github.com/jcmturner/gokrb5/v8@v8.4.4/messages/KDCReq_test.go (about) 1 package messages 2 3 import ( 4 "encoding/hex" 5 "fmt" 6 "testing" 7 "time" 8 9 "github.com/jcmturner/gokrb5/v8/iana" 10 "github.com/jcmturner/gokrb5/v8/iana/addrtype" 11 "github.com/jcmturner/gokrb5/v8/iana/msgtype" 12 "github.com/jcmturner/gokrb5/v8/iana/nametype" 13 "github.com/jcmturner/gokrb5/v8/iana/patype" 14 "github.com/jcmturner/gokrb5/v8/test/testdata" 15 "github.com/stretchr/testify/assert" 16 ) 17 18 func TestUnmarshalKDCReqBody(t *testing.T) { 19 t.Parallel() 20 var a KDCReqBody 21 b, err := hex.DecodeString(testdata.MarshaledKRB5kdc_req_body) 22 if err != nil { 23 t.Fatalf("Test vector read error: %v", err) 24 } 25 err = a.Unmarshal(b) 26 if err != nil { 27 t.Fatalf("Unmarshal error: %v", err) 28 } 29 //Parse the test time value into a time.Time type 30 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 31 32 assert.Equal(t, "fedcba90", hex.EncodeToString(a.KDCOptions.Bytes), "Request body flags not as expected") 33 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.CName.NameType, "Request body CName NameType not as expected") 34 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(a.CName.NameString), "Request body CName does not have the expected number of NameStrings") 35 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.CName.NameString, "Request body CName entries not as expected") 36 assert.Equal(t, testdata.TEST_REALM, a.Realm, "Request body Realm not as expected") 37 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.SName.NameType, "Request body SName nametype not as expected") 38 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(a.SName.NameString), "Request body SName does not have the expected number of NameStrings") 39 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.SName.NameString, "Request body SName entries not as expected") 40 assert.Equal(t, tt, a.From, "Request body From time not as expected") 41 assert.Equal(t, tt, a.Till, "Request body Till time not as expected") 42 assert.Equal(t, tt, a.RTime, "Request body RTime time not as expected") 43 assert.Equal(t, testdata.TEST_NONCE, a.Nonce, "Request body nounce not as expected") 44 assert.Equal(t, []int32{0, 1}, a.EType, "Etype list not as expected") 45 assert.Equal(t, 2, len(a.Addresses), "Number of client addresses not as expected") 46 for i, addr := range a.Addresses { 47 assert.Equal(t, addrtype.IPv4, addr.AddrType, fmt.Sprintf("Host address type not as expected for address item %d", i+1)) 48 assert.Equal(t, "12d00023", hex.EncodeToString(addr.Address), fmt.Sprintf("Host address not as expected for address item %d", i+1)) 49 } 50 assert.Equal(t, testdata.TEST_ETYPE, a.EncAuthData.EType, "Etype of request body encrypted authorization data not as expected") 51 assert.Equal(t, iana.PVNO, a.EncAuthData.KVNO, "KVNO of request body encrypted authorization data not as expected") 52 assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), a.EncAuthData.Cipher, "Ciphertext of request body encrypted authorization data not as expected") 53 assert.Equal(t, 2, len(a.AdditionalTickets), "Number of additional tickets not as expected") 54 for i, tkt := range a.AdditionalTickets { 55 assert.Equal(t, iana.PVNO, tkt.TktVNO, fmt.Sprintf("Additional ticket (%v) ticket-vno not as expected", i+1)) 56 assert.Equal(t, testdata.TEST_REALM, tkt.Realm, fmt.Sprintf("Additional ticket (%v) realm not as expected", i+1)) 57 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, tkt.SName.NameType, fmt.Sprintf("Additional ticket (%v) SName NameType