Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(416)

Side by Side Diff: net/ntlm/ntlm_test_data.h

Issue 2904633002: Replace NTLMv1 implementation with a functionally equivalent one.
Patch Set: Only return malloc memory from NtlmClient Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2017 The Chromium Authors. All rights reserved. 1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file contains common input and result values use to verify the NTLM 5 // This file contains common input and result values use to verify the NTLM
6 // implementation. They are defined in [MS-NLMP] Section 4.2 [1]. 6 // implementation. They are defined in [MS-NLMP] Section 4.2 [1].
7 // 7 //
8 // [1] https://msdn.microsoft.com/en-us/library/cc236621.aspx 8 // [1] https://msdn.microsoft.com/en-us/library/cc236621.aspx
9 9
10 #ifndef NET_BASE_NTLM_TEST_DATA_H_ 10 #ifndef NET_BASE_NTLM_TEST_DATA_H_
(...skipping 17 matching lines...) Expand all
28 constexpr char kNtlmDomainAscii[] = "Domain"; 28 constexpr char kNtlmDomainAscii[] = "Domain";
29 constexpr char kUserAscii[] = "User"; 29 constexpr char kUserAscii[] = "User";
30 constexpr char kHostnameAscii[] = "COMPUTER"; 30 constexpr char kHostnameAscii[] = "COMPUTER";
31 31
32 // Challenge vectors defined in [MS-NLMP] Section 4.2.1. 32 // Challenge vectors defined in [MS-NLMP] Section 4.2.1.
33 constexpr uint8_t kServerChallenge[kChallengeLen] = {0x01, 0x23, 0x45, 0x67, 33 constexpr uint8_t kServerChallenge[kChallengeLen] = {0x01, 0x23, 0x45, 0x67,
34 0x89, 0xab, 0xcd, 0xef}; 34 0x89, 0xab, 0xcd, 0xef};
35 constexpr uint8_t kClientChallenge[kChallengeLen] = {0xaa, 0xaa, 0xaa, 0xaa, 35 constexpr uint8_t kClientChallenge[kChallengeLen] = {0xaa, 0xaa, 0xaa, 0xaa,
36 0xaa, 0xaa, 0xaa, 0xaa}; 36 0xaa, 0xaa, 0xaa, 0xaa};
37 37
38 // Test input defined in [MS-NLMP] Section 4.2.3.3.
39 constexpr uint8_t kChallengeMsgV1[] = {
40 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00,
41 0x0c, 0x00, 0x0c, 0x00, 0x38, 0x00, 0x00, 0x00, 0x33, 0x82, 0x0a, 0x82,
42 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x00, 0x00, 0x00, 0x00,
43 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
44 0x06, 0x00, 0x70, 0x17, 0x00, 0x00, 0x00, 0x0f, 0x53, 0x00, 0x65, 0x00,
45 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00};
46
38 // A minimal challenge message for tests. For NTLMv1 this implementation only 47 // A minimal challenge message for tests. For NTLMv1 this implementation only
39 // reads the smallest required version of the message (32 bytes). Some 48 // reads the smallest required version of the message (32 bytes). Some
40 // servers may still send messages this small. The only relevant flags 49 // servers may still send messages this small. The only relevant flags
41 // that affect behavior are that both NTLMSSP_NEGOTIATE_UNICODE and 50 // that affect behavior are that both NTLMSSP_NEGOTIATE_UNICODE and
42 // NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are set. 51 // NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are set.
43 // 52 //
44 // [0-7] - "NTLMSSP\0" (Signature) 53 // [0-7] - "NTLMSSP\0" (Signature)
45 // [9-11] - |MessageType::kChallenge| (Message Type = 0x00000002) 54 // [9-11] - |MessageType::kChallenge| (Message Type = 0x00000002)
46 // [12-19] - |SecBuf(kNegotiateMessageLen, 0)|(Target Name - Not Used) 55 // [12-19] - |SecBuf(kNegotiateMessageLen, 0)|(Target Name - Not Used)
47 // [20-23] - |NEGOTIATE_MESSAGE_FLAGS| (Flags = 0x00088207) 56 // [20-23] - |NEGOTIATE_MESSAGE_FLAGS| (Flags = 0x00088207)
48 // [24-31] - |SERVER_CHALLENGE| (Server Challenge) 57 // [24-31] - |SERVER_CHALLENGE| (Server Challenge)
49 // 58 //
50 // See [MS-NLMP] Section 2.2.2.2 for more information about the Challenge 59 // See [MS-NLMP] Section 2.2.2.2 for more information about the Challenge
51 // message. 60 // message.
