2 * Unit tests for GMSA NDR structures.
4 * Copyright (C) Catalyst.NET Ltd 2023
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
27 #include "lib/replace/replace.h"
29 #include "lib/util/attr.h"
30 #include "lib/util/bytearray.h"
31 #include "librpc/gen_ndr/ndr_gmsa.h"
32 #include "librpc/gen_ndr/gmsa.h"
34 static void assert_utf16_equal(const unsigned char *s1
, const unsigned char *s2
)
44 c1
= PULL_LE_U16(s1
, n
);
45 c2
= PULL_LE_U16(s2
, n
);
46 assert_int_equal(c1
, c2
);
51 static void test_managed_password_blob(void **state
)
53 TALLOC_CTX
*mem_ctx
= NULL
;
55 enum ndr_err_code err
;
56 struct MANAGEDPASSWORD_BLOB managed_password
= {};
58 /* A sample blob produced by Windows. */
60 1, 0, 0, 0, 34, 1, 0, 0, 16, 0, 0, 0, 18,
61 1, 26, 1, 141, 65, 237, 151, 152, 15, 173, 200, 51, 62,
62 252, 30, 45, 180, 254, 9, 148, 134, 82, 118, 93, 131, 207,
63 203, 229, 43, 238, 154, 85, 94, 21, 146, 124, 43, 133, 75,
64 168, 15, 221, 241, 54, 38, 127, 134, 4, 232, 180, 54, 112,
65 224, 35, 18, 178, 140, 241, 53, 177, 75, 47, 178, 148, 17,
66 178, 163, 78, 51, 82, 15, 197, 117, 2, 57, 115, 243, 251,
67 146, 75, 249, 21, 55, 226, 125, 85, 112, 156, 85, 42, 39,
68 131, 17, 41, 198, 233, 163, 44, 171, 134, 145, 93, 134, 90,
69 95, 244, 70, 252, 137, 76, 200, 15, 20, 5, 86, 125, 235,
70 2, 3, 161, 249, 4, 26, 245, 205, 138, 17, 249, 33, 139,
71 150, 129, 142, 35, 23, 123, 190, 217, 88, 83, 128, 187, 24,
72 3, 69, 250, 56, 137, 86, 158, 197, 158, 122, 138, 101, 20,
73 252, 105, 105, 118, 28, 235, 24, 220, 251, 58, 44, 52, 231,
74 66, 74, 250, 215, 207, 96, 217, 57, 153, 25, 11, 5, 10,
75 81, 198, 198, 242, 245, 83, 91, 122, 175, 74, 30, 254, 26,
76 218, 113, 193, 249, 189, 95, 125, 151, 249, 235, 132, 66, 69,
77 170, 235, 143, 107, 155, 26, 34, 160, 27, 166, 79, 32, 104,
78 246, 100, 58, 76, 146, 102, 241, 105, 8, 151, 163, 20, 26,
79 232, 33, 138, 159, 184, 129, 187, 30, 123, 181, 17, 149, 84,
80 183, 248, 210, 254, 46, 98, 225, 12, 49, 196, 192, 149, 0,
81 0, 169, 191, 68, 132, 110, 23, 0, 0, 169, 97, 116, 209,
85 const DATA_BLOB blob
= {data
, sizeof data
};
87 /* The UTF‐16 password contained in the blob. */
88 const unsigned char current_password
[] = {
89 141, 65, 237, 151, 152, 15, 173, 200, 51, 62, 252, 30, 45,
90 180, 254, 9, 148, 134, 82, 118, 93, 131, 207, 203, 229, 43,
91 238, 154, 85, 94, 21, 146, 124, 43, 133, 75, 168, 15, 221,
92 241, 54, 38, 127, 134, 4, 232, 180, 54, 112, 224, 35, 18,
93 178, 140, 241, 53, 177, 75, 47, 178, 148, 17, 178, 163, 78,
94 51, 82, 15, 197, 117, 2, 57, 115, 243, 251, 146, 75, 249,
95 21, 55, 226, 125, 85, 112, 156, 85, 42, 39, 131, 17, 41,
96 198, 233, 163, 44, 171, 134, 145, 93, 134, 90, 95, 244, 70,
97 252, 137, 76, 200, 15, 20, 5, 86, 125, 235, 2, 3, 161,
98 249, 4, 26, 245, 205, 138, 17, 249, 33, 139, 150, 129, 142,
99 35, 23, 123, 190, 217, 88, 83, 128, 187, 24, 3, 69, 250,
100 56, 137, 86, 158, 197, 158, 122, 138, 101, 20, 252, 105, 105,
101 118, 28, 235, 24, 220, 251, 58, 44, 52, 231, 66, 74, 250,
102 215, 207, 96, 217, 57, 153, 25, 11, 5, 10, 81, 198, 198,
103 242, 245, 83, 91, 122, 175, 74, 30, 254, 26, 218, 113, 193,
104 249, 189, 95, 125, 151, 249, 235, 132, 66, 69, 170, 235, 143,
105 107, 155, 26, 34, 160, 27, 166, 79, 32, 104, 246, 100, 58,
106 76, 146, 102, 241, 105, 8, 151, 163, 20, 26, 232, 33, 138,
107 159, 184, 129, 187, 30, 123, 181, 17, 149, 84, 183, 248, 210,
108 254, 46, 98, 225, 12, 49, 196, 192, 149, 0, 0};
110 DATA_BLOB packed_blob
= data_blob_null
;
112 mem_ctx
= talloc_new(NULL
);
113 assert_non_null(mem_ctx
);
115 /* Pull the Managed Password structure. */
116 err
= ndr_pull_struct_blob(&blob
,
119 (ndr_pull_flags_fn_t
)
120 ndr_pull_MANAGEDPASSWORD_BLOB
);
121 assert_int_equal(NDR_ERR_SUCCESS
, err
);
123 /* Check the header. */
124 assert_int_equal(1, managed_password
.version
);
125 assert_int_equal(0, managed_password
.reserved
);
126 assert_int_equal(sizeof data
, managed_password
.length
);
128 /* Check the password fields. */
129 assert_utf16_equal(managed_password
.passwords
.current
,
131 assert_null(managed_password
.passwords
.previous
);
133 /* Check the password query intervals.*/
134 assert_int_equal(0x176e8444bfa9,
135 *managed_password
.passwords
.query_interval
);
136 assert_int_equal(0x176dd17461a9,
137 *managed_password
.passwords
.unchanged_interval
);
139 /* Repack the Managed Password structure. */
140 managed_password
.length
= 0;
141 err
= ndr_push_struct_blob(&packed_blob
,
144 (ndr_push_flags_fn_t
)
145 ndr_push_MANAGEDPASSWORD_BLOB
);
146 assert_int_equal(NDR_ERR_SUCCESS
, err
);
149 * Check that the result is identical to the blob produced by Windows.
151 assert_int_equal(blob
.length
, packed_blob
.length
);
152 assert_memory_equal(blob
.data
, packed_blob
.data
, blob
.length
);
154 talloc_free(mem_ctx
);
159 const struct CMUnitTest tests
[] = {
160 cmocka_unit_test(test_managed_password_blob
),
163 cmocka_set_message_output(CM_OUTPUT_SUBUNIT
);
165 return cmocka_run_group_tests(tests
, NULL
, NULL
);