pa_ts = self.PA_ENC_TS_ENC_create(patime, pausec)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.PA_ENC_TS_ENC())
- enc_pa_ts_usage = 1
- pa_ts = self.EncryptedData_create(key, enc_pa_ts_usage, pa_ts)
+ pa_ts = self.EncryptedData_create(key, KU_PA_ENC_TIMESTAMP, pa_ts)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.EncryptedData())
pa_ts = self.PA_DATA_create(PADATA_ENC_TIMESTAMP, pa_ts)
self.assertEqual(msg_type, KRB_AS_REP, "Data {0}".format(str(data)))
# Decrypt and decode the EncKdcRepPart
- enc = key.decrypt(3, rep['enc-part']['cipher'])
+ enc = key.decrypt(KU_AS_REP_ENC_PART, rep['enc-part']['cipher'])
if enc[0] == 0x7A:
# MIT Kerberos Tags the EncASRepPart as a EncKDCRepPart
# i.e. tag number 26 instead of tag number 25
pa_ts = self.PA_ENC_TS_ENC_create(patime, pausec)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.PA_ENC_TS_ENC())
- enc_pa_ts_usage = 1
- pa_ts = self.EncryptedData_create(key, enc_pa_ts_usage, pa_ts)
+ pa_ts = self.EncryptedData_create(key, KU_PA_ENC_TIMESTAMP, pa_ts)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.EncryptedData())
pa_ts = self.PA_DATA_create(PADATA_ENC_TIMESTAMP, pa_ts)
msg_type = rep['msg-type']
self.assertEqual(msg_type, KRB_AS_REP)
- usage = 3
enc_part = rep['enc-part']
- enc_as_rep_part = key.decrypt(usage, rep['enc-part']['cipher'])
+ enc_as_rep_part = key.decrypt(
+ KU_AS_REP_ENC_PART, rep['enc-part']['cipher'])
return (enc_as_rep_part, enc_part)
KRB_AS_REP,
KRB_TGS_REP,
KRB_ERROR,
+ KU_AS_REP_ENC_PART,
+ KU_PA_ENC_TIMESTAMP,
+ KU_TGS_REP_ENC_PART_SUB_KEY,
+ KU_TICKET,
PADATA_ENC_TIMESTAMP,
PADATA_ETYPE_INFO2,
)
padata = self.PA_ENC_TS_ENC_create(patime, pausec)
padata = self.der_encode(padata, asn1Spec=krb5_asn1.PA_ENC_TS_ENC())
- usage = 1
- padata = self.EncryptedData_create(key, usage, padata)
+ padata = self.EncryptedData_create(key, KU_PA_ENC_TIMESTAMP, padata)
padata = self.der_encode(padata, asn1Spec=krb5_asn1.EncryptedData())
padata = self.PA_DATA_create(PADATA_ENC_TIMESTAMP, padata)
def get_as_rep_enc_data(self, key, rep):
''' Decrypt and Decode the encrypted data in an AS-REP
'''
- usage = 3
- enc_part = key.decrypt(usage, rep['enc-part']['cipher'])
+ enc_part = key.decrypt(KU_AS_REP_ENC_PART, rep['enc-part']['cipher'])
# MIT KDC encodes both EncASRepPart and EncTGSRepPart with
# application tag 26
try:
padata = []
subkey = self.RandomKey(key.etype)
- subkey_usage = 9
(ctime, cusec) = self.get_KerberosTimeWithUsec()
msg_type = rep['msg-type']
enc_part = None
if msg_type == KRB_TGS_REP:
- enc_part = subkey.decrypt(subkey_usage, rep['enc-part']['cipher'])
+ enc_part = subkey.decrypt(
+ KU_TGS_REP_ENC_PART_SUB_KEY, rep['enc-part']['cipher'])
enc_part = self.der_decode(
enc_part, asn1Spec=krb5_asn1.EncTGSRepPart())
return (rep, enc_part)
salt,
ticket['enc-part']['kvno'])
- enc_part = key.decrypt(2, ticket['enc-part']['cipher'])
+ enc_part = key.decrypt(KU_TICKET, ticket['enc-part']['cipher'])
enc_ticket_part = self.der_decode(
enc_part, asn1Spec=krb5_asn1.EncTicketPart())
return enc_ticket_part
pa_ts = self.PA_ENC_TS_ENC_create(patime, pausec)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.PA_ENC_TS_ENC())
- enc_pa_ts_usage = 1
- pa_ts = self.EncryptedData_create(key, enc_pa_ts_usage, pa_ts)
+ pa_ts = self.EncryptedData_create(key, KU_PA_ENC_TIMESTAMP, pa_ts)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.EncryptedData())
pa_ts = self.PA_DATA_create(PADATA_ENC_TIMESTAMP, pa_ts)
from samba.tests import env_get_var_value
from samba.tests.krb5.kcrypto import Cksumtype
from samba.tests.krb5.raw_testcase import RawKerberosTest
+from samba.tests.krb5.rfc4120_constants import (
+ KU_PA_ENC_TIMESTAMP,
+ KU_AS_REP_ENC_PART,
+ KU_TGS_REP_ENC_PART_SUB_KEY,
+)
import samba.tests.krb5.rfc4120_pyasn1 as krb5_asn1
global_asn1_print = False
pa_ts = self.PA_ENC_TS_ENC_create(patime, pausec)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.PA_ENC_TS_ENC())
