Line data Source code
1 : /*
2 : * Unit tests for GMSA NDR structures.
3 : *
4 : * Copyright (C) Catalyst.NET Ltd 2023
5 : *
6 : * This program is free software; you can redistribute it and/or modify
7 : * it under the terms of the GNU General Public License as published by
8 : * the Free Software Foundation; either version 3 of the License, or
9 : * (at your option) any later version.
10 : *
11 : * This program is distributed in the hope that it will be useful,
12 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 : * GNU General Public License for more details.
15 : *
16 : * You should have received a copy of the GNU General Public License
17 : * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 : *
19 : */
20 :
21 : #include <stdarg.h>
22 : #include <stddef.h>
23 : #include <setjmp.h>
24 : #include <stdint.h>
25 : #include "cmocka.h"
26 :
27 : #include "lib/replace/replace.h"
28 :
29 : #include "lib/util/attr.h"
30 : #include "lib/util/bytearray.h"
31 : #include "librpc/gen_ndr/ndr_gmsa.h"
32 : #include "librpc/gen_ndr/gmsa.h"
33 :
34 1 : static void assert_utf16_equal(const unsigned char *s1, const unsigned char *s2)
35 : {
36 1 : uint16_t c1;
37 1 : uint16_t c2;
38 1 : size_t n = 0;
39 :
40 1 : assert_non_null(s1);
41 1 : assert_non_null(s2);
42 :
43 129 : do {
44 129 : c1 = PULL_LE_U16(s1, n);
45 129 : c2 = PULL_LE_U16(s2, n);
46 129 : assert_int_equal(c1, c2);
47 129 : n += 2;
48 129 : } while (c1);
49 1 : }
50 :
51 1 : static void test_managed_password_blob(void **state)
52 : {
53 1 : TALLOC_CTX *mem_ctx = NULL;
54 :
55 1 : enum ndr_err_code err;
56 1 : struct MANAGEDPASSWORD_BLOB managed_password = {};
57 :
58 : /* A sample blob produced by Windows. */
59 1 : uint8_t data[] = {
60 : 1, 0, 0, 0, 34, 1, 0, 0, 16, 0, 0, 0, 18,
61 : 1, 26, 1, 141, 65, 237, 151, 152, 15, 173, 200, 51, 62,
62 : 252, 30, 45, 180, 254, 9, 148, 134, 82, 118, 93, 131, 207,
63 : 203, 229, 43, 238, 154, 85, 94, 21, 146, 124, 43, 133, 75,
64 : 168, 15, 221, 241, 54, 38, 127, 134, 4, 232, 180, 54, 112,
65 : 224, 35, 18, 178, 140, 241, 53, 177, 75, 47, 178, 148, 17,
66 : 178, 163, 78, 51, 82, 15, 197, 117, 2, 57, 115, 243, 251,
67 : 146, 75, 249, 21, 55, 226, 125, 85, 112, 156, 85, 42, 39,
68 : 131, 17, 41, 198, 233, 163, 44, 171, 134, 145, 93, 134, 90,
69 : 95, 244, 70, 252, 137, 76, 200, 15, 20, 5, 86, 125, 235,
70 : 2, 3, 161, 249, 4, 26, 245, 205, 138, 17, 249, 33, 139,
71 : 150, 129, 142, 35, 23, 123, 190, 217, 88, 83, 128, 187, 24,
72 : 3, 69, 250, 56, 137, 86, 158, 197, 158, 122, 138, 101, 20,
73 : 252, 105, 105, 118, 28, 235, 24, 220, 251, 58, 44, 52, 231,
74 : 66, 74, 250, 215, 207, 96, 217, 57, 153, 25, 11, 5, 10,
75 : 81, 198, 198, 242, 245, 83, 91, 122, 175, 74, 30, 254, 26,
76 : 218, 113, 193, 249, 189, 95, 125, 151, 249, 235, 132, 66, 69,
77 : 170, 235, 143, 107, 155, 26, 34, 160, 27, 166, 79, 32, 104,
78 : 246, 100, 58, 76, 146, 102, 241, 105, 8, 151, 163, 20, 26,
79 : 232, 33, 138, 159, 184, 129, 187, 30, 123, 181, 17, 149, 84,
80 : 183, 248, 210, 254, 46, 98, 225, 12, 49, 196, 192, 149, 0,
81 : 0, 169, 191, 68, 132, 110, 23, 0, 0, 169, 97, 116, 209,
82 : 109, 23, 0, 0,
83 : };
84 :
85 1 : const DATA_BLOB blob = {data, sizeof data};
86 :
87 : /* The UTF‐16 password contained in the blob. */
