6 * Copyright (C) 2010 pier11 <pier11@operamail.com>
7 * Copyright (C) 2008 Novell, Inc.
9 * Implemented with reference to the follow documentation:
10 * - http://davenport.sourceforge.net/ntlm.html
11 * - MS-NLMP: http://msdn.microsoft.com/en-us/library/cc207842.aspx
12 * - MS-SIP : http://msdn.microsoft.com/en-us/library/cc246115.aspx
14 * Build and run with (adjust as needed to your build platform!)
16 * $ gcc -I /usr/include/libpurple \
17 * -I /usr/include/dbus-1.0 -I /usr/lib/dbus-1.0/include \
18 * -I /usr/include/glib-2.0 -I /usr/lib/glib-2.0/include \
19 * -o tests tests.c sipe-sign.c sipmsg.c sip-sec.c uuid.c -lpurple
22 * This program is free software; you can redistribute it and/or modify
23 * it under the terms of the GNU General Public License as published by
24 * the Free Software Foundation; either version 2 of the License, or
25 * (at your option) any later version.
27 * This program is distributed in the hope that it will be useful,
28 * but WITHOUT ANY WARRANTY; without even the implied warranty of
29 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
30 * GNU General Public License for more details.
32 * You should have received a copy of the GNU General Public License
33 * along with this program; if not, write to the Free Software
34 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
40 #include "sipe-sign.h"
41 #define _SIPE_COMPILING_TESTS
42 #include "sip-sec-ntlm.c"
45 #include "dbus-server.h"
50 static int successes
= 0;
51 static int failures
= 0;
54 hex_str_to_buff(const char *hex_str
, guint8
**bytes
)
62 gsize length
= strlen(hex_str
)/2;
63 buff
= (guint8
*)g_malloc(length
);
64 for (i
= 0; i
< length
; i
++) {
65 two_digits
[0] = hex_str
[i
* 2];
66 two_digits
[1] = hex_str
[i
* 2 + 1];
68 buff
[i
] = (guint8
)strtoul(two_digits
, NULL
, 16);
75 static void assert_equal(const char * expected
, const guchar
* got
, int len
, gboolean stringify
)
77 const gchar
* res
= (gchar
*) got
;
82 for (i
= 0, j
= 0; i
< len
; i
++, j
+=2) {
83 g_sprintf(&to_str
[j
], "%02X", (got
[i
]&0xff));
89 printf("expected: %s\n", expected
);
90 printf("received: %s\n", res
);
92 if (g_ascii_strncasecmp(expected
, res
, len
) == 0) {
103 printf ("Starting Tests\n");
105 // Initialization that Pidgin would normally do
109 purple_signals_init();
115 purple_ciphers_init();
116 purple_debug_set_enabled(TRUE
);
118 /* These tests are from the MS-SIPE document */
120 const char * password
= "Password";
121 const char * user
= "User";
122 const char * domain
= "Domain";
123 const guchar client_challenge
[] = {0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa};
124 /* server challenge */
125 const guchar nonce
[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
127 const guchar exported_session_key
[] = {0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55};
128 const guchar text
[] = {0x50, 0x00, 0x6c, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x74, 0x00, 0x65, 0x00, 0x78, 0x00, 0x74, 0x00}; //P·l·a·i·n·t·e·x·t·
131 ////// internal Cyphers tests ///////
132 printf ("\nTesting MD4()\n");
134 MD4 ((const unsigned char *)"message digest", 14, md4
);
135 assert_equal("D9130A8164549FE818874806E1C7014B", md4
, 16, TRUE
);
137 printf ("\nTesting MD5()\n");
139 MD5 ((const unsigned char *)"message digest", 14, md5
);
140 assert_equal("F96B697D7CB7938D525A2F31AAF161D0", md5
, 16, TRUE
);
142 printf ("\nTesting HMAC_MD5()\n");
143 guchar hmac_md5
[16];
144 HMAC_MD5 ((const unsigned char *)"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", 16, (const unsigned char *)"Hi There", 8, hmac_md5
);
145 assert_equal("9294727A3638BB1C13F48EF8158BFC9D", hmac_md5
, 16, TRUE
);
148 ////// NTLMv1 (without Extended Session Security) ///////
153 | NTLMSSP_NEGOTIATE_KEY_EXCH
154 | NTLMSSP_NEGOTIATE_56
155 | NTLMSSP_NEGOTIATE_128
156 | NTLMSSP_NEGOTIATE_VERSION
157 | NTLMSSP_TARGET_TYPE_SERVER
158 | NTLMSSP_NEGOTIATE_ALWAYS_SIGN
