github.com/psiphon-labs/psiphon-tunnel-core@v2.0.28+incompatible/psiphon/upstreamproxy/go-ntlm/ntlm/message_authenticate_test.go (about)

     1  //Copyright 2013 Thomson Reuters Global Resources. BSD License please see License file for more information
     2  
     3  package ntlm
     4  
     5  import (
     6  	"bytes"
     7  	"encoding/base64"
     8  	"encoding/hex"
     9  	"testing"
    10  )
    11  
    12  func checkPayloadStruct(t *testing.T, payloadStruct *PayloadStruct, len uint16, offset uint32) {
    13  	if payloadStruct.Len != len || payloadStruct.Offset != offset {
    14  		t.Errorf("Failed to parse payload struct %d, %d", payloadStruct.Len, payloadStruct.Offset)
    15  	}
    16  }
    17  
    18  func TestParseNTLMv1AsV2(t *testing.T) {
    19  	ntlmv1data := "TlRMTVNTUAADAAAAGAAYALYAAAAYABgAzgAAADQANABIAAAAIAAgAHwAAAAaABoAnAAAABAAEADmAAAAVYKQQgUCzg4AAAAPYQByAHIAYQB5ADEAMgAuAG0AcwBnAHQAcwB0AC4AcgBlAHUAdABlAHIAcwAuAGMAbwBtAHUAcwBlAHIAcwB0AHIAZQBzAHMAMQAwADAAMAAwADgATgBZAEMAVgBBADEAMgBTADIAQwBNAFMAQQDguXWdC2hLH+C5dZ0LaEsf4Ll1nQtoSx9nI+fkE73qtElnkDiSQbxfcDN9zbtO1qfyK3ZTI6CUhvjxmXnpZEjY"
    20  	authBytes, err := base64.StdEncoding.DecodeString(ntlmv1data)
    21  	_, err = ParseAuthenticateMessage(authBytes, 2)
    22  	if err == nil {
    23  		t.Error("Should have returned error when tring to parse an NTLMv1 authenticate message as NTLMv2")
    24  	}
    25  	_, err = ParseAuthenticateMessage(authBytes, 1)
    26  	if err != nil {
    27  		t.Error("Should not have returned error when tring to parse an NTLMv1 authenticate message")
    28  	}
    29  }
    30  
    31  func TestAuthenticateNtlmV1(t *testing.T) {
    32  	authenticateMessage := "TlRMTVNTUAADAAAAGAAYAIgAAAAYABgAoAAAAAAAAABYAAAAIAAgAFgAAAAQABAAeAAAABAAEAC4AAAAVYKQYgYBsR0AAAAP2BgW++b14Dh6Z5B4Xs1DiHAAYQB1AGwAQABwAGEAdQBsAGQAaQB4AC4AbgBlAHQAVwBJAE4ANwBfAEkARQA4ACugxZFzvHB4P6LdKbbZpiYHo2ErZURLiSugxZFzvHB4P6LdKbbZpiYHo2ErZURLibmpCUlnbq2I4LAdEhLdg7I="
    33  	authenticateData, err := base64.StdEncoding.DecodeString(authenticateMessage)
    34  
    35  	if err != nil {
    36  		t.Error("Could not base64 decode message data")
    37  	}
    38  
    39  	a, err := ParseAuthenticateMessage(authenticateData, 1)
    40  	if err != nil {
    41  		t.Error("Could not parse authenticate message")
    42  	}
    43  
    44  	a.String()
    45  
    46  	outBytes := a.Bytes()
    47  
    48  	if len(outBytes) > 0 {
    49  		reparsed, err := ParseAuthenticateMessage(outBytes, 1)
    50  		if err != nil {
    51  			t.Error("Could not re-parse authenticate message")
    52  		}
    53  		if reparsed.String() != a.String() {
    54  			t.Error("Reparsed message is not the same")
    55  		}
    56  	} else {
    57  		t.Error("Invalid authenticate messsage bytes")
    58  	}
    59  }
    60  
    61  func TestAuthenticateNtlmV2(t *testing.T) {
    62  	authenticateMessage := "TlRMTVNTUAADAAAAGAAYAI4AAAAGAQYBpgAAAAAAAABYAAAAIAAgAFgAAAAWABYAeAAAABAAEACsAQAAVYKQQgYAchcAAAAPpdhi9ItaLWwSGpFMT4VQbnAAYQB1AGwAQABwAGEAdQBsAGQAaQB4AC4AbgBlAHQASQBQAC0AMABBADAAQwAzAEEAMQBFAAE/QEbbIB1InAX5KMgp4s4wmpPZ9jp9T3EC95rRY01DhMSv1kei5wYBAQAAAAAAADM6xfahoM0BMJqT2fY6fU8AAAAAAgAOAFIARQBVAFQARQBSAFMAAQAcAFUASwBCAFAALQBDAEIAVABSAE0ARgBFADAANgAEABYAUgBlAHUAdABlAHIAcwAuAG4AZQB0AAMANAB1AGsAYgBwAC0AYwBiAHQAcgBtAGYAZQAwADYALgBSAGUAdQB0AGUAcgBzAC4AbgBlAHQABQAWAFIAZQB1AHQAZQByAHMALgBuAGUAdAAIADAAMAAAAAAAAAAAAAAAADAAAFaspfI82pMCKSuN2L09orn37EQVvxCSqVqQhCloFhQeAAAAAAAAAADRgm1iKYwwmIF3axms/dIe"
    63  	authenticateData, err := base64.StdEncoding.DecodeString(authenticateMessage)
    64  
    65  	if err != nil {
    66  		t.Error("Could not base64 decode message data")
    67  	}
    68  
    69  	a, err := ParseAuthenticateMessage(authenticateData, 2)
    70  
    71  	if err != nil || a == nil {
    72  		t.Error("Failed to parse authenticate message " + err.Error())
    73  	}
    74  
    75  	checkPayloadStruct(t, a.LmChallengeResponse, 24, 142)
    76  	checkPayloadStruct(t, a.NtChallengeResponseFields, 262, 166)
    77  	checkPayloadStruct(t, a.DomainName, 0, 88)
    78  	checkPayloadStruct(t, a.UserName, 32, 88)
    79  	checkPayloadStruct(t, a.Workstation, 22, 120)
    80  	checkPayloadStruct(t, a.EncryptedRandomSessionKey, 16, 428)
    81  
    82  	if a.NegotiateFlags != uint32(1116766805) {
    83  		t.Errorf("Authenticate negotiate flags not correct should be %d got %d", uint32(1116766805), a.NegotiateFlags)
    84  	}
    85  
    86  	mic, err := hex.DecodeString("a5d862f48b5a2d6c121a914c4f85506e")
    87  	if !bytes.Equal(a.Mic, mic) {
    88  		t.Errorf("Mic not correct, should be %s, got %s", "a5d862f48b5a2d6c121a914c4f85506e", hex.EncodeToString(a.Mic))
    89  	}
    90  
    91  	if len(a.Payload) != 356 {
    92  		t.Errorf("Length of payload is incorrect got: %d, should be %d", len(a.Payload), 356)
    93  	}
    94  
    95  	a.String()
    96  
    97  	// Generate the bytes from the message and reparse it and make sure that works
    98  	bytes := a.Bytes()
    99  	if len(bytes) == 0 {
   100  
   101  	}
   102  }