RubyGems - ruby_smb - Versions diffs - 1.0.3 → 2.0.1 - Mend

ruby_smb 1.0.3 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (200) hide show

checksums.yaml +5 -5
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/.travis.yml +3 -2
data/Gemfile +6 -2
data/README.md +35 -47
data/examples/enum_registry_key.rb +28 -0
data/examples/enum_registry_values.rb +30 -0
data/examples/negotiate.rb +51 -8
data/examples/pipes.rb +2 -1
data/examples/read_file_encryption.rb +56 -0
data/examples/read_registry_key_value.rb +32 -0
data/lib/ruby_smb.rb +4 -1
data/lib/ruby_smb/client.rb +233 -22
data/lib/ruby_smb/client/authentication.rb +70 -33
data/lib/ruby_smb/client/echo.rb +20 -2
data/lib/ruby_smb/client/encryption.rb +62 -0
data/lib/ruby_smb/client/negotiation.rb +172 -24
data/lib/ruby_smb/client/signing.rb +19 -0
data/lib/ruby_smb/client/tree_connect.rb +24 -18
data/lib/ruby_smb/client/utils.rb +8 -7
data/lib/ruby_smb/client/winreg.rb +46 -0
data/lib/ruby_smb/crypto.rb +30 -0
data/lib/ruby_smb/dcerpc.rb +38 -0
data/lib/ruby_smb/dcerpc/bind.rb +2 -2
data/lib/ruby_smb/dcerpc/bind_ack.rb +2 -2
data/lib/ruby_smb/dcerpc/error.rb +3 -0
data/lib/ruby_smb/dcerpc/ndr.rb +95 -16
data/lib/ruby_smb/dcerpc/pdu_header.rb +1 -1
data/lib/ruby_smb/dcerpc/request.rb +28 -9
data/lib/ruby_smb/dcerpc/rrp_unicode_string.rb +35 -0
data/lib/ruby_smb/dcerpc/srvsvc.rb +10 -0
data/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb +9 -0
data/lib/ruby_smb/dcerpc/winreg.rb +340 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_request.rb +24 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_response.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_request.rb +45 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_response.rb +42 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_request.rb +39 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_response.rb +36 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_request.rb +34 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_response.rb +25 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb +43 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_response.rb +35 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_request.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_response.rb +40 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb +39 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb +57 -0
data/lib/ruby_smb/dcerpc/winreg/regsam.rb +40 -0
data/lib/ruby_smb/dispatcher/socket.rb +4 -3
data/lib/ruby_smb/error.rb +68 -2
data/lib/ruby_smb/generic_packet.rb +33 -4
data/lib/ruby_smb/smb1/commands.rb +1 -1
data/lib/ruby_smb/smb1/file.rb +66 -15
data/lib/ruby_smb/smb1/packet/close_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/close_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/echo_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/echo_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/empty_packet.rb +10 -1
data/lib/ruby_smb/smb1/packet/logoff_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/logoff_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/negotiate_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/negotiate_response.rb +3 -7
data/lib/ruby_smb/smb1/packet/negotiate_response_extended.rb +4 -4
data/lib/ruby_smb/smb1/packet/nt_create_andx_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/nt_create_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/create_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/create_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/request.rb +2 -4
data/lib/ruby_smb/smb1/packet/nt_trans/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/read_andx_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/read_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/session_setup_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/session_setup_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/trans/peek_nmpipe_request.rb +0 -1
