LCOV - code coverage report
Current view: top level - libcli/auth/tests - test_gnutls.c (source / functions) Hit Total Coverage
Test: coverage report for abartlet/fix-coverage dd10fb34 Lines: 86 87 98.9 %
Date: 2021-09-23 10:06:22 Functions: 13 13 100.0 %

          Line data    Source code
       1             : /*
       2             :  * Unix SMB/CIFS implementation.
       3             :  *
       4             :  * Copyright (C) 2019 Guenther Deschner <gd@samba.org>
       5             :  *
       6             :  * This program is free software; you can redistribute it and/or modify
       7             :  * it under the terms of the GNU General Public License as published by
       8             :  * the Free Software Foundation; either version 3 of the License, or
       9             :  * (at your option) any later version.
      10             :  *
      11             :  * This program is distributed in the hope that it will be useful,
      12             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      13             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      14             :  * GNU General Public License for more details.
      15             :  *
      16             :  * You should have received a copy of the GNU General Public License
      17             :  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
      18             :  */
      19             : 
      20             : #include <stdarg.h>
      21             : #include <stddef.h>
      22             : #include <stdint.h>
      23             : #include <setjmp.h>
      24             : #include <cmocka.h>
      25             : 
      26             : #include "includes.h"
      27             : #include "libcli/auth/libcli_auth.h"
      28             : 
      29             : #include "lib/crypto/gnutls_helpers.h"
      30             : #include <gnutls/gnutls.h>
      31             : #include <gnutls/crypto.h>
      32             : 
      33             : #if defined(HAVE_GNUTLS_AES_CFB8) && GNUTLS_VERSION_NUMBER > 0x03060a
      34             : static void torture_gnutls_aes_128_cfb_flags(void **state,
      35             :                                         const DATA_BLOB session_key,
      36             :                                         const DATA_BLOB seq_num_initial,
      37             :                                         const DATA_BLOB confounder_initial,
      38             :                                         const DATA_BLOB confounder_expected,
      39             :                                         const DATA_BLOB clear_initial,
      40             :                                         const DATA_BLOB crypt_expected)
      41             : {
      42             :         uint8_t confounder[8];
      43             :         DATA_BLOB io;
      44             :         gnutls_cipher_hd_t cipher_hnd = NULL;
      45             :         uint8_t sess_kf0[16] = {0};
      46             :         gnutls_datum_t key = {
      47             :                 .data = sess_kf0,
      48             :                 .size = sizeof(sess_kf0),
      49             :         };
      50             :         uint32_t iv_size =
      51             :                 gnutls_cipher_get_iv_size(GNUTLS_CIPHER_AES_128_CFB8);
      52             :         uint8_t _iv[iv_size];
      53             :         gnutls_datum_t iv = {
      54             :                 .data = _iv,
      55             :                 .size = iv_size,
      56             :         };
      57             :         uint32_t i;
      58             :         int rc;
      59             : 
      60             :         assert_int_equal(session_key.length, 16);
      61             :         assert_int_equal(seq_num_initial.length, 8);
      62             :         assert_int_equal(confounder_initial.length, 8);
      63             :         assert_int_equal(confounder_expected.length, 8);
      64             :         assert_int_equal(clear_initial.length, crypt_expected.length);