88 1 : const unsigned char current_password[] = {
89 : 141, 65, 237, 151, 152, 15, 173, 200, 51, 62, 252, 30, 45,
90 : 180, 254, 9, 148, 134, 82, 118, 93, 131, 207, 203, 229, 43,
91 : 238, 154, 85, 94, 21, 146, 124, 43, 133, 75, 168, 15, 221,
92 : 241, 54, 38, 127, 134, 4, 232, 180, 54, 112, 224, 35, 18,
93 : 178, 140, 241, 53, 177, 75, 47, 178, 148, 17, 178, 163, 78,
94 : 51, 82, 15, 197, 117, 2, 57, 115, 243, 251, 146, 75, 249,
95 : 21, 55, 226, 125, 85, 112, 156, 85, 42, 39, 131, 17, 41,
96 : 198, 233, 163, 44, 171, 134, 145, 93, 134, 90, 95, 244, 70,
97 : 252, 137, 76, 200, 15, 20, 5, 86, 125, 235, 2, 3, 161,
98 : 249, 4, 26, 245, 205, 138, 17, 249, 33, 139, 150, 129, 142,
99 : 35, 23, 123, 190, 217, 88, 83, 128, 187, 24, 3, 69, 250,
100 : 56, 137, 86, 158, 197, 158, 122, 138, 101, 20, 252, 105, 105,
101 : 118, 28, 235, 24, 220, 251, 58, 44, 52, 231, 66, 74, 250,
102 : 215, 207, 96, 217, 57, 153, 25, 11, 5, 10, 81, 198, 198,
103 : 242, 245, 83, 91, 122, 175, 74, 30, 254, 26, 218, 113, 193,
104 : 249, 189, 95, 125, 151, 249, 235, 132, 66, 69, 170, 235, 143,
105 : 107, 155, 26, 34, 160, 27, 166, 79, 32, 104, 246, 100, 58,
106 : 76, 146, 102, 241, 105, 8, 151, 163, 20, 26, 232, 33, 138,
107 : 159, 184, 129, 187, 30, 123, 181, 17, 149, 84, 183, 248, 210,
108 : 254, 46, 98, 225, 12, 49, 196, 192, 149, 0, 0};
109 :
110 1 : DATA_BLOB packed_blob = data_blob_null;
111 :
112 1 : mem_ctx = talloc_new(NULL);
113 1 : assert_non_null(mem_ctx);
114 :
115 : /* Pull the Managed Password structure. */
116 1 : err = ndr_pull_struct_blob(&blob,
117 : mem_ctx,
118 : &managed_password,
119 : (ndr_pull_flags_fn_t)
120 : ndr_pull_MANAGEDPASSWORD_BLOB);
121 1 : assert_int_equal(NDR_ERR_SUCCESS, err);
122 :
123 : /* Check the header. */
124 1 : assert_int_equal(1, managed_password.version);
125 1 : assert_int_equal(0, managed_password.reserved);
126 1 : assert_int_equal(sizeof data, managed_password.length);
127 :
128 : /* Check the password fields. */
129 1 : assert_utf16_equal(managed_password.passwords.current,
130 : current_password);
131 1 : assert_null(managed_password.passwords.previous);
132 :
133 : /* Check the password query intervals.*/
134 1 : assert_int_equal(0x176e8444bfa9,
135 : *managed_password.passwords.query_interval);
136 1 : assert_int_equal(0x176dd17461a9,
137 : *managed_password.passwords.unchanged_interval);
138 :
139 : /* Repack the Managed Password structure. */
140 1 : managed_password.length = 0;
141 1 : err = ndr_push_struct_blob(&packed_blob,
142 : mem_ctx,
143 : &managed_password,
144 : (ndr_push_flags_fn_t)
145 : ndr_push_MANAGEDPASSWORD_BLOB);
146 1 : assert_int_equal(NDR_ERR_SUCCESS, err);
147 :
148 : /*
149 : * Check that the result is identical to the blob produced by Windows.
150 : */
151 1 : assert_int_equal(blob.length, packed_blob.length);
152 1 : assert_memory_equal(blob.data, packed_blob.data, blob.length);
153 :
154 1 : talloc_free(mem_ctx);
155 1 : }
156 :
157 1 : int main(void)
158 : {
159 1 : const struct CMUnitTest tests[] = {
160 : cmocka_unit_test(test_managed_password_blob),
161 : };
162 1 : if (!isatty(1)) {
163 1 : cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
164 : }
165 1 : return cmocka_run_group_tests(tests, NULL, NULL);
166 : }
|