data/lib/ruby_smb/smb1/packet/trans/peek_nmpipe_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/trans/request.rb +2 -5
data/lib/ruby_smb/smb1/packet/trans/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_request.rb +1 -1
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_response.rb +1 -1
data/lib/ruby_smb/smb1/packet/trans2/find_first2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/find_first2_response.rb +8 -2
data/lib/ruby_smb/smb1/packet/trans2/find_next2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/find_next2_response.rb +8 -2
data/lib/ruby_smb/smb1/packet/trans2/open2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/open2_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/request.rb +2 -4
data/lib/ruby_smb/smb1/packet/trans2/request_secondary.rb +2 -4
data/lib/ruby_smb/smb1/packet/trans2/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/set_file_information_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/set_file_information_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/tree_connect_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/tree_connect_response.rb +13 -3
data/lib/ruby_smb/smb1/packet/tree_disconnect_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/tree_disconnect_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/write_andx_request.rb +3 -6
data/lib/ruby_smb/smb1/packet/write_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/pipe.rb +87 -6
data/lib/ruby_smb/smb1/tree.rb +50 -3
data/lib/ruby_smb/smb2/bit_field/session_flags.rb +2 -1
data/lib/ruby_smb/smb2/bit_field/share_flags.rb +6 -4
data/lib/ruby_smb/smb2/file.rb +103 -25
data/lib/ruby_smb/smb2/negotiate_context.rb +108 -0
data/lib/ruby_smb/smb2/packet.rb +2 -0
data/lib/ruby_smb/smb2/packet/close_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/close_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/compression_transform_header.rb +41 -0
data/lib/ruby_smb/smb2/packet/create_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/create_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/echo_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/echo_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/error_packet.rb +15 -3
data/lib/ruby_smb/smb2/packet/ioctl_request.rb +2 -5
data/lib/ruby_smb/smb2/packet/ioctl_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/logoff_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/logoff_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/negotiate_request.rb +51 -17
data/lib/ruby_smb/smb2/packet/negotiate_response.rb +52 -5
data/lib/ruby_smb/smb2/packet/query_directory_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/query_directory_response.rb +8 -2
data/lib/ruby_smb/smb2/packet/read_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/read_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/session_setup_request.rb +2 -5
data/lib/ruby_smb/smb2/packet/session_setup_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/set_info_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/set_info_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/transform_header.rb +84 -0
data/lib/ruby_smb/smb2/packet/tree_connect_request.rb +93 -10
data/lib/ruby_smb/smb2/packet/tree_connect_response.rb +10 -22
data/lib/ruby_smb/smb2/packet/tree_disconnect_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/tree_disconnect_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/write_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/write_response.rb +2 -1
data/lib/ruby_smb/smb2/pipe.rb +86 -12
data/lib/ruby_smb/smb2/smb2_header.rb +1 -1
data/lib/ruby_smb/smb2/tree.rb +65 -21
data/lib/ruby_smb/version.rb +1 -1
data/ruby_smb.gemspec +5 -3
data/spec/lib/ruby_smb/client_spec.rb +1612 -108
data/spec/lib/ruby_smb/crypto_spec.rb +25 -0
data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/bind_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/ndr_spec.rb +410 -0
data/spec/lib/ruby_smb/dcerpc/request_spec.rb +50 -7