159 | NTLMSSP_NEGOTIATE_NTLM
160 | NTLMSSP_NEGOTIATE_SEAL
161 | NTLMSSP_NEGOTIATE_SIGN
162 | NTLMSSP_NEGOTIATE_OEM
163 | NTLMSSP_NEGOTIATE_UNICODE
;
165 printf ("\n\nTesting Negotiation Flags\n");
166 tmp_el
= GINT32_TO_LE(flags
);
167 assert_equal("338202E2", (guchar
*)(&tmp_el
), 4, TRUE
);
169 printf ("\n\nTesting LMOWFv1()\n");
170 guchar response_key_lm
[16];
171 LMOWFv1 (password
, user
, domain
, response_key_lm
);
172 assert_equal("E52CAC67419A9A224A3B108F3FA6CB6D", response_key_lm
, 16, TRUE
);
174 printf ("\n\nTesting NTOWFv1()\n");
175 guchar response_key_nt
[16];
176 NTOWFv1 (password
, user
, domain
, response_key_nt
);
177 assert_equal("A4F49C406510BDCAB6824EE7C30FD852", response_key_nt
, 16, TRUE
);
179 printf ("\n\nTesting LM Response Generation\n");
180 printf ("Testing NT Response Generation\n");
181 printf ("Testing Session Base Key\n");
182 guchar nt_challenge_response
[24];
183 guchar lm_challenge_response
[24];
184 guchar session_base_key
[16];
186 compute_response(flags
,
192 NULL
, /* target_info */
193 0, /* target_info_len */
194 lm_challenge_response
, /* out */
195 nt_challenge_response
, /* out */
196 session_base_key
); /* out */
198 assert_equal("98DEF7B87F88AA5DAFE2DF779688A172DEF11C7D5CCDEF13", lm_challenge_response
, 24, TRUE
);
199 assert_equal("67C43011F30298A2AD35ECE64F16331C44BDBED927841F94", nt_challenge_response
, 24, TRUE
);
200 assert_equal("D87262B0CDE4B1CB7499BECCCDF10784", session_base_key
, 16, TRUE
);
202 printf ("\n\nTesting Key Exchange Key\n");
203 guchar key_exchange_key
[16];
204 KXKEY(flags
, session_base_key
, lm_challenge_response
, nonce
, key_exchange_key
);
205 assert_equal("D87262B0CDE4B1CB7499BECCCDF10784", key_exchange_key
, 16, TRUE
);
207 printf ("\n\nTesting Encrypted Session Key Generation\n");
208 guchar encrypted_random_session_key
[16];
209 RC4K (key_exchange_key
, 16, exported_session_key
, 16, encrypted_random_session_key
);
210 assert_equal("518822B1B3F350C8958682ECBB3E3CB7", encrypted_random_session_key
, 16, TRUE
);
212 printf ("\n\nTesting CRC32\n");
213 guint32 crc
= CRC32((char*)text
, 18);
214 tmp_el
= GINT32_TO_LE(crc
);
215 assert_equal("7D84AA93", (guchar
*)&tmp_el
, 4, TRUE
);
217 printf ("\n\nTesting Encryption\n");
218 guchar client_seal_key
[16];
219 //SEALKEY (flags, exported_session_key, TRUE, client_seal_key);
220 guchar buff
[18 + 12];
221 memcpy(buff
, text
, 18);
222 guchar text_enc
[18 + 12];
224 to_enc
[0] = GUINT32_TO_LE(0); // random pad
225 to_enc
[1] = GUINT32_TO_LE(crc
);
226 to_enc
[2] = GUINT32_TO_LE(0); // zero
227 memcpy(buff
+18, (gchar
*)to_enc
, 12);
228 RC4K (exported_session_key
, 16, buff
, 18 + 12, text_enc
);
229 //The point is to not reinitialize rc4 cypher
231 assert_equal("56FE04D861F9319AF0D7238A2E3B4D457FB8" "45C844E5" "09DCD1DF" "2E459D36", text_enc
, 18 + 12, TRUE
);
233 printf ("\n\nTesting MAC\n");
234 // won't work in the case with sealing because RC4 is re-initialized inside.
235 //gchar *mac = MAC (flags, (gchar*)text, 18, (guchar*)exported_session_key, 16, (guchar*)exported_session_key,16, 0x00000000, 0);
237 memcpy((gchar
*)enc
, text_enc
+18, 12);
239 mac2
[0] = GUINT32_TO_LE(1); // version
242 mac2
[3] = enc
[2] ^ (GUINT32_TO_LE(0)); // ^ seq
243 assert_equal("0100000045C844E509DCD1DF2E459D36", (guchar
*)mac2
, 16, TRUE
);
246 ////// EXTENDED_SESSIONSECURITY ///////
249 | NTLMSSP_NEGOTIATE_56
250 | NTLMSSP_NEGOTIATE_VERSION
251 | NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
252 | NTLMSSP_TARGET_TYPE_SERVER
253 | NTLMSSP_NEGOTIATE_ALWAYS_SIGN
254 | NTLMSSP_NEGOTIATE_NTLM
255 | NTLMSSP_NEGOTIATE_SEAL
256 | NTLMSSP_NEGOTIATE_SIGN
257 | NTLMSSP_NEGOTIATE_OEM
258 | NTLMSSP_NEGOTIATE_UNICODE
;
260 printf ("\n\n(Extended session security) Testing Negotiation Flags\n");
261 tmp_el
= GINT32_TO_LE(flags
);
262 assert_equal("33820A82", (guchar
*)(&tmp_el
), 4, TRUE
);
264 /* NTOWFv1() is not different from the above test for the same */