not as expected", i+1)) 58 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(tkt.SName.NameString), fmt.Sprintf("Additional ticket (%v) SName does not have the expected number of NameStrings", i+1)) 59 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, tkt.SName.NameString, fmt.Sprintf("Additional ticket (%v) SName name string entries not as expected", i+1)) 60 assert.Equal(t, testdata.TEST_ETYPE, tkt.EncPart.EType, fmt.Sprintf("Additional ticket (%v) encPart etype not as expected", i+1)) 61 assert.Equal(t, iana.PVNO, tkt.EncPart.KVNO, fmt.Sprintf("Additional ticket (%v) encPart KVNO not as expected", i+1)) 62 assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), tkt.EncPart.Cipher, fmt.Sprintf("Additional ticket (%v) encPart cipher not as expected", i+1)) 63 } 64 } 65 66 func TestUnmarshalKDCReqBody_optionalsNULLexceptsecond_ticket(t *testing.T) { 67 t.Parallel() 68 var a KDCReqBody 69 b, err := hex.DecodeString(testdata.MarshaledKRB5kdc_req_bodyOptionalsNULLexceptsecond_ticket) 70 if err != nil { 71 t.Fatalf("Test vector read error: %v", err) 72 } 73 err = a.Unmarshal(b) 74 if err != nil { 75 t.Fatalf("Unmarshal error: %v", err) 76 } 77 //Parse the test time value into a time.Time type 78 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 79 80 assert.Equal(t, "fedcba98", hex.EncodeToString(a.KDCOptions.Bytes), "Request body flags not as expected") 81 assert.Equal(t, testdata.TEST_REALM, a.Realm, "Request body Realm not as expected") 82 assert.Equal(t, tt, a.Till, "Request body Till time not as expected") 83 assert.Equal(t, testdata.TEST_NONCE, a.Nonce, "Request body nounce not as expected") 84 assert.Equal(t, []int32{0, 1}, a.EType, "Etype list not as expected") 85 assert.Equal(t, 0, len(a.Addresses), "Number of client addresses not empty") 86 assert.Equal(t, 0, len(a.EncAuthData.Cipher), "Ciphertext of request body encrypted authorization data not empty") 87 assert.Equal(t, 2, len(a.AdditionalTickets), "Number of additional tickets not as expected") 88 for i, tkt := range a.AdditionalTickets { 89 assert.Equal(t, iana.PVNO, tkt.TktVNO, fmt.Sprintf("Additional ticket (%v) ticket-vno not as expected", i+1)) 90 assert.Equal(t, testdata.TEST_REALM, tkt.Realm, fmt.Sprintf("Additional ticket (%v) realm not as expected", i+1)) 91 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, tkt.SName.NameType, fmt.Sprintf("Additional ticket (%v) SName NameType not as expected", i+1)) 92 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(tkt.SName.NameString), fmt.Sprintf("Additional ticket (%v) SName does not have the expected number of NameStrings", i+1)) 93 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, tkt.SName.NameString, fmt.Sprintf("Additional ticket (%v) SName name string entries not as expected", i+1)) 94 assert.Equal(t, testdata.TEST_ETYPE, tkt.EncPart.EType, fmt.Sprintf("Additional ticket (%v) encPart etype not as expected", i+1)) 95 assert.Equal(t, iana.PVNO, tkt.EncPart.KVNO, fmt.Sprintf("Additional ticket (%v) encPart KVNO not as expected", i+1)) 96 assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), tkt.EncPart.Cipher, fmt.Sprintf("Additional ticket (%v) encPart cipher not as expected", i+1)) 97 } 98 } 99 100 func TestUnmarshalKDCReqBody_optionalsNULLexceptserver(t *testing.T) { 101 t.Parallel() 102 var a KDCReqBody 103 b, err := hex.DecodeString(testdata.MarshaledKRB5kdc_req_bodyOptionalsNULLexceptserver) 104 if err != nil { 105 t.Fatalf("Test vector read error: %v", err) 106 } 107 err = a.Unmarshal(b) 108 if err != nil { 109 t.Fatalf("Unmarshal error: %v", err) 110 } 111 //Parse the test time value into a time.Time type 112 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 113 114 assert.Equal(t, "fedcba90", hex.EncodeToString(a.KDCOptions.Bytes), "Request body flags not as expected") 115 assert.Equal(t, testdata.TEST_REALM, a.Realm, "Request body Realm not as expected") 116 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.SName.NameType, "Request body SName nametype not as expected") 117 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(a.SName.NameString), "Request body SName does not have the expected number of NameStrings") 118 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.SName.NameString, "Request body SName entries not as expected") 119 assert.Equal(t, tt, a.Till, "Request body Till time not as expected") 120 assert.Equal(t, testdata.TEST_NONCE, a.Nonce, "Request body nounce not as expected") 121 assert.Equal(t, []int32{0, 1}, a.EType, "Etype list not as expected") 122 assert.Equal(t, 0, len(a.Addresses), "Number of client addresses not empty") 123 assert.Equal(t, 0, len(a.EncAuthData.Cipher), "Ciphertext of request body encrypted authorization data not empty") 124 assert.Equal(t, 0, len(a.AdditionalTickets), "Number of additional tickets not empty") 125 } 126 127 func TestUnmarshalASReq(t *testing.T) { 128 t.Parallel() 129 var a ASReq 130 b, err := hex.DecodeString(testdata.MarshaledKRB5as_req) 131 if err != nil { 132 t.Fatalf("Test vector read error: %v", err) 133 } 134 err = a.Unmarshal(b) 135 if err != nil { 136 t.Fatalf("Unmarshal error: %v", err) 137 } 138 //Parse the test time value into a time.Time type 139 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 140 141 assert.Equal(t, iana.PVNO, a.PVNO, "PVNO not as expected") 142 assert.Equal(t, msgtype.KRB_AS_REQ, a.MsgType, "Message ID not as expected") 143 assert.Equal(t, 2, len(a.PAData), "Number of PAData items in the sequence not as expected") 144 for i, pa := range a.PAData { 145 assert.Equal(t, patype.PA_SAM_RESPONSE, pa.PADataType, fmt.Sprintf("PAData type for entry %d not as expected", i+1)) 146 assert.Equal(t, []byte(testdata.TEST_PADATA_VALUE), pa.PADataValue, fmt.Sprintf("PAData valye for entry %d not as expected", i+1)) 147 } 148 assert.Equal(t, "fedcba90", hex.EncodeToString(a.ReqBody.KDCOptions.Bytes), "Request body flags not as expected") 149 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.ReqBody.CName.NameType, "Request body CName NameType not as expected") 150 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(a.ReqBody.CName.NameString), "Request body CName does not have the expected number of NameStrings") 151 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.ReqBody.CName.NameString, "Request body CName entries not as expected") 152 assert.Equal(t, testdata.TEST_REALM, a.ReqBody.Realm, "Request body Realm not as expected") 153 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.ReqBody.SName.NameType, "Request body SName nametype not as expected") 154 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(a.ReqBody.SName.NameString), "Request body SName does not have the expected number of NameStrings") 155 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.ReqBody.SName.NameString, "Request body SName entries not as expected") 156 assert.Equal(t, tt, a.ReqBody.From, "Request body From time not as expected") 157 assert.Equal(t, tt, a.ReqBody.Till, "Request body Till time not as expected") 158 assert.Equal(t, tt, a.ReqBody.RTime, "Request body RTime time not as expected") 159 assert.Equal(t, testdata.TEST_NONCE, a.ReqBody.Nonce, "Request