rubyntlm 0.3.4 → 0.4.0

data/spec/lib/net/ntlm/int64_le_spec.rb

@@ -0,0 +1,19 @@
+require 'spec_helper'
+
+describe Net::NTLM::Int64LE do
+
+  int_values = {
+      :default     => 5294967295,
+      :default_hex => [5294967295 & 0x00000000ffffffff, 5294967295 >> 32].pack("V2"),
+      :alt         => 5294967294,
+      :alt_hex     => [5294967294 & 0x00000000ffffffff, 5294967294 >> 32].pack("V2"),
+      :small       => "\x5C\x24\x10\x0f",
+      :size        => 8,
+      :bits        => 64
+  }
+
+
+  it_behaves_like 'a field', 252716124, false
+  it_behaves_like 'an integer field', int_values
+
+end

data/spec/lib/net/ntlm/message/type0_spec.rb

@@ -0,0 +1,21 @@
+require 'spec_helper'
+
+describe Net::NTLM::Message::Type0 do
+
+  fields = [
+      { :name => :sign, :class => Net::NTLM::String, :value => Net::NTLM::SSP_SIGN, :active => true },
+      { :name => :type, :class => Net::NTLM::Int32LE, :value => 0, :active => true },
+  ]
+  flags = [
+      :UNICODE,
+      :OEM,
+      :REQUEST_TARGET,
+      :NTLM,
+      :ALWAYS_SIGN,
+      :NTLM2_KEY
+  ]
+  it_behaves_like 'a fieldset', fields
+  it_behaves_like 'a message', flags
+
+
+end

data/spec/lib/net/ntlm/message/type1_spec.rb

@@ -0,0 +1,42 @@
+require 'spec_helper'
+
+describe Net::NTLM::Message::Type1 do
+  fields = [
+      { :name => :sign, :class => Net::NTLM::String, :value => Net::NTLM::SSP_SIGN, :active => true },
+      { :name => :type, :class => Net::NTLM::Int32LE, :value => 1, :active => true },
+      { :name => :flag, :class => Net::NTLM::Int32LE, :value =>  Net::NTLM::DEFAULT_FLAGS[:TYPE1], :active => true },
+      { :name => :domain, :class => Net::NTLM::SecurityBuffer, :value => '', :active => true },
+      { :name => :workstation, :class => Net::NTLM::SecurityBuffer, :value =>  Socket.gethostname, :active => true },
+      { :name => :padding, :class => Net::NTLM::String, :value => '', :active => false },
+  ]
+  flags = [
+      :UNICODE,
+      :OEM,
+      :REQUEST_TARGET,
+      :NTLM,
+      :ALWAYS_SIGN,
+      :NTLM2_KEY
+  ]
+  it_behaves_like 'a fieldset', fields
+  it_behaves_like 'a message', flags
+
+  let(:type1_packet) {"TlRMTVNTUAABAAAAB4IIAAAAAAAgAAAAAAAAACAAAAA="}
+
+  it 'should deserialize' do
+    t1 =  Net::NTLM::Message.decode64(type1_packet)
+    t1.class.should == Net::NTLM::Message::Type1
+    t1.domain.should == ''
+    t1.flag.should == 557575
+    t1.padding.should == ''
+    t1.sign.should  == "NTLMSSP\0"
+    t1.type.should == 1
+    t1.workstation.should == ''
+  end
+
+  it 'should serialize' do
+    t1 = Net::NTLM::Message::Type1.new
+    t1.workstation = ''
+    t1.encode64.should == type1_packet
+  end
+
+end

