Line data Source code
1 : /*
2 : * Unit tests for GMSA NDR structures.
3 : *
4 : * Copyright (C) Catalyst.NET Ltd 2023
5 : *
6 : * This program is free software; you can redistribute it and/or modify
7 : * it under the terms of the GNU General Public License as published by
8 : * the Free Software Foundation; either version 3 of the License, or
9 : * (at your option) any later version.
10 : *
11 : * This program is distributed in the hope that it will be useful,
12 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 : * GNU General Public License for more details.
15 : *
16 : * You should have received a copy of the GNU General Public License
17 : * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 : *
19 : */
20 :
21 : #include <stdarg.h>
22 : #include <stddef.h>
23 : #include <setjmp.h>
24 : #include <stdint.h>
25 : #include "cmocka.h"
26 :
27 : #include "lib/replace/replace.h"
28 :
29 : #include "lib/util/attr.h"
30 : #include "librpc/gen_ndr/ndr_gmsa.h"
31 : #include "librpc/gen_ndr/gmsa.h"
32 :
33 1 : static void assert_utf16_equal(const uint16_t *s1, const uint16_t *s2)
34 : {
35 1 : uint16_t c1;
36 1 : uint16_t c2;
37 :
38 1 : assert_non_null(s1);
39 1 : assert_non_null(s2);
40 :
41 129 : do {
42 129 : c1 = *s1++;
43 129 : c2 = *s2++;
44 129 : assert_int_equal(c1, c2);
45 129 : } while (c1);
46 1 : }
47 :
48 1 : static void test_managed_password_blob(void **state)
49 : {
50 1 : TALLOC_CTX *mem_ctx = NULL;
51 :
52 1 : enum ndr_err_code err;
53 1 : struct MANAGEDPASSWORD_BLOB managed_password = {};
54 :
55 : /* A sample blob produced by Windows. */
56 1 : uint8_t data[] = {
57 : 1, 0, 0, 0, 34, 1, 0, 0, 16, 0, 0, 0, 18,
58 : 1, 26, 1, 141, 65, 237, 151, 152, 15, 173, 200, 51, 62,
59 : 252, 30, 45, 180, 254, 9, 148, 134, 82, 118, 93, 131, 207,
60 : 203, 229, 43, 238, 154, 85, 94, 21, 146, 124, 43, 133, 75,
61 : 168, 15, 221, 241, 54, 38, 127, 134, 4, 232, 180, 54, 112,
62 : 224, 35, 18, 178, 140, 241, 53, 177, 75, 47, 178, 148, 17,
63 : 178, 163, 78, 51, 82, 15, 197, 117, 2, 57, 115, 243, 251,
64 : 146, 75, 249, 21, 55, 226, 125, 85, 112, 156, 85, 42, 39,
65 : 131, 17, 41, 198, 233, 163, 44, 171, 134, 145, 93, 134, 90,
66 : 95, 244, 70, 252, 137, 76, 200, 15, 20, 5, 86, 125, 235,
67 : 2, 3, 161, 249, 4, 26, 245, 205, 138, 17, 249, 33, 139,
68 : 150, 129, 142, 35, 23, 123, 190, 217, 88, 83, 128, 187, 24,
69 : 3, 69, 250, 56, 137, 86, 158, 197, 158, 122, 138, 101, 20,
70 : 252, 105, 105, 118, 28, 235, 24, 220, 251, 58, 44, 52, 231,
71 : 66, 74, 250, 215, 207, 96, 217, 57, 153, 25, 11, 5, 10,
72 : 81, 198, 198, 242, 245, 83, 91, 122, 175, 74, 30, 254, 26,
73 : 218, 113, 193, 249, 189, 95, 125, 151, 249, 235, 132, 66, 69,
74 : 170, 235, 143, 107, 155, 26, 34, 160, 27, 166, 79, 32, 104,
75 : 246, 100, 58, 76, 146, 102, 241, 105, 8, 151, 163, 20, 26,
76 : 232, 33, 138, 159, 184, 129, 187, 30, 123, 181, 17, 149, 84,
77 : 183, 248, 210, 254, 46, 98, 225, 12, 49, 196, 192, 149, 0,
78 : 0, 169, 191, 68, 132, 110, 23, 0, 0, 169, 97, 116, 209,
79 : 109, 23, 0, 0,
80 : };
