net/http/ntlm_client_unittest.cc - Issue 2873673002: Add unit tests for NTLMv1 portable implementation

Side by Side Diff: net/http/ntlm_client_unittest.cc

Issue 2873673002: Add unit tests for NTLMv1 portable implementation (Closed)

Patch Set: Cleanup Created 3 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
(Empty)
	1 // Copyright 2017 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 // Since many of the static helpers are crypto/hash functions that output

	6 // a buffer; matching exact results would entail implementing them all

	7 // again in the tests. So the tests on the low level hashing operations

	8 // test for other properties of the outputs, such as whether the hashes

	9 // change, whether they should be zeroed out, or whether they should

	10 // be the same or different.

	11

	12 #include "net/http/ntlm_client.h"

	13

	14 #include "base/strings/utf_string_conversions.h"

	15 #include "testing/gtest/include/gtest/gtest.h"

	16

	17 namespace net {

	18 namespace ntlm {

	19
	asanka 2017/06/23 21:29:11 Please use the test vectors in section 4.2 (Crypto Please use the test vectors in section 4.2 (Cryptographic values for validation) for these tests. These tests are okay as smoke tests, but not sufficient to validate cryptographic operations. zentaro 2017/07/05 17:57:42 I never even noticed they were there! Show quoted text On 2017/06/23 21:29:11, asanka wrote: > Please use the test vectors in section 4.2 (Cryptographic values for validation) > for these tests. > > These tests are okay as smoke tests, but not sufficient to validate > cryptographic operations. I never even noticed they were there!
	20 TEST(NtlmClientTest, GenerateNtlmHashV1PasswordChangesHash) {

	21 base::string16 password1 = base::UTF8ToUTF16("pwd01");

	22 base::string16 password2 = base::UTF8ToUTF16("pwd02");

	23 uint8_t hash1[NTLM_HASH_LEN];

	24 uint8_t hash2[NTLM_HASH_LEN];

	25

	26 GenerateNtlmHashV1(password1, hash1);

	27 GenerateNtlmHashV1(password2, hash2);

	28

	29 // Verify that the hash is different with a different password.

	30 EXPECT_NE(0, memcmp(hash1, hash2, NTLM_HASH_LEN));

	31 }

	32

	33 TEST(NtlmClientTest, GenerateResponsesV1ResponsesTheSame) {

	34 base::string16 password = base::UTF8ToUTF16("pwd");

	35

	36 uint8_t lm_response[RESPONSE_V1_LEN];

	37 uint8_t ntlm_response[RESPONSE_V1_LEN];

	38 uint8_t server_challenge[CHALLENGE_LEN];

	39

	40 // The lm and ntlm responses should be the same.

	41 GenerateResponsesV1(password, server_challenge, lm_response, ntlm_response);

	42 EXPECT_EQ(0, memcmp(lm_response, ntlm_response, RESPONSE_V1_LEN));

	43 }

	44

	45 TEST(NtlmClientTest, GenerateResponsesV1WithSSClientChallengeUsed) {

	46 base::string16 password = base::UTF8ToUTF16("pwd");

	47

	48 uint8_t lm_response1[RESPONSE_V1_LEN];

	49 uint8_t lm_response2[RESPONSE_V1_LEN];

	50 uint8_t ntlm_response1[RESPONSE_V1_LEN];

	51 uint8_t ntlm_response2[RESPONSE_V1_LEN];

	52 uint8_t server_challenge[CHALLENGE_LEN];

	53 uint8_t client_challenge1[CHALLENGE_LEN];

	54 uint8_t client_challenge2[CHALLENGE_LEN];

	55

	56 memset(client_challenge1, 1, CHALLENGE_LEN);

	57 memset(client_challenge2, 2, CHALLENGE_LEN);

	58

	59 GenerateResponsesV1WithSS(password, server_challenge, client_challenge1,

	60 lm_response1, ntlm_response1);

	61 GenerateResponsesV1WithSS(password, server_challenge, client_challenge2,

	62 lm_response2, ntlm_response2);

	63

	64 // The point of session security is that the client can introduce some

	65 // randomness, so verify different client_challenge gives a different result.

	66 EXPECT_NE(0, memcmp(lm_response1, lm_response2, RESPONSE_V1_LEN));

	67 EXPECT_NE(0, memcmp(ntlm_response1, ntlm_response2, RESPONSE_V1_LEN));

	68

	69 // With session security the lm and ntlm hash should be different.

	70 EXPECT_NE(0, memcmp(lm_response1, ntlm_response1, RESPONSE_V1_LEN));

	71 EXPECT_NE(0, memcmp(lm_response2, ntlm_response2, RESPONSE_V1_LEN));

	72 }

	73

	74 TEST(NtlmClientTest, GenerateResponsesV1WithSSVerifySSUsed) {

	75 base::string16 password = base::UTF8ToUTF16("pwd");

	76

	77 uint8_t lm_response1[RESPONSE_V1_LEN];

	78 uint8_t lm_response2[RESPONSE_V1_LEN];

	79 uint8_t ntlm_response1[RESPONSE_V1_LEN];

	80 uint8_t ntlm_response2[RESPONSE_V1_LEN];

	81 uint8_t server_challenge[CHALLENGE_LEN];

	82 uint8_t client_challenge[CHALLENGE_LEN];

	83

	84 memset(client_challenge, 1, CHALLENGE_LEN);

	85

	86 GenerateResponsesV1WithSS(password, server_challenge, client_challenge,

	87 lm_response1, ntlm_response1);

	88 GenerateResponsesV1(password, server_challenge, lm_response2, ntlm_response2);

	89

	90 // Verify that the responses with session security are not the

	91 // same as without it.

	92 EXPECT_NE(0, memcmp(lm_response1, lm_response2, RESPONSE_V1_LEN));

	93 EXPECT_NE(0, memcmp(ntlm_response1, ntlm_response2, RESPONSE_V1_LEN));

	94 }

	95

	96 } // namespace ntlm

	97 } // namespace net

OLD	NEW

« net/http/ntlm_client.cc ('K') | « net/http/ntlm_client.cc ('k') | no next file » | no next file with comments »