      65             : 
      66             :         DEBUG(0,("checking buffer size: %d\n", (int)clear_initial.length));
      67             : 
      68             :         io = data_blob_dup_talloc(NULL, clear_initial);
      69             :         assert_non_null(io.data);
      70             :         assert_int_equal(io.length, clear_initial.length);
      71             : 
      72             :         memcpy(confounder, confounder_initial.data, 8);
      73             : 
      74             :         DEBUG(0,("confounder before crypt:\n"));
      75             :         dump_data(0, confounder, 8);
      76             :         DEBUG(0,("initial seq num:\n"));
      77             :         dump_data(0, seq_num_initial.data, 8);
      78             :         DEBUG(0,("io data before crypt:\n"));
      79             :         dump_data(0, io.data, io.length);
      80             : 
      81             :         for (i = 0; i < key.size; i++) {
      82             :                 key.data[i] = session_key.data[i] ^ 0xf0;
      83             :         }
      84             : 
      85             :         ZERO_ARRAY(_iv);
      86             : 
      87             :         memcpy(iv.data + 0, seq_num_initial.data, 8);
      88             :         memcpy(iv.data + 8, seq_num_initial.data, 8);
      89             : 
      90             :         rc = gnutls_cipher_init(&cipher_hnd,
      91             :                                 GNUTLS_CIPHER_AES_128_CFB8,
      92             :                                 &key,
      93             :                                 &iv);
      94             :         assert_int_equal(rc, 0);
      95             : 
      96             :         rc = gnutls_cipher_encrypt(cipher_hnd,
      97             :                                    confounder,
      98             :                                    8);
      99             :         assert_int_equal(rc, 0);
     100             : 
     101             :         rc = gnutls_cipher_encrypt(cipher_hnd,
     102             :                                    io.data,
     103             :                                    io.length);
     104             :         assert_int_equal(rc, 0);
     105             : 
     106             :         DEBUG(0,("confounder after crypt:\n"));
     107             :         dump_data(0, confounder, 8);
     108             :         DEBUG(0,("initial seq num:\n"));
     109             :         dump_data(0, seq_num_initial.data, 8);
     110             :         DEBUG(0,("io data after crypt:\n"));
     111             :         dump_data(0, io.data, io.length);
     112             :         assert_memory_equal(io.data, crypt_expected.data, crypt_expected.length);
     113             :         assert_memory_equal(confounder, confounder_expected.data, confounder_expected.length);
     114             : 
     115             :         rc = gnutls_cipher_decrypt(cipher_hnd,
     116             :                                    confounder,
     117             :                                    8);
     118             :         assert_int_equal(rc, 0);
     119             : 
     120             :         rc = gnutls_cipher_decrypt(cipher_hnd,
     121             :                                    io.data,
     122             :                                    io.length);
     123             :         assert_int_equal(rc, 0);
     124             :         gnutls_cipher_deinit(cipher_hnd);
     125             : 
     126             :         DEBUG(0,("confounder after decrypt:\n"));
     127             :         dump_data(0, confounder, 8);
     128             :         DEBUG(0,("initial seq num:\n"));
     129             :         dump_data(0, seq_num_initial.data, 8);
     130             :         DEBUG(0,("io data after decrypt:\n"));
     131             :         dump_data(0, io.data, io.length);
     132             :         assert_memory_equal(io.data, clear_initial.data, clear_initial.length);