266 printf ("\n\n(Extended session security) Testing LM Response\n");
267 printf ("(Extended session security) Testing NT Response\n");
268 printf ("(Extended session security) Testing Session Base Key\n");
269 compute_response(flags
,
275 NULL
, /* target_info */
276 0, /* target_info_len */
277 lm_challenge_response
, /* out */
278 nt_challenge_response
, /* out */
279 session_base_key
); /* out */
281 assert_equal("AAAAAAAAAAAAAAAA00000000000000000000000000000000", lm_challenge_response
, 24, TRUE
);
282 assert_equal("7537F803AE367128CA458204BDE7CAF81E97ED2683267232", nt_challenge_response
, 24, TRUE
);
283 assert_equal("D87262B0CDE4B1CB7499BECCCDF10784", session_base_key
, 16, TRUE
);
285 printf ("\n\n(Extended session security) Testing Key Exchange Key\n");
286 KXKEY(flags
, session_base_key
, lm_challenge_response
, nonce
, key_exchange_key
);
287 assert_equal("EB93429A8BD952F8B89C55B87F475EDC", key_exchange_key
, 16, TRUE
);
289 printf ("\n\n(Extended session security) SIGNKEY\n");
290 guchar client_sign_key
[16];
291 SIGNKEY (key_exchange_key
, TRUE
, client_sign_key
);
292 assert_equal("60E799BE5C72FC92922AE8EBE961FB8D", client_sign_key
, 16, TRUE
);
294 printf ("\n\n(Extended session security) SEALKEY\n");
295 SEALKEY (flags
, key_exchange_key
, TRUE
, client_seal_key
);
296 assert_equal("04DD7F014D8504D265A25CC86A3A7C06", client_seal_key
, 16, TRUE
);
298 printf ("\n\n(Extended session security) Testing Encryption\n");
299 RC4K (client_seal_key
, 16, text
, 18, text_enc
);
300 assert_equal("A02372F6530273F3AA1EB90190CE5200C99D", text_enc
, 18, TRUE
);
302 printf ("\n\n(Extended session security) Testing MAC\n");
303 gchar
*mac
= MAC (flags
, (gchar
*)text
,18, client_sign_key
,16, client_seal_key
,16, 0, 0);
304 assert_equal("01000000FF2AEB52F681793A00000000", (guchar
*)mac
, 32, FALSE
);
308 ////// NTLMv2 ///////
311 | NTLMSSP_NEGOTIATE_KEY_EXCH
312 | NTLMSSP_NEGOTIATE_56
313 | NTLMSSP_NEGOTIATE_128
314 | NTLMSSP_NEGOTIATE_VERSION
315 | NTLMSSP_NEGOTIATE_TARGET_INFO
316 | NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
317 | NTLMSSP_TARGET_TYPE_SERVER
318 | NTLMSSP_NEGOTIATE_ALWAYS_SIGN
319 | NTLMSSP_NEGOTIATE_NTLM
320 | NTLMSSP_NEGOTIATE_SEAL
321 | NTLMSSP_NEGOTIATE_SIGN
322 | NTLMSSP_NEGOTIATE_OEM
323 | NTLMSSP_NEGOTIATE_UNICODE
;
325 printf ("\n\nTesting (NTLMv2) Negotiation Flags\n");
326 tmp_el
= GINT32_TO_LE(flags
);
327 assert_equal("33828AE2", (guchar
*)(&tmp_el
), 4, TRUE
);
329 printf ("\n\nTesting NTOWFv2()\n");
330 NTOWFv2 (password
, user
, domain
, response_key_nt
);
331 NTOWFv2 (password
, user
, domain
, response_key_lm
);
332 assert_equal("0C868A403BFD7A93A3001EF22EF02E3F", response_key_nt
, 16, TRUE
);
335 printf ("\n\nTesting (NTLMv2) LM Response Generation\n");
336 printf ("Testing (NTLMv2) NT Response Generation and Session Base Key\n");
339 4e544c4d53535000020000000c000c003800000033828ae20123456789abcdef00000000000000002400240044000000060070170000000f53006500720076006500720002000c0044006f006d00610069006e0001000c0053006500720076006500720000000000
341 NTLMSSP_NEGOTIATE_UNICODE
342 NTLMSSP_NEGOTIATE_OEM
343 NTLMSSP_NEGOTIATE_SIGN
344 NTLMSSP_NEGOTIATE_SEAL
345 NTLMSSP_NEGOTIATE_NTLM
346 NTLMSSP_NEGOTIATE_ALWAYS_SIGN
347 NTLMSSP_TARGET_TYPE_SERVER
348 NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
349 NTLMSSP_NEGOTIATE_TARGET_INFO
350 NTLMSSP_NEGOTIATE_VERSION
351 NTLMSSP_NEGOTIATE_128
352 NTLMSSP_NEGOTIATE_KEY_EXCH
355 target_name.maxlen: 12
356 target_name.offset: 56
358 target_info.maxlen: 36
359 target_info.offset: 68
360 product: 6.0.6000 (Windows Vista, Windows Server 2008, Windows 7 or Windows Server 2008 R2)
361 ntlm_revision_current: 0x0F (NTLMSSP_REVISION_W2K3)
363 MsvAvNbDomainName: Domain
364 MsvAvNbComputerName: Server
367 530065007200760065007200
369 02000c0044006f006d00610069006e0001000c0053006500720076006500720000000000
