2 Copyright (c) 2013 Eugene Crosser
4 This software is provided 'as-is', without any express or implied
5 warranty. In no event will the authors be held liable for any damages
6 arising from the use of this software.
8 Permission is granted to anyone to use this software for any purpose,
9 including commercial applications, and to alter it and redistribute it
10 freely, subject to the following restrictions:
12 1. The origin of this software must not be misrepresented; you must
13 not claim that you wrote the original software. If you use this
14 software in a product, an acknowledgment in the product documentation
15 would be appreciated but is not required.
17 2. Altered source versions must be plainly marked as such, and must
18 not be misrepresented as being the original software.
20 3. This notice may not be removed or altered from any source
31 unsigned char secret[] = {
32 0xb4, 0x62, 0xf2, 0x60, 0x87, 0x78, 0x16, 0x87, 0xde, 0xce,
33 0x80, 0x09, 0x24, 0x0b, 0x93, 0xfc, 0xa0, 0xfc, 0x56, 0x56
36 static struct _auth_chunk
37 conjure_key(const unsigned char *challenge, const int challengesize)
39 struct _auth_chunk ho = {0};
41 int keysize = sizeof(ho.data);
43 if ((rc = hmac(secret, sizeof(secret), challenge, challengesize,
44 &ho.data, &keysize))) {
45 ho.err = crypto_errstr(rc);
46 } else if (keysize != sizeof(ho.data)) {
47 ho.err = "make_key: hash size is wrong";
52 static struct _auth_chunk
53 token_key(const unsigned char *challenge, const int challengesize)
55 struct _auth_chunk ho = {0};
57 int keysize = sizeof(ho.data);
59 if ((rc = pcsc_cr(challenge, challengesize, ho.data, &keysize))) {
60 ho.err = pcsc_errstr(rc);
65 int main(int argc, char *argv[])
67 const char *id = "testuser";
68 const char *pass = "testpassword";
69 const char *nonce = "1";
70 const unsigned char *payload = (unsigned char *)
71 "To authorize or not to authorize?";
75 struct _auth_chunk (*fetch_key)(const unsigned char *challenge,
76 const int challengesize);
78 if (argc == 2 && strlen(argv[1]) == 40 &&
79 strspn(argv[1], "0123456789abcdefABCDEF") == 40) {
80 for (i = 0; i < sizeof(secret); i++)
81 sscanf(&argv[1][i*2], "%2hhx", &secret[i]);
82 fetch_key = token_key;
84 fetch_key = conjure_key;
87 ao = authobj(id, pass, NULL, nonce, secret, sizeof(secret),
88 payload, strlen((char *)payload),
90 printf("new_authobj err=%s\n", ao.err?ao.err:"<no error>");
91 printf("data(%d):", ao.datasize);
92 for (i = 0; i < ao.datasize; i++) printf(" %02x", ao.data[i]);
93 printf("\npayload(%d): \"%.*s\"\n", ao.paylsize, ao.paylsize,
94 ao.payload?(char*)ao.payload:"");
96 if (ao.buffer) free(ao.buffer);
100 nao = authobj(id, pass, nonce, nonce, NULL, 0, NULL, 0,
101 ao.data, ao.datasize, fetch_key);
102 printf("verify_authobj err=%s\n", nao.err?nao.err:"<no error>");
103 printf("data(%d):", nao.datasize);
104 for (i = 0; i < nao.datasize; i++) printf(" %02x", nao.data[i]);
105 printf("\npayload(%d): \"%.*s\"\n", nao.paylsize, nao.paylsize,
106 nao.payload?(char*)nao.payload:"");
108 if (nao.buffer) free(nao.buffer);
111 if (ao.paylsize != nao.paylsize ||
112 memcmp(ao.payload, nao.payload, ao.paylsize)) {
113 printf("payload does not match");
117 if (ao.buffer) free(ao.buffer);
118 if (nao.buffer) free(nao.buffer);