/* Unix SMB/CIFS implementation. test suite for backupkey remote protocol rpc operations Copyright (C) Matthieu Patou 2010-2011 Copyright (C) Andreas Schneider 2015 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ #include "includes.h" #include "../libcli/security/security.h" #include "torture/rpc/torture_rpc.h" #include "torture/ndr/ndr.h" #include "librpc/gen_ndr/ndr_backupkey_c.h" #include "librpc/gen_ndr/ndr_backupkey.h" #include "librpc/gen_ndr/ndr_lsa_c.h" #include "librpc/gen_ndr/ndr_security.h" #include "lib/cmdline/cmdline.h" #include "libcli/auth/proto.h" #include #include #include #include #include enum test_wrong { WRONG_MAGIC, WRONG_R2, WRONG_PAYLOAD_LENGTH, WRONG_CIPHERTEXT_LENGTH, SHORT_PAYLOAD_LENGTH, SHORT_CIPHERTEXT_LENGTH, ZERO_PAYLOAD_LENGTH, ZERO_CIPHERTEXT_LENGTH, RIGHT_KEY, WRONG_KEY, WRONG_SID, }; /* Our very special and valued secret */ /* No need to put const as we cast the array in uint8_t * we will get a warning about the discarded const */ static const char secret[] = "tata yoyo mais qu'est ce qu'il y a sous ton grand chapeau ?"; /* Get the SID from a user */ static struct dom_sid *get_user_sid(struct torture_context *tctx, TALLOC_CTX *mem_ctx, const char *user) { struct lsa_ObjectAttribute attr; struct lsa_QosInfo qos; struct lsa_OpenPolicy2 r; struct lsa_Close c; NTSTATUS status; struct policy_handle handle; struct lsa_LookupNames l; struct lsa_TransSidArray sids; struct lsa_RefDomainList *domains = NULL; struct lsa_String lsa_name; uint32_t count = 0; struct dom_sid *result; TALLOC_CTX *tmp_ctx; struct dcerpc_pipe *p2; struct dcerpc_binding_handle *b; const char *domain = cli_credentials_get_domain( samba_cmdline_get_creds()); torture_assert_ntstatus_ok(tctx, torture_rpc_connection(tctx, &p2, &ndr_table_lsarpc), "could not open lsarpc pipe"); b = p2->binding_handle; if (!(tmp_ctx = talloc_new(mem_ctx))) { return NULL; } qos.len = 0; qos.impersonation_level = 2; qos.context_mode = 1; qos.effective_only = 0; attr.len = 0; attr.root_dir = NULL; attr.object_name = NULL; attr.attributes = 0; attr.sec_desc = NULL; attr.sec_qos = &qos; r.in.system_name = "\\"; r.in.attr = &attr; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.handle = &handle; status = dcerpc_lsa_OpenPolicy2_r(b, tmp_ctx, &r); if (!NT_STATUS_IS_OK(status)) { torture_comment(tctx, "OpenPolicy2 failed - %s\n", nt_errstr(status)); talloc_free(tmp_ctx); return NULL; } if (!NT_STATUS_IS_OK(r.out.result)) { torture_comment(tctx, "OpenPolicy2_ failed - %s\n", nt_errstr(r.out.result)); talloc_free(tmp_ctx); return NULL; } sids.count = 0; sids.sids = NULL; lsa_name.string = talloc_asprintf(tmp_ctx, "%s\\%s", domain, user); l.in.handle = &handle; l.in.num_names = 1; l.in.names = &lsa_name; l.in.sids = &sids; l.in.level = 1; l.in.count = &count; l.out.count = &count; l.out.sids = &sids; l.out.domains = &domains; status = dcerpc_lsa_LookupNames_r(b, tmp_ctx, &l); if (!NT_STATUS_IS_OK(status)) { torture_comment(tctx, "LookupNames of %s failed - %s\n", lsa_name.string, nt_errstr(status)); talloc_free(tmp_ctx); return NULL; } if (domains->count == 0) { return NULL; } result = dom_sid_add_rid(mem_ctx, domains->domains[0].sid, l.out.sids->sids[0].rid); c.in.handle = &handle; c.out.handle = &handle; status = dcerpc_lsa_Close_r(b, tmp_ctx, &c); if (!NT_STATUS_IS_OK(status)) { torture_comment(tctx, "dcerpc_lsa_Close failed - %s\n", nt_errstr(status)); talloc_free(tmp_ctx); return NULL; } if (!NT_STATUS_IS_OK(c.out.result)) { torture_comment(tctx, "dcerpc_lsa_Close failed - %s\n", nt_errstr(c.out.result)); talloc_free(tmp_ctx); return NULL; } talloc_free(tmp_ctx); talloc_free(p2); torture_comment(tctx, "Get_user_sid finished\n"); return result; } /* * Create a bkrp_encrypted_secret_vX structure * the version depends on the version parameter * the structure is returned as a blob. * The broken flag is to indicate if we want * to create a non conform to specification structure */ static DATA_BLOB *create_unencryptedsecret(TALLOC_CTX *mem_ctx, bool broken, int version) { TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); DATA_BLOB *blob = talloc_zero(mem_ctx, DATA_BLOB); enum ndr_err_code ndr_err; if (version == 2) { struct bkrp_encrypted_secret_v2 unenc_sec; ZERO_STRUCT(unenc_sec); unenc_sec.secret_len = sizeof(secret); unenc_sec.secret = discard_const_p(uint8_t, secret); generate_random_buffer(unenc_sec.payload_key, sizeof(unenc_sec.payload_key)); ndr_err = ndr_push_struct_blob(blob, blob, &unenc_sec, (ndr_push_flags_fn_t)ndr_push_bkrp_encrypted_secret_v2); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return NULL; } if (broken) { /* The magic value is correctly set by the NDR push * but we want to test the behavior of the server * if a different value is provided */ ((uint8_t*)blob->data)[4] = 79; /* A great year !!! */ } } if (version == 3) { struct bkrp_encrypted_secret_v3 unenc_sec; ZERO_STRUCT(unenc_sec); unenc_sec.secret_len = sizeof(secret); unenc_sec.secret = discard_const_p(uint8_t, secret); generate_random_buffer(unenc_sec.payload_key, sizeof(unenc_sec.payload_key)); ndr_err = ndr_push_struct_blob(blob, blob, &unenc_sec, (ndr_push_flags_fn_t)ndr_push_bkrp_encrypted_secret_v3); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return NULL; } if (broken) { /* * The magic value is correctly set by the NDR push * but we want to test the behavior of the server * if a different value is provided */ ((uint8_t*)blob->data)[4] = 79; /* A great year !!! */ } } talloc_free(tmp_ctx); return blob; } /* * Create an access check structure, the format depends on the version parameter. * If broken is specified then we create a structure that isn't conform to the * specification. * * If the structure can't be created then NULL is returned. */ static DATA_BLOB *create_access_check(struct torture_context *tctx, struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *user, bool broken, uint32_t version) { TALLOC_CTX *tmp_ctx = NULL; DATA_BLOB *blob = NULL; enum ndr_err_code ndr_err; const struct dom_sid *sid = NULL; tmp_ctx = talloc_new(mem_ctx); if (tmp_ctx == NULL) { return NULL; } sid = get_user_sid(tctx, tmp_ctx, user); if (sid == NULL) { talloc_free(tmp_ctx); return NULL; } blob = talloc_zero(mem_ctx, DATA_BLOB); if (blob == NULL) { talloc_free(tmp_ctx); return NULL; } if (version == 2) { struct bkrp_access_check_v2 access_struct; gnutls_hash_hd_t dig_ctx; uint8_t nonce[32]; int rc; ZERO_STRUCT(access_struct); generate_random_buffer(nonce, sizeof(nonce)); access_struct.nonce_len = sizeof(nonce); access_struct.nonce = nonce; access_struct.sid = *sid; ndr_err = ndr_push_struct_blob(blob, blob, &access_struct, (ndr_push_flags_fn_t)ndr_push_bkrp_access_check_v2); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { talloc_free(blob); talloc_free(tmp_ctx); return NULL; } /* * We pushed the whole structure including a null hash * but the hash need to be calculated only up to the hash field * so we reduce the size of what has to be calculated */ rc = gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA1); if (rc != GNUTLS_E_SUCCESS) { talloc_free(blob); talloc_free(tmp_ctx); return NULL; } rc = gnutls_hash(dig_ctx, blob->data, blob->length - sizeof(access_struct.hash)); gnutls_hash_deinit(dig_ctx, blob->data + blob->length - sizeof(access_struct.hash)); if (rc != GNUTLS_E_SUCCESS) { talloc_free(blob); talloc_free(tmp_ctx); return NULL; } /* Altering the SHA */ if (broken) { blob->data[blob->length - 1]++; } } if (version == 3) { struct bkrp_access_check_v3 access_struct; gnutls_hash_hd_t dig_ctx; uint8_t nonce[32]; int rc; ZERO_STRUCT(access_struct); generate_random_buffer(nonce, sizeof(nonce)); access_struct.nonce_len = sizeof(nonce); access_struct.nonce = nonce; access_struct.sid = *sid; ndr_err = ndr_push_struct_blob(blob, blob, &access_struct, (ndr_push_flags_fn_t)ndr_push_bkrp_access_check_v3); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { talloc_free(blob); talloc_free(tmp_ctx); return NULL; } /*We pushed the whole structure including a null hash * but the hash need to be calculated only up to the hash field * so we reduce the size of what has to be calculated */ rc = gnutls_hash_init(&dig_ctx, GNUTLS_DIG_SHA512); if (rc != GNUTLS_E_SUCCESS) { talloc_free(blob); talloc_free(tmp_ctx); return NULL; } rc = gnutls_hash(dig_ctx, blob->data, blob->length - sizeof(access_struct.hash)); gnutls_hash_deinit(dig_ctx, blob->data + blob->length - sizeof(access_struct.hash)); if (rc != GNUTLS_E_SUCCESS) { talloc_free(blob); talloc_free(tmp_ctx); return NULL; } /* Altering the SHA */ if (broken) { blob->data[blob->length -1]++; } } talloc_free(tmp_ctx); return blob; } static DATA_BLOB *encrypt_blob(struct torture_context *tctx, TALLOC_CTX *mem_ctx, DATA_BLOB *key, DATA_BLOB *iv, DATA_BLOB *to_encrypt, gnutls_cipher_algorithm_t cipher_algo) { gnutls_cipher_hd_t cipher_handle = { 0 }; gnutls_datum_t gkey = { .data = key->data, .size = key->length, }; gnutls_datum_t giv = { .data = iv->data, .size = iv->length, }; DATA_BLOB *blob; int rc; blob = talloc(mem_ctx, DATA_BLOB); if (blob == NULL) { return NULL; } *blob = data_blob_talloc_zero(mem_ctx, to_encrypt->length); if (blob->data == NULL) { talloc_free(blob); return NULL; } rc = gnutls_cipher_init(&cipher_handle, cipher_algo, &gkey, &giv); if (rc != GNUTLS_E_SUCCESS) { torture_comment(tctx, "gnutls_cipher_init failed: %s\n", gnutls_strerror(rc)); talloc_free(blob); return NULL; } rc = gnutls_cipher_encrypt2(cipher_handle, to_encrypt->data, to_encrypt->length, blob->data, blob->length); gnutls_cipher_deinit(cipher_handle); if (rc != GNUTLS_E_SUCCESS) { torture_comment(tctx, "gnutls_cipher_decrypt2 failed: %s\n", gnutls_strerror(rc)); return NULL; } return blob; } /* * Certs used for this protocol have a GUID in the issuer_uniq_id field. * This function fetch it. */ static struct GUID *get_cert_guid(struct torture_context *tctx, TALLOC_CTX *mem_ctx, uint8_t *cert_data, uint32_t cert_len) { gnutls_x509_crt_t x509_cert = NULL; gnutls_datum_t x509_crt_data = { .data = cert_data, .size = cert_len, }; uint8_t dummy[1] = {0}; DATA_BLOB issuer_unique_id = { .data = dummy, .length = 0, }; struct GUID *guid = talloc_zero(mem_ctx, struct GUID); NTSTATUS status; int rc; rc = gnutls_x509_crt_init(&x509_cert); if (rc != GNUTLS_E_SUCCESS) { torture_comment(tctx, "gnutls_x509_crt_init failed - %s", gnutls_strerror(rc)); return NULL; } rc = gnutls_x509_crt_import(x509_cert, &x509_crt_data, GNUTLS_X509_FMT_DER); if (rc != GNUTLS_E_SUCCESS) { torture_comment(tctx, "gnutls_x509_crt_import failed - %s", gnutls_strerror(rc)); gnutls_x509_crt_deinit(x509_cert); return NULL; } /* Get the buffer size */ rc = gnutls_x509_crt_get_issuer_unique_id(x509_cert, (char *)issuer_unique_id.data, &issuer_unique_id.length); if (rc != GNUTLS_E_SHORT_MEMORY_BUFFER || issuer_unique_id.length == 0) { gnutls_x509_crt_deinit(x509_cert); return NULL; } issuer_unique_id = data_blob_talloc_zero(mem_ctx, issuer_unique_id.length); if (issuer_unique_id.data == NULL) { gnutls_x509_crt_deinit(x509_cert); return NULL; } rc = gnutls_x509_crt_get_issuer_unique_id(x509_cert, (char *)issuer_unique_id.data, &issuer_unique_id.length); gnutls_x509_crt_deinit(x509_cert); if (rc != GNUTLS_E_SUCCESS) { torture_comment(tctx, "gnutls_x509_crt_get_issuer_unique_id failed - %s", gnutls_strerror(rc)); return NULL; } status = GUID_from_data_blob(&issuer_unique_id, guid); if (!NT_STATUS_IS_OK(status)) { return NULL; } return guid; } /* * Encrypt a blob with the private key of the certificate * passed as a parameter. */ static DATA_BLOB *encrypt_blob_pk(struct torture_context *tctx, TALLOC_CTX *mem_ctx, uint8_t *cert_data, uint32_t cert_len, DATA_BLOB *to_encrypt) { gnutls_x509_crt_t x509_cert; gnutls_datum_t x509_crt_data = { .data = cert_data, .size = cert_len, }; gnutls_pubkey_t pubkey; gnutls_datum_t plaintext = { .data = to_encrypt->data, .size = to_encrypt->length, }; gnutls_datum_t ciphertext = { .data = NULL, }; DATA_BLOB *blob; int rc; rc = gnutls_x509_crt_init(&x509_cert); if (rc != GNUTLS_E_SUCCESS) { return NULL; } rc = gnutls_x509_crt_import(x509_cert, &x509_crt_data, GNUTLS_X509_FMT_DER); if (rc != GNUTLS_E_SUCCESS) { gnutls_x509_crt_deinit(x509_cert); return NULL; } rc = gnutls_pubkey_init(&pubkey); if (rc != GNUTLS_E_SUCCESS) { gnutls_x509_crt_deinit(x509_cert); return NULL; } rc = gnutls_pubkey_import_x509(pubkey, x509_cert, 0); gnutls_x509_crt_deinit(x509_cert); if (rc != GNUTLS_E_SUCCESS) { gnutls_pubkey_deinit(pubkey); return NULL; } rc = gnutls_pubkey_encrypt_data(pubkey, 0, &plaintext, &ciphertext); gnutls_pubkey_deinit(pubkey); if (rc != GNUTLS_E_SUCCESS) { return NULL; } blob = talloc_zero(mem_ctx, DATA_BLOB); if (blob == NULL) { gnutls_pubkey_deinit(pubkey); return NULL; } *blob = data_blob_talloc(blob, ciphertext.data, ciphertext.size); gnutls_free(ciphertext.data); if (blob->data == NULL) { gnutls_pubkey_deinit(pubkey); return NULL; } return blob; } static struct bkrp_BackupKey *createRetrieveBackupKeyGUIDStruct(struct torture_context *tctx, struct dcerpc_pipe *p, int version, DATA_BLOB *out) { struct dcerpc_binding *binding; struct bkrp_client_side_wrapped data; struct GUID *g = talloc(tctx, struct GUID); struct bkrp_BackupKey *r = talloc_zero(tctx, struct bkrp_BackupKey); enum ndr_err_code ndr_err; DATA_BLOB blob; NTSTATUS status; if (r == NULL) { return NULL; } binding = dcerpc_binding_dup(tctx, p->binding); if (binding == NULL) { return NULL; } status = dcerpc_binding_set_flags(binding, DCERPC_SEAL|DCERPC_AUTH_SPNEGO, 0); if (!NT_STATUS_IS_OK(status)) { return NULL; } ZERO_STRUCT(data); status = GUID_from_string(BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID, g); if (!NT_STATUS_IS_OK(status)) { return NULL; } r->in.guidActionAgent = g; data.version = version; ndr_err = ndr_push_struct_blob(&blob, tctx, &data, (ndr_push_flags_fn_t)ndr_push_bkrp_client_side_wrapped); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return NULL; } r->in.data_in = blob.data; r->in.data_in_len = blob.length; r->out.data_out = &out->data; r->out.data_out_len = talloc(r, uint32_t); return r; } static struct bkrp_BackupKey *createRestoreGUIDStruct(struct torture_context *tctx, struct dcerpc_pipe *p, int version, DATA_BLOB *out, bool norevert, bool broken_version, bool broken_user, bool broken_magic_secret, bool broken_magic_access, bool broken_hash_access, bool broken_cert_guid) { struct dcerpc_binding_handle *b = p->binding_handle; struct bkrp_client_side_wrapped data; DATA_BLOB *xs; DATA_BLOB *sec; DATA_BLOB *enc_sec = NULL; DATA_BLOB *enc_xs = NULL; DATA_BLOB *blob2; DATA_BLOB enc_sec_reverted; DATA_BLOB key; DATA_BLOB iv; DATA_BLOB out_blob; struct GUID *guid, *g; int t; uint32_t size; enum ndr_err_code ndr_err; NTSTATUS status; const char *user; gnutls_cipher_algorithm_t cipher_algo; struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, version, &out_blob); if (r == NULL) { return NULL; } if (broken_user) { /* we take a fake user*/ user = "guest"; } else { user = cli_credentials_get_username( samba_cmdline_get_creds()); } torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Get GUID"); torture_assert_werr_ok(tctx, r->out.result, "Get GUID"); /* * We have to set it outside of the function createRetrieveBackupKeyGUIDStruct * the len of the blob, this is due to the fact that they don't have the * same size (one is 32bits the other 64bits) */ out_blob.length = *r->out.data_out_len; sec = create_unencryptedsecret(tctx, broken_magic_secret, version); if (sec == NULL) { return NULL; } xs = create_access_check(tctx, p, tctx, user, broken_hash_access, version); if (xs == NULL) { return NULL; } if (broken_magic_access){ /* The start of the access_check structure contains the * GUID of the certificate */ xs->data[0]++; } enc_sec = encrypt_blob_pk(tctx, tctx, out_blob.data, out_blob.length, sec); if (!enc_sec) { return NULL; } enc_sec_reverted.data = talloc_array(tctx, uint8_t, enc_sec->length); if (enc_sec_reverted.data == NULL) { return NULL; } enc_sec_reverted.length = enc_sec->length; /* * We DO NOT revert the array on purpose it's in order to check that * when the server is not able to decrypt then it answer the correct error */ if (norevert) { for(t=0; t< enc_sec->length; t++) { enc_sec_reverted.data[t] = ((uint8_t*)enc_sec->data)[t]; } } else { for(t=0; t< enc_sec->length; t++) { enc_sec_reverted.data[t] = ((uint8_t*)enc_sec->data)[enc_sec->length - t -1]; } } size = sec->length; switch (version) { case 2: cipher_algo = GNUTLS_CIPHER_3DES_CBC; break; case 3: cipher_algo = GNUTLS_CIPHER_AES_256_CBC; break; default: return NULL; } iv.length = gnutls_cipher_get_iv_size(cipher_algo); iv.data = sec->data + (size - iv.length); key.length = gnutls_cipher_get_key_size(cipher_algo); key.data = sec->data + (size - (key.length + iv.length)); enc_xs = encrypt_blob(tctx, tctx, &key, &iv, xs, cipher_algo); if (!enc_xs) { return NULL; } /* To cope with the fact that heimdal do padding at the end for the moment */ enc_xs->length = xs->length; guid = get_cert_guid(tctx, tctx, out_blob.data, out_blob.length); if (guid == NULL) { return NULL; } if (broken_version) { data.version = 1; } else { data.version = version; } data.guid = *guid; data.encrypted_secret = enc_sec_reverted.data; data.access_check = enc_xs->data; data.encrypted_secret_len = enc_sec->length; data.access_check_len = enc_xs->length; /* We want the blob to persist after this function so we don't * allocate it in the stack */ blob2 = talloc(tctx, DATA_BLOB); if (blob2 == NULL) { return NULL; } ndr_err = ndr_push_struct_blob(blob2, tctx, &data, (ndr_push_flags_fn_t)ndr_push_bkrp_client_side_wrapped); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return NULL; } if (broken_cert_guid) { blob2->data[12]++; } ZERO_STRUCT(*r); g = talloc(tctx, struct GUID); if (g == NULL) { return NULL; } status = GUID_from_string(BACKUPKEY_RESTORE_GUID, g); if (!NT_STATUS_IS_OK(status)) { return NULL; } r->in.guidActionAgent = g; r->in.data_in = blob2->data; r->in.data_in_len = blob2->length; r->in.param = 0; r->out.data_out = &(out->data); r->out.data_out_len = talloc(r, uint32_t); return r; } /* Check that we are able to receive the certificate of the DCs * used for client wrap version of the backup key protocol */ static bool test_RetrieveBackupKeyGUID(struct torture_context *tctx, struct dcerpc_pipe *p) { struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; if (r == NULL) { return false; } dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Get GUID"); out_blob.length = *r->out.data_out_len; torture_assert_werr_equal(tctx, r->out.result, WERR_OK, "Wrong dce/rpc error code"); } else { torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } /* Test to check the failure to recover a secret because the * secret blob is not reversed */ static bool test_RestoreGUID_ko(struct torture_context *tctx, struct dcerpc_pipe *p) { enum ndr_err_code ndr_err; struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_client_side_unwrapped resp; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, true, false, false, false, false, false, false); torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); out_blob.length = *r->out.data_out_len; ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_PARAMETER, "Wrong error code"); } else { struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } static bool test_RestoreGUID_wrongversion(struct torture_context *tctx, struct dcerpc_pipe *p) { enum ndr_err_code ndr_err; struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_client_side_unwrapped resp; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, false, true, false, false, false, false, false); torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); out_blob.length = *r->out.data_out_len; ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_PARAMETER, "Wrong error code on wrong version"); } else { struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } static bool test_RestoreGUID_wronguser(struct torture_context *tctx, struct dcerpc_pipe *p) { enum ndr_err_code ndr_err; struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_client_side_unwrapped resp; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, false, false, true, false, false, false, false); torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); out_blob.length = *r->out.data_out_len; ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_ACCESS, "Restore GUID"); } else { struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } static bool test_RestoreGUID_v3(struct torture_context *tctx, struct dcerpc_pipe *p) { enum ndr_err_code ndr_err; struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_client_side_unwrapped resp; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob, false, false, false, false, false, false, false); torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); out_blob.length = *r->out.data_out_len; ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 1, "Unable to unmarshall bkrp_client_side_unwrapped"); torture_assert_werr_equal(tctx, r->out.result, WERR_OK, "Restore