372 4e544c4d5353500003000000180018006c00000054005400840000000c000c00480000000800080054000000100010005c00000010001000d8000000358288e20501280a0000000f44006f006d00610069006e00550073006500720043004f004d005000550054004500520086c35097ac9cec102554764a57cccc19aaaaaaaaaaaaaaaa68cd0ab851e51c96aabc927bebef6a1c01010000000000000000000000000000aaaaaaaaaaaaaaaa0000000002000c0044006f006d00610069006e0001000c005300650072007600650072000000000000000000c5dad2544fc9799094ce1ce90bc9d03e
376 const guint64 time_val
= 0;
377 const guint8 target_info
[] = {
378 0x02, 0x00, 0x0C, 0x00, //NetBIOS Domain name, 4 bytes
379 0x44, 0x00, 0x6F, 0x00, 0x6D, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6E, 0x00, //D.o.m.a.i.n. 12bytes
380 0x01, 0x00, 0x0C, 0x00, //NetBIOS Server name, 4 bytes
381 0x53, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, //S.e.r.v.e.r. 12bytes
382 0x00, 0x00, 0x00, 0x00, //Av End, 4 bytes
384 const int target_info_len
= 32+4;
385 int ntlmssp_nt_resp_len
= (16 + (32+target_info_len
));
386 guchar nt_challenge_response_v2
[ntlmssp_nt_resp_len
];
388 compute_response(flags
,
394 target_info
, /* target_info */
395 target_info_len
, /* target_info_len */
396 lm_challenge_response
, /* out */
397 nt_challenge_response_v2
, /* out */
398 session_base_key
); /* out */
400 assert_equal("86C35097AC9CEC102554764A57CCCC19AAAAAAAAAAAAAAAA", lm_challenge_response
, 24, TRUE
);
401 assert_equal("68CD0AB851E51C96AABC927BEBEF6A1C", nt_challenge_response_v2
, 16, TRUE
);
402 /* the ref string is taken from binary dump of AUTHENTICATE_MESSAGE */
403 assert_equal("68CD0AB851E51C96AABC927BEBEF6A1C01010000000000000000000000000000AAAAAAAAAAAAAAAA0000000002000C0044006F006D00610069006E0001000C005300650072007600650072000000000000000000", nt_challenge_response_v2
, ntlmssp_nt_resp_len
, TRUE
);
404 assert_equal("8DE40CCADBC14A82F15CB0AD0DE95CA3", session_base_key
, 16, TRUE
);
406 printf ("\n\nTesting (NTLMv2) Encrypted Session Key\n");
407 // key_exchange_key = session_base_key for NTLMv2
408 KXKEY(flags
, session_base_key
, lm_challenge_response
, nonce
, key_exchange_key
);
409 //RC4 encryption of the RandomSessionKey with the KeyExchangeKey:
410 RC4K (key_exchange_key
, 16, exported_session_key
, 16, encrypted_random_session_key
);
411 assert_equal("C5DAD2544FC9799094CE1CE90BC9D03E", encrypted_random_session_key
, 16, TRUE
);
413 printf ("\n\nTesting (NTLMv2) SIGNKEY\n");
414 SIGNKEY (exported_session_key
, TRUE
, client_sign_key
);
415 assert_equal("4788DC861B4782F35D43FD98FE1A2D39", client_sign_key
, 16, TRUE
);
417 printf ("\n\nTesting (NTLMv2) SEALKEY\n");
418 SEALKEY (flags
, exported_session_key
, TRUE
, client_seal_key
);
419 assert_equal("59F600973CC4960A25480A7C196E4C58", client_seal_key
, 16, TRUE
);
421 printf ("\n\nTesting (NTLMv2) Encryption\n");
422 RC4K (client_seal_key
, 16, text
, 18, text_enc
);
423 assert_equal("54E50165BF1936DC996020C1811B0F06FB5F", text_enc
, 18, TRUE
);
425 // printf ("\n\nTesting (NTLMv2) Encryption\n");
426 //const guchar text2 [] = {0x50, 0x00, 0x6c, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x74, 0x00, 0x65, 0x00, 0x78, 0x00, 0x74, 0x00
427 // , 0x70, 0x35, 0x28, 0x51, 0xf2, 0x56, 0x43, 0x09}; //P·l·a·i·n·t·e·x·t·
428 //guchar text_enc2 [18+8];
429 // RC4K (client_seal_key, 16, text2, 18+8, text_enc2);
430 // assert_equal("54E50165BF1936DC996020C1811B0F06FB5F", text_enc2, 18+8, TRUE);
432 printf ("\n\nTesting (NTLMv2) MAC (without RC4, as we don't keep its handle yet)\n");
433 mac
= MAC (flags
& ~NTLMSSP_NEGOTIATE_KEY_EXCH
, (gchar
*)text
,18, client_sign_key
,16, client_seal_key
,16, 0, 0);
434 assert_equal("0100000070352851F256430900000000", (guchar
*)mac
, 32, FALSE
);
438 /* End tests from the MS-SIPE document */
441 ////// davenport tests ///////
442 // Test from http://davenport.sourceforge.net/ntlm.html#ntlm1Signing
443 const gchar
*text_j
= "jCIFS";
444 printf ("\n\n(davenport) Testing Signature Algorithm\n");
445 guchar sk