body nounce not as expected") 160 assert.Equal(t, []int32{0, 1}, a.ReqBody.EType, "Etype list not as expected") 161 assert.Equal(t, 2, len(a.ReqBody.Addresses), "Number of client addresses not as expected") 162 for i, addr := range a.ReqBody.Addresses { 163 assert.Equal(t, addrtype.IPv4, addr.AddrType, fmt.Sprintf("Host address type not as expected for address item %d", i+1)) 164 assert.Equal(t, "12d00023", hex.EncodeToString(addr.Address), fmt.Sprintf("Host address not as expected for address item %d", i+1)) 165 } 166 assert.Equal(t, testdata.TEST_ETYPE, a.ReqBody.EncAuthData.EType, "Etype of request body encrypted authorization data not as expected") 167 assert.Equal(t, iana.PVNO, a.ReqBody.EncAuthData.KVNO, "KVNO of request body encrypted authorization data not as expected") 168 assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), a.ReqBody.EncAuthData.Cipher, "Ciphertext of request body encrypted authorization data not as expected") 169 assert.Equal(t, 2, len(a.ReqBody.AdditionalTickets), "Number of additional tickets not as expected") 170 for i, tkt := range a.ReqBody.AdditionalTickets { 171 assert.Equal(t, iana.PVNO, tkt.TktVNO, fmt.Sprintf("Additional ticket (%v) ticket-vno not as expected", i+1)) 172 assert.Equal(t, testdata.TEST_REALM, tkt.Realm, fmt.Sprintf("Additional ticket (%v) realm not as expected", i+1)) 173 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, tkt.SName.NameType, fmt.Sprintf("Additional ticket (%v) SName NameType not as expected", i+1)) 174 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(tkt.SName.NameString), fmt.Sprintf("Additional ticket (%v) SName does not have the expected number of NameStrings", i+1)) 175 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, tkt.SName.NameString, fmt.Sprintf("Additional ticket (%v) SName name string entries not as expected", i+1)) 176 assert.Equal(t, testdata.TEST_ETYPE, tkt.EncPart.EType, fmt.Sprintf("Additional ticket (%v) encPart etype not as expected", i+1)) 177 assert.Equal(t, iana.PVNO, tkt.EncPart.KVNO, fmt.Sprintf("Additional ticket (%v) encPart KVNO not as expected", i+1)) 178 assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), tkt.EncPart.Cipher, fmt.Sprintf("Additional ticket (%v) encPart cipher not as expected", i+1)) 179 } 180 } 181 182 func TestUnmarshalASReq_optionalsNULLexceptsecond_ticket(t *testing.T) { 183 t.Parallel() 184 var a ASReq 185 b, err := hex.DecodeString(testdata.MarshaledKRB5as_reqOptionalsNULLexceptsecond_ticket) 186 if err != nil { 187 t.Fatalf("Test vector read error: %v", err) 188 } 189 err = a.Unmarshal(b) 190 if err != nil { 191 t.Fatalf("Unmarshal error: %v", err) 192 } 193 //Parse the test time value into a time.Time type 194 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 195 196 assert.Equal(t, iana.PVNO, a.PVNO, "PVNO not as expected") 197 assert.Equal(t, msgtype.KRB_AS_REQ, a.MsgType, "Message ID not as expected") 198 assert.Equal(t, 0, len(a.PAData), "Number of PAData items in the sequence not as expected") 199 assert.Equal(t, "fedcba98", hex.EncodeToString(a.ReqBody.KDCOptions.Bytes), "Request body flags not as expected") 200 assert.Equal(t, testdata.TEST_REALM, a.ReqBody.Realm, "Request body Realm not as expected") 201 assert.Equal(t, tt, a.ReqBody.Till, "Request body Till time not as expected") 202 assert.Equal(t, testdata.TEST_NONCE, a.ReqBody.Nonce, "Request body nounce not as expected") 203 assert.Equal(t, []int32{0, 1}, a.ReqBody.EType, "Etype list not as expected") 204 assert.Equal(t, 0, len(a.ReqBody.Addresses), "Number of client