From cd7671672f9fe81eceb884d50866cb7f6db0dfe0 Mon Sep 17 00:00:00 2001
From: cbonar <cbonar@localhost>
Date: Sun, 16 Mar 2008 11:59:09 +0000
Subject: [PATCH] + first import

---
 ciform/trunk/test/ciform.css  |   5 ++
 ciform/trunk/test/ciform.html |  32 ++++++++
 ciform/trunk/test/demo.php    |  71 ++++++++++++++++
 ciform/trunk/test/test.php    | 150 ++++++++++++++++++++++++++++++++++
 4 files changed, 258 insertions(+)
 create mode 100644 ciform/trunk/test/ciform.css
 create mode 100644 ciform/trunk/test/ciform.html
 create mode 100644 ciform/trunk/test/demo.php
 create mode 100644 ciform/trunk/test/test.php
diff --git a/ciform/trunk/test/ciform.css b/ciform/trunk/test/ciform.css
new file mode 100644
index 0000000..4595abf
--- /dev/null
+++ b/ciform/trunk/test/ciform.css
@@ -0,0 +1,5 @@
+/* A very simple style for demo purpose */
+body { background:white; }
+code, pre { background:#DDEEEE; }
+.txt { background:#CCFF99;}
+.b64, .bin, .hex { background:#EEEEAA; }
diff --git a/ciform/trunk/test/ciform.html b/ciform/trunk/test/ciform.html
new file mode 100644
index 0000000..aca7c97
--- /dev/null
+++ b/ciform/trunk/test/ciform.html
@@ -0,0 +1,32 @@
+<html>
+	<head>
+		<title>Test Page for Ciform</title>
+		<script language="javascript" src="/opt/jsunit/app/jsUnitCore.js"></script>
+		<script language="javascript" src="../target/libciform.js"></script>
+		<script language="javascript" src="../src/ciform.js"></script>
+		<script language="javascript">
+
+			function testSHA1Encoder()
+			{
+				var enc = new ciform.SHA1Encoder({'preamble':false});
+				assertEquals("Base64","qUqP5cyxm6YcTAhz05Hph5gvu9M",enc.encode("test"));
+				//var enc = new ciform.SHA1Encoder("hex");
+				//assertEquals("encode()","a94a8fe5ccb19ba61c4c0873d391e987982fbbd3",enc.encode("test").toLowerCase());
+			}
+
+			function testRSAEncoder()
+			{
+				var pubKey = { 'type':"rsa", 'e':[17], 'pq':[142235881,93780825,214584072,42027371,203833933,128905630,39039844,39477483,226960049,15] };
+				var enc = new ciform.RSAEncoder(pubKey,{'preamble':false,'salt':false});
+				assertEquals("No salt, no preamble","3c6888c1575418fce66b9ab0a936afd394f702fb1388b04625ab20334c40bbe1",enc.encode("test").toLowerCase());
+			}
+
+		</script>
+	</head>
+	<body>
+		<h1>Test Page for Ciform</h1>
+
+		<p>This page is a unit test.<br>
+		It must be open with <a href="http://www.jsunit.net/">JsUnit's TestRunner</a>.</p>
+	</body>
+</html>
\ No newline at end of file
diff --git a/ciform/trunk/test/demo.php b/ciform/trunk/test/demo.php
new file mode 100644
index 0000000..ad5ae49
--- /dev/null
+++ b/ciform/trunk/test/demo.php
@@ -0,0 +1,71 @@
+<?php
+	set_include_path("/opt/PEAR/".PATH_SEPARATOR.get_include_path());
+	set_include_path(get_include_path().PATH_SEPARATOR."../src/");
+	define("CIFORM_AUTODECRYPT",FALSE); // for demo purpose only
+	require_once("ciform.php");
+?><html>
+	<head>
+		<link rel="stylesheet" href="ciform.css" media="screen">
+		<script type="text/javascript" src="../target/libciform.js"></script>
+		<script type="text/javascript" src="../src/ciform.js"></script><!-- for debug only -->
+		<script type="text/javascript" src="keys/key-rsa.pub.js"></script>
+		<script type="text/javascript">
+
+			/**
+				This function is only for demo purpose.
+				Its goal is to show the user how the ciphertext looks like.
+			*/
+			function previewCipher()
+			{
+				// the following encoder is approaching the one used by Ciform
+				var encoder = new ciform.RSAEncoder(CIFORM['pubKey'],{'preamble':true,'salt':true});
+				document.getElementById('ciphertext').innerHTML = encoder.encode('in');
+			}
+
+			/**
+				this function is only for demo purpose.
