| 1 | /*
|
|---|
| 2 | Unix SMB/CIFS implementation.
|
|---|
| 3 | Small self-tests for the NTLMSSP code
|
|---|
| 4 | Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004
|
|---|
| 5 |
|
|---|
| 6 | This program is free software; you can redistribute it and/or modify
|
|---|
| 7 | it under the terms of the GNU General Public License as published by
|
|---|
| 8 | the Free Software Foundation; either version 3 of the License, or
|
|---|
| 9 | (at your option) any later version.
|
|---|
| 10 |
|
|---|
| 11 | This program is distributed in the hope that it will be useful,
|
|---|
| 12 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|---|
| 13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|---|
| 14 | GNU General Public License for more details.
|
|---|
| 15 |
|
|---|
| 16 | You should have received a copy of the GNU General Public License
|
|---|
| 17 | along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|---|
| 18 | */
|
|---|
| 19 |
|
|---|
| 20 | #include "includes.h"
|
|---|
| 21 | #include "auth/gensec/gensec.h"
|
|---|
| 22 | #include "auth/ntlmssp/ntlmssp.h"
|
|---|
| 23 | #include "lib/cmdline/popt_common.h"
|
|---|
| 24 | #include "torture/torture.h"
|
|---|
| 25 | #include "param/param.h"
|
|---|
| 26 |
|
|---|
| 27 | static bool torture_ntlmssp_self_check(struct torture_context *tctx)
|
|---|
| 28 | {
|
|---|
| 29 | struct gensec_security *gensec_security;
|
|---|
| 30 | struct gensec_ntlmssp_context *gensec_ntlmssp;
|
|---|
| 31 | struct ntlmssp_state *ntlmssp_state;
|
|---|
| 32 | DATA_BLOB data;
|
|---|
| 33 | DATA_BLOB sig, expected_sig;
|
|---|
| 34 | TALLOC_CTX *mem_ctx = tctx;
|
|---|
| 35 |
|
|---|
| 36 | torture_assert_ntstatus_ok(tctx,
|
|---|
| 37 | gensec_client_start(mem_ctx, &gensec_security,
|
|---|
| 38 | tctx->ev, lpcfg_gensec_settings(tctx, tctx->lp_ctx)),
|
|---|
| 39 | "gensec client start");
|
|---|
| 40 |
|
|---|
| 41 | gensec_set_credentials(gensec_security, cmdline_credentials);
|
|---|
| 42 |
|
|---|
| 43 | gensec_want_feature(gensec_security, GENSEC_FEATURE_SIGN);
|
|---|
| 44 | gensec_want_feature(gensec_security, GENSEC_FEATURE_SEAL);
|
|---|
| 45 |
|
|---|
| 46 | torture_assert_ntstatus_ok(tctx,
|
|---|
| 47 | gensec_start_mech_by_oid(gensec_security, GENSEC_OID_NTLMSSP),
|
|---|
| 48 | "Failed to start GENSEC for NTLMSSP");
|
|---|
| 49 |
|
|---|
| 50 | gensec_ntlmssp = talloc_get_type_abort(gensec_security->private_data,
|
|---|
| 51 | struct gensec_ntlmssp_context);
|
|---|
| 52 | ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
|
|---|
| 53 |
|
|---|
| 54 | ntlmssp_state->session_key = strhex_to_data_blob(tctx, "0102030405060708090a0b0c0d0e0f00");
|
|---|
| 55 | dump_data_pw("NTLMSSP session key: \n",
|
|---|
| 56 | ntlmssp_state->session_key.data,
|
|---|
| 57 | ntlmssp_state->session_key.length);
|
|---|
| 58 |
|
|---|
| 59 | ntlmssp_state->neg_flags = NTLMSSP_NEGOTIATE_SIGN | NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_KEY_EXCH | NTLMSSP_NEGOTIATE_NTLM2;
|
|---|
| 60 |
|
|---|
| 61 | torture_assert_ntstatus_ok(tctx,
|
|---|
| 62 | ntlmssp_sign_init(ntlmssp_state),
|
|---|
| 63 | "Failed to sign_init");
|
|---|
| 64 |
|
|---|
| 65 | data = strhex_to_data_blob(tctx, "6a43494653");
|
|---|
| 66 | gensec_ntlmssp_sign_packet(gensec_security, gensec_security,
|
|---|
| 67 | data.data, data.length, data.data, data.length, &sig);
|
|---|
| 68 |
|
|---|
| 69 | expected_sig = strhex_to_data_blob(tctx, "01000000e37f97f2544f4d7e00000000");
|
|---|
| 70 |
|
|---|
| 71 | dump_data_pw("NTLMSSP calc sig: ", sig.data, sig.length);
|
|---|
| 72 | dump_data_pw("NTLMSSP expected sig: ", expected_sig.data, expected_sig.length);
|
|---|
| 73 |
|
|---|
| 74 | torture_assert_int_equal(tctx, sig.length, expected_sig.length, "Wrong sig length");
|
|---|
| 75 |
|
|---|
| 76 | torture_assert_mem_equal(tctx, sig.data, expected_sig.data, sig.length,
|
|---|
| 77 | "data mismatch");
|
|---|
| 78 |
|
|---|
| 79 | torture_assert_ntstatus_equal(tctx,
|
|---|
| 80 | gensec_ntlmssp_check_packet(gensec_security, gensec_security,
|
|---|
