additional Enc data tests and PAdata tests.

messages/KDCRep.go

@@ -17,7 +17,7 @@ import (
 type marshalKDCRep struct {
 	PVNO    int                 `asn1:"explicit,tag:0"`
 	MsgType int                 `asn1:"explicit,tag:1"`
-	PAData  []types.PAData      `asn1:"explicit,optional,tag:2"`
+	PAData  types.PADataSequence     `asn1:"explicit,optional,tag:2"`
 	CRealm  string              `asn1:"explicit,tag:3"`
 	CName   types.PrincipalName `asn1:"explicit,tag:4"`
 	// Ticket needs to be a raw value as it is wrapped in an APPLICATION tag

testdata/test_vectors.go

@@ -12,6 +12,8 @@ const (
 	TEST_NONCE                  = 42
 	TEST_AUTHORIZATION_DATA_TYPE = 1
 	TEST_AUTHORIZATION_DATA_VALUE = "foobar"
+	TEST_PADATA_TYPE = 13
+	TEST_PADATA_VALUE = "pa-data"
 )
 
 var TEST_PRINCIPALNAME_NAMESTRING = []string{"hftsai", "extra"}
@@ -55,19 +57,19 @@ var TestVectors = map[string]string{
 	//"encode_krb5_error":                                          "7E81BA3081B7A003020105A10302011EA211180F31393934303631303036303331375AA305020301E240A411180F31393934303631303036303331375AA505020301E240A60302013CA7101B0E415448454E412E4D49542E454455A81A3018A003020101A111300F1B066866747361691B056578747261A9101B0E415448454E412E4D49542E454455AA1A3018A003020101A111300F1B066866747361691B056578747261AB0A1B086B72623564617461AC0A04086B72623564617461",
 	//"encode_krb5_error(optionalsNULL)":                           "7E60305EA003020105A10302011EA305020301E240A411180F31393934303631303036303331375AA505020301E240A60302013CA9101B0E415448454E412E4D49542E454455AA1A3018A003020101A111300F1B066866747361691B056578747261",
 	"encode_krb5_authorization_data":                             "3022300FA003020101A1080406666F6F626172300FA003020101A1080406666F6F626172",
-	//"encode_krb5_padata_sequence":                                "30243010A10302010DA209040770612D646174613010A10302010DA209040770612D64617461",
+	"encode_krb5_padata_sequence":                                "30243010A10302010DA209040770612D646174613010A10302010DA209040770612D64617461",
 	//"encode_krb5_typed_data":                                     "30243010A00302010DA109040770612D646174613010A00302010DA109040770612D64617461",
-	//"encode_krb5_padata_sequence(empty)":                         "3000",
-	//"encode_krb5_etype_info":                                     "30333014A003020100A10D040B4D6F72746F6E27732023303005A0030201013014A003020102A10D040B4D6F72746F6E2773202332",
-	//"encode_krb5_etype_info(only1)":                              "30163014A003020100A10D040B4D6F72746F6E2773202330",
-	//"encode_krb5_etype_info(noinfo)":                             "3000",
-	//"encode_krb5_etype_info2":                                    "3051301EA003020100A10D1B0B4D6F72746F6E2773202330A208040673326B3A2030300FA003020101A208040673326B3A2031301EA003020102A10D1B0B4D6F72746F6E2773202332A208040673326B3A2032",
-	//"encode_krb5_etype_info2(only1)":                             "3020301EA003020100A10D1B0B4D6F72746F6E2773202330A208040673326B3A2030",
-	//"encode_krb5_pa_enc_ts":                                      "301AA011180F31393934303631303036303331375AA105020301E240",
-	//"encode_krb5_pa_enc_ts(nousec)":                              "3013A011180F31393934303631303036303331375A",
+	"encode_krb5_padata_sequence(empty)":                         "3000",
+	"encode_krb5_etype_info":                                     "30333014A003020100A10D040B4D6F72746F6E27732023303005A0030201013014A003020102A10D040B4D6F72746F6E2773202332",
+	"encode_krb5_etype_info(only1)":                              "30163014A003020100A10D040B4D6F72746F6E2773202330",
+	"encode_krb5_etype_info(noinfo)":                             "3000",
+	"encode_krb5_etype_info2":                                    "3051301EA003020100A10D1B0B4D6F72746F6E2773202330A208040673326B3A2030300FA003020101A208040673326B3A2031301EA003020102A10D1B0B4D6F72746F6E2773202332A208040673326B3A2032",
+	"encode_krb5_etype_info2(only1)":                             "3020301EA003020100A10D1B0B4D6F72746F6E2773202330A208040673326B3A2030",
+	"encode_krb5_pa_enc_ts":                                      "301AA011180F31393934303631303036303331375AA105020301E240",
+	"encode_krb5_pa_enc_ts(nousec)":                              "3013A011180F31393934303631303036303331375A",
 	"encode_krb5_enc_data":                                       "3023A003020100A103020105A21704156B726241534E2E312074657374206D657373616765",
-	//"encode_krb5_enc_data(MSB-setkvno)":                          "3026A003020100A1060204FF000000A21704156B726241534E2E312074657374206D657373616765",
-	//"encode_krb5_enc_data(kvno= -1)":                             "3023A003020100A1030201FFA21704156B726241534E2E312074657374206D657373616765",
+	"encode_krb5_enc_data(MSB-setkvno)":                          "3026A003020100A1060204FF000000A21704156B726241534E2E312074657374206D657373616765",
+	"encode_krb5_enc_data(kvno= -1)":                             "3023A003020100A1030201FFA21704156B726241534E2E312074657374206D657373616765",
 	//"encode_krb5_sam_challenge_2":                                "3022A00D300B04096368616C6C656E6765A111300F300DA003020101A106040431323334",
 	//"encode_krb5_sam_challenge_2_body":                           "3064A00302012AA10703050080000000A20B040974797065206E616D65A411040F6368616C6C656E6765206C6162656CA510040E6368616C6C656E67652069707365A6160414726573706F6E73655F70726F6D70742069707365A8050203543210A903020101",
 	//"encode_krb5_sam_response_2":                                 "3042A00302012BA10703050080000000A20C040A747261636B2064617461A31D301BA003020101A10402020D36A20E040C6E6F6E6365206F7220736164A4050203543210",