81 :
82 1 : const DATA_BLOB blob = {data, sizeof data};
83 :
84 : /* The UTF‐16 password contained in the blob. */
85 1 : const uint16_t current_password[] = {
86 : 16781, 38893, 3992, 51373, 15923, 7932, 46125, 2558, 34452,
87 : 30290, 33629, 52175, 11237, 39662, 24149, 37397, 11132, 19333,
88 : 4008, 61917, 9782, 34431, 59396, 14004, 57456, 4643, 36018,
89 : 13809, 19377, 45615, 4500, 41906, 13134, 3922, 30149, 14594,
90 : 62323, 37627, 63819, 14101, 32226, 28757, 21916, 10026, 4483,
91 : 50729, 41961, 43820, 37254, 34397, 24410, 18164, 35324, 51276,
92 : 5135, 22021, 60285, 770, 63905, 6660, 52725, 4490, 8697,
93 : 38539, 36481, 5923, 48763, 22745, 32851, 6331, 17667, 14586,
94 : 22153, 50590, 31390, 25994, 64532, 26985, 7286, 6379, 64476,
95 : 11322, 59188, 19010, 55290, 24783, 14809, 6553, 1291, 20746,
96 : 50886, 62962, 23379, 44922, 7754, 6910, 29146, 63937, 24509,
97 : 38781, 60409, 17028, 43589, 36843, 39787, 8730, 7072, 20390,
98 : 26656, 25846, 19514, 26258, 27121, 38664, 5283, 59418, 35361,
99 : 47263, 48001, 31518, 4533, 21653, 63671, 65234, 25134, 3297,
100 : 50225, 38336, 0,
101 : };
102 :
103 1 : DATA_BLOB packed_blob = data_blob_null;
104 :
105 1 : mem_ctx = talloc_new(NULL);
106 1 : assert_non_null(mem_ctx);
107 :
108 : /* Pull the Managed Password structure. */
109 1 : err = ndr_pull_struct_blob(&blob,
110 : mem_ctx,
111 : &managed_password,
112 : (ndr_pull_flags_fn_t)
113 : ndr_pull_MANAGEDPASSWORD_BLOB);
114 1 : assert_int_equal(NDR_ERR_SUCCESS, err);
115 :
116 : /* Check the header. */
117 1 : assert_int_equal(1, managed_password.version);
118 1 : assert_int_equal(0, managed_password.reserved);
119 1 : assert_int_equal(sizeof data, managed_password.length);
120 :
121 : /* Check the password fields. */
122 1 : assert_utf16_equal(managed_password.passwords.current,
123 : current_password);
124 1 : assert_null(managed_password.passwords.previous);
125 :
126 : /* Check the password query intervals.*/
127 1 : assert_int_equal(0x176e8444bfa9,
128 : *managed_password.passwords.query_interval);
129 1 : assert_int_equal(0x176dd17461a9,
130 : *managed_password.passwords.unchanged_interval);
131 :
132 : /* Repack the Managed Password structure. */
133 1 : managed_password.length = 0;
134 1 : err = ndr_push_struct_blob(&packed_blob,
135 : mem_ctx,
136 : &managed_password,
137 : (ndr_push_flags_fn_t)
138 : ndr_push_MANAGEDPASSWORD_BLOB);
139 1 : assert_int_equal(NDR_ERR_SUCCESS, err);
140 :
141 : /*
142 : * Check that the result is identical to the blob produced by Windows.
143 : */
144 1 : assert_int_equal(blob.length, packed_blob.length);
145 1 : assert_memory_equal(blob.data, packed_blob.data, blob.length);
146 :
147 1 : talloc_free(mem_ctx);
148 1 : }
149 :
150 1 : int main(void)
151 : {
152 1 : const struct CMUnitTest tests[] = {
153 : cmocka_unit_test(test_managed_password_blob),
154 : };
155 1 : if (!isatty(1)) {
156 1 : cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
157 : }
158 1 : return cmocka_run_group_tests(tests, NULL, NULL);
159 : }
|