data/spec/lib/net/ntlm/message/type2_spec.rb

@@ -0,0 +1,88 @@
+# encoding: UTF-8
+require 'spec_helper'
+
+describe Net::NTLM::Message::Type2 do
+
+  fields = [
+      { :name => :sign, :class => Net::NTLM::String, :value => Net::NTLM::SSP_SIGN, :active => true },
+      { :name => :type, :class => Net::NTLM::Int32LE, :value => 2, :active => true },
+      { :name => :challenge, :class => Net::NTLM::Int64LE, :value => 0, :active => true },
+      { :name => :context, :class => Net::NTLM::Int64LE, :value => 0, :active => false },
+      { :name => :flag, :class => Net::NTLM::Int32LE, :value =>  Net::NTLM::DEFAULT_FLAGS[:TYPE2], :active => true },
+      { :name => :target_name, :class => Net::NTLM::SecurityBuffer, :value => '', :active => true },
+      { :name => :target_info, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => false },
+      { :name => :padding, :class => Net::NTLM::String, :value => '', :active => false },
+  ]
+  flags = [
+      :UNICODE
+  ]
+  it_behaves_like 'a fieldset', fields
+  it_behaves_like 'a message', flags
+
+  let(:type2_packet) {"TlRMTVNTUAACAAAAHAAcADgAAAAFgooCJ+UA1//+ZM4AAAAAAAAAAJAAkABUAAAABgGxHQAAAA9WAEEARwBSAEEATgBUAC0AMgAwADAAOABSADIAAgAcAFYAQQBHAFIAQQBOAFQALQAyADAAMAA4AFIAMgABABwAVgBBAEcAUgBBAE4AVAAtADIAMAAwADgAUgAyAAQAHAB2AGEAZwByAGEAbgB0AC0AMgAwADAAOABSADIAAwAcAHYAYQBnAHIAYQBuAHQALQAyADAAMAA4AFIAMgAHAAgAZBMdFHQnzgEAAAAA"}
+  let(:type3_packet) {"TlRMTVNTUAADAAAAGAAYAEQAAADAAMAAXAAAAAAAAAAcAQAADgAOABwBAAAUABQAKgEAAAAAAAA+AQAABYKKAgAAAADVS27TfQGmWxSSbXmolTUQyxJmD8ISQuBKKHFKC8GksUZISYc8Ps9RAQEAAAAAAAAANasTdCfOAcsSZg/CEkLgAAAAAAIAHABWAEEARwBSAEEATgBUAC0AMgAwADAAOABSADIAAQAcAFYAQQBHAFIAQQBOAFQALQAyADAAMAA4AFIAMgAEABwAdgBhAGcAcgBhAG4AdAAtADIAMAAwADgAUgAyAAMAHAB2AGEAZwByAGEAbgB0AC0AMgAwADAAOABSADIABwAIAGQTHRR0J84BAAAAAAAAAAB2AGEAZwByAGEAbgB0AGsAbwBiAGUALgBsAG8AYwBhAGwA"}
+
+  it 'should deserialize' do
+    t2 =  Net::NTLM::Message.decode64(type2_packet)
+    t2.class.should == Net::NTLM::Message::Type2
+    t2.challenge.should == 14872292244261496103
+    t2.context.should == 0
+    t2.flag.should == 42631685
+    if "".respond_to?(:force_encoding)
+      t2.padding.should == ("\x06\x01\xB1\x1D\0\0\0\x0F".force_encoding('ASCII-8BIT'))
+    end
+    t2.sign.should == "NTLMSSP\0"
+
+    t2_target_info = Net::NTLM::EncodeUtil.decode_utf16le(t2.target_info)
+    if RUBY_VERSION == "1.8.7"
+      t2_target_info.should == "\x02\x1CVAGRANT-2008R2\x01\x1CVAGRANT-2008R2\x04\x1Cvagrant-2008R2\x03\x1Cvagrant-2008R2\a\b\e$(D+&\e(B\0\0"
+    else
+      t2_target_info.should == "\u0002\u001CVAGRANT-2008R2\u0001\u001CVAGRANT-2008R2\u0004\u001Cvagrant-2008R2\u0003\u001Cvagrant-2008R2\a\b፤ᐝ❴ǎ\0\0"
+    end
+
+    Net::NTLM::EncodeUtil.decode_utf16le(t2.target_name).should == "VAGRANT-2008R2"
+    t2.type.should == 2
+  end
+
+  it 'should serialize' do
+    source = Net::NTLM::Message.decode64(type2_packet)
+
+    t2 =  Net::NTLM::Message::Type2.new
+    t2.challenge = source.challenge
+    t2.context = source.context
+    t2.flag = source.flag
+    t2.padding = source.padding
+    t2.sign = source.sign
+    t2.target_info = source.target_info
+    t2.target_name = source.target_name
+    t2.type = source.type
+    t2.enable(:context)
+    t2.enable(:target_info)
+    t2.enable(:padding)
+
+    t2.encode64.should == type2_packet
+  end
+
+  it 'should generate a type 3 response' do
+    t2 = Net::NTLM::Message.decode64(type2_packet)
+
+    type3_known = Net::NTLM::Message.decode64(type3_packet)
+    type3_known.flag = 0x028a8205
+    type3_known.enable(:session_key)
+    type3_known.enable(:flag)
+
+    t3 = t2.response({:user => 'vagrant', :password => 'vagrant', :domain => ''}, {:ntlmv2 => true, :workstation => 'kobe.local'})
+    t3.domain.should == type3_known.domain
+    t3.flag.should == type3_known.flag
+    t3.sign.should == "NTLMSSP\0"
+    t3.workstation.should == "k\0o\0b\0e\0.\0l\0o\0c\0a\0l\0"
+    t3.user.should == "v\0a\0g\0r\0a\0n\0t\0"
+    t3.session_key.should == ''
+  end
+
+  it 'should upcase domain when provided' do
+    t2 = Net::NTLM::Message.decode64(type2_packet)
+    t3 = t2.response({:user => 'vagrant', :password => 'vagrant', :domain => 'domain'}, {:ntlmv2 => true, :workstation => 'kobe.local'})
+    t3.domain.should == "D\0O\0M\0A\0I\0N\0"
+  end
+end

