1 extern crate kerberos_parser;
2 extern crate nom;
3
4 use kerberos_parser::krb5::*;
5 use kerberos_parser::krb5_parser::*;
6
7 #[test]
test_parse_kerberos_string()8 fn test_parse_kerberos_string() {
9 let bytes = &[0x1b, 0x04, 0x63, 0x69, 0x66, 0x73];
10 let empty = &b""[..];
11 let expected = Realm(String::from("cifs"));
12
13 let res = parse_krb5_realm(bytes);
14 assert_eq!(res, Ok((empty, expected)));
15 }
16
17 #[test]
test_parse_realm()18 fn test_parse_realm() {
19 let bytes = &[0x1b, 0x05, 0x4a, 0x6f, 0x6e, 0x65, 0x73];
20 let empty = &b""[..];
21 let expected = Realm(String::from("Jones"));
22
23 let res = parse_krb5_realm(bytes);
24 assert_eq!(res, Ok((empty, expected)));
25 }
26
27 #[test]
test_parse_principalname()28 fn test_parse_principalname() {
29 let bytes = &[
30 0x30, 0x81, 0x11, 0xa0, 0x03, 0x02, 0x01, 0x00, 0xa1, 0x0a, 0x30, 0x81, 0x07, 0x1b, 0x05,
31 0x4a, 0x6f, 0x6e, 0x65, 0x73,
32 ];
33 let empty = &b""[..];
34 let expected = PrincipalName {
35 name_type: NameType(0),
36 name_string: vec![String::from("Jones")],
37 };
38
39 let res = parse_krb5_principalname(bytes);
40 assert_eq!(res, Ok((empty, expected)));
41 }
42
43 #[test]
test_parse_principalname2()44 fn test_parse_principalname2() {
45 let bytes = &[
46 0x30, 0x27, 0xa0, 0x03, 0x02, 0x01, 0x02, 0xa1, 0x20, 0x30, 0x1e, 0x1b, 0x04, 0x63, 0x69,
47 0x66, 0x73, 0x1b, 0x16, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x2d, 0x50, 0x43, 0x2e, 0x63, 0x6f,
48 0x6e, 0x74, 0x6f, 0x73, 0x6f, 0x2e, 0x6c, 0x6f, 0x63, 0x61, 0x6c,
49 ];
50 let empty = &b""[..];
51 let expected = PrincipalName {
52 name_type: NameType::KRB_NT_SRV_INST,
53 name_string: vec![String::from("cifs"), String::from("Admin-PC.contoso.local")],
54 };
55
56 let res = parse_krb5_principalname(bytes);
57 assert_eq!(res, Ok((empty, expected)));
58 }
59
60 static KRB5_TICKET: &'static [u8] = include_bytes!("../assets/krb5-ticket.bin");
61 #[test]
test_parse_ticket()62 fn test_parse_ticket() {
63 let bytes = KRB5_TICKET;
64
65 let res = parse_krb5_ticket(bytes);
66 // println!("parse_krb5_ticket: {:?}", res);
67 match res {
68 Ok((rem, tkt)) => {
69 assert!(rem.is_empty());
70 assert_eq!(tkt.tkt_vno, 5);
71 assert_eq!(tkt.realm, Realm(String::from("CONTOSO.LOCAL")));
72 assert_eq!(
73 tkt.sname,
74 PrincipalName {
75 name_type: NameType::KRB_NT_SRV_INST,
76 name_string: vec![String::from("cifs"), String::from("Admin-PC.contoso.local")]
77 }
78 );
79 let enc = parse_encrypted(tkt.enc_part).unwrap().1;
80 // println!("enc: {:?}", enc);
81 assert_eq!(enc.etype, EncryptionType::AES256_CTS_HMAC_SHA1_96);
82 assert_eq!(enc.kvno, Some(1));
83 }
84 _ => assert!(false),
85 }
86 }
87
88 static AS_REQ: &'static [u8] = include_bytes!("../assets/as-req.bin");
89 #[test]
test_parse_as_req()90 fn test_parse_as_req() {
91 let bytes = AS_REQ;
92
93 let res = parse_as_req(bytes);
94 // println!("parse_as_req: {:?}", res);
95 match res {
96 Ok((rem, req)) => {
97 assert!(rem.is_empty());
98 assert_eq!(req.pvno, 5);
99 assert_eq!(req.msg_type, MessageType::KRB_AS_REQ);
100 assert_eq!(req.req_body.realm, Realm(String::from("DENYDC")));
101 assert_eq!(
102 req.req_body.cname,
103 Some(PrincipalName {
104 name_type: NameType::KRB_NT_PRINCIPAL,
105 name_string: vec![String::from("des")]
106 })
107 );
108 assert_eq!(
109 req.req_body.sname,
110 Some(PrincipalName {
111 name_type: NameType::KRB_NT_SRV_INST,
