 0xae, 0x15, 0x95, 0x24, 0xe5, 0x17, 0xbf, 0x48, 0xf4, 0x4a, 0xab,
+    0xfe, 0xb9, 0x37, 0x40}},
+  {__LINE__,
+   "test_user", "TestRealm", /* Values from testcurl/test_digestauth2.c */
+   {0xc5, 0x3c, 0x60, 0x15, 0x03, 0xff, 0x17, 0x6f, 0x18, 0xf6, 0x23, 0x72,
+    0x5f, 0xba, 0x42, 0x81}},
+  {__LINE__,
+   "Mufasa", "myhost@testrealm.com",
+   {0x26, 0x45, 0xae, 0x13, 0xd1, 0xa2, 0xa6, 0x9e, 0xd2, 0x6d, 0xd2, 0x1a,
+    0xa5, 0x52, 0x86, 0xe3}},
+  {__LINE__,
+   "Mufasa", "myhost@example.com",
+   {0x4f, 0xc8, 0x64, 0x02, 0xd7, 0x18, 0x5d, 0x7b, 0x38, 0xd4, 0x38, 0xad,
+    0xd5, 0x5a, 0x35, 0x84}},
+  {__LINE__,
+   "Mufasa", "http-auth@example.org",
+   {0x42, 0x38, 0xf3, 0xa1, 0x61, 0x67, 0x37, 0x3f, 0xeb, 0xb9, 0xbc, 0x4d,
+    0x43, 0xdb, 0x9c, 0xc4}},
+  {__LINE__,
+   "J" "\xC3\xA4" "s" "\xC3\xB8" "n Doe" /* "Jäsøn Doe" */, "api@example.org",
+   {0x2e, 0x06, 0x3f, 0xa2, 0xc5, 0x4d, 0xea, 0x1c, 0x36, 0x80, 0x8b, 0x7a,
+    0x6e, 0x3b, 0x14, 0xc9}}
+};
+struct data_sha256
+{
+  unsigned int line_num;
+  const char *const username;
+  const char *const realm;
+  const uint8_t hash[MHD_SHA256_DIGEST_SIZE];
+};
+static const struct data_sha256 sha256_tests[] = {
+  {__LINE__,
+   "u", "r",
+   {0x1d, 0x8a, 0x03, 0xa6, 0xe2, 0x1a, 0x4c, 0xe7, 0x75, 0x06, 0x0e, 0xa5,
+    0x73, 0x60, 0x32, 0x9a, 0xc7, 0x50, 0xde, 0xa5, 0xd8, 0x47, 0x29, 0x7b,
+    0x42, 0xf0, 0xd4, 0x65, 0x39, 0xaf, 0x8a, 0xb2}},
+  {__LINE__,
+   "testuser", "testrealm",
+   {0x75, 0xaf, 0x8a, 0x35, 0x00, 0xf7, 0x71, 0xe5, 0x8a, 0x52, 0x09, 0x3a,
+    0x25, 0xe7, 0x90, 0x5d, 0x6e, 0x42, 0x8a, 0x51, 0x12, 0x85, 0xc1, 0x2e,
+    0xa1, 0x42, 0x0c, 0x73, 0x07, 0x8d, 0xfd, 0x61}},
+  {__LINE__,
+   "test_user", "TestRealm", /* Values from testcurl/test_digestauth2.c */
+   {0x09, 0x0c, 0x7e, 0x06, 0xb7, 0x7d, 0x66, 0x14, 0xcf, 0x5f, 0xe6, 0xca,
+    0xfa, 0x00, 0x4d, 0x2e, 0x5f, 0x8f, 0xb3, 0x6b, 0xa4, 0x5a, 0x0e, 0x35,
+    0xea, 0xcb, 0x2e, 0xb7, 0x72, 0x8f, 0x34, 0xde}},
+  {__LINE__,
+   "Mufasa", "myhost@testrealm.com",
+   {0x92, 0x9f, 0xac, 0x9e, 0x6c, 0x8b, 0x76, 0xcc, 0xab, 0xa9, 0xe0, 0x6f,
+    0xf6, 0x4d, 0xf2, 0x6f, 0xcb, 0x40, 0x56, 0x4c, 0x19, 0x9c, 0x32, 0xd9,
+    0xea, 0xd9, 0x12, 0x4b, 0x25, 0x34, 0xe1, 0xf9}},
+  {__LINE__,
+   "Mufasa", "myhost@example.com",
+   {0x97, 0x06, 0xf0, 0x07, 0x1c, 0xec, 0x05, 0x3f, 0x88, 0x22, 0xb6, 0x63,
+    0x69, 0xc4, 0xa4, 0x00, 0x39, 0x79, 0xb7, 0xe7, 0x42, 0xb7, 0x4e, 0x42,
+    0x59, 0x63, 0x57, 0xf4, 0xd3, 0x02, 0xae, 0x16}},
+  {__LINE__,
+   "Mufasa", "http-auth@example.org",
+   {0xa9, 0x47, 0xaa, 0xd2, 0x05, 0xe8, 0x0e, 0x42, 0x99, 0x58, 0xa3, 0x87,
+    0x39, 0x49, 0x44, 0xc6, 0xb4, 0x96, 0x30, 0x1e, 0x79, 0xf8, 0x9d, 0x35,
+    0xa4, 0xcc, 0x23, 0xb6, 0xee, 0x12, 0xb5, 0xb6}},
+  {__LINE__,
+   "J" "\xC3\xA4" "s" "\xC3\xB8" "n Doe" /* "Jäsøn Doe" */, "api@example.org",
+   {0x5a, 0x1a, 0x8a, 0x47, 0xdf, 0x5c, 0x29, 0x85, 0x51, 0xb9, 0xb4, 0x2b,
+    0xa9, 0xb0, 0x58, 0x35, 0x17, 0x4a, 0x5b, 0xd7, 0xd5, 0x11, 0xff, 0x7f,
+    0xe9, 0x19, 0x1d, 0x8e, 0x94, 0x6f, 0xc4, 0xe7}}
+};
+/*
+ *  Helper functions
+ */
+/**
+ * Print bin as lower case hex
+ *
+ * @param bin binary data
+ * @param len number of bytes in bin
+ * @param hex pointer to len*2+1 bytes buffer
+ */
+static void
+bin2hex (const uint8_t *bin,
+         size_t len,
+         char *hex)
+{
+  while (len-- > 0)
+  {
+    unsigned int b1, b2;
+    b1 = (*bin >> 4) & 0xf;
+    *hex++ = (char) ((b1 > 9) ? (b1 + 'a' - 10) : (b1 + '0'));
+    b2 = *bin++ & 0xf;
+    *hex++ = (char) ((b2 > 9) ? (b2 + 'a' - 10) : (b2 + '0'));
+  }
+  *hex = 0;
+}
+/* Tests */
+static unsigned int
+check_md5 (const struct data_md5 *const data)
+{
+  static const enum MHD_DigestAuthAlgo3 algo3 = MHD_DIGEST_AUTH_ALGO3_MD5;