addresses not empty") 205 assert.Equal(t, 0, len(a.ReqBody.EncAuthData.Cipher), "Ciphertext of request body encrypted authorization data not empty") 206 assert.Equal(t, 2, len(a.ReqBody.AdditionalTickets), "Number of additional tickets not as expected") 207 for i, tkt := range a.ReqBody.AdditionalTickets { 208 assert.Equal(t, iana.PVNO, tkt.TktVNO, fmt.Sprintf("Additional ticket (%v) ticket-vno not as expected", i+1)) 209 assert.Equal(t, testdata.TEST_REALM, tkt.Realm, fmt.Sprintf("Additional ticket (%v) realm not as expected", i+1)) 210 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, tkt.SName.NameType, fmt.Sprintf("Additional ticket (%v) SName NameType not as expected", i+1)) 211 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(tkt.SName.NameString), fmt.Sprintf("Additional ticket (%v) SName does not have the expected number of NameStrings", i+1)) 212 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, tkt.SName.NameString, fmt.Sprintf("Additional ticket (%v) SName name string entries not as expected", i+1)) 213 assert.Equal(t, testdata.TEST_ETYPE, tkt.EncPart.EType, fmt.Sprintf("Additional ticket (%v) encPart etype not as expected", i+1)) 214 assert.Equal(t, iana.PVNO, tkt.EncPart.KVNO, fmt.Sprintf("Additional ticket (%v) encPart KVNO not as expected", i+1)) 215 assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), tkt.EncPart.Cipher, fmt.Sprintf("Additional ticket (%v) encPart cipher not as expected", i+1)) 216 } 217 } 218 219 func TestUnmarshalASReq_optionalsNULLexceptserver(t *testing.T) { 220 t.Parallel() 221 var a ASReq 222 b, err := hex.DecodeString(testdata.MarshaledKRB5as_reqOptionalsNULLexceptserver) 223 if err != nil { 224 t.Fatalf("Test vector read error: %v", err) 225 } 226 err = a.Unmarshal(b) 227 if err != nil { 228 t.Fatalf("Unmarshal error: %v", err) 229 } 230 //Parse the test time value into a time.Time type 231 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 232 233 assert.Equal(t, iana.PVNO, a.PVNO, "PVNO not as expected") 234 assert.Equal(t, msgtype.KRB_AS_REQ, a.MsgType, "Message ID not as expected") 235 assert.Equal(t, 0, len(a.PAData), "Number of PAData items in the sequence not as expected") 236 assert.Equal(t, "fedcba90", hex.EncodeToString(a.ReqBody.KDCOptions.Bytes), "Request body flags not as expected") 237 assert.Equal(t, testdata.TEST_REALM, a.ReqBody.Realm, "Request body Realm not as expected") 238 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.ReqBody.SName.NameType, "Request body SName nametype not as expected") 239 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(a.ReqBody.SName.NameString), "Request body SName does not have the expected number of NameStrings") 240 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.ReqBody.SName.NameString, "Request body SName entries not as expected") 241 assert.Equal(t, tt, a.ReqBody.Till, "Request body Till time not as expected") 242 assert.Equal(t, testdata.TEST_NONCE, a.ReqBody.Nonce, "Request body nounce not as expected") 243 assert.Equal(t, []int32{0, 1}, a.ReqBody.EType, "Etype list not as expected") 244 assert.Equal(t, 0, len(a.ReqBody.Addresses), "Number of client addresses not empty") 245 assert.Equal(t, 0, len(a.ReqBody.EncAuthData.Cipher), "Ciphertext of request body encrypted authorization data not empty") 246 assert.Equal(t, 0, len(a.ReqBody.AdditionalTickets), "Number of additional tickets not empty") 247 } 248 249 func TestUnmarshalTGSReq(t *testing.T) { 250 t.Parallel() 251 var a TGSReq 252 b, err := hex.DecodeString(testdata.MarshaledKRB5tgs_req) 253 if err != nil { 