1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* lib/krb5/krb/t_ser.c - Test serialization */
3 /*
4 * Copyright 1995, 2019 by the Massachusetts Institute of Technology.
5 * All Rights Reserved.
6 *
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
11 *
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. Furthermore if you modify this software you must label
20 * your software as modified software and not distribute it in such a
21 * fashion that it might be confused with the original M.I.T. software.
22 * M.I.T. makes no representations about the suitability of
23 * this software for any purpose. It is provided "as is" without express
24 * or implied warranty.
25 */
26
27 #include "k5-int.h"
28 #include "com_err.h"
29 #include "auth_con.h"
30
31 #include <ctype.h>
32
33 static const char stuff[]="You can't take a pointer to a function and convert \
34 it to a pointer to char; ANSI doesn't say it'll work, and in fact on the HPPA \
35 you can lose some bits of the function pointer, and get a pointer that you \
36 can't safely dereference. This test file used to make this mistake, often.";
37
38 static void
check(krb5_error_code code)39 check(krb5_error_code code)
40 {
41 if (code != 0) {
42 com_err("t_ser", code, NULL);
43 abort();
44 }
45 }
46
47 static void *
ealloc(size_t size)48 ealloc(size_t size)
49 {
50 void *ptr = calloc(1, size);
51
52 if (ptr == NULL)
53 abort();
54 return ptr;
55 }
56
57 static void
ser_context(krb5_context ctx)58 ser_context(krb5_context ctx)
59 {
60 uint8_t *erep, *erep2, *bp;
61 size_t elen = 0, elen2 = 0, blen;
62 krb5_context ctx2;
63
64 check(k5_size_context(ctx, &elen));
65 erep = ealloc(elen);
66
67 bp = erep;
68 blen = elen;
69 check(k5_externalize_context(ctx, &bp, &blen));
70 assert(bp == erep + elen && blen == 0);
71
72 bp = erep;
73 blen = elen;
74 check(k5_internalize_context(&ctx2, &bp, &blen));
75 assert(bp == erep + elen && blen == 0);
76
77 check(k5_size_context(ctx2, &elen2));
78 assert(elen2 == elen);
79 erep2 = ealloc(elen2);
80
81 bp = erep2;
82 blen = elen2;
83 check(k5_externalize_context(ctx2, &bp, &blen));
84 assert(bp == erep2 + elen2 && blen == 0);
85 assert(memcmp(erep, erep2, elen) == 0);
86
87 free(erep);
88 free(erep2);
89 krb5_free_context(ctx2);
90 }
91
92 static void
ser_auth_context(krb5_auth_context actx)93 ser_auth_context(krb5_auth_context actx)
94 {
95 uint8_t *erep, *erep2, *bp;
96 size_t elen = 0, elen2 = 0, blen;
97 krb5_auth_context actx2;
98
99 check(k5_size_auth_context(actx, &elen));
100 erep = ealloc(elen);
101
102 bp = erep;
103 blen = elen;
104 check(k5_externalize_auth_context(actx, &bp, &blen));
105 assert(bp == erep + elen && blen == 0);
106
107 bp = erep;
108 blen = elen;
109 check(k5_internalize_auth_context(&actx2, &bp, &blen));
110 assert(bp == erep + elen && blen == 0);
111
112 check(k5_size_auth_context(actx2, &elen2));
113 assert(elen2 == elen);
114 erep2 = ealloc(elen2);
115
116 bp = erep2;
117 blen = elen2;
118 check(k5_externalize_auth_context(actx2, &bp, &blen));
119 assert(bp == erep2 + elen2 && blen == 0);
120 assert(memcmp(erep, erep2, elen) == 0);