+  uint8_t hash_bin[MHD_MD5_DIGEST_SIZE];
+  char hash_hex[MHD_MD5_DIGEST_SIZE * 2 + 1];
+  char expected_hex[MHD_MD5_DIGEST_SIZE * 2 + 1];
+  const char *func_name;
+  unsigned int failed = 0;
+  func_name = "MHD_digest_auth_calc_userhash";
+  if (MHD_YES != MHD_digest_auth_calc_userhash (algo3,
+                                                data->username, data->realm,
+                                                hash_bin, sizeof(hash_bin)))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_YES.\n",
+             func_name);
+  }
+  else if (0 != memcmp (hash_bin, data->hash, sizeof(data->hash)))
+  {
+    failed++;
+    bin2hex (hash_bin, sizeof(hash_bin), hash_hex);
+    bin2hex (data->hash, sizeof(data->hash), expected_hex);
+    fprintf (stderr,
+             "FAILED: %s() produced wrong hash. "
+             "Calculated digest %s, expected digest %s.\n",
+             func_name,
+             hash_hex, expected_hex);
+  }
+  func_name = "MHD_digest_auth_calc_userhash_hex";
+  if (MHD_YES !=
+      MHD_digest_auth_calc_userhash_hex (algo3,
+                                         data->username, data->realm,
+                                         hash_hex, sizeof(hash_hex)))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_YES.\n",
+             func_name);
+  }
+  else if (sizeof(hash_hex) - 1 != strlen (hash_hex))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s produced hash with wrong length. "
+             "Calculated length %u, expected digest %u.\n",
+             func_name,
+             (unsigned) strlen (hash_hex),
+             (unsigned) (sizeof(hash_hex) - 1));
+  }
+  else
+  {
+    bin2hex (data->hash, sizeof(data->hash), expected_hex);
+    if (0 != memcmp (hash_hex, expected_hex, sizeof(hash_hex)))
+    {
+      failed++;
+      fprintf (stderr,
+               "FAILED: %s() produced wrong hash. "
+               "Calculated digest %s, expected digest %s.\n",
+               func_name,
+               hash_hex, expected_hex);
+    }
+  }
+  if (failed)
+  {
+    fprintf (stderr,
+             "The check failed for data located at line: %u.\n",
+             data->line_num);
+    fflush (stderr);
+  }
+  else if (verbose)
+  {
+    printf ("PASSED: check for data at line: %u.\n",
+            data->line_num);
+  }
+  return failed ? 1 : 0;
+}
+static unsigned int
+test_md5 (void)
+{
+  unsigned int num_failed = 0;
+  size_t i;
+  for (i = 0; i < sizeof(md5_tests) / sizeof(md5_tests[0]); i++)
+    num_failed += check_md5 (md5_tests + i);
+  return num_failed;
+}
+static unsigned int
+test_md5_failure (void)
+{
+  static const enum MHD_DigestAuthAlgo3 algo3 = MHD_DIGEST_AUTH_ALGO3_MD5;
+  uint8_t hash_bin[MHD_MD5_DIGEST_SIZE];
+  char hash_hex[MHD_MD5_DIGEST_SIZE * 2 + 1];
+  const char *func_name;
+  unsigned int failed = 0;
+  func_name = "MHD_digest_auth_calc_userhash";
+  if (MHD_NO != MHD_digest_auth_calc_userhash (algo3,
+                                               "u", "r",
+                                               hash_bin, sizeof(hash_bin) - 1))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO != MHD_digest_auth_calc_userhash (algo3,
+                                               "u", "r",
+                                               hash_bin, 0))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO == MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_MD5))
+  {
+    if (MHD_NO != MHD_digest_auth_calc_userhash (algo3,
+                                                 "u", "r",
+                                                 hash_bin, sizeof(hash_bin)))
+    {
+      failed++;
+      fprintf (stderr,