112 name_string: vec![String::from("krbtgt"), String::from("DENYDC")]
113 })
114 );
115 }
116 _ => assert!(false),
117 }
118 }
119
120 static AS_REP: &'static [u8] = include_bytes!("../assets/as-rep.bin");
121 #[test]
test_parse_as_rep()122 fn test_parse_as_rep() {
123 let bytes = AS_REP;
124
125 let res = parse_as_rep(bytes);
126 // println!("parse_as_rep: {:?}", res);
127 match res {
128 Ok((rem, req)) => {
129 assert!(rem.is_empty());
130 assert_eq!(req.pvno, 5);
131 assert_eq!(req.msg_type, MessageType::KRB_AS_REP);
132 assert_eq!(req.crealm, Realm(String::from("DENYDC.COM")));
133 assert_eq!(
134 req.cname,
135 PrincipalName {
136 name_type: NameType::KRB_NT_PRINCIPAL,
137 name_string: vec![String::from("des")]
138 }
139 );
140 }
141 _ => assert!(false),
142 }
143 }
144
145 static AP_REQ: &'static [u8] = include_bytes!("../assets/ap-req.bin");
146 #[test]
test_parse_ap_req()147 fn test_parse_ap_req() {
148 let bytes = AP_REQ;
149
150 let res = parse_ap_req(bytes);
151 // println!("parse_ap_req: {:?}", res);
152 match res {
153 Ok((rem, req)) => {
154 assert!(rem.is_empty());
155 assert_eq!(req.pvno, 5);
156 assert_eq!(req.msg_type, MessageType::KRB_AP_REQ);
157 assert_eq!(req.ticket.realm, Realm(String::from("DENYDC.COM")));
158 assert_eq!(
159 req.ticket.sname,
160 PrincipalName {
161 name_type: NameType::KRB_NT_SRV_INST,
162 name_string: vec![String::from("krbtgt"), String::from("DENYDC.COM")]
163 }
164 );
165 }
166 _ => assert!(false),
167 }
168 }
169
170 static KRB_ERROR: &'static [u8] = include_bytes!("../assets/krb-error.bin");
171 #[test]
test_parse_krb_error()172 fn test_parse_krb_error() {
173 let bytes = KRB_ERROR;
174
175 let res = parse_krb_error(bytes);
176 // println!("parse_krb_error: {:?}", res);
177 match res {
178 Ok((rem, err)) => {
179 assert!(rem.is_empty());
180 assert_eq!(err.pvno, 5);
181 assert_eq!(err.msg_type, MessageType::KRB_ERROR);
182 assert_eq!(err.error_code, ErrorCode::KDC_ERR_ETYPE_NOSUPP);
183 assert_eq!(err.realm, Realm(String::from("DENYDC")));
184 assert_eq!(
185 err.sname,
186 PrincipalName {
187 name_type: NameType::KRB_NT_SRV_INST,
188 name_string: vec![String::from("krbtgt"), String::from("DENYDC")]
189 }
190 );
191 }
192 _ => assert!(false),
193 }
194 }
195
196 #[test]
test_parse_int32()197 fn test_parse_int32() {
198 let empty = &b""[..];
199 assert_eq!(parse_der_int32(&[0x02, 0x01, 0xff]), Ok((empty, -1)));
200 assert_eq!(parse_der_int32(&[0x02, 0x01, 0x01]), Ok((empty, 1)));
201 assert_eq!(parse_der_int32(&[0x02, 0x02, 0xff, 0xff]), Ok((empty, -1)));
202 assert_eq!(
203 parse_der_int32(&[0x02, 0x02, 0x01, 0x23]),
204 Ok((empty, 0x123))
205 );
206 assert_eq!(
207 parse_der_int32(&[0x02, 0x03, 0xff, 0xff, 0xff]),
208 Ok((empty, -1))
209 );
210 assert_eq!(
211 parse_der_int32(&[0x02, 0x03, 0x01, 0x23, 0x45]),
212 Ok((empty, 0x12345))
213 );
214 assert_eq!(
215 parse_der_int32(&[0x02, 0x04, 0xff, 0xff, 0xff, 0xff]),
216 Ok((empty, -1))
217 );
218 assert_eq!(
219 parse_der_int32(&[0x02, 0x04, 0x01, 0x23, 0x45, 0x67]),
220 Ok((empty, 0x1234567))
221 );
222 }
223
224 #[test]
test_principalname_display()225 fn test_principalname_display() {
226 let pn = PrincipalName {
227 name_type: NameType::KRB_NT_SRV_INST,
228 name_string: vec!["krb5".to_string(), "DOMAIN.COM".to_string()],
229 };
230 assert_eq!("krb5/DOMAIN.COM", format!("{}", pn));
231 }
232