data/spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb +98 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb +13 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb +60 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_request_spec.rb +28 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_response_spec.rb +36 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb +108 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_response_spec.rb +97 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb +94 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb +82 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb +74 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb +35 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb +90 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb +39 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb +113 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb +88 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb +150 -0
data/spec/lib/ruby_smb/dcerpc/winreg/regsam_spec.rb +32 -0
data/spec/lib/ruby_smb/dcerpc/winreg_spec.rb +710 -0
data/spec/lib/ruby_smb/dcerpc_spec.rb +81 -0
data/spec/lib/ruby_smb/dispatcher/socket_spec.rb +2 -2
data/spec/lib/ruby_smb/error_spec.rb +59 -0
data/spec/lib/ruby_smb/generic_packet_spec.rb +52 -4
data/spec/lib/ruby_smb/smb1/file_spec.rb +191 -2
data/spec/lib/ruby_smb/smb1/packet/empty_packet_spec.rb +68 -0
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_response_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_response_spec.rb +1 -1
data/spec/lib/ruby_smb/smb1/packet/trans2/find_first2_response_spec.rb +11 -2
data/spec/lib/ruby_smb/smb1/packet/trans2/find_next2_response_spec.rb +11 -2
data/spec/lib/ruby_smb/smb1/packet/tree_connect_response_spec.rb +40 -0
data/spec/lib/ruby_smb/smb1/pipe_spec.rb +272 -149
data/spec/lib/ruby_smb/smb1/tree_spec.rb +44 -7
data/spec/lib/ruby_smb/smb2/bit_field/session_flags_spec.rb +9 -0
data/spec/lib/ruby_smb/smb2/bit_field/share_flags_spec.rb +27 -0
data/spec/lib/ruby_smb/smb2/file_spec.rb +323 -6
data/spec/lib/ruby_smb/smb2/negotiate_context_spec.rb +332 -0
data/spec/lib/ruby_smb/smb2/packet/compression_transform_header_spec.rb +108 -0
data/spec/lib/ruby_smb/smb2/packet/error_packet_spec.rb +78 -0
data/spec/lib/ruby_smb/smb2/packet/negotiate_request_spec.rb +138 -3
data/spec/lib/ruby_smb/smb2/packet/negotiate_response_spec.rb +120 -2
data/spec/lib/ruby_smb/smb2/packet/query_directory_response_spec.rb +8 -0
data/spec/lib/ruby_smb/smb2/packet/transform_header_spec.rb +220 -0
data/spec/lib/ruby_smb/smb2/packet/tree_connect_request_spec.rb +339 -9
data/spec/lib/ruby_smb/smb2/packet/tree_connect_response_spec.rb +3 -22
data/spec/lib/ruby_smb/smb2/pipe_spec.rb +286 -149
data/spec/lib/ruby_smb/smb2/smb2_header_spec.rb +2 -2
data/spec/lib/ruby_smb/smb2/tree_spec.rb +261 -2
metadata +191 -83
metadata.gz.sig +0 -0
data/lib/ruby_smb/smb1/dcerpc.rb +0 -67
data/lib/ruby_smb/smb2/dcerpc.rb +0 -70
data/spec/lib/ruby_smb/smb1/packet/error_packet_spec.rb +0 -37

data/spec/lib/ruby_smb/smb2/packet/negotiate_request_spec.rb CHANGED

@@ -8,6 +8,7 @@ RSpec.describe RubySMB::SMB2::Packet::NegotiateRequest do
   it { is_expected.to respond_to :reserved1 }
   it { is_expected.to respond_to :capabilities }
   it { is_expected.to respond_to :client_guid }
+  it { is_expected.to respond_to :negotiate_context_info}
   it { is_expected.to respond_to :client_start_time }
   it { is_expected.to respond_to :dialects }
@@ -45,6 +46,11 @@ RSpec.describe RubySMB::SMB2::Packet::NegotiateRequest do
     it 'should be a 16-bit unsigned integer' do
       expect(packet.dialect_count).to be_a BinData::Uint16le
     end
+    it 'is initially set to the #dialects array size' do
+      packet.dialects = [1,2,3]
+      expect(packet.dialect_count).to eq(3)
+    end
   end
   describe '#security_mode' do
@@ -69,7 +75,65 @@ RSpec.describe RubySMB::SMB2::Packet::NegotiateRequest do
     end
   end