+               "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+               func_name, (unsigned) __LINE__);
+    }
+  }
+  func_name = "MHD_digest_auth_calc_userhash_hex";
+  if (MHD_NO !=
+      MHD_digest_auth_calc_userhash_hex (algo3,
+                                         "u", "r",
+                                         hash_hex, sizeof(hash_hex) - 1))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO !=
+      MHD_digest_auth_calc_userhash_hex (algo3,
+                                         "u", "r",
+                                         hash_hex, 0))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO == MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_MD5))
+  {
+    if (MHD_NO !=
+        MHD_digest_auth_calc_userhash_hex (algo3,
+                                           "u", "r",
+                                           hash_hex, sizeof(hash_hex)))
+    {
+      failed++;
+      fprintf (stderr,
+               "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+               func_name, (unsigned) __LINE__);
+    }
+  }
+  if (! failed && verbose)
+  {
+    printf ("PASSED: all checks with expected MHD_NO result near line: %u.\n",
+            (unsigned) __LINE__);
+  }
+  return failed ? 1 : 0;
+}
+static unsigned int
+check_sha256 (const struct data_sha256 *const data)
+{
+  static const enum MHD_DigestAuthAlgo3 algo3 = MHD_DIGEST_AUTH_ALGO3_SHA256;
+  uint8_t hash_bin[MHD_SHA256_DIGEST_SIZE];
+  char hash_hex[MHD_SHA256_DIGEST_SIZE * 2 + 1];
+  char expected_hex[MHD_SHA256_DIGEST_SIZE * 2 + 1];
+  const char *func_name;
+  unsigned int failed = 0;
+  func_name = "MHD_digest_auth_calc_userhash";
+  if (MHD_YES != MHD_digest_auth_calc_userhash (algo3,
+                                                data->username, data->realm,
+                                                hash_bin, sizeof(hash_bin)))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_YES.\n",
+             func_name);
+  }
+  else if (0 != memcmp (hash_bin, data->hash, sizeof(data->hash)))
+  {
+    failed++;
+    bin2hex (hash_bin, sizeof(hash_bin), hash_hex);
+    bin2hex (data->hash, sizeof(data->hash), expected_hex);
+    fprintf (stderr,
+             "FAILED: %s() produced wrong hash. "
+             "Calculated digest %s, expected digest %s.\n",
+             func_name,
+             hash_hex, expected_hex);
+  }
+  func_name = "MHD_digest_auth_calc_userhash_hex";
+  if (MHD_YES !=
+      MHD_digest_auth_calc_userhash_hex (algo3,
+                                         data->username, data->realm,
+                                         hash_hex, sizeof(hash_hex)))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_YES.\n",
+             func_name);
+  }
+  else if (sizeof(hash_hex) - 1 != strlen (hash_hex))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s produced hash with wrong length. "
+             "Calculated length %u, expected digest %u.\n",
+             func_name,
+             (unsigned) strlen (hash_hex),
+             (unsigned) (sizeof(hash_hex) - 1));
+  }
+  else
+  {
+    bin2hex (data->hash, sizeof(data->hash), expected_hex);
+    if (0 != memcmp (hash_hex, expected_hex, sizeof(hash_hex)))
+    {
+      failed++;
+      fprintf (stderr,
+               "FAILED: %s() produced wrong hash. "
+               "Calculated digest %s, expected digest %s.\n",
+               func_name,
+               hash_hex, expected_hex);
+    }
+  }
+  if (failed)
+  {
+    fprintf (stderr,
+             "The check failed for data located at line: %u.\n",
+             data->line_num);
+    fflush (stderr);
+  }
+  else if (verbose)
+  {
+    printf ("PASSED: check for data at line: %u.\n",
+            data->line_num);
+  }
+  return failed ? 1 : 0;
+}
