On Thu, Jul 31, 2014 at 9:29 AM, David Woodhouse <dwmw2 at infradead.org> wrote: > On Tue, 2014-07-29 at 12:05 -0700, Kevin Cernekee wrote: >> >> 2) If --token-secret points to a file, read the file contents into >> token_str. This would allow sdtid (XML) tokens to be used directly; >> it may also be helpful in keeping token strings (basically keys) from >> showing up in "ps". > > Let me know if the UTF-8 handling required for this is non-obvious. > > For Windows, hopefully your API accepts UTF-8 and will convert to use > the "Unicode" functions internally? :) For an input string containing a CTF URI (http://127.0.0.1/securid/ctf?ctfData=2328...) I would not expect to see any non-ASCII characters. For an SDTID XML file, I call xmlReadMemory() with encoding set to NULL (UTF-8). There is some variation in how RSA's own utilities handle non-ASCII characters, and even HTML entities, so I'm not 100% sure all of the MAC fields are computed correctly. It would be helpful for somebody with access to a working, up-to-date RSA Authentication Manager setup to generate a couple of test tokens. Don't know if anyone has tried to build libstoken under MinGW.