254 t.Fatalf("Test vector read error: %v", err) 255 } 256 err = a.Unmarshal(b) 257 if err != nil { 258 t.Fatalf("Unmarshal error: %v", err) 259 } 260 //Parse the test time value into a time.Time type 261 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 262 263 assert.Equal(t, iana.PVNO, a.PVNO, "PVNO not as expected") 264 assert.Equal(t, msgtype.KRB_TGS_REQ, a.MsgType, "Message ID not as expected") 265 assert.Equal(t, 2, len(a.PAData), "Number of PAData items in the sequence not as expected") 266 for i, pa := range a.PAData { 267 assert.Equal(t, patype.PA_SAM_RESPONSE, pa.PADataType, fmt.Sprintf("PAData type for entry %d not as expected", i+1)) 268 assert.Equal(t, []byte(testdata.TEST_PADATA_VALUE), pa.PADataValue, fmt.Sprintf("PAData valye for entry %d not as expected", i+1)) 269 } 270 assert.Equal(t, "fedcba90", hex.EncodeToString(a.ReqBody.KDCOptions.Bytes), "Request body flags not as expected") 271 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.ReqBody.CName.NameType, "Request body CName NameType not as expected") 272 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(a.ReqBody.CName.NameString), "Request body CName does not have the expected number of NameStrings") 273 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.ReqBody.CName.NameString, "Request body CName entries not as expected") 274 assert.Equal(t, testdata.TEST_REALM, a.ReqBody.Realm, "Request body Realm not as expected") 275 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.ReqBody.SName.NameType, "Request body SName nametype not as expected") 276 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(a.ReqBody.SName.NameString), "Request body SName does not have the expected number of NameStrings") 277 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.ReqBody.SName.NameString, "Request body SName entries not as expected") 278 assert.Equal(t, tt, a.ReqBody.From, "Request body From time not as expected") 279 assert.Equal(t, tt, a.ReqBody.Till, "Request body Till time not as expected") 280 assert.Equal(t, tt, a.ReqBody.RTime, "Request body RTime time not as expected") 281 assert.Equal(t, testdata.TEST_NONCE, a.ReqBody.Nonce, "Request body nounce not as expected") 282 assert.Equal(t, []int32{0, 1}, a.ReqBody.EType, "Etype list not as expected") 283 assert.Equal(t, 2, len(a.ReqBody.Addresses), "Number of client addresses not as expected") 284 for i, addr := range a.ReqBody.Addresses { 285 assert.Equal(t, addrtype.IPv4, addr.AddrType, fmt.Sprintf("Host address type not as expected for address item %d", i+1)) 286 assert.Equal(t, "12d00023", hex.EncodeToString(addr.Address), fmt.Sprintf("Host address not as expected for address item %d", i+1)) 287 } 288 assert.Equal(t, testdata.TEST_ETYPE, a.ReqBody.EncAuthData.EType, "Etype of request body encrypted authorization data not as expected") 289 assert.Equal(t, iana.PVNO, a.ReqBody.EncAuthData.KVNO, "KVNO of request body encrypted authorization data not as expected") 290 assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), a.ReqBody.EncAuthData.Cipher, "Ciphertext of request body encrypted authorization data not as expected") 291 assert.Equal(t, 2, len(a.ReqBody.AdditionalTickets), "Number of additional tickets not as expected") 292 for i, tkt := range a.ReqBody.AdditionalTickets { 293 assert.Equal(t, iana.PVNO, tkt.TktVNO, fmt.Sprintf("Additional ticket (%v) ticket-vno not as expected", i+1)) 294 assert.Equal(t, testdata.TEST_REALM, tkt.Realm, fmt.Sprintf("Additional ticket (%v) realm not as expected", i+1)) 295 