You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/01/20 07:37:21 UTC
directory-kerberos git commit: DIRKRB-114 Add tests for AS-REQ
message codec. Contributed by Lin Chen
Repository: directory-kerberos
Updated Branches:
refs/heads/master b4f334663 -> b671ace58
DIRKRB-114 Add tests for AS-REQ message codec. Contributed by Lin Chen
Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/b671ace5
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/b671ace5
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/b671ace5
Branch: refs/heads/master
Commit: b671ace58c1a24ebb08b59761cbd5c2f9d8014c9
Parents: b4f3346
Author: drankye <dr...@gmail.com>
Authored: Tue Jan 20 22:34:01 2015 +0800
Committer: drankye <dr...@gmail.com>
Committed: Tue Jan 20 22:34:01 2015 +0800
----------------------------------------------------------------------
.../src/main/resources/asreq.token | Bin 0 -> 291 bytes
.../kerberos/kerb/codec/test/CodecTestUtil.java | 32 ++++++
.../kerb/codec/test/TestAsReqCodec.java | 97 +++++++++++++++++++
3 files changed, 129 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b671ace5/haox-kerb/kerb-core-test/src/main/resources/asreq.token
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/main/resources/asreq.token b/haox-kerb/kerb-core-test/src/main/resources/asreq.token
new file mode 100644
index 0000000..6d503b3
Binary files /dev/null and b/haox-kerb/kerb-core-test/src/main/resources/asreq.token differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b671ace5/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTestUtil.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTestUtil.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTestUtil.java
new file mode 100644
index 0000000..87c5a0f
--- /dev/null
+++ b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/CodecTestUtil.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerberos.kerb.codec.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+public class CodecTestUtil {
+ /*package*/ static byte[] readBinaryFile(String path) throws IOException {
+ InputStream is = CodecTestUtil.class.getResourceAsStream(path);
+ byte[] bytes = new byte[is.available()];
+ is.read(bytes);
+ return bytes;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b671ace5/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsReqCodec.java
----------------------------------------------------------------------
diff --git a/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsReqCodec.java b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsReqCodec.java
new file mode 100644
index 0000000..d714291
--- /dev/null
+++ b/haox-kerb/kerb-core-test/src/test/java/org/apache/kerberos/kerb/codec/test/TestAsReqCodec.java
@@ -0,0 +1,97 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerberos.kerb.codec.test;
+
+import org.apache.kerberos.kerb.spec.common.EncryptionType;
+import org.apache.kerberos.kerb.spec.common.HostAddrType;
+import org.apache.kerberos.kerb.spec.common.KrbMessageType;
+import org.apache.kerberos.kerb.spec.common.NameType;
+import org.apache.kerberos.kerb.spec.kdc.AsReq;
+import org.apache.kerberos.kerb.spec.pa.PaDataType;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Arrays;
+import java.util.Date;
+import java.util.List;
+import java.util.SimpleTimeZone;
+
+/**
+ * Test AsReq message using a real 'correct' network packet captured from MS-AD to detective programming errors
+ * and compatibility issues particularly regarding Kerberos crypto.
+ */
+public class TestAsReqCodec {
+
+ @Test
+ public void test() throws IOException, ParseException {
+ byte[] bytes = CodecTestUtil.readBinaryFile("/asreq.token");
+ ByteBuffer asreqToken = ByteBuffer.wrap(bytes);
+
+ AsReq asReq = new AsReq();
+ asReq.decode(asreqToken);
+
+ Assert.assertEquals(asReq.getPvno(), 5);
+ Assert.assertEquals(asReq.getMsgType(), KrbMessageType.AS_REQ);
+
+ Assert.assertEquals(asReq.getPaData().findEntry(PaDataType.ENC_TIMESTAMP).getPaDataType(), PaDataType.ENC_TIMESTAMP);
+ byte[] paDataEncTimestampValue = Arrays.copyOfRange(bytes, 33, 96);
+ byte[] paDataEncTimestampRealValue = asReq.getPaData().findEntry(PaDataType.ENC_TIMESTAMP).getPaDataValue();
+ Assert.assertTrue(Arrays.equals(paDataEncTimestampValue, paDataEncTimestampRealValue));
+ Assert.assertEquals(asReq.getPaData().findEntry(PaDataType.PAC_REQUEST).getPaDataType(), PaDataType.PAC_REQUEST);
+ byte[] paPacRequestValue = Arrays.copyOfRange(bytes, 108, 115);
+ byte[] paPacRequestRealValue = asReq.getPaData().findEntry(PaDataType.PAC_REQUEST).getPaDataValue();
+ Assert.assertTrue(Arrays.equals(paPacRequestValue, paPacRequestRealValue));
+
+ Assert.assertEquals(asReq.getReqBody().getKdcOptions().getPadding(), 0);
+ Assert.assertTrue(Arrays.equals(asReq.getReqBody().getKdcOptions().getValue(), Arrays.copyOfRange(bytes, 126, 130)));
+
+ Assert.assertEquals(asReq.getReqBody().getCname().getNameType(), NameType.NT_PRINCIPAL);
+ Assert.assertEquals(asReq.getReqBody().getCname().getName(), "des");
+ Assert.assertEquals(asReq.getReqBody().getRealm(), "DENYDC");
+ Assert.assertEquals(asReq.getReqBody().getSname().getNameType(), NameType.NT_SRV_INST);
+ Assert.assertEquals(asReq.getReqBody().getSname().getNameStrings().get(0), "krbtgt");
+ Assert.assertEquals(asReq.getReqBody().getSname().getNameStrings().get(1), "DENYDC");
+
+ SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss");
+ sdf.setTimeZone(new SimpleTimeZone(0, "Z"));
+ Date date = sdf.parse("20370913024805");
+ Assert.assertEquals(asReq.getReqBody().getTill().getTime(), date.getTime());
+ Assert.assertEquals(asReq.getReqBody().getRtime().getTime(), date.getTime());
+
+ Assert.assertEquals(asReq.getReqBody().getNonce(), 197451134);
+
+ List<EncryptionType> types = asReq.getReqBody().getEtypes();
+ Assert.assertEquals(types.get(0).getValue(), 0x0017);
+ //Assert.assertEquals(types.get(1).getValue(), 0xff7b);//FIXME
+ //Assert.assertEquals(types.get(2).getValue(), 0x0080);//FIXME
+ Assert.assertEquals(types.get(3).getValue(), 0x0003);
+ Assert.assertEquals(types.get(4).getValue(), 0x0001);
+ Assert.assertEquals(types.get(5).getValue(), 0x0018);
+ //Assert.assertEquals(types.get(6).getValue(), 0xff79);//FIXME
+
+ Assert.assertEquals(asReq.getReqBody().getAddresses().getElements().size(), 1);
+ Assert.assertEquals(asReq.getReqBody().getAddresses().getElements().get(0).getAddrType(), HostAddrType.ADDRTYPE_NETBIOS);
+ //FIXME net bios name
+ }
+}