121
122 free(erep);
123 free(erep2);
124 krb5_auth_con_free(NULL, actx2);
125 }
126
127 static void
ser_principal(krb5_principal princ)128 ser_principal(krb5_principal princ)
129 {
130 uint8_t *erep, *erep2, *bp;
131 size_t elen = 0, elen2 = 0, blen;
132 krb5_principal princ2;
133
134 check(k5_size_principal(princ, &elen));
135 erep = ealloc(elen);
136
137 bp = erep;
138 blen = elen;
139 check(k5_externalize_principal(princ, &bp, &blen));
140 assert(bp == erep + elen && blen == 0);
141
142 bp = erep;
143 blen = elen;
144 check(k5_internalize_principal(&princ2, &bp, &blen));
145 assert(bp == erep + elen && blen == 0);
146
147 check(k5_size_principal(princ2, &elen2));
148 assert(elen2 == elen);
149 erep2 = ealloc(elen2);
150
151 bp = erep2;
152 blen = elen2;
153 check(k5_externalize_principal(princ2, &bp, &blen));
154 assert(bp == erep2 + elen2 && blen == 0);
155 assert(memcmp(erep, erep2, elen) == 0);
156
157 free(erep);
158 free(erep2);
159 krb5_free_principal(NULL, princ2);
160 }
161
162 static void
ser_checksum(krb5_checksum * cksum)163 ser_checksum(krb5_checksum *cksum)
164 {
165 uint8_t *erep, *erep2, *bp;
166 size_t elen = 0, elen2 = 0, blen;
167 krb5_checksum *cksum2;
168
169 check(k5_size_checksum(cksum, &elen));
170 erep = ealloc(elen);
171
172 bp = erep;
173 blen = elen;
174 check(k5_externalize_checksum(cksum, &bp, &blen));
175 assert(bp == erep + elen && blen == 0);
176
177 bp = erep;
178 blen = elen;
179 check(k5_internalize_checksum(&cksum2, &bp, &blen));
180 assert(bp == erep + elen && blen == 0);
181
182 check(k5_size_checksum(cksum2, &elen2));
183 assert(elen2 == elen);
184 erep2 = ealloc(elen2);
185
186 bp = erep2;
187 blen = elen2;
188 check(k5_externalize_checksum(cksum2, &bp, &blen));
189 assert(bp == erep2 + elen2 && blen == 0);
190 assert(memcmp(erep, erep2, elen) == 0);
191
192 free(erep);
193 free(erep2);
194 krb5_free_checksum(NULL, cksum2);
195 }
196
197 static void
ser_context_test(void)198 ser_context_test(void)
199 {
200 krb5_context context;
201 profile_t sprofile;
202
203 check(krb5_init_context(&context));
204
205 sprofile = context->profile;
206 context->profile = NULL;
207 ser_context(context);
208
209 context->profile = sprofile;
210 ser_context(context);
211
212 check(krb5_set_default_realm(context, "this.is.a.test"));
213 ser_context(context);
214
215 krb5_free_context(context);
216 }
217
218 static void
ser_acontext_test(void)219 ser_acontext_test(void)
220 {
221 krb5_auth_context actx;
222 krb5_address local_address;
223 krb5_address remote_address;
224 krb5_octet laddr_bytes[16];
225 krb5_octet raddr_bytes[16];
226 krb5_keyblock ukeyblock;
227 krb5_octet keydata[8];
228 krb5_authenticator aent;
229 char clname[128];
230 krb5_authdata *adatalist[3];
231 krb5_authdata adataent;
232
233 check(krb5_auth_con_init(NULL, &actx));
234 ser_auth_context(actx);
235
236 memset(&local_address, 0, sizeof(local_address));
237 memset(&remote_address, 0, sizeof(remote_address));
238 memset(laddr_bytes, 0, sizeof(laddr_bytes));
239 memset(raddr_bytes, 0, sizeof(raddr_bytes));