+static unsigned int
+test_sha256 (void)
+{
+  unsigned int num_failed = 0;
+  size_t i;
+  for (i = 0; i < sizeof(sha256_tests) / sizeof(sha256_tests[0]); i++)
+    num_failed += check_sha256 (sha256_tests + i);
+  return num_failed;
+}
+static unsigned int
+test_sha256_failure (void)
+{
+  static const enum MHD_DigestAuthAlgo3 algo3 = MHD_DIGEST_AUTH_ALGO3_SHA256;
+  uint8_t hash_bin[MHD_SHA256_DIGEST_SIZE];
+  char hash_hex[MHD_SHA256_DIGEST_SIZE * 2 + 1];
+  const char *func_name;
+  unsigned int failed = 0;
+  func_name = "MHD_digest_auth_calc_userhash";
+  if (MHD_NO != MHD_digest_auth_calc_userhash (algo3,
+                                               "u", "r",
+                                               hash_bin, sizeof(hash_bin) - 1))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO != MHD_digest_auth_calc_userhash (algo3,
+                                               "u", "r",
+                                               hash_bin, 0))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO == MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_MD5))
+  {
+    if (MHD_NO != MHD_digest_auth_calc_userhash (algo3,
+                                                 "u", "r",
+                                                 hash_bin, sizeof(hash_bin)))
+    {
+      failed++;
+      fprintf (stderr,
+               "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+               func_name, (unsigned) __LINE__);
+    }
+  }
+  func_name = "MHD_digest_auth_calc_userhash_hex";
+  if (MHD_NO !=
+      MHD_digest_auth_calc_userhash_hex (algo3,
+                                         "u", "r",
+                                         hash_hex, sizeof(hash_hex) - 1))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO !=
+      MHD_digest_auth_calc_userhash_hex (algo3,
+                                         "u", "r",
+                                         hash_hex, 0))
+  {
+    failed++;
+    fprintf (stderr,
+             "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+             func_name, (unsigned) __LINE__);
+  }
+  if (MHD_NO == MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_MD5))
+  {
+    if (MHD_NO !=
+        MHD_digest_auth_calc_userhash_hex (algo3,
+                                           "u", "r",
+                                           hash_hex, sizeof(hash_hex)))
+    {
+      failed++;
+      fprintf (stderr,
+               "FAILED: %s() has not returned MHD_NO at line: %u.\n",
+               func_name, (unsigned) __LINE__);
+    }
+  }
+  if (! failed && verbose)
+  {
+    printf ("PASSED: all checks with expected MHD_NO result near line: %u.\n",
+            (unsigned) __LINE__);
+  }
+  return failed ? 1 : 0;
+}
+int
+main (int argc, char *argv[])
+{
+  unsigned int num_failed = 0;
+  (void) has_in_name; /* Mute compiler warning. */
+  if (has_param (argc, argv, "-s") || has_param (argc, argv, "--silent"))
+    verbose = 0;
+  if (MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_MD5))
+    num_failed += test_md5 ();
+  num_failed += test_md5_failure ();
+  if (MHD_is_feature_supported (MHD_FEATURE_DIGEST_AUTH_SHA256))
+    num_failed += test_sha256 ();
+  num_failed += test_sha256_failure ();
+  return num_failed ? 1 : 0;
+}
author	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2022-09-04 12:30:16 +0300
committer	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2022-09-04 12:37:01 +0300
commit	87fe3bdd88ff78267a72c81f23d89e8877a0baa5 (patch)
tree	f827a8e5bd9fddafe4825139bbe516646086f752 /src
parent	62175acf7cdb5804da98cbfa0364a8b6b6cfed54 (diff)
download	libmicrohttpd-87fe3bdd88ff78267a72c81f23d89e8877a0baa5.tar.gz libmicrohttpd-87fe3bdd88ff78267a72c81f23d89e8877a0baa5.zip