[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0xe5, 0x38, 0xb0};
447 "0100000078010900397420FE0E5A0F89",
448 (guchar
*) MAC(NEGOTIATE_FLAGS
& ~NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
, text_j
, strlen(text_j
), sk
, 8, sk
,8, 0x00090178, 0),
452 // Tests from http://davenport.sourceforge.net/ntlm.html#ntlm2Signing
453 printf ("\n\n(davenport) SIGNKEY\n");
454 const guchar master_key
[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00};
455 SIGNKEY (master_key
, TRUE
, client_sign_key
);
456 assert_equal("F7F97A82EC390F9C903DAC4F6ACEB132", client_sign_key
, 16, TRUE
);
458 printf ("\n\n(davenport) Testing MAC - no Key Exchange flag\n");
459 mac
= MAC (flags
& ~NTLMSSP_NEGOTIATE_KEY_EXCH
, text_j
, strlen(text_j
), client_sign_key
, 16, client_sign_key
,16, 0, 0);
460 assert_equal("010000000A003602317A759A00000000", (guchar
*)mac
, 32, FALSE
);
464 ////// SIPE internal tests ///////
465 // Verify signature of SIPE message received from OCS 2007 after authenticating with pidgin-sipe
466 printf ("\n\nTesting MS-SIPE Example Message Signing\n");
467 char * msg1
= "<NTLM><0878F41B><1><SIP Communications Service><ocs1.ocs.provo.novell.com><8592g5DCBa1694i5887m0D0Bt2247b3F38xAE9Fx><3><REGISTER><sip:gabriel@ocs.provo.novell.com><2947328781><B816D65C2300A32CFA6D371F2AF537FD><900><200>";
468 guchar exported_session_key2
[] = { 0x5F, 0x02, 0x91, 0x53, 0xBC, 0x02, 0x50, 0x58, 0x96, 0x95, 0x48, 0x61, 0x5E, 0x70, 0x99, 0xBA };
470 "0100000000000000BF2E52667DDF6DED",
471 (guchar
*) MAC(NEGOTIATE_FLAGS
& ~NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
, msg1
, strlen(msg1
), exported_session_key2
, 16, exported_session_key2
,16, 0, 100),
475 // Verify parsing of message and signature verification
476 printf ("\n\nTesting MS-SIPE Example Message Parsing, Signing, and Verification\n(Authentication Protocol Version 2)\n");
477 char * msg2
= "SIP/2.0 200 OK\r\nms-keep-alive: UAS; tcp=no; hop-hop=yes; end-end=no; timeout=300\r\nAuthentication-Info: NTLM rspauth=\"0100000000000000BF2E52667DDF6DED\", srand=\"0878F41B\", snum=\"1\", opaque=\"4452DFB0\", qop=\"auth\", targetname=\"ocs1.ocs.provo.novell.com\", realm=\"SIP Communications Service\"\r\nFrom: \"Gabriel Burt\"<sip:gabriel@ocs.provo.novell.com>;tag=2947328781;epid=1234567890\r\nTo: <sip:gabriel@ocs.provo.novell.com>;tag=B816D65C2300A32CFA6D371F2AF537FD\r\nCall-ID: 8592g5DCBa1694i5887m0D0Bt2247b3F38xAE9Fx\r\nCSeq: 3 REGISTER\r\nVia: SIP/2.0/TLS 164.99.194.49:10409;branch=z9hG4bKE0E37DBAF252C3255BAD;received=164.99.195.20;ms-received-port=10409;ms-received-cid=1E00\r\nContact: <sip:164.99.195.20:10409;transport=tls;ms-received-cid=1E00>;expires=900\r\nExpires: 900\r\nAllow-Events: vnd-microsoft-provisioning,vnd-microsoft-roaming-contacts,vnd-microsoft-roaming-ACL,presence,presence.wpending,vnd-microsoft-roaming-self,vnd-microsoft-provisioning-v2\r\nSupported: adhoclist\r\nServer: RTC/3.0\r\nSupported: com.microsoft.msrtc.presence\r\nContent-Length: 0\r\n\r\n";
478 struct sipmsg
* msg
= sipmsg_parse_msg(msg2
);
479 struct sipmsg_breakdown msgbd
;
481 sipmsg_breakdown_parse(&msgbd
, "SIP Communications Service", "ocs1.ocs.provo.novell.com");
482 gchar
* msg_str
= sipmsg_breakdown_get_string(2, &msgbd
);
483 gchar
* sig
= sip_sec_ntlm_sipe_signature_make (NEGOTIATE_FLAGS
& ~NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
, msg_str
, 0, exported_session_key2
, exported_session_key2
);
484 sipmsg_breakdown_free(&msgbd
);
485 assert_equal ("0100000000000000BF2E52667DDF6DED", (guchar
*) sig
, 32, FALSE
);
486 printf("purple_ntlm_verify_signature result = %i\n", sip_sec_ntlm_verify_signature (sig
, "0100000000000000BF2E52667DDF6DED"));
489 ////// real Communicator 2007 R2 tests //////
490 ////// Recreated/verifyed real authentication communication between
491 ////// Communicator 2007 R2 and Office Communications Server 2007 R2
492 ////// with SIPE NTLMv2 implementation.