GUID"); torture_assert_str_equal(tctx, (char*)resp.secret.data, secret, "Wrong secret"); } else { struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } static bool test_RestoreGUID(struct torture_context *tctx, struct dcerpc_pipe *p) { struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_client_side_unwrapped resp; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, false, false, false, false, false, false, false); torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); out_blob.length = *r->out.data_out_len; torture_assert_werr_equal(tctx, r->out.result, WERR_OK, "Restore GUID"); torture_assert_ndr_err_equal(tctx, ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped), NDR_ERR_SUCCESS, "Unable to unmarshall bkrp_client_side_unwrapped"); torture_assert_str_equal(tctx, (char*)resp.secret.data, secret, "Wrong secret"); } else { struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } static bool test_RestoreGUID_badmagiconsecret(struct torture_context *tctx, struct dcerpc_pipe *p) { enum ndr_err_code ndr_err; struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_client_side_unwrapped resp; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob, false, false, false, true, false, false, false); torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); out_blob.length = *r->out.data_out_len; ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Wrong error code while providing bad magic in secret"); } else { struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } static bool test_RestoreGUID_emptyrequest(struct torture_context *tctx, struct dcerpc_pipe *p) { struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob, false, false, false, true, false, false, true); torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); r->in.data_in = talloc(tctx, uint8_t); r->in.data_in_len = 0; r->in.param = 0; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); out_blob.length = *r->out.data_out_len; torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_PARAMETER, "Bad error code on wrong has in access check"); } else { struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } static bool test_RestoreGUID_badcertguid(struct torture_context *tctx, struct dcerpc_pipe *p) { enum ndr_err_code ndr_err; struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_client_side_unwrapped resp; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob, false, false, false, false, false, false, true); torture_assert(tctx, r != NULL, "createRestoreGUIDStruct() failed"); torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); out_blob.length = *r->out.data_out_len; ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); /* * Windows 2012R2 has, presumably, a programming error * returning an NTSTATUS code on this interface */ if (W_ERROR_V(r->out.result) != NT_STATUS_V(NT_STATUS_OBJECT_NAME_NOT_FOUND)) { torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check"); } } else { struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } static bool test_RestoreGUID_badmagicaccesscheck(struct torture_context *tctx, struct dcerpc_pipe *p) { enum ndr_err_code ndr_err; struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_client_side_unwrapped resp; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, false, false, false, false, true, false, false); torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); out_blob.length = *r->out.data_out_len; ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check"); } else { struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } static bool test_RestoreGUID_badhashaccesscheck(struct torture_context *tctx, struct dcerpc_pipe *p) { enum ndr_err_code ndr_err; struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_client_side_unwrapped resp; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob, false, false, false, false, false, true, false); torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed"); torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID"); out_blob.length = *r->out.data_out_len; ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped); torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped"); torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check"); } else { struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } /* * Check that the RSA modulus in the certificate of the DCs has 2048 bits. */ static bool test_RetrieveBackupKeyGUID_validate(struct torture_context *tctx, struct dcerpc_pipe *p) { struct dcerpc_binding_handle *b = p->binding_handle; DATA_BLOB out_blob; struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob); enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; torture_assert(tctx, r != NULL, "test_RetrieveBackupKeyGUID_validate failed"); if (r == NULL) { return false; } dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { gnutls_x509_crt_t x509_cert = NULL; gnutls_pubkey_t pubkey = NULL; gnutls_datum_t x509_crt_data; gnutls_pk_algorithm_t pubkey_algo; uint8_t dummy[1] = {0}; DATA_BLOB subject_unique_id = { .data = dummy, .length = 0, }; DATA_BLOB issuer_unique_id = { .data = dummy, .length = 0, }; DATA_BLOB reversed = { .data = dummy, .length = 0, }; DATA_BLOB serial_number; unsigned int RSA_returned_bits = 0; int version; size_t i; int cmp; int rc; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Get GUID"); torture_assert_werr_ok(tctx, r->out.result, "Get GUID"); out_blob.length = *r->out.data_out_len; x509_crt_data.data = out_blob.data; x509_crt_data.size = out_blob.length; rc = gnutls_x509_crt_init(&x509_cert); if (rc != GNUTLS_E_SUCCESS) { return NULL; } rc = gnutls_x509_crt_import(x509_cert, &x509_crt_data, GNUTLS_X509_FMT_DER); torture_assert_int_equal(tctx, rc, GNUTLS_E_SUCCESS, "gnutls_x509_crt_import failed"); /* Compare unique ids */ /* Get buffer size */ rc = gnutls_x509_crt_get_subject_unique_id(x509_cert, (char *)subject_unique_id.data, &subject_unique_id.length); torture_assert_int_equal(tctx, rc, GNUTLS_E_SHORT_MEMORY_BUFFER, "gnutls_x509_crt_get_subject_unique_id " "get buffer size failed"); subject_unique_id = data_blob_talloc_zero(tctx, subject_unique_id.length); rc = gnutls_x509_crt_get_subject_unique_id(x509_cert, (char *)subject_unique_id.data, &subject_unique_id.length); torture_assert_int_equal(tctx, rc, GNUTLS_E_SUCCESS, "gnutls_x509_crt_get_subject_unique_id failed"); rc = gnutls_x509_crt_get_issuer_unique_id(x509_cert, (char *)issuer_unique_id.data, &issuer_unique_id.length); torture_assert_int_equal(tctx, rc, GNUTLS_E_SHORT_MEMORY_BUFFER, "gnutls_x509_crt_get_issuer_unique_id " "get buffer size failed"); issuer_unique_id = data_blob_talloc_zero(tctx, issuer_unique_id.length); rc = gnutls_x509_crt_get_issuer_unique_id(x509_cert, (char *)issuer_unique_id.data, &issuer_unique_id.length); torture_assert_int_equal(tctx, rc, GNUTLS_E_SUCCESS, "gnutls_x509_crt_get_issuer_unique_id failed"); cmp = data_blob_cmp(&subject_unique_id, &issuer_unique_id); torture_assert(tctx, cmp == 0, "The GUID to identify the public