Chromium Code Reviews Chromium Code Reviews
Issue 2873673002:
Add unit tests for NTLMv1 portable implementation (Closed)
| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 // Since many of the static helpers are crypto/hash functions that output | |
| 6 // a buffer; matching exact results would entail implementing them all | |
| 7 // again in the tests. So the tests on the low level hashing operations | |
| 8 // test for other properties of the outputs, such as whether the hashes | |
| 9 // change, whether they should be zeroed out, or whether they should | |
| 10 // be the same or different. | |
| 11 | |
| 12 #include "net/http/ntlm_client.h" | |
| 13 | |
| 14 #include "base/strings/utf_string_conversions.h" | |
| 15 #include "testing/gtest/include/gtest/gtest.h" | |
| 16 | |
| 17 namespace net { | |
| 18 | |
| 19 TEST(NtlmClientTest, GenerateNtlmHashV1PasswordChangesHash) { | |
| 20 base::string16 password1 = base::UTF8ToUTF16("pwd01"); | |
| 21 base::string16 password2 = base::UTF8ToUTF16("pwd02"); | |
| 22 uint8_t hash1[ntlm::NTLM_HASH_LEN]; | |
|
Ryan Sleevi
2017/06/08 18:47:43
= {0}; ?
zentaro
2017/06/12 23:16:54
Per previous reply.
| |
| 23 uint8_t hash2[ntlm::NTLM_HASH_LEN]; | |
| 24 | |
| 25 ntlm::GenerateNtlmHashV1(password1, hash1); | |
| 26 ntlm::GenerateNtlmHashV1(password2, hash2); | |
| 27 | |
| 28 // Verify that the hash is different with a different password. | |
| 29 EXPECT_TRUE(memcmp(hash1, hash2, ntlm::NTLM_HASH_LEN) != 0); | |
|
Ryan Sleevi
2017/06/08 18:47:43
EXPECT_EQ(0, memcmp(...))
zentaro
2017/06/12 23:16:54
Actually EXPECT_NE. But done and elsewhere.
| |
| 30 } | |
| 31 | |
| 32 TEST(NtlmClientTest, GenerateResponsesV1ResponsesTheSame) { | |
| 33 base::string16 password = base::UTF8ToUTF16("pwd"); | |
| 34 | |
| 35 uint8_t lm_response[ntlm::RESPONSE_V1_LEN]; | |
| 36 uint8_t ntlm_response[ntlm::RESPONSE_V1_LEN]; | |
| 37 uint8_t server_challenge[ntlm::CHALLENGE_LEN]; | |
| 38 | |
| 39 // The lm and ntlm responses should be the same. | |
| 40 ntlm::GenerateResponsesV1(password, server_challenge, lm_response, | |
| 41 ntlm_response); | |
| 42 EXPECT_EQ(0, memcmp(lm_response, ntlm_response, ntlm::RESPONSE_V1_LEN)); | |
| 43 } | |
| 44 | |
| 45 TEST(NtlmClientTest, GenerateResponsesV1WithSSClientChallengeUsed) { | |
| 46 base::string16 password = base::UTF8ToUTF16("pwd"); | |
| 47 | |
| 48 uint8_t lm_response1[ntlm::RESPONSE_V1_LEN]; | |
| 49 uint8_t lm_response2[ntlm::RESPONSE_V1_LEN]; | |
| 50 uint8_t ntlm_response1[ntlm::RESPONSE_V1_LEN]; | |
| 51 uint8_t ntlm_response2[ntlm::RESPONSE_V1_LEN]; | |
| 52 uint8_t server_challenge[ntlm::CHALLENGE_LEN]; | |
| 53 uint8_t client_challenge1[ntlm::CHALLENGE_LEN]; | |
| 54 uint8_t client_challenge2[ntlm::CHALLENGE_LEN]; | |
| 55 | |
| 56 memset(client_challenge1, 1, ntlm::CHALLENGE_LEN); | |
| 57 memset(client_challenge2, 2, ntlm::CHALLENGE_LEN); | |
| 58 | |
| 59 ntlm::GenerateResponsesV1WithSS(password, server_challenge, client_challenge1, | |
| 60 lm_response1, ntlm_response1); | |
| 61 ntlm::GenerateResponsesV1WithSS(password, server_challenge, client_challenge2, | |
| 62 lm_response2, ntlm_response2); | |
| 63 | |
| 64 // The point of session security is that the client can introduce some | |
| 65 // randomness, so verify different client_challenge gives a different result. | |
| 66 EXPECT_TRUE(memcmp(lm_response1, lm_response2, ntlm::RESPONSE_V1_LEN) != 0); | |
| 67 EXPECT_TRUE(memcmp(ntlm_response1, ntlm_response2, ntlm::RESPONSE_V1_LEN) != | |
| 68 0); | |
| 69 | |
| 70 // With session security the lm and ntlm hash should be different. | |
| 71 EXPECT_TRUE(memcmp(lm_response1, ntlm_response1, ntlm::RESPONSE_V1_LEN) != 0); | |
| 72 EXPECT_TRUE(memcmp(lm_response2, ntlm_response2, ntlm::RESPONSE_V1_LEN) != 0); | |
| 73 } | |
| 74 | |
| 75 TEST(NtlmClientTest, GenerateResponsesV1WithSSVerifySSUsed) { | |
| 76 base::string16 password = base::UTF8ToUTF16("pwd"); | |
| 77 | |
| 78 uint8_t lm_response1[ntlm::RESPONSE_V1_LEN]; | |
| 79 uint8_t lm_response2[ntlm::RESPONSE_V1_LEN]; | |
| 80 uint8_t ntlm_response1[ntlm::RESPONSE_V1_LEN]; | |
| 81 uint8_t ntlm_response2[ntlm::RESPONSE_V1_LEN]; | |
| 82 uint8_t server_challenge[ntlm::CHALLENGE_LEN]; | |
| 83 uint8_t client_challenge[ntlm::CHALLENGE_LEN]; | |
| 84 | |
| 85 memset(client_challenge, 1, ntlm::CHALLENGE_LEN); | |
| 86 | |
| 87 ntlm::GenerateResponsesV1WithSS(password, server_challenge, client_challenge, | |
| 88 lm_response1, ntlm_response1); | |
| 89 ntlm::GenerateResponsesV1(password, server_challenge, lm_response2, | |
| 90 ntlm_response2); | |
| 91 | |
| 92 // Verify that the responses with session security are not the | |
| 93 // same as without it. | |
| 94 EXPECT_TRUE(memcmp(lm_response1, lm_response2, ntlm::RESPONSE_V1_LEN) != 0); | |
| 95 EXPECT_TRUE(memcmp(ntlm_response1, ntlm_response2, ntlm::RESPONSE_V1_LEN) != | |
| 96 0); | |
| 97 } | |
| 98 | |
| 99 } // namespace net | |
| OLD | NEW |