data/spec/lib/net/ntlm/message/type3_spec.rb

@@ -0,0 +1,20 @@
+require 'spec_helper'
+
+describe Net::NTLM::Message::Type3 do
+
+  fields = [
+      { :name => :sign, :class => Net::NTLM::String, :value => Net::NTLM::SSP_SIGN, :active => true },
+      { :name => :type, :class => Net::NTLM::Int32LE, :value => 3, :active => true },
+      { :name => :flag, :class => Net::NTLM::Int64LE, :value =>  0, :active => false },
+      { :name => :lm_response, :class => Net::NTLM::SecurityBuffer, :value => '', :active => true },
+      { :name => :ntlm_response, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
+      { :name => :domain, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
+      { :name => :user, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
+      { :name => :workstation, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => true },
+      { :name => :session_key, :class => Net::NTLM::SecurityBuffer, :value =>  '', :active => false },
+  ]
+  flags = []
+  it_behaves_like 'a fieldset', fields
+  it_behaves_like 'a message', flags
+
+end

data/spec/lib/net/ntlm/message_spec.rb

@@ -0,0 +1,17 @@
+require 'spec_helper'
+
+describe Net::NTLM::Message do
+
+  fields = []
+  flags = [
+      :UNICODE,
+      :OEM,
+      :REQUEST_TARGET,
+      :NTLM,
+      :ALWAYS_SIGN,
+      :NTLM2_KEY
+  ]
+  it_behaves_like 'a fieldset', fields
+  it_behaves_like 'a message', flags
+
+end

data/spec/lib/net/ntlm/security_buffer_spec.rb

@@ -0,0 +1,64 @@
+require 'spec_helper'
+
+describe Net::NTLM::SecurityBuffer do
+
+  fields = [
+      { :name => :length, :class => Net::NTLM::Int16LE, :value => 0, :active => true },
+      { :name => :allocated, :class => Net::NTLM::Int16LE, :value => 0, :active => true },
+      { :name => :offset, :class => Net::NTLM::Int32LE, :value => 0, :active => true },
+  ]
+
+  it_behaves_like 'a fieldset', fields
+  it_behaves_like 'a field', 'WORKSTATION', true
+
+
+  subject(:domain_security_buffer) do
+    Net::NTLM::SecurityBuffer.new({
+        :value => 'WORKSTATION',
+        :active => true
+    })
+  end
+
+  context 'when setting the value directly' do
+    before(:each) do
+      domain_security_buffer.value = 'DOMAIN1'
+    end
+    it 'should change the value' do
+      domain_security_buffer.value.should == 'DOMAIN1'
+    end
+
+    it 'should adjust the length field to the size of the new value' do
+      domain_security_buffer.length.should == 7
+    end
+
+    it 'should adjust the allocated field to the size of the new value' do
+      domain_security_buffer.allocated.should == 7
+    end
+  end
+
+  context '#data_size' do
+    it 'should return the size of the value if active' do
+      domain_security_buffer.data_size.should == 11
+    end
+
+    it 'should return 0 if inactive' do
+      domain_security_buffer.active = false
+      domain_security_buffer.data_size.should == 0
+    end
+  end
+
+  context '#parse' do
+    it 'should read in a properly formatted string' do
+      # Length of the string is 8
+      length = "\x08\x00"
+      # Space allocated is 8
+      allocated = "\x08\x00"
+      # The offset that the actual value begins at is also 8
+      offset = "\x08\x00\x00\x00"
+      string_to_parse = "#{length}#{allocated}#{offset}FooBarBaz"
+      domain_security_buffer.parse(string_to_parse).should == 8
+      domain_security_buffer.value.should == 'FooBarBa'
+    end
+
+  end
+end