52 constexpr uint8_t kMinChallengeMessage[kChallengeHeaderLen] = { 61 constexpr uint8_t kMinChallengeMessage[kChallengeHeaderLen] = {
53 'N', 'T', 'L', 'M', 'S', 'S', 'P', '\0', 0x02, 0x00, 0x00, 62 'N', 'T', 'L', 'M', 'S', 'S', 'P', '\0', 0x02, 0x00, 0x00,
54 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x07, 0x82, 63 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x07, 0x82,
55 0x08, 0x00, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef}; 64 0x08, 0x00, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
56 65
66 // The same message as |kMinChallengeMessage| but with the
67 // NTLMSSP_NEGOTIATE_UNICODE flag cleared.
68 constexpr uint8_t kMinChallengeMessageNoUnicode[kChallengeHeaderLen] = {
69 'N', 'T', 'L', 'M', 'S', 'S', 'P', '\0', 0x02, 0x00, 0x00,
70 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x06, 0x82,
71 0x08, 0x00, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
72
73 // The same message as |kMinChallengeMessage| but with the
74 // NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY flag cleared.
75 constexpr uint8_t kMinChallengeMessageNoSS[kChallengeHeaderLen] = {
76 'N', 'T', 'L', 'M', 'S', 'S', 'P', '\0', 0x02, 0x00, 0x00,
77 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x07, 0x82,
78 0x00, 0x00, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
79
57 // Test result value for NTOWFv1() defined in [MS-NLMP] Section 4.2.2.1.2. 80 // Test result value for NTOWFv1() defined in [MS-NLMP] Section 4.2.2.1.2.
58 constexpr uint8_t kExpectedNtlmHashV1[kNtlmHashLen] = { 81 constexpr uint8_t kExpectedNtlmHashV1[kNtlmHashLen] = {
59 0xa4, 0xf4, 0x9c, 0x40, 0x65, 0x10, 0xbd, 0xca, 82 0xa4, 0xf4, 0x9c, 0x40, 0x65, 0x10, 0xbd, 0xca,
60 0xb6, 0x82, 0x4e, 0xe7, 0xc3, 0x0f, 0xd8, 0x52}; 83 0xb6, 0x82, 0x4e, 0xe7, 0xc3, 0x0f, 0xd8, 0x52};
61 84
62 // Test result value defined in [MS-NLMP] Section 4.2.2.1. 85 // Test result value defined in [MS-NLMP] Section 4.2.2.1.
63 constexpr uint8_t kExpectedNtlmResponseV1[kResponseLenV1] = { 86 constexpr uint8_t kExpectedNtlmResponseV1[kResponseLenV1] = {
64 0x67, 0xc4, 0x30, 0x11, 0xf3, 0x02, 0x98, 0xa2, 0xad, 0x35, 0xec, 0xe6, 87 0x67, 0xc4, 0x30, 0x11, 0xf3, 0x02, 0x98, 0xa2, 0xad, 0x35, 0xec, 0xe6,
65 0x4f, 0x16, 0x33, 0x1c, 0x44, 0xbd, 0xbe, 0xd9, 0x27, 0x84, 0x1f, 0x94}; 88 0x4f, 0x16, 0x33, 0x1c, 0x44, 0xbd, 0xbe, 0xd9, 0x27, 0x84, 0x1f, 0x94};
66 89
67 // Test result value defined in [MS-NLMP] Section 4.2.3.2.2. 90 // Test result value defined in [MS-NLMP] Section 4.2.3.2.2.
68 constexpr uint8_t kExpectedNtlmResponseWithV1SS[kResponseLenV1] = { 91 constexpr uint8_t kExpectedNtlmResponseWithV1SS[kResponseLenV1] = {
69 0x75, 0x37, 0xf8, 0x03, 0xae, 0x36, 0x71, 0x28, 0xca, 0x45, 0x82, 0x04, 92 0x75, 0x37, 0xf8, 0x03, 0xae, 0x36, 0x71, 0x28, 0xca, 0x45, 0x82, 0x04,
70 0xbd, 0xe7, 0xca, 0xf8, 0x1e, 0x97, 0xed, 0x26, 0x83, 0x26, 0x72, 0x32}; 93 0xbd, 0xe7, 0xca, 0xf8, 0x1e, 0x97, 0xed, 0x26, 0x83, 0x26, 0x72, 0x32};
71 94
72 // Test result value defined in [MS-NLMP] Section 4.2.3.2.1. 95 // Test result value defined in [MS-NLMP] Section 4.2.3.2.1.
73 constexpr uint8_t kExpectedLmResponseWithV1SS[kResponseLenV1] = { 96 constexpr uint8_t kExpectedLmResponseWithV1SS[kResponseLenV1] = {
74 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x00, 0x00, 0x00, 0x00, 97 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x00, 0x00, 0x00, 0x00,
75 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; 98 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
76 99
100 // Expected negotiate message from this implementation.