     133             :         assert_memory_equal(confounder, confounder_initial.data, confounder_initial.length);
     134             : }
     135             : #endif
     136             : 
     137           1 : static void torture_gnutls_aes_128_cfb(void **state)
     138             : {
     139             : #if defined(HAVE_GNUTLS_AES_CFB8) && GNUTLS_VERSION_NUMBER > 0x03060a
     140             :         const uint8_t _session_key[16] = {
     141             :                 0x8E, 0xE8, 0x27, 0x85, 0x83, 0x41, 0x3C, 0x8D,
     142             :                 0xC9, 0x54, 0x70, 0x75, 0x8E, 0xC9, 0x69, 0x91
     143             :         };
     144             :         const DATA_BLOB session_key = data_blob_const(_session_key, 16);
     145             :         const uint8_t _seq_num_initial[8] = {
     146             :                 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00
     147             :         };
     148             :         const DATA_BLOB seq_num_initial =
     149             :                 data_blob_const(_seq_num_initial, 8);
     150             :         const uint8_t _confounder_initial[8] = {
     151             :                 0x6E, 0x09, 0x25, 0x94, 0x01, 0xA0, 0x09, 0x31
     152             :         };
     153             :         const DATA_BLOB confounder_initial =
     154             :                 data_blob_const(_confounder_initial, 8);
     155             :         const uint8_t _confounder_expected[8] = {
     156             :                 0xCA, 0xFB, 0xAC, 0xFB, 0xA8, 0x26, 0x75, 0x2A
     157             :         };
     158             :         const DATA_BLOB confounder_expected =
     159             :                 data_blob_const(_confounder_expected, 8);
     160             :         const uint8_t _clear_initial[] = {
     161             :                 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00,
     162             :                 0x01, 0x00, 0x00, 0x00, 0x04, 0x00, 0x02, 0x00,
     163             :                 0x01, 0x00, 0x00, 0x00, 0x01, 0x01, 0x00, 0x00,
     164             :                 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
     165             :                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     166             :                 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     167             :                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     168             :                 0x8A, 0xE3, 0x13, 0x71, 0x02, 0xF4, 0x36, 0x71,
     169             :                 0x01, 0x00, 0x04, 0x00, 0x01, 0x00, 0x00, 0x00,
     170             :                 0x02, 0x40, 0x28, 0x00, 0x78, 0x57, 0x34, 0x12,
     171             :                 0x34, 0x12, 0xCD, 0xAB, 0xEF, 0x00, 0x01, 0x23,
     172             :                 0x45, 0x67, 0x89, 0xAB, 0x00, 0x00, 0x00, 0x00,
     173             :                 0x04, 0x5D, 0x88, 0x8A, 0xEB, 0x1C, 0xC9, 0x11,
     174             :                 0x9F, 0xE8, 0x08, 0x00, 0x2B, 0x10, 0x48, 0x60,
     175             :                 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     176             :                 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
     177             :         };
     178             :         const DATA_BLOB clear_initial = data_blob_const(_clear_initial,
     179             :                         sizeof(_clear_initial));
     180             :         const uint8_t crypt_buffer[] = {
     181             :                 0xE2, 0xE5, 0xE3, 0x26, 0x45, 0xFB, 0xFC, 0xF3,
     182             :                 0x9C, 0x14, 0xDD, 0xE1, 0x39, 0x23, 0xE0, 0x55,
     183             :                 0xED, 0x8F, 0xF4, 0x92, 0xA1, 0xBD, 0xDC, 0x40,
     184             :                 0x58, 0x6F, 0xD2, 0x5B, 0xF9, 0xC9, 0xA3, 0x87,
     185             :                 0x46, 0x4B, 0x7F, 0xB2, 0x03, 0xD2, 0x35, 0x22,
     186             :                 0x3E, 0x70, 0x9F, 0x1E, 0x3F, 0x1F, 0xDB, 0x7D,