+  describe '#negotiate_context_info' do
+    it 'only exists if the 0x0311 dialect is included' do
+      packet.dialects << 0x0311
+      expect(packet.negotiate_context_info?).to be true
+    end
+    it 'does not exist if the 0x0311 dialect is not included' do
+      packet.dialects << 0x0300
+      expect(packet.negotiate_context_info?).to be false
+    end
+    it 'should be a Struct field' do
+      expect(packet.negotiate_context_info).to be_a BinData::Struct
+    end
+    subject(:struct) do
+      packet.dialects << 0x0311
+      packet.negotiate_context_info
+    end
+    it { is_expected.to respond_to :negotiate_context_offset }
+    it { is_expected.to respond_to :negotiate_context_count }
+    describe '#negotiate_context_offset' do
+      it 'should be a 32-bit unsigned integer' do
+        expect(struct.negotiate_context_offset).to be_a BinData::Uint32le
+      end
+      it 'is set to the #negotiate_context_list absolute offset' do
+        expect(struct.negotiate_context_offset).to eq(packet.negotiate_context_list.abs_offset)
+      end
+    end
+    describe '#negotiate_context_count' do
+      it 'should be a 16-bit unsigned integer' do
+        expect(struct.negotiate_context_count).to be_a BinData::Uint16le
+      end
+      it 'is set to the #negotiate_context_list array size' do
+        nc = RubySMB::SMB2::NegotiateContext.new(
+          context_type: RubySMB::SMB2::NegotiateContext::SMB2_PREAUTH_INTEGRITY_CAPABILITIES
+        )
+        packet.negotiate_context_list << nc
+        packet.negotiate_context_list << nc
+        expect(struct.negotiate_context_count).to eq(2)
+      end
+    end
+  end
   describe '#client_start_time' do
+    it 'does not exist if the 0x0311 dialect is included' do
+      packet.dialects << 0x0311
+      expect(packet.client_start_time?).to be false
+    end
+    it 'only exists if the 0x0311 dialect is not included' do
+      packet.dialects << 0x0300
+      expect(packet.client_start_time?).to be true
+    end
     it 'should be a Filetime field' do
       expect(packet.client_start_time).to be_a RubySMB::Field::FileTime
     end
@@ -85,15 +149,51 @@ RSpec.describe RubySMB::SMB2::Packet::NegotiateRequest do
     end
   end
+  describe '#pad' do
+    it 'only exists if the 0x0311 dialect is included' do
+      packet.dialects << 0x0311
+      expect(packet.pad?).to be true
+    end
+    it 'does not exist if the 0x0311 dialect is not included' do
+      packet.dialects << 0x0300
+      expect(packet.pad?).to be false
+    end
+    it 'should be a binary string' do
+      expect(packet.pad).to be_a BinData::String
+    end
+    it 'should keep #negotiate_context_list 8-byte aligned' do
+      packet.dialects << 0x0311
+      expect(packet.negotiate_context_list.abs_offset % 8).to eq 0
+    end
+  end
+  describe '#negotiate_context_list' do
+    it 'only exists if the 0x0311 dialect is included' do
+      packet.dialects << 0x0311
+      expect(packet.negotiate_context_list?).to be true
+    end
+    it 'does not exist if the 0x0311 dialect is not included' do
+      packet.dialects << 0x0300
+      expect(packet.negotiate_context_list?).to be false
+    end
+    it 'is an array field as per the SMB spec' do
+      expect(packet.negotiate_context_list).to be_a BinData::Array
+    end
+  end
   describe '#add_dialect' do
     it 'adds the dialect to the Dialects array' do
       packet.add_dialect 0x0201
       expect(packet.dialects).to include(0x0201)
     end
-    it 'updates the #dialect_count field' do
-      packet.add_dialect 0x0201
-      expect(packet.dialect_count).to eq 1
+    it 'raises an ArgumentError exceptionif it is not an Integer' do
+      expect { packet.add_dialect('dialect') }.to raise_error(ArgumentError)
     end
   end
@@ -119,4 +219,39 @@ RSpec.describe RubySMB::SMB2::Packet::NegotiateRequest do
       expect(packet.dialect_count).to eq 3
     end
   end
+  describe '#add_negotiate_context' do