types/Cryptosystem_test.go

@@ -24,6 +24,38 @@ func TestUnmarshalEncryptedData(t *testing.T) {
 	assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), a.Cipher, "Ecrypted data ciphertext not as expected")
 }
 
+func TestUnmarshalEncryptedData_MSBsetkvno(t *testing.T) {
+	var a EncryptedData
+	v := "encode_krb5_enc_data(MSB-setkvno)"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, testdata.TEST_ETYPE, a.EType, "Encrypted data Etype not as expected")
+	assert.Equal(t, -16777216, a.KVNO, "Encrypted data KVNO not as expected")
+	assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), a.Cipher, "Ecrypted data ciphertext not as expected")
+}
+
+func TestUnmarshalEncryptedData_kvno_neg1(t *testing.T) {
+	var a EncryptedData
+	v := "encode_krb5_enc_data(kvno= -1)"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, testdata.TEST_ETYPE, a.EType, "Encrypted data Etype not as expected")
+	assert.Equal(t, -1, a.KVNO, "Encrypted data KVNO not as expected")
+	assert.Equal(t, []byte(testdata.TEST_CIPHERTEXT), a.Cipher, "Ecrypted data ciphertext not as expected")
+}
+
 func TestUnmarshalEncryptionKey(t *testing.T) {
 	var a EncryptionKey
 	v := "encode_krb5_keyblock"

types/HostAddress.go

@@ -31,6 +31,8 @@ address
 	This field encodes a single address of type addr-type.
 */
 
+type HostAddresses []HostAddress
+
 type HostAddress struct {
 	AddrType int    `asn1:"explicit,tag:0"`
 	Address  []byte `asn1:"explicit,tag:1"`

types/PAData.go

@@ -13,10 +13,9 @@ type PAData struct {
 	PADataValue []byte `asn1:"explicit,tag:2"`
 }
 
