| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146 |
- package keytab
- import (
- "encoding/base64"
- "encoding/binary"
- "encoding/hex"
- "os"
- "path/filepath"
- "testing"
- "time"
- "github.com/stretchr/testify/assert"
- "gopkg.in/jcmturner/gokrb5.v7/test/testdata"
- )
- func TestUnmarshal(t *testing.T) {
- t.Parallel()
- b, _ := hex.DecodeString(testdata.TESTUSER1_KEYTAB)
- kt := New()
- err := kt.Unmarshal(b)
- if err != nil {
- t.Fatalf("Error parsing keytab data: %v\n", err)
- }
- assert.Equal(t, uint8(2), kt.version, "Keytab version not as expected")
- assert.Equal(t, uint32(1), kt.Entries[0].KVNO, "KVNO not as expected")
- assert.Equal(t, uint8(1), kt.Entries[0].KVNO8, "KVNO8 not as expected")
- assert.Equal(t, time.Unix(1505669592, 0), kt.Entries[0].Timestamp, "Timestamp not as expected")
- assert.Equal(t, int32(17), kt.Entries[0].Key.KeyType, "Key's EType not as expected")
- assert.Equal(t, "698c4df8e9f60e7eea5a21bf4526ad25", hex.EncodeToString(kt.Entries[0].Key.KeyValue), "Key material not as expected")
- assert.Equal(t, int16(1), kt.Entries[0].Principal.NumComponents, "Number of components in principal not as expected")
- assert.Equal(t, int32(1), kt.Entries[0].Principal.NameType, "Name type of principal not as expected")
- assert.Equal(t, "TEST.GOKRB5", kt.Entries[0].Principal.Realm, "Realm of principal not as expected")
- assert.Equal(t, "testuser1", kt.Entries[0].Principal.Components[0], "Component in principal not as expected")
- }
- func TestMarshal(t *testing.T) {
- t.Parallel()
- b, _ := hex.DecodeString(testdata.TESTUSER1_KEYTAB)
- kt := New()
- err := kt.Unmarshal(b)
- if err != nil {
- t.Fatalf("Error parsing keytab data: %v\n", err)
- }
- mb, err := kt.Marshal()
- if err != nil {
- t.Fatalf("Error marshaling: %v", err)
- }
- assert.Equal(t, b, mb, "Marshaled bytes not the same as input bytes")
- err = kt.Unmarshal(mb)
- if err != nil {
- t.Fatalf("Error parsing marshaled bytes: %v", err)
- }
- }
- func TestLoad(t *testing.T) {
- t.Parallel()
- f := "test/testdata/testuser1.testtab"
- cwd, _ := os.Getwd()
- dir := os.Getenv("TRAVIS_BUILD_DIR")
- if dir != "" {
- f = dir + "/" + f
- } else if filepath.Base(cwd) == "keytab" {
- f = "../" + f
- }
- kt, err := Load(f)
- if err != nil {
- t.Fatalf("could not load keytab: %v", err)
- }
- assert.Equal(t, uint8(2), kt.version, "keytab version not as expected")
- assert.Equal(t, 12, len(kt.Entries), "keytab entry count not as expected: %+v", *kt)
- for _, e := range kt.Entries {
- if e.Principal.Realm != "TEST.GOKRB5" {
- t.Error("principal realm not as expected")
- }
- if e.Principal.NameType != int32(1) {
- t.Error("name type not as expected")
- }
- if e.Principal.NumComponents != int16(1) {
- t.Error("number of component not as expected")
- }
- if len(e.Principal.Components) != 1 {
- t.Error("number of component not as expected")
- }
- if e.Principal.Components[0] != "testuser1" {
- t.Error("principal components not as expected")
- }
- if e.Timestamp.IsZero() {
- t.Error("entry timestamp incorrect")
- }
- if e.KVNO == uint32(0) {
- t.Error("entry kvno not as expected")
- }
- if e.KVNO8 == uint8(0) {
- t.Error("entry kvno8 not as expected")
- }
- }
- }
- // This test provides inputs to readBytes that previously
- // caused a panic.
- func TestReadBytes(t *testing.T) {
- var endian binary.ByteOrder
- endian = binary.BigEndian
- p := 0
- if _, err := readBytes(nil, &p, 1, &endian); err == nil {
- t.Fatal("err should be populated because s was given that exceeds array length")
- }
- if _, err := readBytes(nil, &p, -1, &endian); err == nil {
- t.Fatal("err should be given because negative s was given")
- }
- }
- func TestUnmarshalPotentialPanics(t *testing.T) {
- kt := New()
- // Test a good keytab with bad bytes to unmarshal. These should
- // return errors, but not panic.
- if err := kt.Unmarshal(nil); err == nil {
- t.Fatal("should have errored, input is absent")
- }
- if err := kt.Unmarshal([]byte{}); err == nil {
- t.Fatal("should have errored, input is empty")
- }
- // Incorrect first byte.
- if err := kt.Unmarshal([]byte{4}); err == nil {
- t.Fatal("should have errored, input isn't long enough")
- }
- // First byte, but no further content.
- if err := kt.Unmarshal([]byte{5}); err == nil {
- t.Fatal("should have errored, input isn't long enough")
- }
- }
- // cxf testing stuff
- func TestBadKeytabs(t *testing.T) {
- badPayloads := make([]string, 3)
- badPayloads = append(badPayloads, "BQIwMDAwMDA=")
- badPayloads = append(badPayloads, "BQIAAAAwAAEACjAwMDAwMDAwMDAAIDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw")
- badPayloads = append(badPayloads, "BQKAAAAA")
- for _, v := range badPayloads {
- decodedKt, _ := base64.StdEncoding.DecodeString(v)
- parsedKt := new(Keytab)
- parsedKt.Unmarshal(decodedKt)
- }
- }
|
