]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
tests/krb5: Add methods to calculate keys for FAST
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Tue, 6 Jul 2021 00:49:05 +0000 (12:49 +1200)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 18 Aug 2021 22:28:34 +0000 (22:28 +0000)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
python/samba/tests/krb5/raw_testcase.py

index 46ce7605edf1bc6edcb1d193df080ab11b2d2356..113f08628b6845aecf2ac2e2d4ee749ac0a659e1 100644 (file)
@@ -2137,6 +2137,43 @@ class RawKerberosTest(TestCaseInTempDir):
 
         return subkey, subkey_usage
 
+    def generate_armor_key(self, subkey, session_key):
+        armor_key = kcrypto.cf2(subkey.key,
+                                session_key.key,
+                                b'subkeyarmor',
+                                b'ticketarmor')
+        armor_key = Krb5EncryptionKey(armor_key, None)
+
+        return armor_key
+
+    def generate_strengthen_reply_key(self, strengthen_key, reply_key):
+        strengthen_reply_key = kcrypto.cf2(strengthen_key.key,
+                                           reply_key.key,
+                                           b'strengthenkey',
+                                           b'replykey')
+        strengthen_reply_key = Krb5EncryptionKey(strengthen_reply_key,
+                                                 reply_key.kvno)
+
+        return strengthen_reply_key
+
+    def generate_client_challenge_key(self, armor_key, longterm_key):
+        client_challenge_key = kcrypto.cf2(armor_key.key,
+                                           longterm_key.key,
+                                           b'clientchallengearmor',
+                                           b'challengelongterm')
+        client_challenge_key = Krb5EncryptionKey(client_challenge_key, None)
+
+        return client_challenge_key
+
+    def generate_kdc_challenge_key(self, armor_key, longterm_key):
+        kdc_challenge_key = kcrypto.cf2(armor_key.key,
+                                        longterm_key.key,
+                                        b'kdcchallengearmor',
+                                        b'challengelongterm')
+        kdc_challenge_key = Krb5EncryptionKey(kdc_challenge_key, None)
+
+        return kdc_challenge_key
+
     def _test_as_exchange(self,
                           cname,
                           realm,