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, tkt.SName.NameType, fmt.Sprintf("Additional ticket (%v) SName NameType not as expected", i+1)) 296 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(tkt.SName.NameString), fmt.Sprintf("Additional ticket (%v) SName does not have the expected number of NameStrings", i+1)) 297 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, tkt.SName.NameString, fmt.Sprintf("Additional ticket (%v) SName name string entries not as expected", i+1)) 298 assert.Equal(t, testdata.TEST_ETYPE, tkt.EncPart.EType, fmt.Sprintf("Additional ticket (%v) encPart etype not as expected", i+1)) 299 assert.Equal(t, iana.PVNO, tkt.EncPart.KVNO, fmt.Sprintf("Additional ticket (%v) encPart KVNO not as expected", i+1)) 300 assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), tkt.EncPart.Cipher, fmt.Sprintf("Additional ticket (%v) encPart cipher not as expected", i+1)) 301 } 302 } 303 304 func TestUnmarshalTGSReq_optionalsNULLexceptsecond_ticket(t *testing.T) { 305 t.Parallel() 306 var a TGSReq 307 b, err := hex.DecodeString(testdata.MarshaledKRB5tgs_reqOptionalsNULLexceptsecond_ticket) 308 if err != nil { 309 t.Fatalf("Test vector read error: %v", err) 310 } 311 err = a.Unmarshal(b) 312 if err != nil { 313 t.Fatalf("Unmarshal error: %v", err) 314 } 315 //Parse the test time value into a time.Time type 316 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 317 318 assert.Equal(t, iana.PVNO, a.PVNO, "PVNO not as expected") 319 assert.Equal(t, msgtype.KRB_TGS_REQ, a.MsgType, "Message ID not as expected") 320 assert.Equal(t, 0, len(a.PAData), "Number of PAData items in the sequence not as expected") 321 assert.Equal(t, "fedcba98", hex.EncodeToString(a.ReqBody.KDCOptions.Bytes), "Request body flags not as expected") 322 assert.Equal(t, testdata.TEST_REALM, a.ReqBody.Realm, "Request body Realm not as expected") 323 assert.Equal(t, tt, a.ReqBody.Till, "Request body Till time not as expected") 324 assert.Equal(t, testdata.TEST_NONCE, a.ReqBody.Nonce, "Request body nounce not as expected") 325 assert.Equal(t, []int32{0, 1}, a.ReqBody.EType, "Etype list not as expected") 326 assert.Equal(t, 0, len(a.ReqBody.Addresses), "Number of client addresses not empty") 327 assert.Equal(t, 0, len(a.ReqBody.EncAuthData.Cipher), "Ciphertext of request body encrypted authorization data not empty") 328 assert.Equal(t, 2, len(a.ReqBody.AdditionalTickets), "Number of additional tickets not as expected") 329 for i, tkt := range a.ReqBody.AdditionalTickets { 330 assert.Equal(t, iana.PVNO, tkt.TktVNO, fmt.Sprintf("Additional ticket (%v) ticket-vno not as expected", i+1)) 331 assert.Equal(t, testdata.TEST_REALM, tkt.Realm, fmt.Sprintf("Additional ticket (%v) realm not as expected", i+1)) 332 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, tkt.SName.NameType, fmt.Sprintf("Additional ticket (%v) SName NameType not as expected", i+1)) 333 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(tkt.SName.NameString), fmt.Sprintf("Additional ticket (%v) SName does not have the expected number of NameStrings", i+1)) 334 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, tkt.SName.NameString, fmt.Sprintf("Additional ticket (%v) SName name string entries not as expected", i+1)) 335 assert.Equal(t, testdata.TEST_ETYPE, tkt.EncPart.EType, fmt.Sprintf("Additional ticket (%v) encPart etype not as expected", i+1)) 336 assert.Equal(t, iana.PVNO, tkt.EncPart.KVNO, fmt.Sprintf("Additional ticket (%v) encPart KVNO not as expected", i+1)) 337 assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), tkt.EncPart.Cipher, fmt.Sprintf("Additional ticket (%v) encPart cipher not as expected", i+1)) 338 } 339 } 340 341 func TestUnmarshalTGSReq_optionalsNULLexceptserver(t *testing.T) { 342 t.Parallel() 343 var a TGSReq 344 b, err := hex.DecodeString(testdata.MarshaledKRB5tgs_reqOptionalsNULLexceptserver) 345 if err != nil { 346 t.Fatalf("Test vector read error: %v", err) 347 } 348 err = a.Unmarshal(b) 349 if err != nil { 350 t.Fatalf("Unmarshal error: %v", err) 351 } 352 //Parse the test time value into a time.Time type 353 tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME) 354 355 assert.Equal(t, iana.PVNO, a.PVNO, "PVNO not as expected") 356 assert.Equal(t, msgtype.KRB_TGS_REQ, a.MsgType, "Message ID not as expected") 357 assert.Equal(t, 0, len(a.PAData), "Number of PAData items in the sequence not as expected") 358 assert.Equal(t, "fedcba90", hex.EncodeToString(a.ReqBody.KDCOptions.Bytes), "Request body flags not as expected") 359 assert.Equal(t, testdata.TEST_REALM, a.ReqBody.Realm, "Request body Realm not as expected") 360 assert.Equal(t, nametype.KRB_NT_PRINCIPAL, a.ReqBody.SName.NameType, "Request body SName nametype not as expected") 361 assert.Equal(t, len(testdata.TEST_PRINCIPALNAME_NAMESTRING), len(a.ReqBody.SName.NameString), "Request body SName does not have the expected number of NameStrings") 362 assert.Equal(t, testdata.TEST_PRINCIPALNAME_NAMESTRING, a.ReqBody.SName.NameString, "Request body SName entries not as expected") 363 assert.Equal(t, tt, a.ReqBody.Till, "Request body Till time not as expected") 364 assert.Equal(t, testdata.TEST_NONCE, a.ReqBody.Nonce, "Request body nounce not as expected") 365 assert.Equal(t, []int32{0, 1}, a.ReqBody.EType, "Etype list not as expected") 366 assert.Equal(t, 0, len(a.ReqBody.Addresses), "Number of client addresses not empty") 367 assert.Equal(t, 0, len(a.ReqBody.EncAuthData.Cipher), "Ciphertext of request body encrypted authorization data not empty") 368 assert.Equal(t, 0, len(a.ReqBody.AdditionalTickets), "Number of additional tickets not empty") 369 } 370 371 //// Marshal Tests //// 372 373 func TestMarshalKDCReqBody(t *testing.T) { 374 t.Parallel() 375 var a KDCReqBody 376 b, err := hex.DecodeString(testdata.MarshaledKRB5kdc_req_body) 377 if err != nil { 378 t.Fatalf("Test vector read error: %v", err) 379 } 380 err = a.Unmarshal(b) 381 if err != nil { 382 t.Fatalf("Unmarshal error: %v", err) 383 } 384 // Marshal and re-unmarshal the result nd then compare 385 mb, err := a.Marshal() 386 if err != nil { 387 t.Fatalf("Unmarshal error: %v", err) 388 } 389 assert.Equal(t, b, mb, "Marshal bytes of KDCReqBody not as expected") 390 } 391 392 func TestMarshalASReq(t *testing.T) { 393 t.Parallel() 394 var a ASReq 395 b, err := hex.DecodeString(testdata.MarshaledKRB5as_req) 396 if err != nil { 397 t.Fatalf("Test vector read error: %v", err) 398 } 399 err = a.Unmarshal(b) 400 if err != nil { 401 t.Fatalf("Unmarshal error: %v", err) 402 } 403 mb, err := a.Marshal() 404 if err != nil { 405 t.Fatalf("Marshal of ticket errored: %v", err) 406 } 407 assert.Equal(t, b, mb, "Marshal bytes of ASReq not as expected") 408 } 409 410 func TestMarshalTGSReq(t *testing.T) { 411 t.Parallel() 412 var a TGSReq 413 b, err := hex.DecodeString(testdata.MarshaledKRB5tgs_req) 414 if err != nil { 415 t.Fatalf("Test vector read error: %v", err) 416 } 417 err = a.Unmarshal(b) 418 if err != nil { 419 t.Fatalf("Unmarshal error: %v", err) 420 } 421 mb, err := a.Marshal() 422 if err != nil { 423 t.Fatalf("Marshal of ticket errored: %v", err) 424 } 425 assert.Equal(t, b, mb, "Marshal bytes of TGSReq not as expected") 426 }