OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 // Since many of the static helpers are crypto/hash functions that output | |
6 // a buffer; matching exact results would entail implementing them all | |
7 // again in the tests. So the tests on the low level hashing operations | |
8 // test for other properties of the outputs, such as whether the hashes | |
9 // change, whether they should be zeroed out, or whether they should | |
10 // be the same or different. | |
11 | |
12 #include "net/http/ntlm_client.h" | |
13 | |
14 #include "base/strings/utf_string_conversions.h" | |
15 #include "testing/gtest/include/gtest/gtest.h" | |
16 | |
17 namespace net { | |
18 | |
19 TEST(NtlmClientTest, GenerateNtlmHashV1PasswordChangesHash) { | |
20 base::string16 password1 = base::UTF8ToUTF16("pwd01"); | |
21 base::string16 password2 = base::UTF8ToUTF16("pwd02"); | |
22 uint8_t hash1[ntlm::NTLM_HASH_LEN]; | |
Ryan Sleevi
2017/06/08 18:47:43
= {0}; ?
zentaro
2017/06/12 23:16:54
Per previous reply.
| |
23 uint8_t hash2[ntlm::NTLM_HASH_LEN]; | |
24 | |
25 ntlm::GenerateNtlmHashV1(password1, hash1); | |
26 ntlm::GenerateNtlmHashV1(password2, hash2); | |
27 | |
28 // Verify that the hash is different with a different password. | |
29 EXPECT_TRUE(memcmp(hash1, hash2, ntlm::NTLM_HASH_LEN) != 0); | |
Ryan Sleevi
2017/06/08 18:47:43
EXPECT_EQ(0, memcmp(...))
zentaro
2017/06/12 23:16:54
Actually EXPECT_NE. But done and elsewhere.
| |
30 } | |
31 | |
32 TEST(NtlmClientTest, GenerateResponsesV1ResponsesTheSame) { | |
33 base::string16 password = base::UTF8ToUTF16("pwd"); | |
34 | |
35 uint8_t lm_response[ntlm::RESPONSE_V1_LEN]; | |
36 uint8_t ntlm_response[ntlm::RESPONSE_V1_LEN]; | |
37 uint8_t server_challenge[ntlm::CHALLENGE_LEN]; | |
38 | |
39 // The lm and ntlm responses should be the same. | |
40 ntlm::GenerateResponsesV1(password, server_challenge, lm_response, | |
41 ntlm_response); | |
42 EXPECT_EQ(0, memcmp(lm_response, ntlm_response, ntlm::RESPONSE_V1_LEN)); | |
43 } | |
44 | |
45 TEST(NtlmClientTest, GenerateResponsesV1WithSSClientChallengeUsed) { | |
46 base::string16 password = base::UTF8ToUTF16("pwd"); | |
47 | |
48 uint8_t lm_response1[ntlm::RESPONSE_V1_LEN]; | |
49 uint8_t lm_response2[ntlm::RESPONSE_V1_LEN]; | |
50 uint8_t ntlm_response1[ntlm::RESPONSE_V1_LEN]; | |
51 uint8_t ntlm_response2[ntlm::RESPONSE_V1_LEN]; | |
52 uint8_t server_challenge[ntlm::CHALLENGE_LEN]; | |
53 uint8_t client_challenge1[ntlm::CHALLENGE_LEN]; | |
54 uint8_t client_challenge2[ntlm::CHALLENGE_LEN]; | |
55 | |
56 memset(client_challenge1, 1, ntlm::CHALLENGE_LEN); | |
57 memset(client_challenge2, 2, ntlm::CHALLENGE_LEN); | |
58 | |
59 ntlm::GenerateResponsesV1WithSS(password, server_challenge, client_challenge1, | |
60 lm_response1, ntlm_response1); | |
61 ntlm::GenerateResponsesV1WithSS(password, server_challenge, client_challenge2, | |
62 lm_response2, ntlm_response2); | |
63 | |
64 // The point of session security is that the client can introduce some | |
65 // randomness, so verify different client_challenge gives a different result. | |
66 EXPECT_TRUE(memcmp(lm_response1, lm_response2, ntlm::RESPONSE_V1_LEN) != 0); | |
67 EXPECT_TRUE(memcmp(ntlm_response1, ntlm_response2, ntlm::RESPONSE_V1_LEN) != | |
68 0); | |
69 | |
70 // With session security the lm and ntlm hash should be different. | |
71 EXPECT_TRUE(memcmp(lm_response1, ntlm_response1, ntlm::RESPONSE_V1_LEN) != 0); | |
72 EXPECT_TRUE(memcmp(lm_response2, ntlm_response2, ntlm::RESPONSE_V1_LEN) != 0); | |
73 } | |
74 | |
75 TEST(NtlmClientTest, GenerateResponsesV1WithSSVerifySSUsed) { | |
76 base::string16 password = base::UTF8ToUTF16("pwd"); | |
77 | |
78 uint8_t lm_response1[ntlm::RESPONSE_V1_LEN]; | |
79 uint8_t lm_response2[ntlm::RESPONSE_V1_LEN]; | |
80 uint8_t ntlm_response1[ntlm::RESPONSE_V1_LEN]; | |
81 uint8_t ntlm_response2[ntlm::RESPONSE_V1_LEN]; | |
82 uint8_t server_challenge[ntlm::CHALLENGE_LEN]; | |
83 uint8_t client_challenge[ntlm::CHALLENGE_LEN]; | |
84 | |
85 memset(client_challenge, 1, ntlm::CHALLENGE_LEN); | |
86 | |
87 ntlm::GenerateResponsesV1WithSS(password, server_challenge, client_challenge, | |
88 lm_response1, ntlm_response1); | |
89 ntlm::GenerateResponsesV1(password, server_challenge, lm_response2, | |
90 ntlm_response2); | |
91 | |
92 // Verify that the responses with session security are not the | |
93 // same as without it. | |
94 EXPECT_TRUE(memcmp(lm_response1, lm_response2, ntlm::RESPONSE_V1_LEN) != 0); | |
95 EXPECT_TRUE(memcmp(ntlm_response1, ntlm_response2, ntlm::RESPONSE_V1_LEN) != | |
96 0); | |
97 } | |
98 | |
99 } // namespace net | |
OLD | NEW |