     187             :                 0x79, 0x88, 0x5A, 0x3D, 0xD3, 0x40, 0x1E, 0x69,
     188             :                 0xD7, 0xE2, 0x1D, 0x5A, 0xE9, 0x3B, 0xE1, 0xE2,
     189             :                 0x98, 0xFD, 0xCB, 0x3A, 0xF7, 0xB5, 0x1C, 0xF8,
     190             :                 0xCA, 0x02, 0x00, 0x99, 0x9F, 0x0C, 0x01, 0xE6,
     191             :                 0xD2, 0x00, 0xAF, 0xE0, 0x51, 0x88, 0x62, 0x50,
     192             :                 0xB7, 0xE8, 0x6D, 0x63, 0x4B, 0x97, 0x05, 0xC1,
     193             :                 0xD4, 0x83, 0x96, 0x29, 0x80, 0xAE, 0xD8, 0xA2,
     194             :                 0xED, 0xC9, 0x5D, 0x0D, 0x29, 0xFF, 0x2C, 0x23,
     195             :                 0x02, 0xFA, 0x3B, 0xEE, 0xE8, 0xBA, 0x06, 0x01,
     196             :                 0x95, 0xDF, 0x80, 0x76, 0x0B, 0x17, 0x0E, 0xD8
     197             :         };
     198             :         const DATA_BLOB crypt_expected = data_blob_const(crypt_buffer,
     199             :                                                          sizeof(crypt_buffer));
     200             :         int buffer_sizes[] = {
     201             :                 0, 1, 3, 7, 8, 9, 15, 16, 17
     202             :         };
     203             :         int i;
     204             : 
     205             :         torture_gnutls_aes_128_cfb_flags(state,
     206             :                                     session_key,
     207             :                                     seq_num_initial,
     208             :                                     confounder_initial,
     209             :                                     confounder_expected,
     210             :                                     clear_initial,
     211             :                                     crypt_expected);
     212             : 
     213             :         /* repeat the test for varying buffer sizes */
     214             : 
     215             :         for (i = 0; i < ARRAY_SIZE(buffer_sizes); i++) {
     216             :                 DATA_BLOB clear_initial_trunc =
     217             :                         data_blob_const(clear_initial.data, buffer_sizes[i]);
     218             :                 DATA_BLOB crypt_expected_trunc =
     219             :                         data_blob_const(crypt_expected.data, buffer_sizes[i]);
     220             :                 torture_gnutls_aes_128_cfb_flags(state,
     221             :                                             session_key,
     222             :                                             seq_num_initial,
     223             :                                             confounder_initial,
     224             :                                             confounder_expected,
     225             :                                             clear_initial_trunc,
     226             :                                             crypt_expected_trunc);
     227             :         }
     228             : #endif
     229           1 : }
     230             : 
     231           1 : static void torture_gnutls_des_crypt56(void **state)
     232             : {
     233             :         static const uint8_t key[7] = {
     234             :                 0x69, 0x88, 0x96, 0x8E, 0xB5, 0x3A, 0x24
     235             :         };
     236             :         static const uint8_t clear[8] = {
     237             :                 0x3F, 0x49, 0x5B, 0x20, 0xA7, 0x84, 0xC2, 0x34
     238             :         };
     239             :         static const uint8_t crypt_expected[8] = {
     240             :                 0x54, 0x86, 0xCF, 0x51, 0x49, 0x3A, 0x53, 0x5B
     241             :         };
     242             : 
     243             :         uint8_t crypt[8];
     244             :         uint8_t decrypt[8];
     245             :         int rc;
     246             : 
     247           1 :         rc = des_crypt56_gnutls(crypt, clear, key, SAMBA_GNUTLS_ENCRYPT);
     248           1 :         assert_int_equal(rc, 0);