240 local_address.addrtype = ADDRTYPE_INET;
241 local_address.length = sizeof(laddr_bytes);
242 local_address.contents = laddr_bytes;
243 laddr_bytes[0] = 6;
244 laddr_bytes[1] = 2;
245 laddr_bytes[2] = 69;
246 laddr_bytes[3] = 16;
247 laddr_bytes[4] = 1;
248 laddr_bytes[5] = 0;
249 laddr_bytes[6] = 0;
250 laddr_bytes[7] = 127;
251 remote_address.addrtype = ADDRTYPE_INET;
252 remote_address.length = sizeof(raddr_bytes);
253 remote_address.contents = raddr_bytes;
254 raddr_bytes[0] = 6;
255 raddr_bytes[1] = 2;
256 raddr_bytes[2] = 70;
257 raddr_bytes[3] = 16;
258 raddr_bytes[4] = 1;
259 raddr_bytes[5] = 0;
260 raddr_bytes[6] = 0;
261 raddr_bytes[7] = 127;
262 check(krb5_auth_con_setaddrs(NULL, actx, &local_address, &remote_address));
263 check(krb5_auth_con_setports(NULL, actx, &local_address, &remote_address));
264 ser_auth_context(actx);
265
266 memset(&ukeyblock, 0, sizeof(ukeyblock));
267 memset(keydata, 0, sizeof(keydata));
268 ukeyblock.enctype = ENCTYPE_AES128_CTS_HMAC_SHA256_128;
269 ukeyblock.length = sizeof(keydata);
270 ukeyblock.contents = keydata;
271 keydata[0] = 0xde;
272 keydata[1] = 0xad;
273 keydata[2] = 0xbe;
274 keydata[3] = 0xef;
275 keydata[4] = 0xfe;
276 keydata[5] = 0xed;
277 keydata[6] = 0xf0;
278 keydata[7] = 0xd;
279 check(krb5_auth_con_setuseruserkey(NULL, actx, &ukeyblock));
280 ser_auth_context(actx);
281
282 check(krb5_auth_con_initivector(NULL, actx));
283 ser_auth_context(actx);
284
285 memset(&aent, 0, sizeof(aent));
286 aent.magic = KV5M_AUTHENTICATOR;
287 snprintf(clname, sizeof(clname),
288 "help/me/%d@this.is.a.test", (int)getpid());
289 actx->authentp = &aent;
290 check(krb5_parse_name(NULL, clname, &aent.client));
291 ser_auth_context(actx);
292
293 adataent.magic = KV5M_AUTHDATA;
294 adataent.ad_type = 123;
295 adataent.length = 128;
296 adataent.contents = (uint8_t *)stuff;
297 adatalist[0] = &adataent;
298 adatalist[1] = &adataent;
299 adatalist[2] = NULL;
300 aent.authorization_data = adatalist;
301 ser_auth_context(actx);
302
303 krb5_free_principal(NULL, aent.client);
304 actx->authentp = NULL;
305 krb5_auth_con_free(NULL, actx);
306 }
307
308 static void
ser_princ_test(void)309 ser_princ_test(void)
310 {
311 krb5_principal princ;
312 char pname[1024];
313
314 snprintf(pname, sizeof(pname),
315 "the/quick/brown/fox/jumped/over/the/lazy/dog/%d@this.is.a.test",
316 (int) getpid());
317 check(krb5_parse_name(NULL, pname, &princ));
318 ser_principal(princ);
319 krb5_free_principal(NULL, princ);
320 }
321
322 static void
ser_cksum_test(void)323 ser_cksum_test(void)
324 {
325 krb5_checksum checksum;
326 krb5_octet ckdata[24];
327
328 memset(&checksum, 0, sizeof(krb5_checksum));
329 checksum.magic = KV5M_CHECKSUM;
330 ser_checksum(&checksum);
331
332 checksum.checksum_type = 123;
333 checksum.length = sizeof(ckdata);
334 checksum.contents = ckdata;
335 memcpy(ckdata, &stuff, sizeof(ckdata));
336 ser_checksum(&checksum);
337 }
338
339 int
main(int argc,char ** argv)340 main(int argc, char **argv)
341 {
342 ser_context_test();
343 ser_acontext_test();
344 ser_princ_test();
345 ser_cksum_test();
346 return 0;
347 }
348