+    it 'raises an ArgumentError exceptionif it is not a NegotiateContext structure' do
+      expect { packet.add_negotiate_context('nc') }.to raise_error(ArgumentError)
+    end
+    it 'updates the NegotiateContext#pad length to make sure the structure is 8-byte aligned' do
+      packet.dialects << 0x0311
+      [
+        RubySMB::SMB2::NegotiateContext::SMB2_PREAUTH_INTEGRITY_CAPABILITIES,
+        RubySMB::SMB2::NegotiateContext::SMB2_ENCRYPTION_CAPABILITIES,
+        RubySMB::SMB2::NegotiateContext::SMB2_COMPRESSION_CAPABILITIES,
+        RubySMB::SMB2::NegotiateContext::SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
+      ].each do |context_type|
+        nc = RubySMB::SMB2::NegotiateContext.new(context_type: context_type)
+        packet.add_negotiate_context(nc)
+        expect(packet.negotiate_context_list.last.context_type.abs_offset % 8).to eq 0
+      end
+    end
+  end
+  it 'reads binary data as expected' do
+    data = described_class.new
+    data.set_dialects([0x0202, 0x0210, 0x0311])
+    [
+      RubySMB::SMB2::NegotiateContext::SMB2_PREAUTH_INTEGRITY_CAPABILITIES,
+      RubySMB::SMB2::NegotiateContext::SMB2_ENCRYPTION_CAPABILITIES,
+      RubySMB::SMB2::NegotiateContext::SMB2_COMPRESSION_CAPABILITIES,
+      RubySMB::SMB2::NegotiateContext::SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
+    ].each do |context_type|
+      nc = RubySMB::SMB2::NegotiateContext.new(context_type: context_type)
+      data.add_negotiate_context(nc)
+      expect(described_class.read(data.to_binary_s)).to eq(data)
+    end
+  end
 end

data/spec/lib/ruby_smb/smb2/packet/negotiate_response_spec.rb CHANGED

@@ -61,12 +61,28 @@ RSpec.describe RubySMB::SMB2::Packet::NegotiateResponse do
   end
   describe '#negotiate_context_count' do
+    it 'only exists if the 0x0311 dialect is included' do
+      packet.dialect_revision = 0x0311
+      expect(packet.negotiate_context_count?).to be true
+    end
+    it 'does not exist if the 0x0311 dialect is not included' do
+      packet.dialect_revision = 0x0300
+      expect(packet.negotiate_context_count?).to be false
+    end
     it 'is a 16-bit unsigned integer' do
       expect(packet.negotiate_context_count).to be_a BinData::Uint16le
     end
-    it 'has a default value of 0' do
-      expect(packet.negotiate_context_count).to eq 0
+    it 'is set to the #negotiate_context_list array size' do
+      packet.dialect_revision = 0x0311
+      nc = RubySMB::SMB2::NegotiateContext.new(
+        context_type: RubySMB::SMB2::NegotiateContext::SMB2_PREAUTH_INTEGRITY_CAPABILITIES
+      )
+      packet.negotiate_context_list << nc
+      packet.negotiate_context_list << nc
+      expect(packet.negotiate_context_count).to eq(2)
     end
   end
@@ -134,6 +150,16 @@ RSpec.describe RubySMB::SMB2::Packet::NegotiateResponse do
   end
   describe '#negotiate_context_offset' do
+    it 'only exists if the 0x0311 dialect is included' do
+      packet.dialect_revision = 0x0311
+      expect(packet.negotiate_context_offset?).to be true
+    end
+    it 'does not exist if the 0x0311 dialect is not included' do
+      packet.dialect_revision = 0x0300
+      expect(packet.negotiate_context_offset?).to be false
+    end
     it 'is a 32-bit unsigned integer' do
       expect(packet.negotiate_context_offset).to be_a BinData::Uint32le
     end
@@ -144,4 +170,96 @@ RSpec.describe RubySMB::SMB2::Packet::NegotiateResponse do
       expect(packet.security_buffer).to be_a BinData::String
     end
   end
+  describe '#pad' do
+    it 'only exists if the 0x0311 dialect is included' do
+      packet.dialect_revision = 0x0311
+      expect(packet.pad?).to be true
+    end
+    it 'does not exist if the 0x0311 dialect is not included' do
+      packet.dialect_revision = 0x0300
+      expect(packet.pad?).to be false
+    end
+    it 'should be a binary string' do
+      expect(packet.pad).to be_a BinData::String
+    end
+    it 'should keep #negotiate_context_list 8-byte aligned' do