494 const char *password2
= "Pa$$word";
495 const char *user2
= "User";
496 const char *domain2
= "COSMO";
499 //TlRMTVNTUAACAAAAAAAAADgAAADzgpji3Ruq9OfiGNEAAAAAAAAAAJYAlgA4AAAABQLODgAAAA8CAAoAQwBPAFMATQBPAAEAGABDAE8AUwBNAE8ALQBPAEMAUwAtAFIAMgAEABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAMAMABjAG8AcwBtAG8ALQBvAGMAcwAtAHIAMgAuAGMAbwBzAG0AbwAuAGwAbwBjAGEAbAAFABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAAAAAA=
501 Message (length 206):
502 NTLMSSP_NEGOTIATE_UNICODE
503 NTLMSSP_NEGOTIATE_OEM
504 NTLMSSP_NEGOTIATE_SIGN
505 NTLMSSP_NEGOTIATE_SEAL
506 NTLMSSP_NEGOTIATE_DATAGRAM
507 NTLMSSP_NEGOTIATE_LM_KEY
508 NTLMSSP_NEGOTIATE_NTLM
509 NTLMSSP_NEGOTIATE_ALWAYS_SIGN
510 NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
511 NTLMSSP_NEGOTIATE_IDENTIFY
512 NTLMSSP_NEGOTIATE_TARGET_INFO
513 NTLMSSP_NEGOTIATE_VERSION
514 NTLMSSP_NEGOTIATE_128
515 NTLMSSP_NEGOTIATE_KEY_EXCH
517 server_challenge: DD1BAAF4E7E218D1
519 target_name.maxlen: 0
520 target_name.offset: 56
521 target_info.len : 150
522 target_info.maxlen: 150
523 target_info.offset: 56
524 product: 5.2.3790 (Windows Server 2003)
525 ntlm_revision_current: 0x0F (NTLMSSP_REVISION_W2K3)
526 target_info raw: 02000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C0000000000
527 MsvAvNbDomainName: COSMO
528 MsvAvNbComputerName: COSMO-OCS-R2
529 MsvAvDnsDomainName: cosmo.local
530 MsvAvDnsComputerName: cosmo-ocs-r2.cosmo.local
531 MsvAvDnsTreeName: cosmo.local
536 //TlRMTVNTUAADAAAAGAAYAHIAAADGAMYAigAAAAoACgBIAAAACAAIAFIAAAAYABgAWgAAABAAEABQAQAAVYKYYgUCzg4AAAAPQwBPAFMATQBPAFUAcwBlAHIAQwBPAFMATQBPAC0ATwBDAFMALQBSADIAoeku/k4Hi/fFwASazGFmwtauh1yw/apBjcDIAK527KYG0rn769BHMQEBAAAAAAAAWVGaFye5ygHWrodcsP2qQQAAAAACAAoAQwBPAFMATQBPAAEAGABDAE8AUwBNAE8ALQBPAEMAUwAtAFIAMgAEABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAMAMABjAG8AcwBtAG8ALQBvAGMAcwAtAHIAMgAuAGMAbwBzAG0AbwAuAGwAbwBjAGEAbAAFABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAAAAAAAAAAAMctznhyoCkmFkeiueXEV5A==
538 Message (length 352):
539 NTLMSSP_NEGOTIATE_UNICODE
540 NTLMSSP_REQUEST_TARGET
541 NTLMSSP_NEGOTIATE_SIGN
542 NTLMSSP_NEGOTIATE_DATAGRAM
543 NTLMSSP_NEGOTIATE_NTLM
544 NTLMSSP_NEGOTIATE_ALWAYS_SIGN
545 NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
546 NTLMSSP_NEGOTIATE_IDENTIFY
547 NTLMSSP_NEGOTIATE_TARGET_INFO
548 NTLMSSP_NEGOTIATE_VERSION
549 NTLMSSP_NEGOTIATE_128
550 NTLMSSP_NEGOTIATE_KEY_EXCH
567 session_key.maxlen: 16
568 session_key.offset: 336
569 product: 5.2.3790 (Windows Server 2003)
570 ntlm_revision_current: 0x0F (NTLMSSP_REVISION_W2K3)
571 lm_resp: A1E92EFE4E078BF7C5C0049ACC6166C2D6AE875CB0FDAA41
572 nt_resp raw: 8DC0C800AE76ECA606D2B9FBEBD04731010100000000000059519A1727B9CA01D6AE875CB0FDAA410000000002000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C000000000000000000
573 nt_resp: 8DC0C800AE76ECA606D2B9FBEBD04731
574 target_info raw: 02000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C0000000000
576 hi_response_version: 1
577 time: 59519A1727B9CA01 - Mon Mar 01 10:08:08 2010
578 client_challenge: D6AE875CB0FDAA41
579 MsvAvNbDomainName: COSMO
580 MsvAvNbComputerName: COSMO-OCS-R2
581 MsvAvDnsDomainName: cosmo.local
582 MsvAvDnsComputerName: cosmo-ocs-r2.cosmo.local
583 MsvAvDnsTreeName: cosmo.local
584 ----------- end of nt_resp v2 -----------
588 session_key: 31CB739E1CA80A498591E8AE797115E4
591 const char *request
=
592 "REGISTER sip:cosmo.local SIP/2.0\r\n"
593 "Via: SIP/2.0/TLS 192.168.172.6:12723\r\n"
594 "Max-Forwards: 70\r\n"
595 "From: <sip:user@cosmo.local>;tag=3e49177a52;epid=c8ca638a15\r\n"
596 "To: <sip:user@cosmo.local>\r\n"
597 "Call-ID: 4037df9284354df39065195bd57a4b14\r\n"
598 "CSeq: 3 REGISTER\r\n"
599 "Contact: <sip:192.168.172.6:12723;transport=tls;ms-opaque=fad3dfab32>;methods=\"INVITE, MESSAGE, INFO, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER, BENOTIFY\";proxy=replace;+sip.instance=\"<urn:uuid:34D859DB-6585-5F91-A3B4-DE853C15347D>\"\r\n"
600 "User-Agent: UCCAPI/3.5.6907.0 OC/3.5.6907.0 (Microsoft Office Communicator 2007 R2)\r\n"
601 "Supported: gruu-10, adhoclist, msrtc-event-categories\r\n"
602 "Supported: ms-forking\r\n"
