Test more PAC (note that the values used in this test is wrong, they

have to be fixed when the pac code is fixed). git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19782 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-01-09 11:09:13 +00:00
parent c792a0e800
commit fe73261177
1 changed files with 57 additions and 0 deletions
--- a/lib/krb5/test_pac.c
+++ b/lib/krb5/test_pac.c
@@ -82,6 +82,9 @@ static const unsigned char saved_pac[] = {
 	0x83, 0xb3, 0x13, 0x3f, 0xfc, 0x5c, 0x41, 0xad, 0xe2, 0x64, 0x83, 0xe0, 0x00, 0x00, 0x00, 0x00
 };

+static int type_1_length = 2;
+static int type_2_length = 2;
+
 static const krb5_keyblock kdc_keyblock = {
    ETYPE_ARCFOUR_HMAC_MD5,
    { 16, "\xB2\x86\x75\x71\x48\xAF\x7F\xD2\x52\xC5\x36\x03\xA1\x50\xB7\xE7" }
@@ -224,6 +227,60 @@ main(int argc, char **argv)
 	free(list);
    }

+    /* make a copy and try to reproduce it */
+    {
+	uint32_t *list;
+	size_t len, i;
+	struct krb5_pac *pac2;
+
+	ret = krb5_pac_init(context, &pac2);
+	if (ret)
+	    krb5_err(context, 1, ret, "krb5_pac_init");
+
+	/* our two user buffer plus the three "system" buffers */
+	ret = krb5_pac_get_types(context, pac, &len, &list);
+	if (ret)
+	    krb5_err(context, 1, ret, "krb5_pac_get_types");
+
+	for (i = 0; i < len; i++) {
+	    /* skip server_cksum, privsvr_cksum, and logon_name */
+	    if (list[i] == 6 || list[i] == 7 || list[i] == 10)
+		continue;
+
+	    ret = krb5_pac_get_buffer(context, pac, list[i], &data);
+	    if (ret)
+		krb5_err(context, 1, ret, "krb5_pac_get_buffer");
+
+	    if (list[i] == 1 && type_1_length != data.length)
+		krb5_errx(context, 1, "type 1 have wrong length");
+	    if (list[i] == 2 && type_2_length != data.length)
+		krb5_errx(context, 1, "type 2 have wrong length");
+
+	    ret = krb5_pac_add_buffer(context, pac2, list[i], &data);
+	    if (ret)
+		krb5_err(context, 1, ret, "krb5_pac_add_buffer");
+	    krb5_data_free(&data);
+	}
+	free(list);
+	
+	ret = _krb5_pac_sign(context, pac2, authtime, p, 
+			     &member_keyblock, &kdc_keyblock, &data);
+	if (ret)
+	    krb5_err(context, 1, ret, "_krb5_pac_sign 4");
+	
+	krb5_pac_free(context, pac2);
+
+	ret = krb5_pac_parse(context, data.data, data.length, &pac2);
+	if (ret)
+	    krb5_err(context, 1, ret, "krb5_pac_parse 4");
+	
+	ret = krb5_pac_verify(context, pac2, authtime, p,
+			      &member_keyblock, &kdc_keyblock);
+	if (ret)
+	    krb5_err(context, 1, ret, "krb5_pac_verify 4");
+	
+    }
+
    krb5_pac_free(context, pac);

    return 0;