101 // [0-7] - "NTLMSSP\0" (Signature)
102 // [9-11] - |MessageType::NEGOTIATE| (Message Type = 0x00000001)
103 // [12-15] - |NEGOTIATE_MESSAGE_FLAGS| (Flags = 0x00088207)
104 // [16-23] - |SecBuf(kNegotiateMessageLen, 0)|(Domain)
105 // [24-32] - |SecBuf(kNegotiateMessageLen, 0)|(Workstation)
106 //
107 // NOTE: Message does not include Version field. Since
108 // NTLMSSP_NEGOTIATE_VERSION is never sent it is not required and the server
109 // won't try to read it. This is currently omitted for test compatibility with
110 // the existing implementation. When NTLMv2 is implemented this field
111 // will be added for all versions.
112 //
113 // Similarly both Domain and Workstation fields are are not strictly required
114 // either (though are included here) since neither
115 // NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED nor
116 // NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED are ever sent. A compliant server
117 // should never read past the 16th byte in this message.
118 //
119 // See [MS-NLMP] Section 2.2.2.5 for more detail on flags and 2.2.2.1 for the
120 // Negotiate message in general.
121 constexpr uint8_t kExpectedNegotiateMsg[kNegotiateMessageLen] = {
122 'N', 'T', 'L', 'M', 'S', 'S', 'P', '\0', 0x01, 0x00, 0x00,
123 0x00, 0x07, 0x82, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00,
124 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00};
125
126 // Expected V1 Authenticate message from this implementation when sent
127 // |kChallengeMsgV1| as the challenge.
128 //
129 // [0-7] - "NTLMSSP\0" (Signature)
130 // [9-11] - |MessageType::kAuthenticate| (Message Type = 0x00000003)
131 // [12-19] - |SecBuf(64, RESPONSE_V1_LEN)| (LM Response)
132 // [20-27] - |SecBuf(88, RESPONSE_V1_LEN)| (NTLM Response)
133 // [28-35] - |SecBuf(112, 12)| (Target Name = L"Domain")
134 // [36-43] - |SecBuf(124, 8)| (User = L"User")
135 // [44-51] - |SecBuf(132, 16)| (Workstation = L"COMPUTER")
136 // [52-59] - |SecBuf(64, 0)| (Session Key (empty))
137 // [60-63] - 0x00088203 (Flags)
138 // [64-87] - |EXPECTED_V1_WITH_SS_LM_RESPONSE| (LM Response Payload)
139 // [88-111] - |EXPECTED_V1_WITH_SS_NTLM_RESPONSE|(NTLM Response Payload)
140 // [112-123]- L"Domain" (Target Name Payload)
141 // [124-132]- L"User" (User Payload)
142 // [132-147]- L"COMPUTER" (Workstation Payload)
143 //
144 // NOTE: This is not identical to the message in [MS-NLMP] Section 4.2.2.3 for
145 // several reasons.
146 //
147 // 1) The flags are different because this implementation does not support
148 // the flags related to version, key exchange, signing and sealing. These
149 // flags are not relevant to implementing the NTLM scheme in HTTP.
150 // 2) Since key exchange is not required nor supported, the session base key
151 // payload is not required nor present.
152 // 3) The specification allows payloads to be in any order. This (and the
153 // prior) implementation uses a different payload order than the example.
154 // 4) The version field is Windows specific and there is no provision for a
155 // non-Windows OS information. This message does not include a version field.
156 constexpr uint8_t kExpectedAuthenticateMsgV1[] = {
157 'N', 'T', 'L', 'M', 'S', 'S', 'P', '\0', 0x03, 0x00, 0x00, 0x00,
158 0x18, 0x00, 0x18, 0x00, 0x40, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00,
159 0x58, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x0c, 0x00, 0x70, 0x00, 0x00, 0x00,
160 0x08, 0x00, 0x08, 0x00, 0x7c, 0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00,
161 0x84, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00,
162 0x03, 0x82, 0x08, 0x00, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
163 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
164 0x00, 0x00, 0x00, 0x00, 0x75, 0x37, 0xf8, 0x03, 0xae, 0x36, 0x71, 0x28,
165 0xca, 0x45, 0x82, 0x04, 0xbd, 0xe7, 0xca, 0xf8, 0x1e, 0x97, 0xed, 0x26,
166 0x83, 0x26, 0x72, 0x32, 'D', 0x00, 'o', 0x00, 'm', 0x00, 'a', 0x00,
167 'i', 0x00, 'n', 0x00, 'U', 0x00, 's', 0x00, 'e', 0x00, 'r', 0x00,
168 'C', 0x00, 'O', 0x00, 'M', 0x00, 'P', 0x00, 'U', 0x00, 'T', 0x00,
169 'E', 0x00, 'R', 0x00,
170 };
171
77 } // namespace test 172 } // namespace test
78 } // namespace ntlm 173 } // namespace ntlm
79 } // namespace net 174 } // namespace net
80 175
81 #endif // NET_BASE_NTLM_TEST_DATA_H_ 176 #endif // NET_BASE_NTLM_TEST_DATA_H_
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698