tests/selftest_wiki.c

   1 /**
   2  *  @brief self-test for liboauth.
   3  *  @file selftest.c
   4  *  @author Robin Gareus <robin@gareus.org>
   5  *
   6  * Copyright 2007, 2008 Robin Gareus <robin@gareus.org>
   7  *
   8  * This code contains examples from http://wiki.oauth.net/ may they be blessed.
   9  *
  10  * Permission is hereby granted, free of charge, to any person obtaining a copy
  11  * of this software and associated documentation files (the "Software"), to deal
  12  * in the Software without restriction, including without limitation the rights
  13  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  14  * copies of the Software, and to permit persons to whom the Software is
  15  * furnished to do so, subject to the following conditions:
  16  *
  17  * The above copyright notice and this permission notice shall be included in
  18  * all copies or substantial portions of the Software.
  19  *
  20  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  21  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  22  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  23  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  24  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  25  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  26  * THE SOFTWARE.
  27  */
  28
  29 #ifdef TEST_UNICODE
  30 #include <locale.h>
  31 #endif
  32
  33 #include <stdio.h>
  34 #include <stdlib.h>
  35 #include <string.h>
  36 #include <oauth.h>
  37
  38 #include "commontest.h"
  39
  40 int loglevel = 1; //< report each successful test
  41
  42 int main (int argc, char **argv) {
  43   int fail=0;
  44   char *b64d;
  45   char *testurl, *testkey;
  46  #ifdef TEST_UNICODE
  47   wchar_t src[] = {0x000A, 0};
  48  #endif
  49
  50   if (loglevel) printf("\n *** testing liboauth against http://wiki.oauth.net/TestCases (july 2008) ***\n");
  51
  52   // http://wiki.oauth.net/TestCases
  53   fail|=test_encoding("abcABC123","abcABC123");
  54   fail|=test_encoding("-._~","-._~");
  55   fail|=test_encoding("%","%25");
  56   fail|=test_encoding("+","%2B");
  57   fail|=test_encoding("&=*","%26%3D%2A");
  58
  59  #ifdef TEST_UNICODE
  60   src[0] = 0x000A; fail|=test_uniencoding(src,"%0A");
  61   src[0] = 0x0020; fail|=test_uniencoding(src,"%20");
  62   src[0] = 0x007F; fail|=test_uniencoding(src,"%7F");
  63   src[0] = 0x0080; fail|=test_uniencoding(src,"%C2%80");
  64   src[0] = 0x3001; fail|=test_uniencoding(src,"%E3%80%81");
  65  #endif
  66
  67   fail|=test_normalize("name", "name=");
  68   fail|=test_normalize("a=b", "a=b");
  69   fail|=test_normalize("a=b&c=d", "a=b&c=d");
  70   fail|=test_normalize("a=x!y&a=x+y", "a=x%20y&a=x%21y");
  71   fail|=test_normalize("x!y=a&x=a", "x=a&x%21y=a");
  72
  73   fail|=test_request("GET", "http://example.com/" "?"
  74       "n=v",
  75   // expect:
  76       "GET&http%3A%2F%2Fexample.com%2F&n%3Dv");
  77
  78   fail|=test_request("GET", "http://example.com" "?"
  79       "n=v",
  80   // expect:
  81       "GET&http%3A%2F%2Fexample.com%2F&n%3Dv");
  82
  83   fail|=test_request("POST", "https://photos.example.net/request_token" "?"
  84       "oauth_version=1.0"
  85       "&oauth_consumer_key=dpf43f3p2l4k3l03"
  86       "&oauth_timestamp=1191242090"
  87       "&oauth_nonce=hsu94j3884jdopsl"
  88       "&oauth_signature_method=PLAINTEXT"
  89       "&oauth_signature=ignored",
  90   // expect:
  91       "POST&https%3A%2F%2Fphotos.example.net%2Frequest_token&oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dhsu94j3884jdopsl%26oauth_signature_method%3DPLAINTEXT%26oauth_timestamp%3D1191242090%26oauth_version%3D1.0");
  92
  93   fail|=test_request("GET", "http://photos.example.net/photos" "?"
  94       "file=vacation.jpg&size=original"
  95       "&oauth_version=1.0"
  96       "&oauth_consumer_key=dpf43f3p2l4k3l03"
  97       "&oauth_token=nnch734d00sl2jdk"
  98       "&oauth_timestamp=1191242096"
  99       "&oauth_nonce=kllo9940pd9333jh"
 100       "&oauth_signature=ignored"
 101       "&oauth_signature_method=HMAC-SHA1",
 102   // expect:
 103       "GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal");
 104
 105   fail|=test_sha1("cs","","bs","egQqG5AJep5sJ7anhXju1unge2I=");
 106   fail|=test_sha1("cs","ts","bs","VZVjXceV7JgPq/dOTnNmEfO0Fv8=");
 107   fail|=test_sha1("kd94hf93k423kf44","pfkkdhi9sl3r4s00","GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal","tR3+Ty81lMeYAr/Fid0kMTYa/WM=");
 108
 109   // HMAC-SHA1 selftest.
