xref: /freebsd/crypto/heimdal/lib/ntlm/test_ntlm.c (revision 39beb93c3f8bdbf72a61fda42300b5ebed7390c8)
1 /*
2  * Copyright (c) 2006 - 2007 Kungliga Tekniska H�gskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of KTH nor the names of its contributors may be
18  *    used to endorse or promote products derived from this software without
19  *    specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
22  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
25  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32  */
33 
34 #include "config.h"
35 
36 #include <stdio.h>
37 #include <err.h>
38 #include <roken.h>
39 #include <getarg.h>
40 
41 RCSID("$Id: test_ntlm.c 22377 2007-12-28 18:38:53Z lha $");
42 
43 #include <krb5.h>
44 #include <heimntlm.h>
45 
46 static int
47 test_parse(void)
48 {
49     const char *user = "foo",
50 	*domain = "mydomain",
51 	*password = "digestpassword",
52 	*target = "DOMAIN";
53     struct ntlm_type1 type1;
54     struct ntlm_type2 type2;
55     struct ntlm_type3 type3;
56     struct ntlm_buf data;
57     krb5_error_code ret;
58     int flags;
59 
60     memset(&type1, 0, sizeof(type1));
61 
62     type1.flags = NTLM_NEG_UNICODE|NTLM_NEG_TARGET|NTLM_NEG_NTLM;
63     type1.domain = rk_UNCONST(domain);
64     type1.hostname = NULL;
65     type1.os[0] = 0;
66     type1.os[1] = 0;
67 
68     ret = heim_ntlm_encode_type1(&type1, &data);
69     if (ret)
70 	errx(1, "heim_ntlm_encode_type1");
71 
72     memset(&type1, 0, sizeof(type1));
73 
74     ret = heim_ntlm_decode_type1(&data, &type1);
75     free(data.data);
76     if (ret)
77 	errx(1, "heim_ntlm_encode_type1");
78 
79     heim_ntlm_free_type1(&type1);
80 
81     /*
82      *
83      */
84 
85     memset(&type2, 0, sizeof(type2));
86 
87     flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;
88     type2.flags = flags;
89 
90     memset(type2.challange, 0x7f, sizeof(type2.challange));
91     type2.targetname = rk_UNCONST(target);
92     type2.targetinfo.data = NULL;
93     type2.targetinfo.length = 0;
94 
95     ret = heim_ntlm_encode_type2(&type2, &data);
96     if (ret)
97 	errx(1, "heim_ntlm_encode_type2");
98 
99     memset(&type2, 0, sizeof(type2));
100 
101     ret = heim_ntlm_decode_type2(&data, &type2);
102     free(data.data);
103     if (ret)
104 	errx(1, "heim_ntlm_decode_type2");
105 
106     heim_ntlm_free_type2(&type2);
107 
108     /*
109      *
110      */
111 
112     memset(&type3, 0, sizeof(type3));
113 
114     type3.flags = flags;
115     type3.username = rk_UNCONST(user);
116     type3.targetname = rk_UNCONST(target);
117     type3.ws = rk_UNCONST("workstation");
118 
119     {
120 	struct ntlm_buf key;
121 	heim_ntlm_nt_key(password, &key);
122 
123 	heim_ntlm_calculate_ntlm1(key.data, key.length,
124 				  type2.challange,
125 				  &type3.ntlm);
126 	free(key.data);
127     }
128 
129     ret = heim_ntlm_encode_type3(&type3, &data);
130     if (ret)
131 	errx(1, "heim_ntlm_encode_type3");
132 
133     free(type3.ntlm.data);
134 
135     memset(&type3, 0, sizeof(type3));
136 
137     ret = heim_ntlm_decode_type3(&data, 1, &type3);
138     free(data.data);
139     if (ret)
140 	errx(1, "heim_ntlm_decode_type3");
141 
142     if (strcmp("workstation", type3.ws) != 0)
143 	errx(1, "type3 ws wrong");
144 
145     if (strcmp(target, type3.targetname) != 0)
146 	errx(1, "type3 targetname wrong");
147 
148     if (strcmp(user, type3.username) != 0)
149 	errx(1, "type3 username wrong");
150 
151 
152     heim_ntlm_free_type3(&type3);
153 
154     /*
155      * NTLMv2
156      */
157 
158     memset(&type2, 0, sizeof(type2));
159 
160     flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;
161     type2.flags = flags;
162 
163     memset(type2.challange, 0x7f, sizeof(type2.challange));
164     type2.targetname = rk_UNCONST(target);
165     type2.targetinfo.data = "\x00\x00";
166     type2.targetinfo.length = 2;
167 
168     ret = heim_ntlm_encode_type2(&type2, &data);
169     if (ret)
170 	errx(1, "heim_ntlm_encode_type2");
171 
172     memset(&type2, 0, sizeof(type2));
173 
174     ret = heim_ntlm_decode_type2(&data, &type2);
175     free(data.data);
176     if (ret)
177 	errx(1, "heim_ntlm_decode_type2");
178 