data/spec/lib/net/ntlm/string_spec.rb

@@ -0,0 +1,72 @@
+require 'spec_helper'
+
+describe Net::NTLM::String do
+
+  it_behaves_like 'a field', 'Foo', false
+
+  let(:active) {
+    Net::NTLM::String.new({
+        :value  => 'Test',
+        :active => true,
+        :size   => 4
+    })
+  }
+
+  let(:inactive) {
+    Net::NTLM::String.new({
+        :value  => 'Test',
+        :active => false,
+        :size   => 4
+    })
+  }
+
+  context '#serialize' do
+    it 'should return the value when active' do
+      active.serialize.should == 'Test'
+    end
+
+    it 'should return an empty string when inactive' do
+      inactive.serialize.should == ''
+    end
+
+    it 'should coerce non-string values into strings' do
+      active.value = 15
+      active.serialize.should == '15'
+    end
+
+    it 'should return empty string on a nil' do
+      active.value = nil
+      active.serialize.should == ''
+    end
+  end
+
+  context '#value=' do
+    it 'should set active to false if it empty' do
+      active.value = ''
+      active.active.should == false
+    end
+
+    it 'should adjust the size based on the value set' do
+      active.size.should == 4
+      active.value = 'Foobar'
+      active.size.should == 6
+    end
+  end
+
+  context '#parse' do
+    it 'should read in a string of the proper size' do
+      active.parse('tseT').should == 4
+      active.value.should == 'tseT'
+    end
+
+    it 'should not read in a string that is too small' do
+      active.parse('B').should == 0
+      active.value.should == 'Test'
+    end
+
+    it 'should be able to read from an offset and only for the given size' do
+      active.parse('FooBarBaz',3).should == 4
+      active.value.should == 'BarB'
+    end
+  end
+end

data/spec/lib/net/ntlm/version_spec.rb

@@ -0,0 +1,26 @@
+require 'spec_helper'
+
+describe Net::NTLM::VERSION do
+
+  it 'should contain an integer value for Major Version' do
+    Net::NTLM::VERSION::MAJOR.should be_an Integer
+  end
+
+  it 'should contain an integer value for Minor Version' do
+    Net::NTLM::VERSION::MINOR.should be_an Integer
+  end
+
+  it 'should contain an integer value for Patch Version' do
+    Net::NTLM::VERSION::TINY.should be_an Integer
+  end
+
+  it 'should contain an aggregate version string' do
+    string = [
+        Net::NTLM::VERSION::MAJOR,
+        Net::NTLM::VERSION::MINOR,
+        Net::NTLM::VERSION::TINY
+    ].join('.')
+    Net::NTLM::VERSION::STRING.should be_a String
+    Net::NTLM::VERSION::STRING.should == string
+  end
+end