603 "ms-keep-alive: UAC;hop-hop=yes\r\n"
604 "Event: registration\r\n"
605 "Proxy-Authorization: NTLM qop=\"auth\", realm=\"SIP Communications Service\", opaque=\"2BDBAC9D\", targetname=\"cosmo-ocs-r2.cosmo.local\", version=4, gssapi-data=\"TlRMTVNTUAADAAAAGAAYAHIAAADGAMYAigAAAAoACgBIAAAACAAIAFIAAAAYABgAWgAAABAAEABQAQAAVYKYYgUCzg4AAAAPQwBPAFMATQBPAFUAcwBlAHIAQwBPAFMATQBPAC0ATwBDAFMALQBSADIAoeku/k4Hi/fFwASazGFmwtauh1yw/apBjcDIAK527KYG0rn769BHMQEBAAAAAAAAWVGaFye5ygHWrodcsP2qQQAAAAACAAoAQwBPAFMATQBPAAEAGABDAE8AUwBNAE8ALQBPAEMAUwAtAFIAMgAEABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAMAMABjAG8AcwBtAG8ALQBvAGMAcwAtAHIAMgAuAGMAbwBzAG0AbwAuAGwAbwBjAGEAbAAFABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAAAAAAAAAAAMctznhyoCkmFkeiueXEV5A==\", crand=\"13317733\", cnum=\"1\", response=\"0100000029618e9651b65a7764000000\"\r\n"
606 "Content-Length: 0\r\n"
609 const guchar
*request_sig
= "<NTLM><13317733><1><SIP Communications Service><cosmo-ocs-r2.cosmo.local><4037df9284354df39065195bd57a4b14><3><REGISTER><sip:user@cosmo.local><3e49177a52><sip:user@cosmo.local><><><><>";
611 //0100000029618e9651b65a7764000000
613 const char *response
=
615 "ms-keep-alive: UAS; tcp=no; hop-hop=yes; end-end=no; timeout=300\r\n"
616 "Authentication-Info: NTLM rspauth=\"01000000E615438A917661BE64000000\", srand=\"9616454F\", snum=\"1\", opaque=\"2BDBAC9D\", qop=\"auth\", targetname=\"cosmo-ocs-r2.cosmo.local\", realm=\"SIP Communications Service\"\r\n"
617 "From: \"User\"<sip:user@cosmo.local>;tag=3e49177a52;epid=c8ca638a15\r\n"
618 "To: <sip:user@cosmo.local>;tag=5E61CCD925D17E043D9A74835A88F664\r\n"
619 "Call-ID: 4037df9284354df39065195bd57a4b14\r\n"
620 "CSeq: 3 REGISTER\r\n"
621 "Via: SIP/2.0/TLS 192.168.172.6:12723;ms-received-port=12723;ms-received-cid=2600\r\n"
622 "Contact: <sip:192.168.172.6:12723;transport=tls;ms-opaque=fad3dfab32;ms-received-cid=2600>;expires=7200;+sip.instance=\"<urn:uuid:34d859db-6585-5f91-a3b4-de853c15347d>\";gruu=\"sip:user@cosmo.local;opaque=user:epid:21nYNIVlkV-jtN6FPBU0fQAA;gruu\"\r\n"
624 "presence-state: register-action=\"added\"\r\n"
625 "Allow-Events: vnd-microsoft-provisioning,vnd-microsoft-roaming-contacts,vnd-microsoft-roaming-ACL,presence,presence.wpending,vnd-microsoft-roaming-self,vnd-microsoft-provisioning-v2\r\n"
626 "Supported: adhoclist\r\n"
627 "Server: RTC/3.5\r\n"
628 "Supported: msrtc-event-categories\r\n"
629 "Content-Length: 0\r\n"
632 const guchar
*response_sig
= "<NTLM><9616454F><1><SIP Communications Service><cosmo-ocs-r2.cosmo.local><4037df9284354df39065195bd57a4b14><3><REGISTER><sip:user@cosmo.local><3e49177a52><sip:user@cosmo.local><5E61CCD925D17E043D9A74835A88F664><><><7200><200>";
634 //01000000E615438A917661BE64000000
638 | NTLMSSP_NEGOTIATE_UNICODE
639 | NTLMSSP_REQUEST_TARGET
640 | NTLMSSP_NEGOTIATE_SIGN
641 | NTLMSSP_NEGOTIATE_DATAGRAM
642 | NTLMSSP_NEGOTIATE_NTLM
643 | NTLMSSP_NEGOTIATE_ALWAYS_SIGN
644 | NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
645 | NTLMSSP_NEGOTIATE_IDENTIFY
646 | NTLMSSP_NEGOTIATE_TARGET_INFO
647 | NTLMSSP_NEGOTIATE_VERSION
648 | NTLMSSP_NEGOTIATE_128
649 | NTLMSSP_NEGOTIATE_KEY_EXCH
;
651 NTOWFv2 (password2
, user2
, domain2
, response_key_nt
);
652 NTOWFv2 (password2
, user2
, domain2
, response_key_lm
);
655 hex_str_to_buff("59519A1727B9CA01", &buff2
);
656 const guint64 time_val2
= GUINT64_FROM_LE(*((guint64
*)buff2
));
659 guint8
*target_info2
;
660 const int target_info2_len
= hex_str_to_buff("02000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C0000000000", &target_info2
);
663 hex_str_to_buff("DD1BAAF4E7E218D1", &nonce2
);
665 guint8
*client_challenge2
;
666 hex_str_to_buff("D6AE875CB0FDAA41", &client_challenge2
);
668 ntlmssp_nt_resp_len
= (16 + (32+target_info2_len
));
669 guchar nt_challenge_response_v2_2
[ntlmssp_nt_resp_len
];
671 printf ("\n\nTesting (NTLMv2 / OC 2007 R2) LM Response Generation\n");
672 printf ( "Testing (NTLMv2 / OC 2007 R2) NT Response Generation\n");
673 compute_response(flags
,
679 target_info2
, /* target_info */
680 target_info2_len
, /* target_info_len */
681 lm_challenge_response
, /* out */
682 nt_challenge_response_v2_2
, /* out */