 110   // see http://oauth.net/core/1.0/#anchor25
 111   testurl = "GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3D"
 112       "vacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce"
 113       "%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26o"
 114       "auth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk"
 115       "%26oauth_version%3D1.0%26size%3Doriginal";
 116
 117   testkey = "kd94hf93k423kf44&pfkkdhi9sl3r4s00";
 118   b64d = oauth_sign_hmac_sha1(testurl , testkey);
 119   if (strcmp(b64d,"tR3+Ty81lMeYAr/Fid0kMTYa/WM=")) {
 120     printf("HMAC-SHA1 signature test failed.\n");
 121     fail|=1;
 122   } else if (loglevel)
 123     printf("HMAC-SHA1 signature test successful.\n");
 124   free(b64d);
 125
 126   // rsa-signature based on http://wiki.oauth.net/TestCases example
 127   b64d = oauth_sign_rsa_sha1(
 128     "GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacaction.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3D13917289812797014437%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1196666512%26oauth_version%3D1.0%26size%3Doriginal",
 129
 130     "-----BEGIN PRIVATE KEY-----\n"
 131     "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALRiMLAh9iimur8V\n"
 132     "A7qVvdqxevEuUkW4K+2KdMXmnQbG9Aa7k7eBjK1S+0LYmVjPKlJGNXHDGuy5Fw/d\n"
 133     "7rjVJ0BLB+ubPK8iA/Tw3hLQgXMRRGRXXCn8ikfuQfjUS1uZSatdLB81mydBETlJ\n"
 134     "hI6GH4twrbDJCR2Bwy/XWXgqgGRzAgMBAAECgYBYWVtleUzavkbrPjy0T5FMou8H\n"
 135     "X9u2AC2ry8vD/l7cqedtwMPp9k7TubgNFo+NGvKsl2ynyprOZR1xjQ7WgrgVB+mm\n"
 136     "uScOM/5HVceFuGRDhYTCObE+y1kxRloNYXnx3ei1zbeYLPCHdhxRYW7T0qcynNmw\n"
 137     "rn05/KO2RLjgQNalsQJBANeA3Q4Nugqy4QBUCEC09SqylT2K9FrrItqL2QKc9v0Z\n"
 138     "zO2uwllCbg0dwpVuYPYXYvikNHHg+aCWF+VXsb9rpPsCQQDWR9TT4ORdzoj+Nccn\n"
 139     "qkMsDmzt0EfNaAOwHOmVJ2RVBspPcxt5iN4HI7HNeG6U5YsFBb+/GZbgfBT3kpNG\n"
 140     "WPTpAkBI+gFhjfJvRw38n3g/+UeAkwMI2TJQS4n8+hid0uus3/zOjDySH3XHCUno\n"
 141     "cn1xOJAyZODBo47E+67R4jV1/gzbAkEAklJaspRPXP877NssM5nAZMU0/O/NGCZ+\n"
 142     "3jPgDUno6WbJn5cqm8MqWhW1xGkImgRk+fkDBquiq4gPiT898jusgQJAd5Zrr6Q8\n"
 143     "AO/0isr/3aa6O6NLQxISLKcPDk2NOccAfS/xOtfOz4sJYM3+Bs4Io9+dZGSDCA54\n"
 144     "Lw03eHTNQghS0A==\n"
 145     "-----END PRIVATE KEY-----");
 146
 147   if (strcmp(b64d,"jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=")) {
 148     printf("RSA-SHA1 signature test failed.\n");
 149     fail|=1;
 150   } else if (loglevel)
 151     printf("RSA-SHA1 signature test successful.\n");
 152   free(b64d);
 153
 154   if (oauth_verify_rsa_sha1(
 155     "GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacaction.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3D13917289812797014437%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1196666512%26oauth_version%3D1.0%26size%3Doriginal",
 156
 157     "-----BEGIN CERTIFICATE-----\n"
 158     "MIIBpjCCAQ+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAZMRcwFQYDVQQDDA5UZXN0\n"
 159     "IFByaW5jaXBhbDAeFw03MDAxMDEwODAwMDBaFw0zODEyMzEwODAwMDBaMBkxFzAV\n"
 160     "BgNVBAMMDlRlc3QgUHJpbmNpcGFsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n"
 161     "gQC0YjCwIfYoprq/FQO6lb3asXrxLlJFuCvtinTF5p0GxvQGu5O3gYytUvtC2JlY\n"
 162     "zypSRjVxwxrsuRcP3e641SdASwfrmzyvIgP08N4S0IFzEURkV1wp/IpH7kH41Etb\n"
 163     "mUmrXSwfNZsnQRE5SYSOhh+LcK2wyQkdgcMv11l4KoBkcwIDAQABMA0GCSqGSIb3\n"
 164     "DQEBBQUAA4GBAGZLPEuJ5SiJ2ryq+CmEGOXfvlTtEL2nuGtr9PewxkgnOjZpUy+d\n"
 165     "4TvuXJbNQc8f4AMWL/tO9w0Fk80rWKp9ea8/df4qMq5qlFWlx6yOLQxumNOmECKb\n"
 166     "WpkUQDIDJEoFUzKMVuJf4KO/FJ345+BNLGgbJ6WujreoM1X/gYfdnJ/J\n"
 167     "-----END CERTIFICATE-----\n",
 168     "jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=")
 169       != 1) {
 170     printf("RSA-SHA1 verify-signature test failed.\n");
 171     fail|=1;
 172   } else if (loglevel)
 173     printf("RSA-SHA1 verify-signature test successful.\n");
 174
 175   // report
 176   if (fail) {
 177     printf("\n !!! One or more tests from http://wiki.oauth.net/TestCases failed.\n\n");
 178   } else {
 179     printf(" *** http://wiki.oauth.net/TestCases verified sucessfully.\n");
 180   }
 181
 182   return (fail?1:0);
 183 }