Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(98)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ntlm/ntlm_unittest.cc

Issue 2873673002: Add unit tests for NTLMv1 portable implementation (Closed)
Patch Set: Merge build config back to net Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/ntlm/ntlm_test_data.h ('K') | « net/ntlm/ntlm_test_data.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // Tests on exact results from cryptographic operations are based on test data
6 // provided in [MS-NLMP] Version 28.0 [1] Section 4.2.
7 //
8 // Additional sanity checks on the low level hashing operations test for
9 // properties of the outputs, such as whether the hashes change, whether they
10 // should be zeroed out, or whether they should be the same or different.
11 //
12 // [1] https://msdn.microsoft.com/en-us/library/cc236621.aspx
13
14 #include "net/ntlm/ntlm.h"
15
16 #include "base/strings/utf_string_conversions.h"
17 #include "net/ntlm/ntlm_test_data.h"
18 #include "testing/gtest/include/gtest/gtest.h"
19
20 namespace net {
21 namespace ntlm {
22
23 TEST(NtlmClientTest, GenerateNtlmHashV1PasswordSpecTests) {
24 uint8_t hash[NTLM_HASH_LEN];
25 GenerateNtlmHashV1(NTLM_PASSWORD, hash);
26 ASSERT_EQ(0, memcmp(hash, EXPECTED_V1_HASH, NTLM_HASH_LEN));
27 }
28
29 TEST(NtlmClientTest, GenerateNtlmHashV1PasswordChangesHash) {
30 base::string16 password1 = base::UTF8ToUTF16("pwd01");
31 base::string16 password2 = base::UTF8ToUTF16("pwd02");
32 uint8_t hash1[NTLM_HASH_LEN];
33 uint8_t hash2[NTLM_HASH_LEN];
34
35 GenerateNtlmHashV1(password1, hash1);
36 GenerateNtlmHashV1(password2, hash2);
37
38 // Verify that the hash is different with a different password.
39 ASSERT_NE(0, memcmp(hash1, hash2, NTLM_HASH_LEN));
40 }
41
42 TEST(NtlmClientTest, GenerateResponsesV1SpecTests) {
43 uint8_t lm_response[RESPONSE_V1_LEN];
44 uint8_t ntlm_response[RESPONSE_V1_LEN];
45 GenerateResponsesV1(NTLM_PASSWORD, SERVER_CHALLENGE, lm_response,
46 ntlm_response);
47
48 ASSERT_EQ(0,
49 memcmp(EXPECTED_V1_NTLM_RESPONSE, ntlm_response, RESPONSE_V1_LEN));
50
51 // This implementation never sends an LMv1 response (spec equivalent of the
52 // client variable NoLMResponseNTLMv1 being false) so the LM response is
53 // equal to the NTLM response when
54 // NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY is not negotiated. See
55 // [MS-NLMP] Section 3.3.1.
56 ASSERT_EQ(0, memcmp(EXPECTED_V1_NTLM_RESPONSE, lm_response, RESPONSE_V1_LEN));
57 }
58
59 TEST(NtlmClientTest, GenerateResponsesV1WithSSSpecTests) {
60 uint8_t lm_response[RESPONSE_V1_LEN];
61 uint8_t ntlm_response[RESPONSE_V1_LEN];
62 GenerateResponsesV1WithSS(NTLM_PASSWORD, SERVER_CHALLENGE, CLIENT_CHALLENGE,
63 lm_response, ntlm_response);
64
65 ASSERT_EQ(
66 0, memcmp(EXPECTED_V1_WITH_SS_LM_RESPONSE, lm_response, RESPONSE_V1_LEN));
67 ASSERT_EQ(0, memcmp(EXPECTED_V1_WITH_SS_NTLM_RESPONSE, ntlm_response,
68 RESPONSE_V1_LEN));
69 }
70
71 TEST(NtlmClientTest, GenerateResponsesV1WithSSClientChallengeUsed) {
72 uint8_t lm_response1[RESPONSE_V1_LEN];
73 uint8_t lm_response2[RESPONSE_V1_LEN];
74 uint8_t ntlm_response1[RESPONSE_V1_LEN];
75 uint8_t ntlm_response2[RESPONSE_V1_LEN];
76 uint8_t client_challenge1[CHALLENGE_LEN];
77 uint8_t client_challenge2[CHALLENGE_LEN];
78
79 memset(client_challenge1, 0x01, CHALLENGE_LEN);
80 memset(client_challenge2, 0x02, CHALLENGE_LEN);
81
82 GenerateResponsesV1WithSS(NTLM_PASSWORD, SERVER_CHALLENGE, client_challenge1,
83 lm_response1, ntlm_response1);
84 GenerateResponsesV1WithSS(NTLM_PASSWORD, SERVER_CHALLENGE, client_challenge2,
85 lm_response2, ntlm_response2);
86
87 // The point of session security is that the client can introduce some
88 // randomness, so verify different client_challenge gives a different result.
89 ASSERT_NE(0, memcmp(lm_response1, lm_response2, RESPONSE_V1_LEN));
90 ASSERT_NE(0, memcmp(ntlm_response1, ntlm_response2, RESPONSE_V1_LEN));
91
92 // With session security the lm and ntlm hash should be different.
93 ASSERT_NE(0, memcmp(lm_response1, ntlm_response1, RESPONSE_V1_LEN));
94 ASSERT_NE(0, memcmp(lm_response2, ntlm_response2, RESPONSE_V1_LEN));
95 }
96
97 TEST(NtlmClientTest, GenerateResponsesV1WithSSVerifySSUsed) {
98 uint8_t lm_response1[RESPONSE_V1_LEN];
99 uint8_t lm_response2[RESPONSE_V1_LEN];
100 uint8_t ntlm_response1[RESPONSE_V1_LEN];
101 uint8_t ntlm_response2[RESPONSE_V1_LEN];
102
103 GenerateResponsesV1WithSS(NTLM_PASSWORD, SERVER_CHALLENGE, CLIENT_CHALLENGE,
104 lm_response1, ntlm_response1);
105 GenerateResponsesV1(NTLM_PASSWORD, SERVER_CHALLENGE, lm_response2,
106 ntlm_response2);
107
108 // Verify that the responses with session security are not the
109 // same as without it.
110 ASSERT_NE(0, memcmp(lm_response1, lm_response2, RESPONSE_V1_LEN));
111 ASSERT_NE(0, memcmp(ntlm_response1, ntlm_response2, RESPONSE_V1_LEN));
112 }
113
114 } // namespace ntlm
115 } // namespace net
OLDNEW
« net/ntlm/ntlm_test_data.h ('K') | « net/ntlm/ntlm_test_data.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698