github.com/Psiphon-Labs/psiphon-tunnel-core@v2.0.28+incompatible/psiphon/upstreamproxy/go-ntlm/ntlm/signature_test.go

github.com/Psiphon-Labs/psiphon-tunnel-core@v2.0.28+incompatible/psiphon/upstreamproxy/go-ntlm/ntlm/signature_test.go (about)

     1  //Copyright 2013 Thomson Reuters Global Resources. BSD License please see License file for more information
     2  
     3  package ntlm
     4  
     5  import (
     6  	"bytes"
     7  	"encoding/hex"
     8  	"testing"
     9  )
    10  
    11  func checkSigValue(t *testing.T, name string, value []byte, expected string, err error) {
    12  	if err != nil {
    13  		t.Errorf("Signature %s received error: %s", name, err)
    14  	} else {
    15  		expectedBytes, _ := hex.DecodeString(expected)
    16  		if !bytes.Equal(expectedBytes, value) {
    17  			t.Errorf("Signature %s is not correct got %s expected %s", name, hex.EncodeToString(value), expected)
    18  		}
    19  	}
    20  }
    21  
    22  // 4.2.2.4 GSS_WrapEx Examples
    23  func TestSealWithoutExtendedSessionSecurity(t *testing.T) {
    24  	key, _ := hex.DecodeString("55555555555555555555555555555555")
    25  	handle, _ := rc4Init(key)
    26  	plaintext, _ := hex.DecodeString("50006c00610069006e007400650078007400")
    27  	seqNum := uint32(0)
    28  	flags := uint32(0)
    29  
    30  	sealed, sig := seal(flags, handle, nil, seqNum, plaintext)
    31  	checkSigValue(t, "Sealed message", sealed, "56fe04d861f9319af0d7238a2e3b4d457fb8", nil)
    32  	checkSigValue(t, "Randompad", sig.RandomPad, "00000000", nil)
    33  	checkSigValue(t, "RC4 Checksum", sig.CheckSum, "09dcd1df", nil)
    34  	checkSigValue(t, "Xor Seq", sig.SeqNum, "2e459d36", nil)
    35  }
    36  
    37  func TestSealSignWithExtendedSessionSecurity(t *testing.T) {
    38  	sealKey, _ := hex.DecodeString("04dd7f014d8504d265a25cc86a3a7c06")
    39  	signKey, _ := hex.DecodeString("60e799be5c72fc92922ae8ebe961fb8d")
    40  	handle, _ := rc4Init(sealKey)
    41  	plaintext, _ := hex.DecodeString("50006c00610069006e007400650078007400")
    42  	seqNum := uint32(0)
    43  	flags := uint32(0)
    44  	flags = NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY.Set(flags)
    45  
    46  	sealed, sig := seal(flags, handle, signKey, seqNum, plaintext)
    47  	checkSigValue(t, "Sealed Data", sealed, "a02372f6530273f3aa1eb90190ce5200c99d", nil)
    48  	checkSigValue(t, "CheckSum", sig.CheckSum, "ff2aeb52f681793a", nil)
    49  	checkSigValue(t, "Signature", sig.Bytes(), "01000000ff2aeb52f681793a00000000", nil)
    50  }
    51  
    52  func TestSealSignWithExtendedSessionSecurityKeyEx(t *testing.T) {
    53  	sealKey, _ := hex.DecodeString("59f600973cc4960a25480a7c196e4c58")
    54  	signKey, _ := hex.DecodeString("4788dc861b4782f35d43fd98fe1a2d39")
    55  	handle, _ := rc4Init(sealKey)
    56  	plaintext, _ := hex.DecodeString("50006c00610069006e007400650078007400")
    57  	seqNum := uint32(0)
    58  	flags := uint32(0)
    59  	flags = NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY.Set(flags)
    60  	flags = NTLMSSP_NEGOTIATE_KEY_EXCH.Set(flags)
    61  
    62  	sealed, sig := seal(flags, handle, signKey, seqNum, plaintext)
    63  	checkSigValue(t, "Sealed Data", sealed, "54e50165bf1936dc996020c1811b0f06fb5f", nil)
    64  	checkSigValue(t, "RC4 CheckSum", sig.CheckSum, "7fb38ec5c55d4976", nil)
    65  	checkSigValue(t, "Signature", sig.Bytes(), "010000007fb38ec5c55d497600000000", nil)
    66  }