     249           1 :         assert_memory_equal(crypt, crypt_expected, 8);
     250             : 
     251           1 :         rc = des_crypt56_gnutls(decrypt, crypt, key, SAMBA_GNUTLS_DECRYPT);
     252           1 :         assert_int_equal(rc, 0);
     253           1 :         assert_memory_equal(decrypt, clear, 8);
     254           1 : }
     255             : 
     256           1 : static void torture_gnutls_E_P16(void **state)
     257             : {
     258             :         static const uint8_t key[14] = {
     259             :                 0x98, 0xFD, 0xCB, 0x3A, 0xF7, 0xB5, 0x1C, 0xF8,
     260             :                 0x69, 0x88, 0x96, 0x8E, 0xB5, 0x3A
     261             :         };
     262           1 :         uint8_t buffer[16] = {
     263             :                 0x9C, 0x14, 0xDD, 0xE1, 0x39, 0x23, 0xE0, 0x55,
     264             :                 0x3F, 0x49, 0x5B, 0x20, 0xA7, 0x84, 0xC2, 0x34
     265             :         };
     266             :         static const uint8_t crypt_expected[16] = {
     267             :                 0x41, 0x4A, 0x7B, 0xEA, 0xAB, 0xBB, 0x95, 0xCE,
     268             :                 0x1D, 0xEA, 0xD9, 0xFF, 0xB0, 0xA9, 0xA4, 0x05
     269             :         };
     270             : 
     271             :         int rc;
     272             : 
     273           1 :         rc = E_P16(key, buffer);
     274           1 :         assert_int_equal(rc, 0);
     275           1 :         assert_memory_equal(buffer, crypt_expected, 16);
     276           1 : }
     277             : 
     278           1 : static void torture_gnutls_E_P24(void **state)
     279             : {
     280             :         static const uint8_t key[21] = {
     281             :                 0xFB, 0x67, 0x99, 0xA4, 0x83, 0xF3, 0xD4, 0xED,
     282             :                 0x98, 0xFD, 0xCB, 0x3A, 0xF7, 0xB5, 0x1C, 0xF8,
     283             :                 0x69, 0x88, 0x96, 0x8E, 0x3A
     284             :         };
     285           1 :         const uint8_t c8[8] = {
     286             :                 0x44, 0xFB, 0xAC, 0xFB, 0x83, 0xB6, 0x75, 0x2A
     287             :         };
     288             :         static const uint8_t crypt_expected[24] = {
     289             :                 0x1A, 0x5E, 0x11, 0xA1, 0x59, 0xA9, 0x6B, 0x4E,
     290             :                 0x12, 0x5D, 0x81, 0x75, 0xA6, 0x62, 0x15, 0x6D,
     291             :                 0x5D, 0x20, 0x25, 0xC1, 0xA3, 0x92, 0xB3, 0x28
     292             :         };
     293             : 
     294             :         uint8_t crypt[24];
     295             :         int rc;
     296             : 
     297           1 :         rc = E_P24(key, c8, crypt);
     298           1 :         assert_int_equal(rc, 0);
     299           1 :         assert_memory_equal(crypt, crypt_expected, 24);
     300           1 : }
     301             : 
     302           1 : static void torture_gnutls_SMBOWFencrypt(void **state)
     303             : {
     304             :         static const uint8_t password[16] = {
     305             :                 'M', 'y', 'p', 'a', 's', 's', 'w', 'o',
     306             :                 'r', 'd', 'i', 's', '1', '1', '1', '1'
     307             :         };
     308           1 :         const uint8_t c8[8] = {
     309             :                 0x79, 0x88, 0x5A, 0x3D, 0xD3, 0x40, 0x1E, 0x69
     310             :         };
     311             :         static const uint8_t crypt_expected[24] = {
     312             :                 0x3F, 0xE3, 0x53, 0x75, 0x81, 0xB4, 0xF0, 0xE7,
     313             :                 0x0C, 0xDE, 0xCD, 0xAE, 0x39, 0x1F, 0x14, 0xB4,
     314             :                 0xA4, 0x2B, 0x3E, 0x39, 0x16, 0xFD, 0x1D, 0x62
     315             :         };
     316             : 
     317             :         uint8_t crypt[24];
     318             :         int rc;
     319             : 
     320           1 :         rc = SMBOWFencrypt(password, c8, crypt);
     321           1 :         assert_int_equal(rc, 0);
