sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00
Code

tests/krb5: Test that root key data is the correct length in bytes

Browse Source 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Joseph Sutton 2023-12-20 16:38:33 +13:00 committed by Andrew Bartlett
parent 8277d7accf
commit 4946ab4c17
3 changed files with 26 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
python/samba/tests/gkdi.py
View File

@ -514,12 +514,6 @@ class GkdiBaseTest(TestCase):
if data is None:
data = secrets.token_bytes(KEY_LEN_BYTES)
else:
self.assertEqual(
KEY_LEN_BYTES,
len(data),
f"root key data must be {KEY_LEN_BYTES} bytes",
)
create_time = current_nt_time = self.current_nt_time()

25
python/samba/tests/krb5/gkdi_tests.py
View File

@ -32,6 +32,7 @@ from samba.gkdi import (
Algorithm,
Gkid,
KEY_CYCLE_DURATION,
KEY_LEN_BYTES,
MAX_CLOCK_SKEW,
NtTime,
NtTimeDelta,
@ -287,6 +288,30 @@ class GkdiExplicitRootKeyTests(GkdiKdcBaseTest):
"using a nonexistent root key should fail with NO_KEY",
)
def test_root_key_wrong_length(self):
"""Attempt to use a root key that is the wrong length."""
root_key_id = self.new_root_key(data=bytes(KEY_LEN_BYTES // 2))
gkid = self.current_gkid()
with self.assertRaises(GetKeyError) as err:
self.get_key(self.get_samdb(), self.gmsa_sd, root_key_id, gkid)
self.assertEqual(
HRES_NTE_BAD_KEY,
err.exception.args[0],
"using a root key that is the wrong length should fail with BAD_KEY",
)
with self.assertRaises(GetKeyError) as rpc_err:
self.rpc_get_key(self.gkdi_conn(), self.gmsa_sd, root_key_id, gkid)
self.assertEqual(
HRES_NTE_BAD_KEY,
rpc_err.exception.args[0],
"using a root key that is the wrong length should fail with BAD_KEY",
)
class GkdiImplicitRootKeyTests(GkdiKdcBaseTest):
_root_key: ClassVar[misc.GUID]

1
selftest/knownfail.d/gkdi
View File

@ -10,6 +10,7 @@
^samba\.tests\.krb5\.gkdi_tests\.samba\.tests\.krb5\.gkdi_tests\.GkdiExplicitRootKeyTests\.test_previous_l0_idx\(ad_dc\)$
^samba\.tests\.krb5\.gkdi_tests\.samba\.tests\.krb5\.gkdi_tests\.GkdiExplicitRootKeyTests\.test_root_key_use_start_time_too_low\(ad_dc\)$
^samba\.tests\.krb5\.gkdi_tests\.samba\.tests\.krb5\.gkdi_tests\.GkdiExplicitRootKeyTests\.test_root_key_use_start_time_zero\(ad_dc\)$
^samba\.tests\.krb5\.gkdi_tests\.samba\.tests\.krb5\.gkdi_tests\.GkdiExplicitRootKeyTests\.test_root_key_wrong_length\(ad_dc\)$
^samba\.tests\.krb5\.gkdi_tests\.samba\.tests\.krb5\.gkdi_tests\.GkdiImplicitRootKeyTests\.test_both_seed_keys\(ad_dc\)$
^samba\.tests\.krb5\.gkdi_tests\.samba\.tests\.krb5\.gkdi_tests\.GkdiImplicitRootKeyTests\.test_l1_seed_key\(ad_dc\)$
^samba\.tests\.krb5\.gkdi_tests\.samba\.tests\.krb5\.gkdi_tests\.GkdiImplicitRootKeyTests\.test_l2_seed_key\(ad_dc\)$