-// Do I need to define this one?
-type PAEncTimestamp struct {
-	PAEncTSEnc
-}
+type PADataSequence []PAData
+
+type PAEncTimestamp EncryptedData
 
 type PAEncTSEnc struct {
 	PATimestamp time.Time `asn1:"explicit,tag:0"`
@@ -38,6 +37,50 @@ type ETypeInfo2Entry struct {
 
 type ETypeInfo2 []ETypeInfo2Entry
 
+
+func (pa *PAData) Unmarshal(b []byte) error {
+	_, err := asn1.Unmarshal(b, pa)
+	return err
+}
+
+func (pa *PADataSequence) Unmarshal(b []byte) error {
+	_, err := asn1.Unmarshal(b, pa)
+	return err
+}
+
+func (pa *PAEncTimestamp) Unmarshal(b []byte) error {
+	_, err := asn1.Unmarshal(b, pa)
+	return err
+}
+
+func (pa *PAEncTSEnc) Unmarshal(b []byte) error {
+	_, err := asn1.Unmarshal(b, pa)
+	return err
+}
+
+func (a *ETypeInfo) Unmarshal(b []byte) error {
+	_, err := asn1.Unmarshal(b, a)
+	return err
+}
+
+func (a *ETypeInfoEntry) Unmarshal(b []byte) error {
+	_, err := asn1.Unmarshal(b, a)
+	return err
+}
+
+func (a *ETypeInfo2) Unmarshal(b []byte) error {
+	_, err := asn1.Unmarshal(b, a)
+	return err
+}
+
+func (a *ETypeInfo2Entry) Unmarshal(b []byte) error {
+	_, err := asn1.Unmarshal(b, a)
+	return err
+}
+
+
+
+
 func (pa *PAData) GetETypeInfo() (d ETypeInfo, err error) {
 	dt := KrbDictionary.PADataTypesByName["pa-etype-info"]
 	if pa.PADataType != dt {
@@ -57,3 +100,4 @@ func (pa *PAData) GetETypeInfo2() (d ETypeInfo2, err error) {
 	_, err = asn1.Unmarshal(pa.PADataValue, &d)
 	return
 }
+