     322           1 :         assert_memory_equal(crypt, crypt_expected, 24);
     323           1 : }
     324             : 
     325           1 : static void torture_gnutls_E_old_pw_hash(void **state)
     326             : {
     327             :         static uint8_t key[14] = {
     328             :                 0x98, 0xFD, 0xCB, 0x3A, 0xF7, 0xB5, 0x1C, 0xF8,
     329             :                 0x69, 0x88, 0x96, 0x8E, 0xB5, 0x3A
     330             :         };
     331           1 :         uint8_t clear[16] = {
     332             :                 0x9C, 0x14, 0xDD, 0xE1, 0x39, 0x23, 0xE0, 0x55,
     333             :                 0x3F, 0x49, 0x5B, 0x20, 0xA7, 0x84, 0xC2, 0x34
     334             :         };
     335             :         static const uint8_t crypt_expected[16] = {
     336             :                 0x6A, 0xC7, 0x08, 0xCA, 0x2A, 0xC1, 0xAA, 0x64,
     337             :                 0x37, 0xEF, 0xBE, 0x58, 0xC2, 0x59, 0x33, 0xEC
     338             :         };
     339             :         uint8_t crypt[16];
     340             :         int rc;
     341             : 
     342           1 :         rc = E_old_pw_hash(key, clear, crypt);
     343           1 :         assert_int_equal(rc, 0);
     344           1 :         assert_memory_equal(crypt, crypt_expected, 16);
     345           1 : }
     346             : 
     347           1 : static void torture_gnutls_des_crypt128(void **state)
     348             : {
     349             :         static uint8_t key[16] = {
     350             :                 0x98, 0xFD, 0xCB, 0x3A, 0xF7, 0xB5, 0x1C, 0xF8,
     351             :                 0xA9, 0x69, 0x88, 0x96, 0x8E, 0xB5, 0x3A, 0x24
     352             :         };
     353             :         static const uint8_t clear[8] = {
     354             :                 0x3F, 0x49, 0x5B, 0x20, 0xA7, 0x84, 0xC2, 0x34
     355             :         };
     356             :         static const uint8_t crypt_expected[8] = {
     357             :                 0x4C, 0xB4, 0x4B, 0xD3, 0xC8, 0xC1, 0xA5, 0x50
     358             :         };
     359             : 
     360             :         uint8_t crypt[8];
     361             :         int rc;
     362             : 
     363           1 :         rc = des_crypt128(crypt, clear, key);
     364           1 :         assert_int_equal(rc, 0);
     365           1 :         assert_memory_equal(crypt, crypt_expected, 8);
     366           1 : }
     367             : 
     368           1 : static void torture_gnutls_des_crypt112(void **state)
     369             : {
     370             :         static uint8_t key[14] = {
     371             :                 0x98, 0xFD, 0xCB, 0x3A, 0xF7, 0xB5, 0x1C, 0xF8,
     372             :                 0x88, 0x96, 0x8E, 0xB5, 0x3A, 0x24
     373             :         };
     374             :         static const uint8_t clear[8] = {
     375             :                 0x2F, 0x49, 0x5B, 0x20, 0xD7, 0x84, 0xC2, 0x34
     376             :         };
     377             :         static const uint8_t crypt_expected[8] = {
     378             :                 0x87, 0x35, 0xFA, 0xA4, 0x5D, 0x7A, 0xA5, 0x05
     379             :         };
     380             : 
     381             :         uint8_t crypt[8];
     382             :         uint8_t decrypt[8];
     383             :         int rc;
     384             : 
     385           1 :         rc = des_crypt112(crypt, clear, key, SAMBA_GNUTLS_ENCRYPT);
     386           1 :         assert_int_equal(rc, 0);
     387           1 :         assert_memory_equal(crypt, crypt_expected, 8);
     388             : 
     389           1 :         rc = des_crypt112(decrypt, crypt, key, SAMBA_GNUTLS_DECRYPT);
     390           1 :         assert_int_equal(rc, 0);
     391           1 :         assert_memory_equal(decrypt, clear, 8);
     392           1 : }
     393             : 
     394           1 : static void torture_gnutls_des_crypt112_16(void **state)
     395             : {