683 session_base_key
); /* out */
684 g_free(client_challenge2
);
686 g_free(target_info2
);
688 assert_equal("A1E92EFE4E078BF7C5C0049ACC6166C2D6AE875CB0FDAA41", lm_challenge_response
, 24, TRUE
);
689 assert_equal("8DC0C800AE76ECA606D2B9FBEBD04731", nt_challenge_response_v2_2
, 16, TRUE
);
690 /* the ref string is taken from binary dump of AUTHENTICATE_MESSAGE */
691 assert_equal("8DC0C800AE76ECA606D2B9FBEBD04731010100000000000059519A1727B9CA01D6AE875CB0FDAA410000000002000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C000000000000000000", nt_challenge_response_v2_2
, ntlmssp_nt_resp_len
, TRUE
);
693 KXKEY(flags
, session_base_key
, lm_challenge_response
, nonce2
, key_exchange_key
);
694 //as in the Type3 message
695 guint8
*encrypted_random_session_key2
;
696 hex_str_to_buff("31CB739E1CA80A498591E8AE797115E4", &encrypted_random_session_key2
);
697 guchar exported_session_key3
[16];
698 //decoding exported_session_key
699 RC4K (key_exchange_key
, 16, encrypted_random_session_key2
, 16, exported_session_key3
);
700 g_free(encrypted_random_session_key2
);
702 guchar server_sign_key
[16];
703 guchar server_seal_key
[16];
704 SIGNKEY (exported_session_key3
, TRUE
, client_sign_key
);
705 SEALKEY (flags
, exported_session_key3
, TRUE
, client_seal_key
);
706 SIGNKEY (exported_session_key3
, FALSE
, server_sign_key
);
707 SEALKEY (flags
, exported_session_key3
, FALSE
, server_seal_key
);
709 printf ("\n\nTesting (NTLMv2 / OC 2007 R2) Message Parsing, Signing, and Verification\nClient request\n(Authentication Protocol version 4)\n");
710 msg
= sipmsg_parse_msg(request
);
712 sipmsg_breakdown_parse(&msgbd
, "SIP Communications Service", "cosmo-ocs-r2.cosmo.local");
713 msg_str
= sipmsg_breakdown_get_string(4, &msgbd
);
714 assert_equal (request_sig
, msg_str
, strlen(request_sig
), FALSE
);
715 sig
= sip_sec_ntlm_sipe_signature_make (flags
, msg_str
, 0, client_sign_key
, client_seal_key
);
716 sipmsg_breakdown_free(&msgbd
);
717 assert_equal ("0100000029618e9651b65a7764000000", (guchar
*) sig
,32, FALSE
);
718 printf("purple_ntlm_verify_signature result = %i\n", sip_sec_ntlm_verify_signature (sig
, "0100000029618e9651b65a7764000000"));
720 printf ("\n\nTesting (NTLMv2 / OC 2007 R2) Message Parsing, Signing, and Verification\nServer response\n(Authentication Protocol version 4)\n");
721 msg
= sipmsg_parse_msg(response
);
723 sipmsg_breakdown_parse(&msgbd
, "SIP Communications Service", "cosmo-ocs-r2.cosmo.local");
724 msg_str
= sipmsg_breakdown_get_string(4, &msgbd
);
725 assert_equal (response_sig
, msg_str
, strlen(response_sig
), FALSE
);
727 sig
= sip_sec_ntlm_sipe_signature_make (flags
, msg_str
, 0, server_sign_key
, server_seal_key
);
728 sipmsg_breakdown_free(&msgbd
);
729 assert_equal ("01000000E615438A917661BE64000000", (guchar
*) sig
,32, FALSE
);
730 printf("purple_ntlm_verify_signature result = %i\n", sip_sec_ntlm_verify_signature (sig
, "01000000E615438A917661BE64000000"));
732 printf ("\n\nTesting (NTLMv2 / OC 2007 R2) MAC - client signing\n");
733 mac
= MAC (flags
, (gchar
*)request_sig
,strlen(request_sig
), client_sign_key
,16, client_seal_key
,16, 0, 100);
734 assert_equal("0100000029618e9651b65a7764000000", (guchar
*)mac
, 32, FALSE
);
737 printf ("\n\nTesting (NTLMv2 / OC 2007 R2) MAC - server's verifying\n");
738 mac
= MAC (flags
, (gchar
*)response_sig
,strlen(response_sig
), server_sign_key
,16, server_seal_key
,16, 0, 100);
739 assert_equal("01000000E615438A917661BE64000000", (guchar
*)mac
, 32, FALSE
);
743 ////// UUID tests ///////
744 /* begin tests from MS-SIPRE */
746 const char *testEpid
= "01010101";
747 const char *expectedUUID
= "4b1682a8-f968-5701-83fc-7c6741dc6697";
748 gchar
*calcUUID
= generateUUIDfromEPID(testEpid
);
750 printf("\n\nTesting MS-SIPRE UUID derivation\n");
752 assert_equal(expectedUUID
, (guchar
*) calcUUID
, strlen(expectedUUID
), FALSE
);
759 for (i
= 0,j
=0; i
< 6; i
++,j
+=2) {
760 g_sprintf(&nmac
[j
], "%02X", addr
[i
]);
763 printf("Mac: %s\n", g_strdup(nmac
));
765 /* end tests from MS-SIPRE */
767 printf ("\nFinished With Tests; %d successs %d failures\n", successes
, failures
);