data/spec/lib/net/ntlm_spec.rb

@@ -0,0 +1,121 @@
+
+require 'rspec'
+require 'net/ntlm'
+
+describe Net::NTLM do
+  let(:passwd) {"SecREt01"}
+  let(:user) {"user"}
+  let(:domain) {"domain"}
+  let(:challenge) {["0123456789abcdef"].pack("H*")}
+  let(:client_ch) {["ffffff0011223344"].pack("H*")}
+  let(:timestamp) {1055844000}
+  let(:trgt_info) {[
+      "02000c0044004f004d00410049004e00" +
+      "01000c00530045005200560045005200" +
+      "0400140064006f006d00610069006e00" +
+      "2e0063006f006d000300220073006500" +
+      "72007600650072002e0064006f006d00" +
+      "610069006e002e0063006f006d000000" +
+      "0000"
+  ].pack("H*")}
+  let(:padded_pwd) { passwd.upcase.ljust(14, "\0")}
+  let(:keys) { Net::NTLM.gen_keys(padded_pwd)}
+
+  it 'should convert a value to 64-bit LE Integer' do
+    Net::NTLM.pack_int64le(42).should == "\x2A\x00\x00\x00\x00\x00\x00\x00"
+  end
+
+  it 'should split a string into an array of slices, 7 chars or less' do
+    Net::NTLM.split7("HelloWorld!").should == [ 'HelloWo', 'rld!']
+  end
+
+  it 'should generate DES keys from the supplied string' do
+    first_key = ["52a2516b252a5161"].pack('H*')
+    second_key = ["3180010101010101"].pack('H*')
+    Net::NTLM.gen_keys(padded_pwd).should == [first_key, second_key]
+  end
+
+  it 'should encrypt the string with DES for each key supplied' do
+    first_crypt = ["ff3750bcc2b22412"].pack('H*')
+    second_crypt = ["c2265b23734e0dac"].pack('H*')
+    Net::NTLM::apply_des(Net::NTLM::LM_MAGIC, keys).should == [first_crypt, second_crypt]
+  end
+
+  it 'should generate an lm_hash' do
+    Net::NTLM::lm_hash(passwd).should == ["ff3750bcc2b22412c2265b23734e0dac"].pack("H*")
+  end
+
+  it 'should generate an ntlm_hash' do
+    Net::NTLM::ntlm_hash(passwd).should == ["cd06ca7c7e10c99b1d33b7485a2ed808"].pack("H*")
+  end
+
+  it 'should generate an ntlmv2_hash' do
+    Net::NTLM::ntlmv2_hash(user, passwd, domain).should == ["04b8e0ba74289cc540826bab1dee63ae"].pack("H*")
+  end
+
+  it 'should generate an lm_response' do
+    Net::NTLM::lm_response(
+        {
+            :lm_hash => Net::NTLM::lm_hash(passwd),
+            :challenge => challenge
+        }
+    ).should == ["c337cd5cbd44fc9782a667af6d427c6de67c20c2d3e77c56"].pack("H*")
+  end
+
+  it 'should generate an ntlm_response' do
+    ntlm_hash = Net::NTLM::ntlm_hash(passwd)
+    Net::NTLM::ntlm_response(
+        {
+            :ntlm_hash => ntlm_hash,
+            :challenge => challenge
+        }
+    ).should == ["25a98c1c31e81847466b29b2df4680f39958fb8c213a9cc6"].pack("H*")
+  end
+
+  it 'should generate a lvm2_response' do
+    Net::NTLM::lmv2_response(
+        {
+            :ntlmv2_hash => Net::NTLM::ntlmv2_hash(user, passwd, domain),
+            :challenge => challenge
+        },
+        { :client_challenge => client_ch }
+    ).should == ["d6e6152ea25d03b7c6ba6629c2d6aaf0ffffff0011223344"].pack("H*")
+  end
+
+  it 'should generate a ntlmv2_response' do
+    Net::NTLM::ntlmv2_response(
+        {
+            :ntlmv2_hash => Net::NTLM::ntlmv2_hash(user, passwd, domain),
+            :challenge => challenge,
+            :target_info => trgt_info
+        },
+        {
+            :timestamp => timestamp,
+            :client_challenge => client_ch
+        }
+    ).should == [
+        "cbabbca713eb795d04c97abc01ee4983" +
+        "01010000000000000090d336b734c301" +
+        "ffffff00112233440000000002000c00" +
+        "44004f004d00410049004e0001000c00" +
+        "53004500520056004500520004001400" +
+        "64006f006d00610069006e002e006300" +
+        "6f006d00030022007300650072007600" +
+        "650072002e0064006f006d0061006900" +
+        "6e002e0063006f006d00000000000000" +
+        "0000"
+    ].pack("H*")
+  end
+
+  it 'should generate a ntlm2_session' do
+    session = Net::NTLM::ntlm2_session(
+        {
+            :ntlm_hash => Net::NTLM::ntlm_hash(passwd),
+            :challenge => challenge
+        },
+        { :client_challenge => client_ch }
+    )
+    session[0].should == ["ffffff001122334400000000000000000000000000000000"].pack("H*")
+    session[1].should == ["10d550832d12b2ccb79d5ad1f4eed3df82aca4c3681dd455"].pack("H*")
+  end
+end