+      packet.dialect_revision = 0x0311
+      expect(packet.negotiate_context_list.abs_offset % 8).to eq 0
+    end
+  end
+  describe '#negotiate_context_list' do
+    it 'only exists if the 0x0311 dialect is included' do
+      packet.dialect_revision = 0x0311
+      expect(packet.negotiate_context_list?).to be true
+    end
+    it 'does not exist if the 0x0311 dialect is not included' do
+      packet.dialect_revision = 0x0300
+      expect(packet.negotiate_context_list?).to be false
+    end
+    it 'is an array field as per the SMB spec' do
+      expect(packet.negotiate_context_list).to be_a BinData::Array
+    end
+  end
+  describe '#find_negotiate_context' do
+    before :example do
+      packet.add_negotiate_context(
+        RubySMB::SMB2::NegotiateContext.new(context_type: RubySMB::SMB2::NegotiateContext::SMB2_PREAUTH_INTEGRITY_CAPABILITIES)
+      )
+      packet.add_negotiate_context(
+        RubySMB::SMB2::NegotiateContext.new(context_type: RubySMB::SMB2::NegotiateContext::SMB2_ENCRYPTION_CAPABILITIES)
+      )
+    end
+    it 'returns the expected Negotiate Context structure' do
+      expect(packet.find_negotiate_context(RubySMB::SMB2::NegotiateContext::SMB2_ENCRYPTION_CAPABILITIES)).to eq(packet.negotiate_context_list[1])
+    end
+    it 'returns nil if the Negotiate Context structure is not found' do
+      expect(packet.find_negotiate_context(10)).to be nil
+    end
+  end
+  describe '#add_negotiate_context' do
+    it 'raises an ArgumentError exception if it is not a NegotiateContext structure' do
+      expect { packet.add_negotiate_context('nc') }.to raise_error(ArgumentError)
+    end
+    it 'updates the NegotiateContext#pad length to make sure the structure is 8-byte aligned' do
+      packet.dialect_revision = 0x0311
+      [
+        RubySMB::SMB2::NegotiateContext::SMB2_PREAUTH_INTEGRITY_CAPABILITIES,
+        RubySMB::SMB2::NegotiateContext::SMB2_ENCRYPTION_CAPABILITIES,
+        RubySMB::SMB2::NegotiateContext::SMB2_COMPRESSION_CAPABILITIES,
+        RubySMB::SMB2::NegotiateContext::SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
+      ].each do |context_type|
+        nc = RubySMB::SMB2::NegotiateContext.new(context_type: context_type)
+        packet.add_negotiate_context(nc)
+        expect(packet.negotiate_context_list.last.context_type.abs_offset % 8).to eq 0
+      end
+    end
+  end
+  it 'reads binary data as expected' do
+    data = described_class.new
+    data.dialect_revision = 0x0311
+    data.security_buffer = 'security buf test'
+    [
+      RubySMB::SMB2::NegotiateContext::SMB2_PREAUTH_INTEGRITY_CAPABILITIES,
+      RubySMB::SMB2::NegotiateContext::SMB2_ENCRYPTION_CAPABILITIES,
+      RubySMB::SMB2::NegotiateContext::SMB2_COMPRESSION_CAPABILITIES,
+      RubySMB::SMB2::NegotiateContext::SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
+    ].each do |context_type|
+      nc = RubySMB::SMB2::NegotiateContext.new(context_type: context_type)
+      data.add_negotiate_context(nc)
+      expect(described_class.read(data.to_binary_s)).to eq(data)
+    end
+  end
 end

data/spec/lib/ruby_smb/smb2/packet/query_directory_response_spec.rb CHANGED

@@ -60,5 +60,13 @@ RSpec.describe RubySMB::SMB2::Packet::QueryDirectoryResponse do
       packet.buffer = names_blob
       expect(packet.results(RubySMB::Fscc::FileInformation::FileNamesInformation)).to eq names_array
     end
+    context 'when the File Information is not a valid' do
+      it 'raises an InvalidPacket exception' do
+        packet.buffer = names_blob
+        allow(RubySMB::Fscc::FileInformation::FileNamesInformation).to receive(:read).and_raise(IOError)
+        expect { packet.results(RubySMB::Fscc::FileInformation::FileNamesInformation) }.to raise_error(RubySMB::Error::InvalidPacket)
+      end
+    end
   end
 end

data/spec/lib/ruby_smb/smb2/packet/transform_header_spec.rb ADDED

@@ -0,0 +1,220 @@