key is not " "identical"); rc = gnutls_x509_crt_get_serial(x509_cert, reversed.data, &reversed.length); torture_assert_int_equal(tctx, rc, GNUTLS_E_SHORT_MEMORY_BUFFER, "gnutls_x509_crt_get_serial " "get buffer size failed"); reversed = data_blob_talloc_zero(tctx, reversed.length); rc = gnutls_x509_crt_get_serial(x509_cert, reversed.data, &reversed.length); torture_assert_int_equal(tctx, rc, GNUTLS_E_SUCCESS, "gnutls_x509_crt_get_serial failed"); /* * Heimdal sometimes adds a leading byte to the data buffer of * the serial number. So lets uses the subject_unique_id size * and ignore the leading byte. */ serial_number = data_blob_talloc_zero(tctx, subject_unique_id.length); for (i = 0; i < serial_number.length; i++) { serial_number.data[i] = reversed.data[reversed.length - i - 1]; } cmp = data_blob_cmp(&subject_unique_id, &serial_number); torture_assert(tctx, cmp == 0, "The GUID to identify the public key is not " "identical"); /* Check certificate version */ version = gnutls_x509_crt_get_version(x509_cert); torture_assert_int_equal(tctx, version, 3, "Invalid certificate version"); /* Get the public key */ rc = gnutls_pubkey_init(&pubkey); torture_assert_int_equal(tctx, rc, GNUTLS_E_SUCCESS, "gnutls_pubkey_init failed"); rc = gnutls_pubkey_import_x509(pubkey, x509_cert, 0); gnutls_x509_crt_deinit(x509_cert); torture_assert_int_equal(tctx, rc, GNUTLS_E_SUCCESS, "gnutls_pubkey_import_x509 failed"); pubkey_algo = gnutls_pubkey_get_pk_algorithm(pubkey, &RSA_returned_bits); gnutls_pubkey_deinit(pubkey); torture_assert_int_equal(tctx, pubkey_algo, GNUTLS_PK_RSA, "gnutls_pubkey_get_pk_algorithm did " "not return a RSA key"); torture_assert_int_equal(tctx, RSA_returned_bits, 2048, "RSA Key doesn't have 2048 bits"); } else { torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), NT_STATUS_ACCESS_DENIED, "Get GUID"); } return true; } static bool test_ServerWrap_encrypt_decrypt(struct torture_context *tctx, struct dcerpc_pipe *p) { struct bkrp_BackupKey r; struct GUID guid; DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret)); DATA_BLOB encrypted; uint32_t enclen; DATA_BLOB decrypted; uint32_t declen; struct dcerpc_binding_handle *b = p->binding_handle; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; ZERO_STRUCT(r); dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); /* Encrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_BACKUP_GUID, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = plaintext.data; r.in.data_in_len = plaintext.length; r.in.param = 0; r.out.data_out = &encrypted.data; r.out.data_out_len = &enclen; if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "encrypt"); } else { torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), NT_STATUS_ACCESS_DENIED, "encrypt"); return true; } torture_assert_werr_ok(tctx, r.out.result, "encrypt"); encrypted.length = *r.out.data_out_len; /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = encrypted.data; r.in.data_in_len = encrypted.length; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "decrypt"); torture_assert_werr_ok(tctx, r.out.result, "decrypt"); decrypted.length = *r.out.data_out_len; /* Compare */ torture_assert_data_blob_equal(tctx, plaintext, decrypted, "Decrypt failed"); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = encrypted.data; r.in.data_in_len = encrypted.length; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "decrypt"); torture_assert_werr_ok(tctx, r.out.result, "decrypt"); decrypted.length = *r.out.data_out_len; /* Compare */ torture_assert_data_blob_equal(tctx, plaintext, decrypted, "Decrypt failed"); return true; } static bool test_ServerWrap_decrypt_wrong_keyGUID(struct torture_context *tctx, struct dcerpc_pipe *p) { struct bkrp_BackupKey r; struct GUID guid; DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret)); DATA_BLOB encrypted; uint32_t enclen; DATA_BLOB decrypted; uint32_t declen; struct dcerpc_binding_handle *b = p->binding_handle; enum ndr_err_code ndr_err; struct bkrp_server_side_wrapped server_side_wrapped; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; ZERO_STRUCT(r); dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); /* Encrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_BACKUP_GUID, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = plaintext.data; r.in.data_in_len = plaintext.length; r.in.param = 0; r.out.data_out = &encrypted.data; r.out.data_out_len = &enclen; if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "encrypt"); } else { torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), NT_STATUS_ACCESS_DENIED, "encrypt"); return true; } torture_assert_werr_ok(tctx, r.out.result, "encrypt"); encrypted.length = *r.out.data_out_len; ndr_err = ndr_pull_struct_blob(&encrypted, tctx, &server_side_wrapped, (ndr_pull_flags_fn_t)ndr_pull_bkrp_server_side_wrapped); torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "pull of server_side_wrapped"); /* Change the GUID */ server_side_wrapped.guid = GUID_random(); ndr_err = ndr_push_struct_blob(&encrypted, tctx, &server_side_wrapped, (ndr_push_flags_fn_t)ndr_push_bkrp_server_side_wrapped); torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "push of server_side_wrapped"); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = encrypted.data; r.in.data_in_len = encrypted.length; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "decrypt"); torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_DATA, "decrypt should fail with WERR_INVALID_DATA"); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = encrypted.data; r.in.data_in_len = encrypted.length; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "decrypt"); torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_DATA, "decrypt should fail with WERR_INVALID_DATA"); return true; } static bool test_ServerWrap_decrypt_empty_request(struct torture_context *tctx, struct dcerpc_pipe *p) { struct bkrp_BackupKey r; struct GUID guid; DATA_BLOB decrypted; uint32_t declen; struct dcerpc_binding_handle *b = p->binding_handle; uint8_t short_request[4] = { 1, 0, 0, 0 }; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; ZERO_STRUCT(r); dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = short_request; r.in.data_in_len = 0; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "encrypt"); } else { torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), NT_STATUS_ACCESS_DENIED, "encrypt"); return true; } torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAMETER, "decrypt should fail with WERR_INVALID_PARAMETER"); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = short_request; r.in.data_in_len = 0; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "decrypt"); torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAMETER, "decrypt should fail with WERR_INVALID_PARAMETER"); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = NULL; r.in.data_in_len = 0; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), NT_STATUS_INVALID_PARAMETER_MIX, "decrypt"); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = NULL; r.in.data_in_len = 0; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), NT_STATUS_INVALID_PARAMETER_MIX, "decrypt"); return true; } static bool test_ServerWrap_decrypt_short_request(struct torture_context *tctx, struct dcerpc_pipe *p) { struct bkrp_BackupKey r; struct GUID guid; DATA_BLOB decrypted; uint32_t declen; struct dcerpc_binding_handle *b = p->binding_handle; uint8_t short_request[4] = { 1, 0, 0, 0 }; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; ZERO_STRUCT(r); dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = short_request; r.in.data_in_len = 4; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "encrypt"); } else { torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), NT_STATUS_ACCESS_DENIED, "encrypt"); return true; } torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAMETER, "decrypt should fail with WERR_INVALID_PARM"); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = short_request; r.in.data_in_len = 4; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "decrypt"); torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAMETER, "decrypt should fail with WERR_INVALID_PARAMETER"); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = short_request; r.in.data_in_len = 1; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "decrypt"); torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAMETER, "decrypt should fail with WERR_INVALID_PARAMETER"); /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = short_request; r.in.data_in_len = 1; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "decrypt"); torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAMETER, "decrypt should fail with WERR_INVALID_PARAMETER"); return true; } static bool test_ServerWrap_encrypt_decrypt_manual(struct torture_context *tctx, struct bkrp_server_side_wrapped *server_side_wrapped, enum test_wrong wrong) { char *lsa_binding_string = NULL; struct dcerpc_binding *lsa_binding = NULL; struct dcerpc_pipe *lsa_p = NULL; struct dcerpc_binding_handle *lsa_b = NULL; struct lsa_OpenSecret r_secret; struct lsa_QuerySecret r_query_secret; struct policy_handle *handle, sec_handle; struct bkrp_BackupKey r; struct GUID preferred_key_guid; DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret)); DATA_BLOB preferred_key, preferred_key_clear, session_key, decrypt_key, decrypt_key_clear, encrypted_blob, sid_blob; struct bkrp_dc_serverwrap_key server_key; struct lsa_DATA_BUF_PTR bufp1; char *key_guid_string; struct bkrp_rc4encryptedpayload rc4payload; struct dom_sid *caller_sid; uint8_t symkey[20]; /* SHA-1 hash len */ uint8_t mackey[20]; /* SHA-1 hash len */ uint8_t mac[20]; /* SHA-1 hash len */ gnutls_hmac_hd_t hmac_hnd; gnutls_cipher_hd_t cipher_hnd; gnutls_datum_t cipher_key; int rc; ZERO_STRUCT(r); ZERO_STRUCT(r_secret); ZERO_STRUCT(r_query_secret); /* Now read BCKUPKEY_P and prove we can do a matching decrypt and encrypt */ /* lsa_OpenSecret only works with ncacn_np and AUTH_LEVEL_NONE */ lsa_binding_string = talloc_asprintf(tctx, "ncacn_np:%s", torture_setting_string(tctx, "host", NULL)); torture_assert(tctx, lsa_binding_string != NULL, "lsa_binding_string"); torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, lsa_binding_string, &lsa_binding), "Failed to parse dcerpc binding"); torture_assert_ntstatus_ok(tctx, dcerpc_pipe_connect_b(tctx, &lsa_p, lsa_binding, &ndr_table_lsarpc, samba_cmdline_get_creds(), tctx->ev, tctx->lp_ctx), "Opening LSA pipe"); lsa_b = lsa_p->binding_handle; torture_assert(tctx, test_lsa_OpenPolicy2(lsa_b, tctx, &handle), "OpenPolicy failed"); r_secret.in.name.string = "G$BCKUPKEY_P"; r_secret.in.handle = handle; r_secret.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r_secret.out.sec_handle = &sec_handle; torture_comment(tctx, "Testing OpenSecret\n"); torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenSecret_r(lsa_b, tctx, &r_secret), "OpenSecret failed"); torture_assert_ntstatus_ok(tctx, r_secret.out.result, "OpenSecret failed"); r_query_secret.in.sec_handle = &sec_handle; r_query_secret.in.new_val = &bufp1; bufp1.buf = NULL; torture_assert_ntstatus_ok(tctx, dcerpc_lsa_QuerySecret_r(lsa_b, tctx, &r_query_secret), "QuerySecret failed"); torture_assert_ntstatus_ok(tctx, r_query_secret.out.result, "QuerySecret failed"); preferred_key.data = r_query_secret.out.new_val->buf->data; preferred_key.length = r_query_secret.out.new_val->buf->size; torture_assert_ntstatus_ok(tctx, dcerpc_fetch_session_key(lsa_p, &session_key), "dcerpc_fetch_session_key failed"); torture_assert_ntstatus_ok(tctx, sess_decrypt_blob(tctx, &preferred_key, &session_key, &preferred_key_clear), "sess_decrypt_blob failed"); torture_assert_ntstatus_ok(tctx, GUID_from_ndr_blob(&preferred_key_clear, &preferred_key_guid), "GUID parse failed"); torture_assert_guid_equal(tctx, server_side_wrapped->guid, preferred_key_guid, "GUID didn't match value pointed at by G$BCKUPKEY_P"); /* And read BCKUPKEY_ and get the actual key */ key_guid_string = GUID_string(tctx, &server_side_wrapped->guid); r_secret.in.name.string = talloc_asprintf(tctx, "G$BCKUPKEY_%s", key_guid_string); r_secret.in.handle = handle; r_secret.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r_secret.out.sec_handle = &sec_handle; torture_comment(tctx, "Testing OpenSecret\n"); torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenSecret_r(lsa_b, tctx, &r_secret), "OpenSecret failed"); torture_assert_ntstatus_ok(tctx, r_secret.out.result, "OpenSecret failed"); r_query_secret.in.sec_handle = &sec_handle; r_query_secret.in.new_val = &bufp1; torture_assert_ntstatus_ok(tctx, dcerpc_lsa_QuerySecret_r(lsa_b, tctx, &r_query_secret), "QuerySecret failed"); torture_assert_ntstatus_ok(tctx, r_query_secret.out.result, "QuerySecret failed"); decrypt_key.data = r_query_secret.out.new_val->buf->data; decrypt_key.length = r_query_secret.out.new_val->buf->size; torture_assert_ntstatus_ok(tctx, sess_decrypt_blob(tctx, &decrypt_key, &session_key, &decrypt_key_clear), "sess_decrypt_blob failed"); torture_assert_ndr_err_equal(tctx, ndr_pull_struct_blob(&decrypt_key_clear, tctx, &server_key, (ndr_pull_flags_fn_t)ndr_pull_bkrp_dc_serverwrap_key), NDR_ERR_SUCCESS, "Failed to parse server_key"); torture_assert_int_equal(tctx, server_key.magic, 1, "Failed to correctly decrypt server key"); /* * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1 * BACKUPKEY_BACKUP_GUID, it really is the whole key */ gnutls_hmac_init(&hmac_hnd, GNUTLS_MAC_SHA1, server_key.key, sizeof(server_key.key)); gnutls_hmac(hmac_hnd, server_side_wrapped->r2, sizeof(server_side_wrapped->r2)); gnutls_hmac_output(hmac_hnd, symkey); /* rc4 decrypt sid and secret using sym key */ cipher_key.data = symkey; cipher_key.size = sizeof(symkey); encrypted_blob = data_blob_talloc(tctx, server_side_wrapped->rc4encryptedpayload, server_side_wrapped->ciphertext_length); rc = gnutls_cipher_init(&cipher_hnd, GNUTLS_CIPHER_ARCFOUR_128, &cipher_key, NULL); torture_assert_int_equal(tctx, rc, GNUTLS_E_SUCCESS, "gnutls_cipher_init