From 4daeb26c9e1b81d6e3094436289025c8226c97ce Mon Sep 17 00:00:00 2001 From: pier11 Date: Sat, 20 Mar 2010 22:52:07 +0000 Subject: [PATCH] tests: remake of declarations at beginning of blocks Data remained in context of tests. --- src/purple/tests.c | 302 ++++++++++++++++++++++++++++++++--------------------- 1 file changed, 182 insertions(+), 120 deletions(-) diff --git a/src/purple/tests.c b/src/purple/tests.c index ac71b05e..67a70aac 100644 --- a/src/purple/tests.c +++ b/src/purple/tests.c @@ -48,7 +48,7 @@ static int failures = 0; static void assert_equal(const char * expected, const guchar * got, int len, gboolean stringify) { const gchar * res = (gchar *) got; - gchar to_str[len*2 + 1]; + gchar to_str[len*2]; if (stringify) { int i, j; @@ -88,32 +88,17 @@ static void assert_equal_guint32(guint32 expected, guint32 got) int main() { - /* These tests are from the MS-SIPE document */ - - const char * password = "Password"; - const char * user = "User"; - const char * domain = "Domain"; - const guchar client_challenge [] = {0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa}; - /* server challenge */ - const guchar nonce [] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef}; - /* 16 bytes */ - const guchar exported_session_key[] = {0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55}; - const guchar text [] = {0x50, 0x00, 0x6c, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x74, 0x00, 0x65, 0x00, 0x78, 0x00, 0x74, 0x00}; //P·l·a·i·n·t·e·x·t· + const char *password; + const char *user; + const char *domain; + const guchar *client_challenge; + const guchar *nonce; + const guchar *exported_session_key; + const guchar *text; guchar md4 [16]; guchar md5 [16]; guchar hmac_md5 [16]; - guint32 flags = 0 - | NTLMSSP_NEGOTIATE_KEY_EXCH - | NTLMSSP_NEGOTIATE_56 - | NTLMSSP_NEGOTIATE_128 - | NTLMSSP_NEGOTIATE_VERSION - | NTLMSSP_TARGET_TYPE_SERVER - | NTLMSSP_NEGOTIATE_ALWAYS_SIGN - | NTLMSSP_NEGOTIATE_NTLM - | NTLMSSP_NEGOTIATE_SEAL - | NTLMSSP_NEGOTIATE_SIGN - | NTLMSSP_NEGOTIATE_OEM - | NTLMSSP_NEGOTIATE_UNICODE; + guint32 flags; guchar response_key_lm [16]; guchar response_key_nt [16]; guchar nt_challenge_response [24]; @@ -123,104 +108,25 @@ int main() guchar encrypted_random_session_key [16]; guint32 crc; guchar client_seal_key [16]; - guchar buff [18 + 12]; - guchar text_enc [18 + 12]; - guint32 to_enc [3]; - guchar mac [16]; - guint32 enc [3]; - guint32 mac2 [4]; guchar client_sign_key [16]; - const guint64 time_val = 0; - const guint8 target_info [] = { - 0x02, 0x00, 0x0C, 0x00, //NetBIOS Domain name, 4 bytes - 0x44, 0x00, 0x6F, 0x00, 0x6D, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6E, 0x00, //D.o.m.a.i.n. 12bytes - 0x01, 0x00, 0x0C, 0x00, //NetBIOS Server name, 4 bytes - 0x53, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, //S.e.r.v.e.r. 12bytes - 0x00, 0x00, 0x00, 0x00, //Av End, 4 bytes - }; - const int target_info_len = 32+4; - int ntlmssp_nt_resp_len = (16 + (32+target_info_len)); - guchar nt_challenge_response_v2 [ntlmssp_nt_resp_len]; - const gchar *text_j = "jCIFS"; - guchar sk [] = {0x01, 0x02, 0x03, 0x04, 0x05, 0xe5, 0x38, 0xb0}; - const guchar master_key [] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00}; - char * msg1 = "<0878F41B><1><8592g5DCBa1694i5887m0D0Bt2247b3F38xAE9Fx><3><2947328781><900><200>"; - guchar exported_session_key2 [] = { 0x5F, 0x02, 0x91, 0x53, 0xBC, 0x02, 0x50, 0x58, 0x96, 0x95, 0x48, 0x61, 0x5E, 0x70, 0x99, 0xBA }; - char * msg2 = "SIP/2.0 200 OK\r\nms-keep-alive: UAS; tcp=no; hop-hop=yes; end-end=no; timeout=300\r\nAuthentication-Info: NTLM rspauth=\"0100000000000000BF2E52667DDF6DED\", srand=\"0878F41B\", snum=\"1\", opaque=\"4452DFB0\", qop=\"auth\", targetname=\"ocs1.ocs.provo.novell.com\", realm=\"SIP Communications Service\"\r\nFrom: \"Gabriel Burt\";tag=2947328781;epid=1234567890\r\nTo: ;tag=B816D65C2300A32CFA6D371F2AF537FD\r\nCall-ID: 8592g5DCBa1694i5887m0D0Bt2247b3F38xAE9Fx\r\nCSeq: 3 REGISTER\r\nVia: SIP/2.0/TLS 164.99.194.49:10409;branch=z9hG4bKE0E37DBAF252C3255BAD;received=164.99.195.20;ms-received-port=10409;ms-received-cid=1E00\r\nContact: ;expires=900\r\nExpires: 900\r\nAllow-Events: vnd-microsoft-provisioning,vnd-microsoft-roaming-contacts,vnd-microsoft-roaming-ACL,presence,presence.wpending,vnd-microsoft-roaming-self,vnd-microsoft-provisioning-v2\r\nSupported: adhoclist\r\nServer: RTC/3.0\r\nSupported: com.microsoft.msrtc.presence\r\nContent-Length: 0\r\n\r\n"; - struct sipmsg * msg = sipmsg_parse_msg(msg2); + guchar server_sign_key [16]; + guchar server_seal_key [16]; + guchar mac [16]; + guchar text_enc [18 + 12]; + struct sipmsg *msg; struct sipmsg_breakdown msgbd; gchar *msg_str; gchar *sig; - const char *password2 = "Pa$$word"; - const char *user2 = "User"; - const char *domain2 = "COSMO"; - const char *host2 = "COSMO-OCS-R2"; - const char *type2_hex = "4E544C4D53535000020000000000000038000000F38298E2DD1BAAF4E7E218D1000000000000000096009600380000000502CE0E0000000F02000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C0000000000"; - const char *type3_hex = "4E544C4D53535000030000001800180072000000C600C6008A0000000A000A00480000000800080052000000180018005A0000001000100050010000558298620502CE0E0000000F43004F0053004D004F00550073006500720043004F0053004D004F002D004F00430053002D0052003200A1E92EFE4E078BF7C5C0049ACC6166C2D6AE875CB0FDAA418DC0C800AE76ECA606D2B9FBEBD04731010100000000000059519A1727B9CA01D6AE875CB0FDAA410000000002000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C00000000000000000031CB739E1CA80A498591E8AE797115E4"; - const char *request = - "REGISTER sip:cosmo.local SIP/2.0\r\n" - "Via: SIP/2.0/TLS 192.168.172.6:12723\r\n" - "Max-Forwards: 70\r\n" - "From: ;tag=3e49177a52;epid=c8ca638a15\r\n" - "To: \r\n" - "Call-ID: 4037df9284354df39065195bd57a4b14\r\n" - "CSeq: 3 REGISTER\r\n" - "Contact: ;methods=\"INVITE, MESSAGE, INFO, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER, BENOTIFY\";proxy=replace;+sip.instance=\"\"\r\n" - "User-Agent: UCCAPI/3.5.6907.0 OC/3.5.6907.0 (Microsoft Office Communicator 2007 R2)\r\n" - "Supported: gruu-10, adhoclist, msrtc-event-categories\r\n" - "Supported: ms-forking\r\n" - "ms-keep-alive: UAC;hop-hop=yes\r\n" - "Event: registration\r\n" - "Proxy-Authorization: NTLM qop=\"auth\", realm=\"SIP Communications