+RSpec.describe RubySMB::SMB2::Packet::TransformHeader do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :protocol }
+  it { is_expected.to respond_to :signature }
+  it { is_expected.to respond_to :nonce }
+  it { is_expected.to respond_to :original_message_size }
+  it { is_expected.to respond_to :flags }
+  it { is_expected.to respond_to :session_id }
+  it { is_expected.to respond_to :encrypted_data }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#protocol' do
+    it 'is a 32-bit field' do
+      expect(packet.protocol).to be_a BinData::Bit32
+    end
+    it 'has an initial value of 0xFD534D42' do
+      expect(packet.protocol).to eq(0xFD534D42)
+    end
+  end
+  describe '#signature' do
+    it 'is a String' do
+      expect(packet.signature).to be_a BinData::String
+    end
+  end
+  describe '#nonce' do
+    it 'is a String' do
+      expect(packet.nonce).to be_a BinData::String
+    end
+  end
+  describe '#original_message_size  ' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.original_message_size).to be_a BinData::Uint32le
+    end
+  end
+  describe '#flags' do
+    it 'is a 16-bit unsigned integer' do
+      expect(packet.flags).to be_a BinData::Uint16le
+    end
+  end
+  describe '#session_id' do
+    it 'is a 64-bit unsigned integer' do
+      expect(packet.session_id).to be_a BinData::Uint64le
+    end
+  end
+  describe '#encrypted_data' do
+    it 'is an Array' do
+      expect(packet.encrypted_data).to be_a BinData::Array
+    end
+  end
+  describe '#decrypt' do
+    let(:key) { "\x56\x89\xd1\xbb\xf7\x45\xc0\xb6\x68\x81\x07\xe4\x7d\x35\xaf\xd3".b }
+    let(:data) { 'data'.b }
+    before :example do
+      packet.original_message_size = data.length
+    end
+    it 'raises the expected exception if the given algorithm is invalid' do
+      expect { packet.decrypt(key, algorithm: 'RC4') }.to raise_error(
+        RubySMB::Error::EncryptionError,
+        'Error while decrypting with \'RC4\' (ArgumentError: Invalid algorithm, must be either AES-128-CCM or AES-128-GCM)'
+      )
+    end
+    context 'with AES-128-GCM algorithm (default)' do
+      before :example do
+        begin
+          OpenSSL::Cipher.new('AES-128-GCM')
+        rescue
+          skip(
+            "This test cannot be run since the version of OpenSSL the ruby "\
+            "OpenSSL extension was built with (#{OpenSSL::OPENSSL_VERSION}) "\
+            "does not support AES-128-GCM cipher")
+        end
+        packet.encrypted_data = "\x06\x45\x16\x36".bytes
+        packet.signature = "\x63\xb2\xf9\xe0\xb7\x43\xdb\xaf\x26\x8e\xd7\x42\xd3\xb2\xde\x0d"
+        packet.nonce = "\xe1\xb0\xa7\x20\xd9\xd9\x69\x3c\x79\xd0\x9c\x53\x00\x00\x00\x00"
+      end
+      it 'generates a cipher using OpenSSL::Cipher' do
+        expect(OpenSSL::Cipher).to receive(:new).with('AES-128-GCM').and_call_original
+        packet.decrypt(key)
+      end
+      it 'returns the expected decrypted string' do
+        expect(packet.decrypt(key)).to eq(data)
+      end
+      it 'raises the expected exception if an error occurs' do
+        allow(OpenSSL::Cipher).to receive(:new).and_raise(
+          RuntimeError.new('unsupported cipher algorithm (AES-128-GCM)'))
+        expect { packet.decrypt(key) }.to raise_error(
+          RubySMB::Error::EncryptionError,
+          'Error while decrypting with \'AES-128-GCM\' (RuntimeError: unsupported cipher algorithm (AES-128-GCM))'
+        )
+      end
+    end
+    context 'with AES-128-CCM algorithm' do
+      before :example do
+        packet.encrypted_data = "\xf0\x05\x61\x91".bytes
+        packet.signature = "\xdd\x51\x9a\xc5\x6d\x38\x68\xdc\x36\x89\xb8\x99\xd8\x4a\xb8\x4a".b
+        packet.nonce = "\x8a\x6e\x2a\x87\x11\x61\x85\xd2\x15\x69\xf7\x00\x00\x00\x00\x00".b
+      end
+      it 'generates a cipher using OpenSSL::CCM' do
+        expect(OpenSSL::CCM).to receive(:new).with('AES', key, 16).and_call_original
+        packet.decrypt(key, algorithm: 'AES-128-CCM')
+      end
