File: message_authenticate_test.go

package info (click to toggle)
golang-github-thomsonreuterseikon-go-ntlm 0.0~git20151030.0.b00ec39-1
  • links: PTS, VCS
  • area: main
  • in suites: buster, buster-backports
  • size: 248 kB
  • ctags: 296
  • sloc: makefile: 3
file content (102 lines) | stat: -rw-r--r-- 4,127 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
 
//Copyright 2013 Thomson Reuters Global Resources. BSD License please see License file for more information

package ntlm

import (
	"bytes"
	"encoding/base64"
	"encoding/hex"
	"testing"
)

func checkPayloadStruct(t *testing.T, payloadStruct *PayloadStruct, len uint16, offset uint32) {
	if payloadStruct.Len != len || payloadStruct.Offset != offset {
		t.Errorf("Failed to parse payload struct %d, %d", payloadStruct.Len, payloadStruct.Offset)
	}
}

func TestParseNTLMv1AsV2(t *testing.T) {
	ntlmv1data := "TlRMTVNTUAADAAAAGAAYALYAAAAYABgAzgAAADQANABIAAAAIAAgAHwAAAAaABoAnAAAABAAEADmAAAAVYKQQgUCzg4AAAAPYQByAHIAYQB5ADEAMgAuAG0AcwBnAHQAcwB0AC4AcgBlAHUAdABlAHIAcwAuAGMAbwBtAHUAcwBlAHIAcwB0AHIAZQBzAHMAMQAwADAAMAAwADgATgBZAEMAVgBBADEAMgBTADIAQwBNAFMAQQDguXWdC2hLH+C5dZ0LaEsf4Ll1nQtoSx9nI+fkE73qtElnkDiSQbxfcDN9zbtO1qfyK3ZTI6CUhvjxmXnpZEjY"
	authBytes, err := base64.StdEncoding.DecodeString(ntlmv1data)
	_, err = ParseAuthenticateMessage(authBytes, 2)
	if err == nil {
		t.Error("Should have returned error when tring to parse an NTLMv1 authenticate message as NTLMv2")
	}
	_, err = ParseAuthenticateMessage(authBytes, 1)
	if err != nil {
		t.Error("Should not have returned error when tring to parse an NTLMv1 authenticate message")
	}
}

func TestAuthenticateNtlmV1(t *testing.T) {
	authenticateMessage := "TlRMTVNTUAADAAAAGAAYAIgAAAAYABgAoAAAAAAAAABYAAAAIAAgAFgAAAAQABAAeAAAABAAEAC4AAAAVYKQYgYBsR0AAAAP2BgW++b14Dh6Z5B4Xs1DiHAAYQB1AGwAQABwAGEAdQBsAGQAaQB4AC4AbgBlAHQAVwBJAE4ANwBfAEkARQA4ACugxZFzvHB4P6LdKbbZpiYHo2ErZURLiSugxZFzvHB4P6LdKbbZpiYHo2ErZURLibmpCUlnbq2I4LAdEhLdg7I="
	authenticateData, err := base64.StdEncoding.DecodeString(authenticateMessage)

	if err != nil {
		t.Error("Could not base64 decode message data")
	}

	a, err := ParseAuthenticateMessage(authenticateData, 1)
	if err != nil {
		t.Error("Could not parse authenticate message")
	}

	a.String()

	outBytes := a.Bytes()

	if len(outBytes) > 0 {
		reparsed, err := ParseAuthenticateMessage(outBytes, 1)
		if err != nil {
			t.Error("Could not re-parse authenticate message")
		}
		if reparsed.String() != a.String() {
			t.Error("Reparsed message is not the same")
		}
	} else {
		t.Error("Invalid authenticate messsage bytes")
	}
}

func TestAuthenticateNtlmV2(t *testing.T) {
	authenticateMessage := "TlRMTVNTUAADAAAAGAAYAI4AAAAGAQYBpgAAAAAAAABYAAAAIAAgAFgAAAAWABYAeAAAABAAEACsAQAAVYKQQgYAchcAAAAPpdhi9ItaLWwSGpFMT4VQbnAAYQB1AGwAQABwAGEAdQBsAGQAaQB4AC4AbgBlAHQASQBQAC0AMABBADAAQwAzAEEAMQBFAAE/QEbbIB1InAX5KMgp4s4wmpPZ9jp9T3EC95rRY01DhMSv1kei5wYBAQAAAAAAADM6xfahoM0BMJqT2fY6fU8AAAAAAgAOAFIARQBVAFQARQBSAFMAAQAcAFUASwBCAFAALQBDAEIAVABSAE0ARgBFADAANgAEABYAUgBlAHUAdABlAHIAcwAuAG4AZQB0AAMANAB1AGsAYgBwAC0AYwBiAHQAcgBtAGYAZQAwADYALgBSAGUAdQB0AGUAcgBzAC4AbgBlAHQABQAWAFIAZQB1AHQAZQByAHMALgBuAGUAdAAIADAAMAAAAAAAAAAAAAAAADAAAFaspfI82pMCKSuN2L09orn37EQVvxCSqVqQhCloFhQeAAAAAAAAAADRgm1iKYwwmIF3axms/dIe"
	authenticateData, err := base64.StdEncoding.DecodeString(authenticateMessage)

	if err != nil {
		t.Error("Could not base64 decode message data")
	}

	a, err := ParseAuthenticateMessage(authenticateData, 2)

	if err != nil || a == nil {
		t.Error("Failed to parse authenticate message " + err.Error())
	}

	checkPayloadStruct(t, a.LmChallengeResponse, 24, 142)
	checkPayloadStruct(t, a.NtChallengeResponseFields, 262, 166)
	checkPayloadStruct(t, a.DomainName, 0, 88)
	checkPayloadStruct(t, a.UserName, 32, 88)
	checkPayloadStruct(t, a.Workstation, 22, 120)
	checkPayloadStruct(t, a.EncryptedRandomSessionKey, 16, 428)

	if a.NegotiateFlags != uint32(1116766805) {
		t.Errorf("Authenticate negotiate flags not correct should be %d got %d", uint32(1116766805), a.NegotiateFlags)
	}

	mic, err := hex.DecodeString("a5d862f48b5a2d6c121a914c4f85506e")
	if !bytes.Equal(a.Mic, mic) {
		t.Errorf("Mic not correct, should be %s, got %s", "a5d862f48b5a2d6c121a914c4f85506e", hex.EncodeToString(a.Mic))
	}

	if len(a.Payload) != 356 {
		t.Errorf("Length of payload is incorrect got: %d, should be %d", len(a.Payload), 356)
	}

	a.String()

	// Generate the bytes from the message and reparse it and make sure that works
	bytes := a.Bytes()
	if len(bytes) == 0 {

	}
}