Service\", opaque=\"2BDBAC9D\", targetname=\"cosmo-ocs-r2.cosmo.local\", version=4, gssapi-data=\"TlRMTVNTUAADAAAAGAAYAHIAAADGAMYAigAAAAoACgBIAAAACAAIAFIAAAAYABgAWgAAABAAEABQAQAAVYKYYgUCzg4AAAAPQwBPAFMATQBPAFUAcwBlAHIAQwBPAFMATQBPAC0ATwBDAFMALQBSADIAoeku/k4Hi/fFwASazGFmwtauh1yw/apBjcDIAK527KYG0rn769BHMQEBAAAAAAAAWVGaFye5ygHWrodcsP2qQQAAAAACAAoAQwBPAFMATQBPAAEAGABDAE8AUwBNAE8ALQBPAEMAUwAtAFIAMgAEABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAMAMABjAG8AcwBtAG8ALQBvAGMAcwAtAHIAMgAuAGMAbwBzAG0AbwAuAGwAbwBjAGEAbAAFABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAAAAAAAAAAAMctznhyoCkmFkeiueXEV5A==\", crand=\"13317733\", cnum=\"1\", response=\"0100000029618e9651b65a7764000000\"\r\n" - "Content-Length: 0\r\n" - "\r\n"; - const gchar *request_sig = "<13317733><1><4037df9284354df39065195bd57a4b14><3><3e49177a52><><><><>"; -//Signature: -//0100000029618e9651b65a7764000000 - const char *response = - "SIP/2.0 200 OK\r\n" - "ms-keep-alive: UAS; tcp=no; hop-hop=yes; end-end=no; timeout=300\r\n" - "Authentication-Info: NTLM rspauth=\"01000000E615438A917661BE64000000\", srand=\"9616454F\", snum=\"1\", opaque=\"2BDBAC9D\", qop=\"auth\", targetname=\"cosmo-ocs-r2.cosmo.local\", realm=\"SIP Communications Service\"\r\n" - "From: \"User\";tag=3e49177a52;epid=c8ca638a15\r\n" - "To: ;tag=5E61CCD925D17E043D9A74835A88F664\r\n" - "Call-ID: 4037df9284354df39065195bd57a4b14\r\n" - "CSeq: 3 REGISTER\r\n" - "Via: SIP/2.0/TLS 192.168.172.6:12723;ms-received-port=12723;ms-received-cid=2600\r\n" - "Contact: ;expires=7200;+sip.instance=\"\";gruu=\"sip:user@cosmo.local;opaque=user:epid:21nYNIVlkV-jtN6FPBU0fQAA;gruu\"\r\n" - "Expires: 7200\r\n" - "presence-state: register-action=\"added\"\r\n" - "Allow-Events: vnd-microsoft-provisioning,vnd-microsoft-roaming-contacts,vnd-microsoft-roaming-ACL,presence,presence.wpending,vnd-microsoft-roaming-self,vnd-microsoft-provisioning-v2\r\n" - "Supported: adhoclist\r\n" - "Server: RTC/3.5\r\n" - "Supported: msrtc-event-categories\r\n" - "Content-Length: 0\r\n" - "\r\n"; - const gchar *response_sig = "<9616454F><1><4037df9284354df39065195bd57a4b14><3><3e49177a52><5E61CCD925D17E043D9A74835A88F664><><><7200><200>"; -//Signature: -//01000000E615438A917661BE64000000 - guint8 *buff2; - guint8 *target_info2; - const int target_info2_len = hex_str_to_buff("02000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C0000000000", &target_info2); - guint8 *nonce2; - int ntlmssp_nt_resp2_len = (16 + (32+target_info2_len)); - guchar nt_challenge_response_v2_2 [ntlmssp_nt_resp2_len]; - guint8 *encrypted_random_session_key2; - guchar server_sign_key [16]; - guchar server_seal_key [16]; - guchar *client_sign_key2; - guchar *server_sign_key2; - guchar *client_seal_key2; - guchar *server_seal_key2; - guchar *server_challenge = NULL; - guint64 time_val2 = 0; - guchar *target_info3 = NULL; - int target_info3_len = 0; - guint32 flags2; - SipSecBuffer in_buff; - SipSecBuffer out_buff; - const char *testEpid = "01010101"; - const char *expectedUUID = "4b1682a8-f968-5701-83fc-7c6741dc6697"; - gchar *calcUUID; + const char *password2; + const char *user2; + const char *domain2; + const char *host2; + const char *type2_hex; + const char *type3_hex; + const char *request; + const char *response; + const gchar *request_sig; + const gchar *response_sig; printf ("Starting Tests\n"); @@ -231,6 +137,19 @@ int main() purple_ciphers_init(); sip_sec_init__ntlm(); + /* These tests are from the MS-SIPE document */ + + password = "Password"; + user = "User"; + domain = "Domain"; + client_challenge = (guchar *)"\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa"; + /* server challenge */ + nonce = (guchar *)"\x01\x23\x45\x67\x89\xab\xcd\xef"; + /* 16 bytes */ + exported_session_key = (guchar *)"\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55\x55"; + text = (guchar *)"\x50\x00\x6c\x00\x61\x00\x69\x00\x6e\x00\x74\x00\x65\x00\x78\x00\x74\x00"; //P·l·a·i·n·t·e·x·t· + + ////// internal Cyphers tests /////// printf ("\nTesting MD4()\n"); MD4 ((const unsigned char *)"message digest", 14, md4); @@ -248,6 +167,19 @@ int main() ////// NTLMv1 (without Extended Session Security) /////// use_ntlm_v2 = FALSE; + flags = 0 + | NTLMSSP_NEGOTIATE_KEY_EXCH + | NTLMSSP_NEGOTIATE_56 + | NTLMSSP_NEGOTIATE_128 + | NTLMSSP_NEGOTIATE_VERSION + | NTLMSSP_TARGET_TYPE_SERVER + | NTLMSSP_NEGOTIATE_ALWAYS_SIGN + | NTLMSSP_NEGOTIATE_NTLM + | NTLMSSP_NEGOTIATE_SEAL + | NTLMSSP_NEGOTIATE_SIGN + | NTLMSSP_NEGOTIATE_OEM + | NTLMSSP_NEGOTIATE_UNICODE; + printf ("\n\nTesting Negotiation Flags\n"); assert_equal_guint32(0xE2028233, flags); @@ -292,7 +224,11 @@ int main() assert_equal_guint32(0x93AA847D, crc); printf ("\n\nTesting Encryption\n"); + { //SEALKEY (flags, exported_session_key, TRUE, client_seal_key); + guchar buff [18 + 12]; + guint32 to_enc [3]; + memcpy(buff, text, 18); to_enc[0] = GUINT32_TO_LE(0); // random pad to_enc[1] = GUINT32_TO_LE(crc); @@ -302,16 +238,22 @@ int main() //The point is to not reinitialize rc4 cypher // 0 crc 0 (zero) assert_equal("56FE04D861F9319AF0D7238A2E3B4D457FB8" "45C844E5" "09DCD1DF" "2E459D36", text_enc, 18 + 12, TRUE); + } printf ("\n\nTesting MAC\n"); + { // won't work in the case with sealing because RC4 is re-initialized inside. // MAC (flags, (gchar*)text, 18, (guchar*)exported_session_key, 16, (guchar*)exported_session_key,16, 0x00000000, 0, mac); + guint32 enc [3]; + guint32 mac2 [4]; + memcpy((gchar *)enc, text_enc+18, 12); mac2 [0] = GUINT32_TO_LE(1); // version mac2 [1] = enc [0]; mac2 [2] = enc [1]; mac2 [3] = enc [2] ^ (GUINT32_TO_LE(0)); // ^ seq assert_equal("0100000045C844E509DCD1DF2E459D36", (guchar*)mac2, 16, TRUE); + } ////// EXTENDED_SESSIONSECURITY /////// @@ -440,6 +382,19 @@ Response: */ + { + const guint64 time_val = 0; + const guint8 target_info [] = { + 0x02, 0x00, 0x0C, 0x00, //NetBIOS Domain name, 4 bytes + 0x44, 0x00, 0x6F, 0x00, 0x6D, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6E, 0x00, //D.o.m.a.i.n. 12bytes + 0x01, 0x00, 0x0C, 0x00, //NetBIOS Server name, 4 bytes + 0x53, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, //S.e.r.v.e.r. 12bytes + 0x00, 0x00, 0x00, 0x00, //Av End, 4 bytes + }; + const int target_info_len = 32+4; + int ntlmssp_nt_resp_len = (16 + (32+target_info_len)); + guchar nt_challenge_response_v2 [ntlmssp_nt_resp_len]; + compute_response(flags, response_key_nt, response_key_lm, @@ -457,6 +412,7 @@ Response: /* the ref string is taken from binary dump of AUTHENTICATE_MESSAGE */ assert_equal("68CD0AB851E51C96AABC927BEBEF6A1C01010000000000000000000000000000AAAAAAAAAAAAAAAA0000000002000C0044006F006D00610069006E0001000C005300650072007600650072000000000000000000", nt_challenge_response_v2, ntlmssp_nt_resp_len, TRUE); assert_equal("8DE40CCADBC14A82F15CB0AD0DE95CA3", session_base_key, 16, TRUE); + } printf ("\n\nTesting (NTLMv2) Encrypted Session Key\n"); // key_exchange_key = session_base_key for NTLMv2 @@ -494,29 +450,46 @@ Response: ////// davenport tests /////// // Test from http://davenport.sourceforge.net/ntlm.html#ntlm1Signing + { + const gchar *text_j = "jCIFS"; printf ("\n\n(davenport) Testing Signature Algorithm\n"); + { + guchar sk [] = {0x01, 0x02, 0x03, 0x04, 0x05, 0xe5, 0x38, 0xb0}; MAC (NEGOTIATE_FLAGS_CONNLESS & ~NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY, text_j, strlen(text_j), sk, 8, sk,8, 0x00090178, 0, mac); assert_equal("0100000078010900397420FE0E5A0F89", mac, 16, TRUE); + } // Tests from http://davenport.sourceforge.net/ntlm.html#ntlm2Signing printf ("\n\n(davenport) SIGNKEY\n"); + { + const guchar master_key [] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00}; SIGNKEY (master_key, TRUE, client_sign_key); assert_equal("F7F97A82EC390F9C903DAC4F6ACEB132", client_sign_key, 16, TRUE); printf ("\n\n(davenport) Testing MAC - no Key Exchange flag\n"); MAC (flags & ~NTLMSSP_NEGOTIATE_KEY_EXCH, text_j, strlen(text_j), client_sign_key, 16, client_sign_key,16, 0, 0, mac); assert_equal("010000000A003602317A759A00000000", mac, 16, TRUE); + } + } ////// SIPE internal tests /////// // Verify signature of SIPE message received from OCS 2007 after authenticating with pidgin-sipe printf ("\n\nTesting MS-SIPE Example Message Signing\n"); + { + char * msg2; + char * msg1 = "<0878F41B><1><8592g5DCBa1694i5887m0D0Bt2247b3F38xAE9Fx><3><2947328781><900><200>"; + guchar exported_session_key2 [] = { 0x5F, 0x02, 0x91, 0x53, 0xBC, 0x02, 0x50, 0x58, 0x96, 0x95, 0x48, 0x61, 0x5E, 0x70, 0x99, 0xBA }; + MAC (NEGOTIATE_FLAGS_CONNLESS & ~NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY, msg1, strlen(msg1), exported_session_key2, 16, exported_session_key2,16, 0, 100, mac); assert_equal("0100000000000000BF2E52667DDF6DED", mac, 16, TRUE); // Verify parsing of message and signature verification printf ("\n\nTesting MS-SIPE Example Message Parsing, Signing, and Verification\n(Authentication Protocol Version 2)\n"); + msg2 = "SIP/2.0 200 OK\r\nms-keep-alive: UAS; tcp=no; hop-hop=yes; end-end=no; timeout=300\r\nAuthentication-Info: NTLM rspauth=\"0100000000000000BF2E52667DDF6DED\", srand=\"0878F41B\", snum=\"1\", opaque=\"4452DFB0\", qop=\"auth\", targetname=\"ocs1.ocs.provo.novell.com\", realm=\"SIP Communications Service\"\r\nFrom: \"Gabriel Burt\";tag=2947328781;epid=1234567890\r\nTo: ;tag=B816D65C2300A32CFA6D371F2AF537FD\r\nCall-ID: 8592g5DCBa1694i5887m0D0Bt2247b3F38xAE9Fx\r\nCSeq: 3 REGISTER\r\nVia: SIP/2.0/TLS 164.99.194.49:10409;branch=z9hG4bKE0E37DBAF252C3255BAD;received=164.99.195.20;ms-received-port=10409;ms-received-cid=1E00\r\nContact: ;expires=900\r\nExpires: 900\r\nAllow-Events: vnd-microsoft-provisioning,vnd-microsoft-roaming-contacts,vnd-microsoft-roaming-ACL,presence,presence.wpending,vnd-microsoft-roaming-self,vnd-microsoft-provisioning-v2\r\nSupported: adhoclist\r\nServer: RTC/3.0\r\nSupported: com.microsoft.msrtc.presence\r\nContent-Length: 0\r\n\r\n"; + msg = sipmsg_parse_msg(msg2); + msgbd.msg = msg; sipmsg_breakdown_parse(&msgbd, "SIP Communications Service", "ocs1.ocs.provo.novell.com"); msg_str = sipmsg_breakdown_get_string(2, &msgbd); @@ -525,6 +498,7 @@ Response: sipmsg_breakdown_free(&msgbd); assert_equal ("0100000000000000BF2E52667DDF6DED", mac, 16, TRUE); sig = buff_to_hex_str(mac, 16); + } ////// real Communicator 2007 R2 tests ////// @@ -532,9 +506,15 @@ Response: ////// Communicator 2007 R2 and Office Communications Server 2007 R2 ////// with SIPE NTLMv2 implementation. + password2 = "Pa$$word"; + user2 = "User"; + domain2 = "COSMO"; + host2 = "COSMO-OCS-R2"; + //Challenge: //const char *type2 = "TlRMTVNTUAACAAAAAAAAADgAAADzgpji3Ruq9OfiGNEAAAAAAAAAAJYAlgA4AAAABQLODgAAAA8CAAoAQwBPAFMATQBPAAEAGABDAE8AUwBNAE8ALQBPAEMAUwAtAFIAMgAEABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAMAMABjAG8AcwBtAG8ALQBvAGMAcwAtAHIAMgAuAGMAbwBzAG0AbwAuAGwAbwBjAGEAbAAFABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAAAAAA="; //in hex (base64 decoded): +type2_hex = "4E544C4D53535000020000000000000038000000F38298E2DD1BAAF4E7E218D1000000000000000096009600380000000502CE0E0000000F02000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C0000000000"; /* Message (length 206): NTLMSSP_NEGOTIATE_UNICODE @@ -573,6 +553,7 @@ Message (length 206): //Response: //const char *type3 = "TlRMTVNTUAADAAAAGAAYAHIAAADGAMYAigAAAAoACgBIAAAACAAIAFIAAAAYABgAWgAAABAAEABQAQAAVYKYYgUCzg4AAAAPQwBPAFMATQBPAFUAcwBlAHIAQwBPAFMATQBPAC0ATwBDAFMALQBSADIAoeku/k4Hi/fFwASazGFmwtauh1yw/apBjcDIAK527KYG0rn769BHMQEBAAAAAAAAWVGaFye5ygHWrodcsP2qQQAAAAACAAoAQwBPAFMATQBPAAEAGABDAE8AUwBNAE8ALQBPAEMAUwAtAFIAMgAEABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAMAMABjAG8AcwBtAG8ALQBvAGMAcwAtAHIAMgAuAGMAbwBzAG0AbwAuAGwAbwBjAGEAbAAFABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAAAAAAAAAAAMctznhyoCkmFkeiueXEV5A=="; //in hex (base64 decoded): +type3_hex = "4E544C4D53535000030000001800180072000000C600C6008A0000000A000A00480000000800080052000000180018005A0000001000100050010000558298620502CE0E0000000F43004F0053004D004F00550073006500720043004F0053004D004F002D004F00430053002D0052003200A1E92EFE4E078BF7C5C0049ACC6166C2D6AE875CB0FDAA418DC0C800AE76ECA606D2B9FBEBD04731010100000000000059519A1727B9CA01D6AE875CB0FDAA410000000002000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C00000000000000000031CB739E1CA80A498591E8AE797115E4"; /* Message (length 352): NTLMSSP_NEGOTIATE_UNICODE @@ -627,6 +608,50 @@ Message (length 352): session_key: 31CB739E1CA80A498591E8AE797115E4 */ + request = + "REGISTER sip:cosmo.local SIP/2.0\r\n" + "Via: SIP/2.0/TLS 192.168.172.6:12723\r\n" + "Max-Forwards: 70\r\n" + "From: ;tag=3e49177a52;epid=c8ca638a15\r\n" + "To: \r\n" + "Call-ID: 4037df9284354df39065195bd57a4b14\r\n" + "CSeq: 3 REGISTER\r\n" + "Contact: ;methods=\"INVITE, MESSAGE, INFO, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER, BENOTIFY\";proxy=replace;+sip.instance=\"\"\r\n" + "User-Agent: UCCAPI/3.5.6907.0 OC/3.5.6907.0 (Microsoft Office Communicator 2007 R2)\r\n" + "Supported: gruu-10, adhoclist, msrtc-event-categories\r\n" + "Supported: ms-forking\r\n" + "ms-keep-alive: UAC;hop-hop=yes\r\n" + "Event: registration\r\n" + "Proxy-Authorization: NTLM qop=\"auth\", realm=\"SIP Communications Service\", opaque=\"2BDBAC9D\", targetname=\"cosmo-ocs-r2.cosmo.local\", version=4, gssapi-data=\"TlRMTVNTUAADAAAAGAAYAHIAAADGAMYAigAAAAoACgBIAAAACAAIAFIAAAAYABgAWgAAABAAEABQAQAAVYKYYgUCzg4AAAAPQwBPAFMATQBPAFUAcwBlAHIAQwBPAFMATQBPAC0ATwBDAFMALQBSADIAoeku/k4Hi/fFwASazGFmwtauh1yw/apBjcDIAK527KYG0rn769BHMQEBAAAAAAAAWVGaFye5ygHWrodcsP2qQQAAAAACAAoAQwBPAFMATQBPAAEAGABDAE8AUwBNAE8ALQBPAEMAUwAtAFIAMgAEABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAMAMABjAG8AcwBtAG8ALQBvAGMAcwAtAHIAMgAuAGMAbwBzAG0AbwAuAGwAbwBjAGEAbAAFABYAYwBvAHMAbQBvAC4AbABvAGMAYQBsAAAAAAAAAAAAMctznhyoCkmFkeiueXEV5A==\", crand=\"13317733\", cnum=\"1\", response=\"0100000029618e9651b65a7764000000\"\r\n" + "Content-Length: 0\r\n" + "\r\n"; + + request_sig = "<13317733><1><4037df9284354df39065195bd57a4b14><3><3e49177a52><><><><>"; +//Signature: +//0100000029618e9651b65a7764000000 + + response = + "SIP/2.0 200 OK\r\n" + "ms-keep-alive: UAS; tcp=no; hop-hop=yes; end-end=no; timeout=300\r\n" + "Authentication-Info: NTLM rspauth=\"01000000E615438A917661BE64000000\", srand=\"9616454F\", snum=\"1\", opaque=\"2BDBAC9D\", qop=\"auth\", targetname=\"cosmo-ocs-r2.cosmo.local\", realm=\"SIP Communications Service\"\r\n" + "From: \"User\";tag=3e49177a52;epid=c8ca638a15\r\n" + "To: ;tag=5E61CCD925D17E043D9A74835A88F664\r\n" + "Call-ID: 4037df9284354df39065195bd57a4b14\r\n" + "CSeq: 3 REGISTER\r\n" + "Via: SIP/2.0/TLS 192.168.172.6:12723;ms-received-port=12723;ms-received-cid=2600\r\n" + "Contact: ;expires=7200;+sip.instance=\"\";gruu=\"sip:user@cosmo.local;opaque=user:epid:21nYNIVlkV-jtN6FPBU0fQAA;gruu\"\r\n" + "Expires: 7200\r\n" + "presence-state: register-action=\"added\"\r\n" + "Allow-Events: vnd-microsoft-provisioning,vnd-microsoft-roaming-contacts,vnd-microsoft-roaming-ACL,presence,presence.wpending,vnd-microsoft-roaming-self,vnd-microsoft-provisioning-v2\r\n" + "Supported: adhoclist\r\n" + "Server: RTC/3.5\r\n" + "Supported: msrtc-event-categories\r\n" + "Content-Length: 0\r\n" + "\r\n"; + + response_sig = "<9616454F><1><4037df9284354df39065195bd57a4b14><3><3e49177a52><5E61CCD925D17E043D9A74835A88F664><><><7200><200>"; +//Signature: +//01000000E615438A917661BE64000000 use_ntlm_v2 = TRUE; flags = 0 @@ -652,11 +677,19 @@ Message (length 352): NTOWFv2 (password2, user2, domain2, response_key_nt); NTOWFv2 (password2, user2, domain2, response_key_lm); + { + int ntlmssp_nt_resp_len; + int target_info2_len; + guint8 *nonce2; + guint8 *target_info2; + guint8 *buff2; hex_str_to_buff("59519A1727B9CA01", &buff2); /* global var */ test_time_val = GUINT64_FROM_LE(*((guint64 *)buff2)); g_free(buff2); + target_info2_len = hex_str_to_buff("02000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C0000000000", &target_info2); + hex_str_to_buff("DD1BAAF4E7E218D1", &nonce2); hex_str_to_buff("D6AE875CB0FDAA41", &buff2); @@ -664,6 +697,10 @@ Message (length 352): memcpy(test_client_challenge, buff2, 8); g_free(buff2); + ntlmssp_nt_resp_len = (16 + (32+target_info2_len)); + { + guchar nt_challenge_response_v2_2 [ntlmssp_nt_resp_len]; + printf ("\n\nTesting (NTLMv2 / OC 2007 R2) LM Response Generation\n"); printf ( "Testing (NTLMv2 / OC 2007 R2) NT Response Generation\n"); compute_response(flags, @@ -683,15 +720,22 @@ Message (length 352): assert_equal("A1E92EFE4E078BF7C5C0049ACC6166C2D6AE875CB0FDAA41", lm_challenge_response, 24, TRUE); assert_equal("8DC0C800AE76ECA606D2B9FBEBD04731", nt_challenge_response_v2_2, 16, TRUE); /* the ref string is taken from binary dump of AUTHENTICATE_MESSAGE */ - assert_equal("8DC0C800AE76ECA606D2B9FBEBD04731010100000000000059519A1727B9CA01D6AE875CB0FDAA410000000002000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C000000000000000000", nt_challenge_response_v2_2, ntlmssp_nt_resp2_len, TRUE); + assert_equal("8DC0C800AE76ECA606D2B9FBEBD04731010100000000000059519A1727B9CA01D6AE875CB0FDAA410000000002000A0043004F0053004D004F000100180043004F0053004D004F002D004F00430053002D00520032000400160063006F0073006D006F002E006C006F00630061006C000300300063006F0073006D006F002D006F00630073002D00720032002E0063006F0073006D006F002E006C006F00630061006C000500160063006F0073006D006F002E006C006F00630061006C000000000000000000", nt_challenge_response_v2_2, ntlmssp_nt_resp_len, TRUE); + } KXKEY(flags, session_base_key, lm_challenge_response, nonce2, key_exchange_key); + + } + //as in the Type3 message + { + guint8 *encrypted_random_session_key2; hex_str_to_buff("31CB739E1CA80A498591E8AE797115E4", &encrypted_random_session_key2); /* global buff - test_random_session_key */ //decoding exported_session_key RC4K (key_exchange_key, 16, encrypted_random_session_key2, 16, test_random_session_key); g_free(encrypted_random_session_key2); + } SIGNKEY (test_random_session_key, TRUE, client_sign_key); SEALKEY (flags, test_random_session_key, TRUE, client_seal_key); @@ -730,6 +774,19 @@ Message (length 352): assert_equal("01000000E615438A917661BE64000000", mac, 16, TRUE); printf ("\n\nTesting (NTLMv2 / OC 2007 R2) Type3 generation test\n"); + { + guchar *client_sign_key2; + guchar *server_sign_key2; + guchar *client_seal_key2; + guchar *server_seal_key2; + + guchar *server_challenge = NULL; + guint64 time_val2 = 0; + guchar *target_info3 = NULL; + int target_info3_len = 0; + guint32 flags2; + SipSecBuffer in_buff; + SipSecBuffer out_buff; in_buff.length = hex_str_to_buff(type2_hex, (guint8 **)&(in_buff.value)); @@ -760,15 +817,20 @@ Message (length 352): g_free(target_info3); assert_equal(type3_hex, out_buff.value, out_buff.length, TRUE); + } ////// UUID tests /////// /* begin tests from MS-SIPRE */ + { + const char *testEpid = "01010101"; + const char *expectedUUID = "4b1682a8-f968-5701-83fc-7c6741dc6697"; + gchar *calcUUID = generateUUIDfromEPID(testEpid); printf("\n\nTesting MS-SIPRE UUID derivation\n"); - calcUUID = generateUUIDfromEPID(testEpid); assert_equal(expectedUUID, (guchar *) calcUUID, strlen(expectedUUID), FALSE); g_free(calcUUID); + } /* end tests from MS-SIPRE */ -- 2.11.4.GIT