| 81 | data.data, data.length, data.data, data.length, &sig),
|
|---|
| 82 | NT_STATUS_ACCESS_DENIED, "Check of just signed packet (should fail, wrong end)");
|
|---|
| 83 |
|
|---|
| 84 | ntlmssp_state->session_key = data_blob(NULL, 0);
|
|---|
| 85 |
|
|---|
| 86 | torture_assert_ntstatus_equal(tctx,
|
|---|
| 87 | gensec_ntlmssp_check_packet(gensec_security, gensec_security,
|
|---|
| 88 | data.data, data.length, data.data, data.length, &sig),
|
|---|
| 89 | NT_STATUS_NO_USER_SESSION_KEY, "Check of just signed packet without a session key should fail");
|
|---|
| 90 |
|
|---|
| 91 | talloc_free(gensec_security);
|
|---|
| 92 |
|
|---|
| 93 | torture_assert_ntstatus_ok(tctx,
|
|---|
| 94 | gensec_client_start(mem_ctx, &gensec_security,
|
|---|
| 95 | tctx->ev, lpcfg_gensec_settings(tctx, tctx->lp_ctx)),
|
|---|
| 96 | "Failed to start GENSEC for NTLMSSP");
|
|---|
| 97 |
|
|---|
| 98 | gensec_set_credentials(gensec_security, cmdline_credentials);
|
|---|
| 99 |
|
|---|
| 100 | gensec_want_feature(gensec_security, GENSEC_FEATURE_SIGN);
|
|---|
| 101 | gensec_want_feature(gensec_security, GENSEC_FEATURE_SEAL);
|
|---|
| 102 |
|
|---|
| 103 | torture_assert_ntstatus_ok(tctx,
|
|---|
| 104 | gensec_start_mech_by_oid(gensec_security, GENSEC_OID_NTLMSSP),
|
|---|
| 105 | "GENSEC start mech by oid");
|
|---|
| 106 |
|
|---|
| 107 | gensec_ntlmssp = talloc_get_type_abort(gensec_security->private_data,
|
|---|
| 108 | struct gensec_ntlmssp_context);
|
|---|
| 109 | ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
|
|---|
| 110 |
|
|---|
| 111 | ntlmssp_state->session_key = strhex_to_data_blob(tctx, "0102030405e538b0");
|
|---|
| 112 | dump_data_pw("NTLMSSP session key: \n",
|
|---|
| 113 | ntlmssp_state->session_key.data,
|
|---|
| 114 | ntlmssp_state->session_key.length);
|
|---|
| 115 |
|
|---|
| 116 | ntlmssp_state->neg_flags = NTLMSSP_NEGOTIATE_SIGN | NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_KEY_EXCH;
|
|---|
| 117 |
|
|---|
| 118 | torture_assert_ntstatus_ok(tctx,
|
|---|
| 119 | ntlmssp_sign_init(ntlmssp_state),
|
|---|
| 120 | "Failed to sign_init");
|
|---|
| 121 |
|
|---|
| 122 | data = strhex_to_data_blob(tctx, "6a43494653");
|
|---|
| 123 | gensec_ntlmssp_sign_packet(gensec_security, gensec_security,
|
|---|
| 124 | data.data, data.length, data.data, data.length, &sig);
|
|---|
| 125 |
|
|---|
| 126 | expected_sig = strhex_to_data_blob(tctx, "0100000078010900397420fe0e5a0f89");
|
|---|
| 127 |
|
|---|
| 128 | dump_data_pw("NTLMSSP calc sig: ", sig.data, sig.length);
|
|---|
| 129 | dump_data_pw("NTLMSSP expected sig: ", expected_sig.data, expected_sig.length);
|
|---|
| 130 |
|
|---|
| 131 | torture_assert_int_equal(tctx, sig.length, expected_sig.length, "Wrong sig length");
|
|---|
| 132 |
|
|---|
| 133 | torture_assert_mem_equal(tctx, sig.data+8, expected_sig.data+8, sig.length-8,
|
|---|
| 134 | "data mismatch");
|
|---|
| 135 |
|
|---|
| 136 | torture_assert_ntstatus_equal(tctx,
|
|---|
| 137 | gensec_ntlmssp_check_packet(gensec_security, gensec_security,
|
|---|
| 138 | data.data, data.length, data.data, data.length, &sig),
|
|---|
| 139 | NT_STATUS_ACCESS_DENIED, "Check of just signed packet (should fail, wrong end)");
|
|---|
| 140 |
|
|---|
| 141 | sig.length /= 2;
|
|---|
| 142 |
|
|---|
| 143 | torture_assert_ntstatus_equal(tctx,
|
|---|
| 144 | gensec_ntlmssp_check_packet(gensec_security, gensec_security,
|
|---|
| 145 | data.data, data.length, data.data, data.length, &sig),
|
|---|
| 146 | NT_STATUS_ACCESS_DENIED, "Check of just signed packet with short sig");
|
|---|
| 147 |
|
|---|
| 148 | talloc_free(gensec_security);
|
|---|
| 149 | return true;
|
|---|
| 150 | }
|
|---|
| 151 |
|
|---|
| 152 | struct torture_suite *torture_ntlmssp(TALLOC_CTX *mem_ctx)
|
|---|
| 153 | {
|
|---|
| 154 | struct torture_suite *suite = torture_suite_create(mem_ctx, "ntlmssp");
|
|---|
| 155 |
|
|---|
| 156 | torture_suite_add_simple_test(suite, "NTLMSSP self check",
|
|---|
| 157 | torture_ntlmssp_self_check);
|
|---|
| 158 |
|
|---|
| 159 | return suite;
|
|---|
| 160 | }
|
|---|