     396             :         static uint8_t key[14] = {
     397             :                 0x1E, 0x38, 0x27, 0x5B, 0x3B, 0xB8, 0x67, 0xEB,
     398             :                 0x88, 0x96, 0x8E, 0xB5, 0x3A, 0x24
     399             :         };
     400             :         static const uint8_t clear[16] = {
     401             :                 0x02, 0xFA, 0x3B, 0xEE, 0xE8, 0xBA, 0x06, 0x01,
     402             :                 0xFB, 0x67, 0x99, 0xA4, 0x83, 0xF3, 0xD4, 0xED
     403             :         };
     404             :         static const uint8_t crypt_expected[16] = {
     405             :                 0x3C, 0x10, 0x37, 0x67, 0x96, 0x95, 0xF7, 0x96,
     406             :                 0xAA, 0x03, 0xB9, 0xEA, 0xD6, 0xB3, 0xC3, 0x2D
     407             :         };
     408             : 
     409             :         uint8_t crypt[16];
     410             :         uint8_t decrypt[16];
     411             :         int rc;
     412             : 
     413           1 :         rc = des_crypt112_16(crypt, clear, key, SAMBA_GNUTLS_ENCRYPT);
     414           1 :         assert_int_equal(rc, 0);
     415           1 :         assert_memory_equal(crypt, crypt_expected, 16);
     416             : 
     417           1 :         rc = des_crypt112_16(decrypt, crypt, key, SAMBA_GNUTLS_DECRYPT);
     418           1 :         assert_int_equal(rc, 0);
     419           1 :         assert_memory_equal(decrypt, clear, 16);
     420           1 : }
     421             : 
     422           1 : static void torture_gnutls_sam_rid_crypt(void **state)
     423             : {
     424             :         static const uint8_t clear[16] = {
     425             :                 0x02, 0xFA, 0x3B, 0xEE, 0xE8, 0xBA, 0x06, 0x01,
     426             :                 0x3F, 0x49, 0x5B, 0x20, 0xA7, 0x84, 0xC2, 0x34
     427             :         };
     428             :         static const uint8_t crypt_expected[16] = {
     429             :                 0x1E, 0x38, 0x27, 0x5B, 0x3B, 0xB8, 0x67, 0xEB,
     430             :                 0xFB, 0x67, 0x99, 0xA4, 0x83, 0xF3, 0xD4, 0xED
     431             :         };
     432             : 
     433             :         uint8_t crypt[16];
     434             :         uint8_t decrypt[16];
     435           1 :         int rid = 500;
     436             :         int rc;
     437             : 
     438           1 :         rc = sam_rid_crypt(rid, clear, crypt, SAMBA_GNUTLS_ENCRYPT);
     439           1 :         assert_int_equal(rc, 0);
     440           1 :         assert_memory_equal(crypt, crypt_expected, 16);
     441             : 
     442           1 :         rc = sam_rid_crypt(rid, crypt, decrypt, SAMBA_GNUTLS_DECRYPT);
     443           1 :         assert_int_equal(rc, 0);
     444           1 :         assert_memory_equal(decrypt, clear, 16);
     445           1 : }
     446             : 
     447           1 : static void torture_gnutls_SMBsesskeygen_lm_sess_key(void **state)
     448             : {
     449             :         static const uint8_t lm_hash[16] = {
     450             :                 0xFB, 0x67, 0x99, 0xA4, 0x83, 0xF3, 0xD4, 0xED,
     451             :                 0x9C, 0x14, 0xDD, 0xE1, 0x39, 0x23, 0xE0, 0x55
     452             :         };
     453             :         static const uint8_t lm_resp[24] = {
     454             :                 0x02, 0xFA, 0x3B, 0xEE, 0xE8, 0xBA, 0x06, 0x01,
     455             :                 0x02, 0xFA, 0x3B, 0xEE, 0xE8, 0xBA, 0x06, 0x01,
     456             :                 0x1E, 0x38, 0x27, 0x5B, 0x3B, 0xB8, 0x67, 0xEB
     457             :         };
     458             :         static const uint8_t crypt_expected[16] = {
     459             :                 0x52, 0x8D, 0xB2, 0xD3, 0x89, 0x83, 0xFB, 0x9C,
     460             :                 0x96, 0x45, 0x15, 0x4B, 0xC3, 0xF5, 0xD5, 0x7F
     461             :         };
     462             : 
     463             :         uint8_t crypt_sess_key[16];
     464             :         NTSTATUS status;