+      it 'returns the expected decrypted string' do
+        expect(packet.decrypt(key, algorithm: 'AES-128-CCM')).to eq(data)
+      end
+      it 'raises the expected exception if an error occurs' do
+        allow(OpenSSL::CCM).to receive(:new).and_raise(
+          OpenSSL::CCMError.new('unsupported cipher algorithm (AES-128-CCM)'))
+        expect { packet.decrypt(key, algorithm: 'AES-128-CCM') }.to raise_error(
+          RubySMB::Error::EncryptionError,
+          'Error while decrypting with \'AES-128-CCM\' (OpenSSL::CCMError: unsupported cipher algorithm (AES-128-CCM))'
+        )
+      end
+    end
+  end
+  describe '#encrypt' do
+    let(:key)    { "\x56\x89\xd1\xbb\xf7\x45\xc0\xb6\x68\x81\x07\xe4\x7d\x35\xaf\xd3".b }
+    let(:struct) { RubySMB::SMB2::Packet::TreeConnectRequest.new }
+    it 'raises the expected exception if the given algorithm is invalid' do
+      expect { packet.encrypt(struct, key, algorithm: 'RC4') }.to raise_error(
+        RubySMB::Error::EncryptionError,
+        'Error while encrypting with \'RC4\' (ArgumentError: Invalid algorithm, must be either AES-128-CCM or AES-128-GCM)'
+      )
+    end
+    context 'with AES-128-GCM algorithm (default)' do
+      before :example do
+        begin
+          OpenSSL::Cipher.new('AES-128-GCM')
+        rescue
+          skip(
+            "This test cannot be run since the version of OpenSSL the ruby "\
+            "OpenSSL extension was built with (#{OpenSSL::OPENSSL_VERSION}) "\
+            "does not support AES-128-GCM cipher")
+        end
+      end
+      it 'generates a cipher using OpenSSL::Cipher' do
+        expect(OpenSSL::Cipher).to receive(:new).with('AES-128-GCM').and_call_original
+        packet.encrypt(struct, key)
+      end
+      it 'encrypts a BinData structure' do
+        packet.encrypt(struct, key)
+        expect(packet.decrypt(key)).to eq(struct.to_binary_s)
+      end
+      it 'encrypts a string' do
+        packet.encrypt('data', key)
+        expect(packet.decrypt(key)).to eq('data')
+      end
+      it 'raises the expected exception if an error occurs' do
+        allow(OpenSSL::Cipher).to receive(:new).and_raise(
+          RuntimeError.new('unsupported cipher algorithm (AES-128-GCM)'))
+        expect { packet.encrypt('data', key) }.to raise_error(
+          RubySMB::Error::EncryptionError,
+          'Error while encrypting with \'AES-128-GCM\' (RuntimeError: unsupported cipher algorithm (AES-128-GCM))'
+        )
+      end
+    end
+    context 'with AES-128-CCM algorithm' do
+      it 'generates a cipher using OpenSSL::CCM' do
+        expect(OpenSSL::CCM).to receive(:new).with('AES', key, 16).and_call_original
+        packet.encrypt(struct, key, algorithm: 'AES-128-CCM')
+      end
+      it 'encrypts a BinData structure' do
+        packet.encrypt(struct, key, algorithm: 'AES-128-CCM')
+        expect(packet.decrypt(key, algorithm: 'AES-128-CCM')).to eq(struct.to_binary_s)
+      end
+      it 'encrypts a string' do
+        packet.encrypt('data', key, algorithm: 'AES-128-CCM')
+        expect(packet.decrypt(key, algorithm: 'AES-128-CCM')).to eq('data')
+      end
+      it 'raises the expected exception if an error occurs' do
+        allow(OpenSSL::CCM).to receive(:new).and_raise(
+          OpenSSL::CCMError.new('unsupported cipher algorithm (AES-128-CCM)'))
+        expect { packet.encrypt('data', key, algorithm: 'AES-128-CCM') }.to raise_error(
+          RubySMB::Error::EncryptionError,
+          'Error while encrypting with \'AES-128-CCM\' (OpenSSL::CCMError: unsupported cipher algorithm (AES-128-CCM))'
+        )
+      end
+    end
+  end
+  it 'reads binary data as expected' do
+    data = described_class.new
+    key = "\x56\x89\xd1\xbb\xf7\x45\xc0\xb6\x68\x81\x07\xe4\x7d\x35\xaf\xd3".b
+    struct = RubySMB::SMB2::Packet::TreeConnectRequest.new
+    data.encrypt(struct, key, algorithm: 'AES-128-CCM')
+    expect(described_class.read(data.to_binary_s)).to eq(data)
+  end
+end