- enc_pa_ts_usage = 1
- pa_ts = self.EncryptedData_create(key, enc_pa_ts_usage, pa_ts)
+ pa_ts = self.EncryptedData_create(key, KU_PA_ENC_TIMESTAMP, pa_ts)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.EncryptedData())
pa_ts = self.PA_DATA_create(2, pa_ts)
msg_type = rep['msg-type']
self.assertEqual(msg_type, 11)
- usage = 3
- enc_part2 = key.decrypt(usage, rep['enc-part']['cipher'])
+ enc_part2 = key.decrypt(KU_AS_REP_ENC_PART, rep['enc-part']['cipher'])
enc_part2 = self.der_decode(enc_part2, asn1Spec=krb5_asn1.EncASRepPart())
# S4U2Self Request
padata = [pa_s4u]
subkey = self.RandomKey(ticket_session_key.etype)
- subkey_usage = 9
(ctime, cusec) = self.get_KerberosTimeWithUsec()
msg_type = rep['msg-type']
if msg_type == 13:
- enc_part2 = subkey.decrypt(subkey_usage, rep['enc-part']['cipher'])
+ enc_part2 = subkey.decrypt(
+ KU_TGS_REP_ENC_PART_SUB_KEY, rep['enc-part']['cipher'])
enc_part2 = self.der_decode(enc_part2, asn1Spec=krb5_asn1.EncTGSRepPart())
return msg_type
os.environ["PYTHONUNBUFFERED"] = "1"
from samba.tests.krb5.raw_testcase import RawKerberosTest
+from samba.tests.krb5.rfc4120_constants import (
+ KU_AS_REP_ENC_PART,
+ KU_PA_ENC_TIMESTAMP,
+ KU_TGS_REP_ENC_PART_SUB_KEY,
+)
import samba.tests.krb5.rfc4120_pyasn1 as krb5_asn1
global_asn1_print = False
pa_ts = self.PA_ENC_TS_ENC_create(patime, pausec)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.PA_ENC_TS_ENC())
- enc_pa_ts_usage = 1
- pa_ts = self.EncryptedData_create(key, enc_pa_ts_usage, pa_ts)
+ pa_ts = self.EncryptedData_create(key, KU_PA_ENC_TIMESTAMP, pa_ts)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.EncryptedData())
pa_ts = self.PA_DATA_create(2, pa_ts)
msg_type = rep['msg-type']
self.assertEqual(msg_type, 11)
- usage = 3
- enc_part2 = key.decrypt(usage, rep['enc-part']['cipher'])
+ enc_part2 = key.decrypt(KU_AS_REP_ENC_PART, rep['enc-part']['cipher'])
# MIT KDC encodes both EncASRepPart and EncTGSRepPart with application tag 26
try:
padata = []
subkey = self.RandomKey(ticket_session_key.etype)
- subkey_usage = 9
(ctime, cusec) = self.get_KerberosTimeWithUsec()
msg_type = rep['msg-type']
self.assertEqual(msg_type, 13)
- enc_part2 = subkey.decrypt(subkey_usage, rep['enc-part']['cipher'])
+ enc_part2 = subkey.decrypt(
+ KU_TGS_REP_ENC_PART_SUB_KEY, rep['enc-part']['cipher'])
enc_part2 = self.der_decode(enc_part2, asn1Spec=krb5_asn1.EncTGSRepPart())
return
os.environ["PYTHONUNBUFFERED"] = "1"
from samba.tests.krb5.raw_testcase import RawKerberosTest
+from samba.tests.krb5.rfc4120_constants import (
+ KU_PA_ENC_TIMESTAMP,
+ KU_AS_REP_ENC_PART,
+ KU_TGS_REP_ENC_PART_SUB_KEY,
+)
import samba.tests.krb5.rfc4120_pyasn1 as krb5_asn1
import samba.tests
pa_ts = self.PA_ENC_TS_ENC_create(patime, pausec)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.PA_ENC_TS_ENC())
- enc_pa_ts_usage = 1
- pa_ts = self.EncryptedData_create(key, enc_pa_ts_usage, pa_ts)
+ pa_ts = self.EncryptedData_create(key, KU_PA_ENC_TIMESTAMP, pa_ts)
pa_ts = self.der_encode(pa_ts, asn1Spec=krb5_asn1.EncryptedData())
pa_ts = self.PA_DATA_create(2, pa_ts)
msg_type = rep['msg-type']
self.assertEqual(msg_type, 11)
- usage = 3
- enc_part2 = key.decrypt(usage, rep['enc-part']['cipher'])
+ enc_part2 = key.decrypt(KU_AS_REP_ENC_PART, rep['enc-part']['cipher'])
# MIT KDC encodes both EncASRepPart and EncTGSRepPart with application tag 26
try:
padata = []
subkey = self.RandomKey(ticket_session_key.etype)
- subkey_usage = 9
(ctime, cusec) = self.get_KerberosTimeWithUsec()
msg_type = rep['msg-type']
self.assertEqual(msg_type, 13)
- enc_part2 = subkey.decrypt(subkey_usage, rep['enc-part']['cipher'])
+ enc_part2 = subkey.decrypt(
+ KU_TGS_REP_ENC_PART_SUB_KEY, rep['enc-part']['cipher'])
enc_part2 = self.der_decode(enc_part2, asn1Spec=krb5_asn1.EncTGSRepPart())
# Check the forwardable flag
projects / thirdparty / samba.git / commitdiff