     465             : 
     466           1 :         status = SMBsesskeygen_lm_sess_key(lm_hash, lm_resp, crypt_sess_key);
     467           1 :         assert_true(NT_STATUS_IS_OK(status));
     468           1 :         assert_memory_equal(crypt_sess_key, crypt_expected, 16);
     469           1 : }
     470             : 
     471           1 : static void torture_gnutls_sess_crypt_blob(void **state)
     472             : {
     473             :         static uint8_t _key[16] = {
     474             :                 0x1E, 0x38, 0x27, 0x5B, 0x3B, 0xB8, 0x67, 0xEB,
     475             :                 0xFA, 0xEE, 0xE8, 0xBA, 0x06, 0x01, 0x2D, 0x95
     476             :         };
     477           1 :         DATA_BLOB key = data_blob_const(_key, 16);
     478             :         static const uint8_t _clear[24] = {
     479             :                 0x98, 0xFD, 0xCB, 0x3A, 0xF7, 0xB5, 0x1C, 0xF8,
     480             :                 0x02, 0xFA, 0x3B, 0xEE, 0xE8, 0xBA, 0x06, 0x01,
     481             :                 0x3F, 0x49, 0x5B, 0x20, 0xA7, 0x84, 0xC2, 0x34
     482             :         };
     483           1 :         DATA_BLOB clear = data_blob_const(_clear, 24);
     484             :         static const uint8_t crypt_expected[24] = {
     485             :                 0x2B, 0xDD, 0x3B, 0xFA, 0x48, 0xC9, 0x63, 0x56,
     486             :                 0xAE, 0x8B, 0x3E, 0xCF, 0xEF, 0xDF, 0x7A, 0x42,
     487             :                 0xB3, 0x00, 0x71, 0x7F, 0x5D, 0x1D, 0xE4, 0x70
     488             :         };
     489           1 :         DATA_BLOB crypt = data_blob(NULL, 24);
     490           1 :         DATA_BLOB decrypt = data_blob(NULL, 24);
     491             :         int rc;
     492             : 
     493           1 :         rc = sess_crypt_blob(&crypt, &clear, &key, SAMBA_GNUTLS_ENCRYPT);
     494           1 :         assert_int_equal(rc, 0);
     495           1 :         assert_memory_equal(crypt.data, crypt_expected, 24);
     496             : 
     497           1 :         rc = sess_crypt_blob(&decrypt, &crypt, &key, SAMBA_GNUTLS_DECRYPT);
     498           1 :         assert_int_equal(rc, 0);
     499           1 :         assert_memory_equal(decrypt.data, clear.data, 24);
     500           1 : }
     501             : 
     502           1 : int main(int argc, char *argv[])
     503             : {
     504             :         int rc;
     505           1 :         const struct CMUnitTest tests[] = {
     506             :                 cmocka_unit_test(torture_gnutls_aes_128_cfb),
     507             :                 cmocka_unit_test(torture_gnutls_des_crypt56),
     508             :                 cmocka_unit_test(torture_gnutls_E_P16),
     509             :                 cmocka_unit_test(torture_gnutls_E_P24),
     510             :                 cmocka_unit_test(torture_gnutls_SMBOWFencrypt),
     511             :                 cmocka_unit_test(torture_gnutls_E_old_pw_hash),
     512             :                 cmocka_unit_test(torture_gnutls_des_crypt128),
     513             :                 cmocka_unit_test(torture_gnutls_des_crypt112),
     514             :                 cmocka_unit_test(torture_gnutls_des_crypt112_16),
     515             :                 cmocka_unit_test(torture_gnutls_sam_rid_crypt),
     516             :                 cmocka_unit_test(torture_gnutls_SMBsesskeygen_lm_sess_key),
     517             :                 cmocka_unit_test(torture_gnutls_sess_crypt_blob),
     518             :         };
     519             : 
     520           1 :         if (argc == 2) {
     521           0 :                 cmocka_set_test_filter(argv[1]);
     522             :         }
     523           1 :         cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
     524             : 
     525           1 :         rc = cmocka_run_group_tests(tests, NULL, NULL);
     526             : 
     527             :         return rc;
     528             : }

Generated by: LCOV version 1.13