failed"); rc = gnutls_cipher_encrypt2(cipher_hnd, encrypted_blob.data, encrypted_blob.length, encrypted_blob.data, encrypted_blob.length); torture_assert_int_equal(tctx, rc, GNUTLS_E_SUCCESS, "gnutls_cipher_encrypt failed"); gnutls_cipher_deinit(cipher_hnd); torture_assert_ndr_err_equal(tctx, ndr_pull_struct_blob(&encrypted_blob, tctx, &rc4payload, (ndr_pull_flags_fn_t)ndr_pull_bkrp_rc4encryptedpayload), NDR_ERR_SUCCESS, "Failed to parse rc4encryptedpayload"); torture_assert_int_equal(tctx, rc4payload.secret_data.length, server_side_wrapped->payload_length, "length of decrypted payload not the length declared in surrounding structure"); /* * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1 * BACKUPKEY_BACKUP_GUID, it really is the whole key */ gnutls_hmac(hmac_hnd, rc4payload.r3, sizeof(rc4payload.r3)); gnutls_hmac_deinit(hmac_hnd, mackey); torture_assert_ndr_err_equal(tctx, ndr_push_struct_blob(&sid_blob, tctx, &rc4payload.sid, (ndr_push_flags_fn_t)ndr_push_dom_sid), NDR_ERR_SUCCESS, "unable to push SID"); gnutls_hmac_init(&hmac_hnd, GNUTLS_MAC_SHA1, mackey, sizeof(mackey)); /* SID field */ gnutls_hmac(hmac_hnd, sid_blob.data, sid_blob.length); /* Secret field */ gnutls_hmac(hmac_hnd, rc4payload.secret_data.data, rc4payload.secret_data.length); gnutls_hmac_output(hmac_hnd, mac); torture_assert_mem_equal(tctx, mac, rc4payload.mac, sizeof(mac), "mac not correct"); torture_assert_int_equal(tctx, rc4payload.secret_data.length, plaintext.length, "decrypted data is not correct length"); torture_assert_mem_equal(tctx, rc4payload.secret_data.data, plaintext.data, plaintext.length, "decrypted data is not correct"); /* Not strictly correct all the time, but good enough for this test */ caller_sid = get_user_sid(tctx, tctx, cli_credentials_get_username( samba_cmdline_get_creds())); torture_assert_sid_equal(tctx, &rc4payload.sid, caller_sid, "Secret saved with wrong SID"); /* RE-encrypt */ if (wrong == WRONG_SID) { rc4payload.sid.sub_auths[rc4payload.sid.num_auths - 1] = DOMAIN_RID_KRBTGT; } dump_data_pw("mackey: \n", mackey, sizeof(mackey)); torture_assert_ndr_err_equal(tctx, ndr_push_struct_blob(&sid_blob, tctx, &rc4payload.sid, (ndr_push_flags_fn_t)ndr_push_dom_sid), NDR_ERR_SUCCESS, "push of sid failed"); /* SID field */ gnutls_hmac(hmac_hnd, sid_blob.data, sid_blob.length); /* Secret field */ gnutls_hmac(hmac_hnd, rc4payload.secret_data.data, rc4payload.secret_data.length); gnutls_hmac_deinit(hmac_hnd, rc4payload.mac); dump_data_pw("rc4payload.mac: \n", rc4payload.mac, sizeof(rc4payload.mac)); torture_assert_ndr_err_equal(tctx, ndr_push_struct_blob(&encrypted_blob, tctx, &rc4payload, (ndr_push_flags_fn_t)ndr_push_bkrp_rc4encryptedpayload), NDR_ERR_SUCCESS, "push of rc4payload failed"); if (wrong == WRONG_KEY) { symkey[0] = 78; symkey[1] = 78; symkey[2] = 78; } /* rc4 encrypt sid and secret using sym key */ cipher_key.data = symkey; cipher_key.size = sizeof(symkey); rc = gnutls_cipher_init(&cipher_hnd, GNUTLS_CIPHER_ARCFOUR_128, &cipher_key, NULL); torture_assert_int_equal(tctx, rc, GNUTLS_E_SUCCESS, "gnutls_cipher_init failed"); rc = gnutls_cipher_encrypt2(cipher_hnd, encrypted_blob.data, encrypted_blob.length, encrypted_blob.data, encrypted_blob.length); torture_assert_int_equal(tctx, rc, GNUTLS_E_SUCCESS, "gnutls_cipher_encrypt failed"); gnutls_cipher_deinit(cipher_hnd); /* re-create server wrap structure */ torture_assert_int_equal(tctx, encrypted_blob.length, server_side_wrapped->ciphertext_length, "expected encrypted length not to change"); if (wrong == RIGHT_KEY) { torture_assert_mem_equal(tctx, server_side_wrapped->rc4encryptedpayload, encrypted_blob.data, encrypted_blob.length, "expected encrypted data not to change"); } server_side_wrapped->payload_length = rc4payload.secret_data.length; server_side_wrapped->ciphertext_length = encrypted_blob.length; server_side_wrapped->rc4encryptedpayload = encrypted_blob.data; return true; } static bool test_ServerWrap_decrypt_wrong_stuff(struct torture_context *tctx, struct dcerpc_pipe *p, enum test_wrong wrong) { struct bkrp_BackupKey r; struct GUID guid; DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret)); DATA_BLOB encrypted; uint32_t enclen; DATA_BLOB decrypted; uint32_t declen; struct dcerpc_binding_handle *b = p->binding_handle; enum ndr_err_code ndr_err; struct bkrp_server_side_wrapped server_side_wrapped; bool repush = false; enum dcerpc_AuthType auth_type; enum dcerpc_AuthLevel auth_level; ZERO_STRUCT(r); dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level); /* Encrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_BACKUP_GUID, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = plaintext.data; r.in.data_in_len = plaintext.length; r.in.param = 0; r.out.data_out = &encrypted.data; r.out.data_out_len = &enclen; if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) { torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "encrypt"); } else { torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), NT_STATUS_ACCESS_DENIED, "encrypt"); return true; } torture_assert_werr_ok(tctx, r.out.result, "encrypt"); encrypted.length = *r.out.data_out_len; ndr_err = ndr_pull_struct_blob(&encrypted, tctx, &server_side_wrapped, (ndr_pull_flags_fn_t)ndr_pull_bkrp_server_side_wrapped); torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "pull of server_side_wrapped"); torture_assert_int_equal(tctx, server_side_wrapped.payload_length, plaintext.length, "wrong payload length"); switch (wrong) { case WRONG_MAGIC: /* Change the magic. Forced by our NDR layer, so do it raw */ SIVAL(encrypted.data, 0, 78); /* valid values are 1-3 */ break; case WRONG_R2: server_side_wrapped.r2[0] = 78; server_side_wrapped.r2[1] = 78; server_side_wrapped.r2[2] = 78; repush = true; break; case WRONG_PAYLOAD_LENGTH: server_side_wrapped.payload_length = UINT32_MAX - 8; repush = true; break; case WRONG_CIPHERTEXT_LENGTH: /* * Change the ciphertext len. We can't push this if * we have it wrong, so do it raw */ SIVAL(encrypted.data, 8, UINT32_MAX - 8); /* valid values are 1-3 */ break; case SHORT_PAYLOAD_LENGTH: server_side_wrapped.payload_length = server_side_wrapped.payload_length - 8; repush = true; break; case SHORT_CIPHERTEXT_LENGTH: /* * Change the ciphertext len. We can't push this if * we have it wrong, so do it raw */ SIVAL(encrypted.data, 8, server_side_wrapped.ciphertext_length - 8); /* valid values are 1-3 */ break; case ZERO_PAYLOAD_LENGTH: server_side_wrapped.payload_length = 0; repush = true; break; case ZERO_CIPHERTEXT_LENGTH: /* * Change the ciphertext len. We can't push this if * we have it wrong, so do it raw */ SIVAL(encrypted.data, 8, 0); /* valid values are 1-3 */ break; case RIGHT_KEY: case WRONG_KEY: case WRONG_SID: torture_assert(tctx, test_ServerWrap_encrypt_decrypt_manual(tctx, &server_side_wrapped, wrong), "test_ServerWrap_encrypt_decrypt_manual failed"); repush = true; break; } if (repush) { ndr_err = ndr_push_struct_blob(&encrypted, tctx, &server_side_wrapped, (ndr_push_flags_fn_t)ndr_push_bkrp_server_side_wrapped); torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "push of server_side_wrapped"); } /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = encrypted.data; r.in.data_in_len = encrypted.length; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "decrypt"); if ((wrong == WRONG_R2 || wrong == WRONG_KEY) && W_ERROR_EQUAL(r.out.result, WERR_INVALID_SID)) { torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_SID, "decrypt should fail with WERR_INVALID_SID or WERR_INVALID_PARAMETER"); } else if (wrong == RIGHT_KEY) { torture_assert_werr_equal(tctx, r.out.result, WERR_OK, "decrypt should succeed!"); } else if (wrong == WRONG_SID) { torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_ACCESS, "decrypt should fail with WERR_INVALID_ACCESS"); } else { if (!W_ERROR_EQUAL(r.out.result, WERR_INVALID_ACCESS) && !W_ERROR_EQUAL(r.out.result, WERR_INVALID_PARAMETER)) { torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_DATA, "decrypt should fail with WERR_INVALID_ACCESS, WERR_INVALID_PARAMETER or WERR_INVALID_DATA"); } } /* Decrypt */ torture_assert_ntstatus_ok(tctx, GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid), "obtain GUID"); r.in.guidActionAgent = &guid; r.in.data_in = encrypted.data; r.in.data_in_len = encrypted.length; r.in.param = 0; r.out.data_out = &(decrypted.data); r.out.data_out_len = &declen; torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, &r), "decrypt"); if ((wrong == WRONG_R2 || wrong == WRONG_KEY) && W_ERROR_EQUAL(r.out.result, WERR_INVALID_SID)) { torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_SID, "decrypt should fail with WERR_INVALID_SID or WERR_INVALID_PARAMETER"); } else if (wrong == RIGHT_KEY) { torture_assert_werr_equal(tctx, r.out.result, WERR_OK, "decrypt should succeed!"); } else if (wrong == WRONG_SID) { torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_ACCESS, "decrypt should fail with WERR_INVALID_ACCESS"); } else { if (!W_ERROR_EQUAL(r.out.result, WERR_INVALID_ACCESS) && !W_ERROR_EQUAL(r.out.result, WERR_INVALID_PARAMETER)) { torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_DATA, "decrypt should fail with WERR_INVALID_ACCESS, WERR_INVALID_PARAMETER or WERR_INVALID_DATA"); } } return true; } static bool test_ServerWrap_decrypt_wrong_magic(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_MAGIC); } static bool test_ServerWrap_decrypt_wrong_r2(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_R2); } static bool test_ServerWrap_decrypt_wrong_payload_length(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_PAYLOAD_LENGTH); } static bool test_ServerWrap_decrypt_short_payload_length(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, SHORT_PAYLOAD_LENGTH); } static bool test_ServerWrap_decrypt_zero_payload_length(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, ZERO_PAYLOAD_LENGTH); } static bool test_ServerWrap_decrypt_wrong_ciphertext_length(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_CIPHERTEXT_LENGTH); } static bool test_ServerWrap_decrypt_short_ciphertext_length(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, SHORT_CIPHERTEXT_LENGTH); } static bool test_ServerWrap_decrypt_zero_ciphertext_length(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, ZERO_CIPHERTEXT_LENGTH); } static bool test_ServerWrap_encrypt_decrypt_remote_key(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, RIGHT_KEY); } static bool test_ServerWrap_encrypt_decrypt_wrong_key(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_KEY); } static bool test_ServerWrap_encrypt_decrypt_wrong_sid(struct torture_context *tctx, struct dcerpc_pipe *p) { return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_SID); } struct torture_suite *torture_rpc_backupkey(TALLOC_CTX *mem_ctx) { struct torture_suite *suite = torture_suite_create(mem_ctx, "backupkey"); struct torture_rpc_tcase *tcase; tcase = torture_suite_add_rpc_iface_tcase(suite, "backupkey", &ndr_table_backupkey); torture_rpc_tcase_add_test(tcase, "retreive_backup_key_guid", test_RetrieveBackupKeyGUID); torture_rpc_tcase_add_test(tcase, "restore_guid", test_RestoreGUID); torture_rpc_tcase_add_test(tcase, "restore_guid version 3", test_RestoreGUID_v3); /* We double the test in order to be sure that we don't mess stuff (ie. freeing static stuff) */ torture_rpc_tcase_add_test(tcase, "restore_guid_2nd", test_RestoreGUID); torture_rpc_tcase_add_test(tcase, "unable_to_decrypt_secret", test_RestoreGUID_ko); torture_rpc_tcase_add_test(tcase, "wrong_user_restore_guid", test_RestoreGUID_wronguser); torture_rpc_tcase_add_test(tcase, "wrong_version_restore_guid", test_RestoreGUID_wrongversion); torture_rpc_tcase_add_test(tcase, "bad_magic_on_secret_restore_guid", test_RestoreGUID_badmagiconsecret); torture_rpc_tcase_add_test(tcase, "bad_hash_on_secret_restore_guid", test_RestoreGUID_badhashaccesscheck); torture_rpc_tcase_add_test(tcase, "bad_magic_on_accesscheck_restore_guid", test_RestoreGUID_badmagicaccesscheck); torture_rpc_tcase_add_test(tcase, "bad_cert_guid_restore_guid", test_RestoreGUID_badcertguid); torture_rpc_tcase_add_test(tcase, "empty_request_restore_guid", test_RestoreGUID_emptyrequest); torture_rpc_tcase_add_test(tcase, "retreive_backup_key_guid_validate", test_RetrieveBackupKeyGUID_validate); torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt", test_ServerWrap_encrypt_decrypt); torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_keyGUID", test_ServerWrap_decrypt_wrong_keyGUID); torture_rpc_tcase_add_test(tcase, "server_wrap_empty_request", test_ServerWrap_decrypt_empty_request); torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_short_request", test_ServerWrap_decrypt_short_request); torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_magic", test_ServerWrap_decrypt_wrong_magic); torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_r2", test_ServerWrap_decrypt_wrong_r2); torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_payload_length", test_ServerWrap_decrypt_wrong_payload_length); torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_short_payload_length", test_ServerWrap_decrypt_short_payload_length); torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_zero_payload_length", test_ServerWrap_decrypt_zero_payload_length); torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_ciphertext_length", test_ServerWrap_decrypt_wrong_ciphertext_length); torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_short_ciphertext_length", test_ServerWrap_decrypt_short_ciphertext_length); torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_zero_ciphertext_length", test_ServerWrap_decrypt_zero_ciphertext_length); torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt_remote_key", test_ServerWrap_encrypt_decrypt_remote_key); torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt_wrong_key", test_ServerWrap_encrypt_decrypt_wrong_key); torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt_wrong_sid", test_ServerWrap_encrypt_decrypt_wrong_sid); return suite; }