+				It enables/disables SHA-1 encoding of the password before encrypting to server.
+			*/
+			function checkSha1(checkbox)
+			{
+				document.forms[0].output.className = checkbox.checked ? "hex ciform-sha1" : "hex";
+			}
+
+		</script>
+	</head>
+	<body>
+
+		<h1>Demo page for CiForm</h1>
+
+		<h2>1. Fill in the following form</h2>
+
+		<p>On submit, a hidden output field takes the value of the encrypted password,
+		and the password field is emptied so it is not transmitted.</p>
+
+		<form action="<?= $_SERVER['PHP_SELF'] ?>" method="POST" onsubmit="javascript:return new ciform.Ciform(this,CIFORM['pubKey']).encryptFields([{'in':'password','out':'output'}],alert);">
+			<input type="hidden" class="hex" name="output" size="80" onchange="javascript:document.getElementById('ciphertext').innerHTML=this.value;">
+			login : <input type="text" name="user"><br>
+			password : <input type="password" class="txt" name="password" onkeyup="this.onchange()" onchange="javascript:previewCipher();">
+				<!-- TODO icon onclick : show the public key and the server url -->
+				<img id="logo" src="pix/green-lock.gif" style="vertical-align:middle;">
+				Encrypt using SHA-1 : <input type="checkbox" name="usesha1" onchange="javascript:checkSha1(this);">
+				<br>
+				Preview of the encrypted text * : <span id="ciphertext" class="hex"></span>
+				<br>
+			<input type="submit" value="LOGIN">
+		</form>
+
+		<p>* <smaller><i>On-the-fly encryption may slow down typing, the usual case is to encrypt only on form submit.</i></smaller></p>
+
+		<h2>2. The form is submitted with the encrypted password</h2>
+
+		<p>Here is what the received response looks like :</p>
+		<pre><?php print_r($_REQUEST); ?></pre>
+
+		<p>And after decryption :</p>
+		<pre><?php
+			$_REQUEST = ciform_decryptParams($_REQUEST,$_SESSION[CIFORM_SESSION][CIFORM_SESSION_KEYPAIR]);
+			print_r($_REQUEST);
+		?></pre>
+	</body>
+</html>
\ No newline at end of file
diff --git a/ciform/trunk/test/test.php b/ciform/trunk/test/test.php
new file mode 100644
index 0000000..5dff26a
--- /dev/null
+++ b/ciform/trunk/test/test.php
@@ -0,0 +1,150 @@
+<?php
+	set_time_limit(60);	// for tests with long-sized keys
+	set_include_path("/opt/PEAR/".PATH_SEPARATOR.get_include_path());
+	set_include_path(get_include_path().PATH_SEPARATOR."../src/");
+	define("CIFORM_AUTODECRYPT",FALSE);
+	define("CIFORM_DEBUG",TRUE);
+	require_once("ciform.php");
+?><html>
+	<head>
+		<link rel="stylesheet" href="ciform.css" media="screen">
+		<script type="text/javascript" src="../target/libciform.js"></script>
+		<script type="text/javascript" src="../src/ciform.js"></script>
+		<script type="text/javascript" src="keys/key-rsa.pub.js"></script>
+	</head>
+
+	<body>
+
+		<h1>Test page for Ciform</h1>
+
+		<h2>1. Key generation</h2>
+
+		<?php
+			$keyPair = ciform_rsa_getKeyPair();
+			$pubKey = $keyPair->getPublicKey();
+			$math = $keyPair->_math_obj;
+		?>
+
+		<p>The key is either read from a file or generated on the fly if no file was found.<br>
+		It is served to the client as JSON data :</p>
+		<code><?= "var CIFORM_PUBKEY =" . ciform_rsa_pubKey2Json($keyPair) . ";" ?></code>
+
+
+
+		<h2>2. Encryption on the client side</h2>
+
+		<?php
+			// creating Crypt_RSA object
+			//$rsa = new Crypt_RSA;
+			$rsa = new Crypt_RSA($pubKey->getKeyLength(),'BCMath');
+
+			$plain_data = isset($_REQUEST['out']) ? ciform_decryptParam($_REQUEST['out'],$keyPair) : "password";
+
+			// encryption (usually using public key)
+			$enc_data_base64 = $rsa->encrypt($plain_data, $keyPair->getPublicKey());
+			$enc_data_bin = base64_decode($enc_data_base64);
+			$enc_data_hex = bin2hex($enc_data_base64);
+
+			// decryption (usually using private key)
+			$dec_data = $rsa->decrypt($enc_data_base64, $keyPair->getPrivateKey());
+		?>
+
+		<p>The user types in a password, and Javascript encodes it.