types/PAData_test.go

@@ -0,0 +1,177 @@
+package types
+
+import (
+	"encoding/hex"
+	"fmt"
+	"github.com/jcmturner/gokrb5/testdata"
+	"github.com/stretchr/testify/assert"
+	"testing"
+	"time"
+)
+
+//encode_krb5_pa_for_user
+//encode_krb5_pa_s4u_x509_user
+//encode_krb5_pa_fx_fast_reply
+//encode_krb5_pa_otp_challenge(optionalsNULL)
+//encode_krb5_pa_otp_challenge
+//encode_krb5_pa_otp_req(optionalsNULL)
+//encode_krb5_pa_otp_req
+//encode_krb5_pa_otp_enc_req
+
+func TestUnmarshalPADataSequence(t *testing.T) {
+	var a PADataSequence
+	v := "encode_krb5_padata_sequence"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, 2, len(a), "Number of PAData items in the sequence not as expected")
+	for i, pa := range a {
+		assert.Equal(t, testdata.TEST_PADATA_TYPE, pa.PADataType, fmt.Sprintf("PAData type for entry %d not as expected", i+1))
+		assert.Equal(t, []byte(testdata.TEST_PADATA_VALUE), pa.PADataValue, fmt.Sprintf("PAData valye for entry %d not as expected", i+1))
+	}
+}
+
+func TestUnmarshalPADataSequence_empty(t *testing.T) {
+	var a PADataSequence
+	v := "encode_krb5_padata_sequence(empty)"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, 0, len(a), "Number of PAData items in the sequence not as expected")
+}
+
+func TestUnmarshalPAEncTSEnc(t *testing.T) {
+	//Parse the test time value into a time.Time type
+	tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME)
+
+	var a PAEncTSEnc
+	v := "encode_krb5_pa_enc_ts"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, tt, a.PATimestamp, "PA timestamp not as expected")
+	assert.Equal(t, 123456, a.PAUSec, "PA microseconds not as expected")
+}
+
+func TestUnmarshalPAEncTSEnc_nousec(t *testing.T) {
+	//Parse the test time value into a time.Time type
+	tt, _ := time.Parse(testdata.TEST_TIME_FORMAT, testdata.TEST_TIME)
+
+	var a PAEncTSEnc
+	v := "encode_krb5_pa_enc_ts(nousec)"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, tt, a.PATimestamp, "PA timestamp not as expected")
+	assert.Equal(t, 0, a.PAUSec, "PA microseconds not as expected")
+}
+
+func TestUnmarshalETypeInfo(t *testing.T) {
+	var a ETypeInfo
+	v := "encode_krb5_etype_info"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, 3, len(a), "Number of EType info entries not as expected")
+	assert.Equal(t, 0, a[0].EType, "Etype of first etype info entry not as expected")
+	assert.Equal(t, []byte("Morton's #0"), a[0].Salt, "Salt of first etype info entry not as expected")
+	assert.Equal(t, 1, a[1].EType, "Etype of second etype info entry not as expected")
+	assert.Equal(t, 0, len(a[1].Salt), "Salt of second etype info entry not as expected")
+	assert.Equal(t, 2, a[2].EType, "Etype of third etype info entry not as expected")
+	assert.Equal(t, []byte("Morton's #2"), a[2].Salt, "Salt of third etype info entry not as expected")
+}
+
+func TestUnmarshalETypeInfo_only1(t *testing.T) {
+	var a ETypeInfo
+	v := "encode_krb5_etype_info(only1)"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, 1, len(a), "Number of EType info entries not as expected")
+	assert.Equal(t, 0, a[0].EType, "Etype of first etype info entry not as expected")
+	assert.Equal(t, []byte("Morton's #0"), a[0].Salt, "Salt of first etype info entry not as expected")
+}
+
+func TestUnmarshalETypeInfo_noinfo(t *testing.T) {
+	var a ETypeInfo
+	v := "encode_krb5_etype_info(noinfo)"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, 0, len(a), "Number of EType info entries not as expected")
+}
+
+func TestUnmarshalETypeInfo2(t *testing.T) {
+	var a ETypeInfo2
+	v := "encode_krb5_etype_info2"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, 3, len(a), "Number of EType info2 entries not as expected")
+	assert.Equal(t, 0, a[0].EType, "Etype of first etype info2 entry not as expected")
+	assert.Equal(t, "Morton's #0", a[0].Salt, "Salt of first etype info2 entry not as expected")
+	assert.Equal(t, []byte("s2k: 0"), a[0].S2KParams, "String to key params of first etype info2 entry not as expected")
+	assert.Equal(t, 1, a[1].EType, "Etype of second etype info2 entry not as expected")
+	assert.Equal(t, 0, len(a[1].Salt), "Salt of second etype info2 entry not as expected")
+	assert.Equal(t, []byte("s2k: 1"), a[1].S2KParams, "String to key params of second etype info2 entry not as expected")
+	assert.Equal(t, 2, a[2].EType, "Etype of third etype info2 entry not as expected")
+	assert.Equal(t, "Morton's #2", a[2].Salt, "Salt of third etype info2 entry not as expected")
+	assert.Equal(t, []byte("s2k: 2"), a[2].S2KParams, "String to key params of third etype info2 entry not as expected")
+}
+
+func TestUnmarshalETypeInfo2_only1(t *testing.T) {
+	var a ETypeInfo2
+	v := "encode_krb5_etype_info2(only1)"
+	b, err := hex.DecodeString(testdata.TestVectors[v])
+	if err != nil {
+		t.Fatalf("Test vector read error of %s: %v\n", v, err)
+	}
+	err = a.Unmarshal(b)
+	if err != nil {
+		t.Fatalf("Unmarshal error of %s: %v\n", v, err)
+	}
+	assert.Equal(t, 1, len(a), "Number of EType info2 entries not as expected")
+	assert.Equal(t, 0, a[0].EType, "Etype of first etype info2 entry not as expected")
+	assert.Equal(t, "Morton's #0", a[0].Salt, "Salt of first etype info2 entry not as expected")
+	assert.Equal(t, []byte("s2k: 0"), a[0].S2KParams, "String to key params of first etype info2 entry not as expected")
+}