179     heim_ntlm_free_type2(&type2);
180 
181     return 0;
182 }
183 
184 static int
185 test_keys(void)
186 {
187     const char
188 	*username = "test",
189 	*password = "test1234",
190 	*target = "TESTNT";
191     const unsigned char
192 	serverchallange[8] = "\x67\x7f\x1c\x55\x7a\x5e\xe9\x6c";
193     struct ntlm_buf infotarget, infotarget2, answer, key;
194     unsigned char ntlmv2[16], ntlmv2_1[16];
195     int ret;
196 
197     infotarget.length = 70;
198     infotarget.data =
199 	"\x02\x00\x0c\x00\x54\x00\x45\x00\x53\x00\x54\x00\x4e\x00\x54\x00"
200 	"\x01\x00\x0c\x00\x4d\x00\x45\x00\x4d\x00\x42\x00\x45\x00\x52\x00"
201 	"\x03\x00\x1e\x00\x6d\x00\x65\x00\x6d\x00\x62\x00\x65\x00\x72\x00"
202 	    "\x2e\x00\x74\x00\x65\x00\x73\x00\x74\x00\x2e\x00\x63\x00\x6f"
203 	    "\x00\x6d\x00"
204 	"\x00\x00\x00\x00";
205 
206     answer.length = 0;
207     answer.data = NULL;
208 
209     heim_ntlm_nt_key(password, &key);
210 
211     ret = heim_ntlm_calculate_ntlm2(key.data,
212 				    key.length,
213 				    username,
214 				    target,
215 				    serverchallange,
216 				    &infotarget,
217 				    ntlmv2,
218 				    &answer);
219     if (ret)
220 	errx(1, "heim_ntlm_calculate_ntlm2");
221 
222     ret = heim_ntlm_verify_ntlm2(key.data,
223 				 key.length,
224 				 username,
225 				 target,
226 				 0,
227 				 serverchallange,
228 				 &answer,
229 				 &infotarget2,
230 				 ntlmv2_1);
231     if (ret)
232 	errx(1, "heim_ntlm_verify_ntlm2");
233 
234     if (memcmp(ntlmv2, ntlmv2_1, sizeof(ntlmv2)) != 0)
235 	errx(1, "ntlm master key not same");
236 
237     if (infotarget.length > infotarget2.length)
238 	errx(1, "infotarget length");
239 
240     if (memcmp(infotarget.data, infotarget2.data, infotarget.length) != 0)
241 	errx(1, "infotarget not the same");
242 
243     free(key.data);
244     free(answer.data);
245     free(infotarget2.data);
246 
247     return 0;
248 }
249 
250 static int
251 test_ntlm2_session_resp(void)
252 {
253     int ret;
254     struct ntlm_buf lm, ntlm;
255 
256     const unsigned char lm_resp[24] =
257 	"\xff\xff\xff\x00\x11\x22\x33\x44"
258 	"\x00\x00\x00\x00\x00\x00\x00\x00"
259 	"\x00\x00\x00\x00\x00\x00\x00\x00";
260     const unsigned char ntlm2_sess_resp[24] =
261 	"\x10\xd5\x50\x83\x2d\x12\xb2\xcc"
262 	"\xb7\x9d\x5a\xd1\xf4\xee\xd3\xdf"
263 	"\x82\xac\xa4\xc3\x68\x1d\xd4\x55";
264 
265     const unsigned char client_nonce[8] =
266 	"\xff\xff\xff\x00\x11\x22\x33\x44";
267     const unsigned char server_challange[8] =
268 	"\x01\x23\x45\x67\x89\xab\xcd\xef";
269 
270     const unsigned char ntlm_hash[16] =
271 	"\xcd\x06\xca\x7c\x7e\x10\xc9\x9b"
272 	"\x1d\x33\xb7\x48\x5a\x2e\xd8\x08";
273 
274     ret = heim_ntlm_calculate_ntlm2_sess(client_nonce,
275 					 server_challange,
276 					 ntlm_hash,
277 					 &lm,
278 					 &ntlm);
279     if (ret)
280 	errx(1, "heim_ntlm_calculate_ntlm2_sess_resp");
281 
282     if (lm.length != 24 || memcmp(lm.data, lm_resp, 24) != 0)
283 	errx(1, "lm_resp wrong");
284     if (ntlm.length != 24 || memcmp(ntlm.data, ntlm2_sess_resp, 24) != 0)
285 	errx(1, "ntlm2_sess_resp wrong");
286 
287     free(lm.data);
288     free(ntlm.data);
289 
290 
291     return 0;
292 }
293 
294 static int version_flag = 0;
295 static int help_flag	= 0;
296 
297 static struct getargs args[] = {
298     {"version",	0,	arg_flag,	&version_flag, "print version", NULL },
299     {"help",	0,	arg_flag,	&help_flag,  NULL, NULL }
300 };
301 
302 static void
303 usage (int ret)
304 {
305     arg_printusage (args, sizeof(args)/sizeof(*args),
306 		    NULL, "");
307     exit (ret);
308 }
309 
310 int
311 main(int argc, char **argv)
312 {
313     int ret = 0, optind = 0;
314 
315     setprogname(argv[0]);
316 
317     if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind))
318 	usage(1);
319 
320     if (help_flag)
321 	usage (0);
322 
323     if(version_flag){
324 	print_version(NULL);
325 	exit(0);
326     }
327 
328     argc -= optind;
329     argv += optind;
330 
331     printf("test_parse\n");
332     ret += test_parse();
333     printf("test_keys\n");
334     ret += test_keys();
335     printf("test_ntlm2_session_resp\n");
336     ret += test_ntlm2_session_resp();
337 
338     return 0;
339 }
340