+		</p>
+
+		<p>On the server side, the message "<span class="txt"><?= $plain_data ?></span>" would be encoded this way :</p>
+		<ol>
+			<li>Original : <span class="txt"><?= $plain_data ?></span>
+			<li>Encrypted (ciphertext in base 64) : <span class="b64"><?= $enc_data_base64 ?></span>
+			<li>Decoded : <span class="txt"><?= $dec_data ?></span>
+
+		</ol>
+		<p>Extra :</p>
+		<ul>
+			<li>Original message sha-1 then base64 encoded : <span class="b64"><?= base64_encode(sha1($password,TRUE)) ?></span>
+			<li>Ciphertext in binary form (not really printable) : <span class="bin"><?= $enc_data_bin ?></span>
+			<li>Ciphertext in hexadecimal form : <span class="hex"><?= $enc_data_hex ?></span>
+		</ul>
+
+		<p>On the client side, it's the same, handled in Javascript :</p>
+		<form action="test.php" id="myForm">
+			<ol>
+				<li>The public key in Multi-Precision Integer (MPI), base64-encoded, which is going to be used for encryption : <input type="text" class="b64" id="mpi" size="120"><br>
+
+				<br><br>
+
+				<li>Type your message : <input type="text" class="txt" id="in" size="80"><br><span id="howmuchchars"></span> characters maximum.
+
+				<br><br>
+
+				<li>Encrypt the message on the client side (nothing is transmitted over the network yet) :<br>
+					<input type="button" onclick="javascript:test_encrypt();" value="ENCRYPT">
+					=&gt; <input type="text" class="b64" name="out" id="out" size="80"> <span id="howlong"></span><br>
+					The encoded value also holds meta-data about the exact encoding algorithm.
+				<br><br>
+
+				<li>Send the encrypted data to the server : <input type="submit" value="SUBMIT">
+
+				<br><br>
+
+			</ol>
+		</form>
+
+
+
+		<h2>3. Decrypted on the server side using the same key pair</h2>
+
+		<p>The generated keypair was stored and retrieved for decoding :</p>
+
+		<p>Each parameter of the request is decrypted if required :</p>
+		<p><table style="border:solid black 1px; border-collapse:collapse;" width="480px">
+		<tr><th>KEY</th><th>VALUE</th><th>DECRYPTED</th></tr>
+		<?php
+			foreach( $_REQUEST as $key => $val )
+			{
+				$dec = ciform_decryptParam($val,$keyPair);
+				if ( $key == "out" )
+				{
+					echo "<tr>";
+					echo "<td class='code'><b>$key</b></td>";
+					echo "<td class='txt'><b><code>" . chunk_split($val,76,"\n") . "</code></b></td>";
+					echo "<td class='hex'><b>$dec</b></td>";
+					echo "</tr>";
+				}
+				else
+				{
+					echo "<tr>";
+					echo "<td class='code'>$key</td>";
+					echo "<td class='txt'>$val</td>";
+					echo "<td class='hex'>$dec</td>";
+					echo "</tr>";
+				}
+			}
+		?></table></p>
+
+	<br><br><br>
+
+	</body>
+
+	<!-- Some initialisations -->
+	<script type="text/javascript">
+	//<!--
+		function test_encrypt()
+		{
+			var cif = new ciform.Ciform(document.getElementById('myForm'),CIFORM['pubKey']);
+			var start = new Date();
+			var ciphertext = cif.encryptFields([{'in':"in",'out':"out"}],alert);
+			var end = new Date();
+			//document.getElementById('out').value = ciphertext;
+			document.getElementById('howlong').innerHTML = (end.getTime() - start.getTime()) / 1000 + " s";
+		}
+
+		var mpi = s2r(b2mpi(CIFORM['pubKey']['pq'])+b2mpi([CIFORM['pubKey']['e']])).replace(/\n/,'');
+		document.getElementById('mpi').value = mpi;
+
+		var s = r2s(mpi);
+		document.getElementById('howmuchchars').innerHTML = Math.floor((s.charCodeAt(0)*256 + s.charCodeAt(1)+7)/8) - 3;
+	//-->
+	</script>
+
+</html>
\ No newline at end of file

KEY	VALUE	DECRYPTED
$key	`" . chunk_split($val,76,"\n") . "`	$dec
$key	$val	$dec