zxid
view release on metacpan or search on metacpan
zxencdectest.c view on Meta::CPAN
Send well researched bug reports to the author. Home: zxid.org\n\
\n\
Usage: zxencdectest [options] <foo.xml >reencoded-foo.xml\n\
-r N Run test number N. 1 = IBM cert dec, 2 = IBM cert enc dec\n\
-i N Number of iterations to benchmark (default 1).\n\
-t SECONDS Timeout. Default: 0=no timeout.\n\
-c CIPHER Enable crypto on DTS interface using specified cipher. Use '?' for list.\n\
-k FDNUMBER File descriptor for reading symmetric key. Use 0 for stdin.\n\
-egd PATH Specify path of Entropy Gathering Daemon socket, default\n\
on Solaris: /tmp/entropy; Linux: /dev/urandom\n\
See http://www.lothar.com/tech/crypto/ or\n\
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html\n\
-rand PATH Location of random number seed file. On Solaris EGD is used.\n\
On Linux the default is /dev/urandom. See RFC1750.\n\
-wo PATH File to write wire order encoding in\n\
-v Verbose messages.\n\
-q Be extra quiet.\n\
-d Turn on debugging.\n\
-license Show licensing and NO WARRANTY details.\n\
-h This help message\n\
-- End of options\n";
#define DIE(reason) MB fprintf(stderr, "%s\n", reason); exit(2); ME
int ak_buf_size = 0;
int verbose = 1;
extern int debug;
int timeout = 0;
int gcthreshold = 0;
int leak_free = 0;
extern int assert_nonfatal;
int drop_uid = 0;
int drop_gid = 0;
char* rand_path;
char* egd_path;
char symmetric_key[1024];
int symmetric_key_len;
int n_iter = 1;
char* wo_path = 0;
char buf[256*1024];
/* Called by: opt */
void test_ibm_cert_problem() /* -r 1 */
{
int got_all;
zxid_conf* cf;
struct zx_root_s* r;
struct zx_sp_LogoutRequest_s* req;
read_all_fd(fdstdin, buf, sizeof(buf)-1, &got_all);
if (got_all <= 0) DIE("Missing data");
buf[got_all] = 0;
/* IBM padding debug */
cf = zxid_new_conf("/var/zxid/");
r = zx_dec_zx_root(cf->ctx, got_all, buf, "zxencdectest");
if (!r || !r->Envelope || r->Envelope->Body || r->Envelope->Body->LogoutRequest)
DIE("Decode failure");
#if 1
cf->enc_pkey = zxid_read_private_key(cf, "sym-idp-enc.pem");
#else
cf->enc_pkey = zxid_read_private_key(cf, "ibm-idp-enc.pem");
#endif
req = r->Envelope->Body->LogoutRequest;
req->NameID = zxid_decrypt_nameid(cf, req->NameID, req->EncryptedID);
printf("r1 nid(%.*s)\n", ZX_GET_CONTENT_LEN(req->NameID), ZX_GET_CONTENT_S(req->NameID));
}
/* Called by: opt */
void test_ibm_cert_problem_enc_dec() /* -r 2 */
{
zxid_conf* cf;
struct zx_sp_LogoutRequest_s* req;
zxid_nid* nameid;
zxid_entity* idp_meta;
cf = zxid_new_conf("/var/zxid/");
nameid = zx_NEW_sa_NameID(cf->ctx,0);
/*nameid->SPNameQualifier = zx_ref_attr(cf->ctx, &nameid->gg, zx_SPNameQualifier_ATTR, spqual);*/
nameid->NameQualifier = zx_ref_attr(cf->ctx, &nameid->gg, zx_NameQualifier_ATTR, "ibmidp");
nameid->Format = zx_ref_attr(cf->ctx, &nameid->gg, zx_Format_ATTR, "persistent");
zx_add_content(cf->ctx, &nameid->gg, zx_ref_str(cf->ctx, "a-persistent-nid"));
#if 0
cf->enc_pkey = zxid_read_private_key(cf, "sym-idp-enc.pem");
#else
cf->enc_pkey = zxid_read_private_key(cf, "ibm-idp-enc.pem");
idp_meta = zxid_get_ent_file(cf, "N9zsU-AwbI1O-U3mvjLmOALtbtU", "test_ibm"); /* IBMIdP */
#endif
req = zxid_mk_logout(cf, nameid, 0, idp_meta);
req->NameID = zxid_decrypt_nameid(cf, req->NameID, req->EncryptedID);
printf("r2 nid(%.*s) should be(a-persistent-nid)\n", ZX_GET_CONTENT_LEN(req->NameID), ZX_GET_CONTENT_S(req->NameID));
}
/* Called by: opt */
void so_enc_dec() /* -r 3 */
{
zxid_conf* cf;
struct zx_sp_Status_s* st;
struct zx_str* ss;
cf = zxid_new_conf("/var/zxid/");
st = zxid_mk_Status(cf, 0, "SC1", "SC2", "MESSAGE");
ss = zx_easy_enc_elem_opt(cf, &st->gg);
printf("%.*s", ss->len, ss->s); zx_dump_ns_tab(cf->ctx, 0);
}
/* Called by: opt */
void attribute_sort_test() /* -r 4 */
{
zxid_conf* cf;
struct zx_xasp_XACMLAuthzDecisionQuery_s* q;
struct zx_xaspcd1_XACMLAuthzDecisionQuery_s* q2;
struct zx_str* ss;
cf = zxid_new_conf("/var/zxid/");
q = zxid_mk_az(cf, 0, 0, 0, 0);
ss = zx_easy_enc_elem_sig(cf, &q->gg);
printf("%.*s", ss->len, ss->s);
q2 = zxid_mk_az_cd1(cf, 0, 0, 0, 0);
ss = zx_easy_enc_elem_sig(cf, &q2->gg);
printf("CD1: %.*s", ss->len, ss->s);
}
/* Called by: opt */
void a7n_test() /* -r 6 */
{
struct timeval srctss;
zxid_conf* cf;
zxid_cgi cgi;
zxid_ses sess;
zxid_nid* nameid;
struct zx_str* issuer;
struct zx_sp_AuthnRequest_s* ar;
zxid_entity* sp_meta;
zxid_a7n* a7n;
memset(&cgi, 0, sizeof(cgi));
memset(&sess, 0, sizeof(sess));
memset(&srctss, 0, sizeof(srctss));
sess.sid = "MSES1234";
sess.uid = "test";
cf = zxid_new_conf_to_cf("PATH=/var/zxid/&URL=http://sp1.zxidsp.org:8081/zxidhlo");
#if 1
ar = zxid_mk_authn_req(cf, &cgi);
issuer = ZX_GET_CONTENT(ar->Issuer);
D("issuer(%.*s)", issuer->len, issuer->s);
( run in 1.389 second using v1.01-cache-2.11-cpan-5a3173703d6 )