]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
tests/krb5: Add method to generate FAST encrypted challenge padata
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Tue, 6 Jul 2021 00:47:18 +0000 (12:47 +1200)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 18 Aug 2021 22:28:34 +0000 (22:28 +0000)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
python/samba/tests/krb5/kdc_base_test.py

index 1b550179e0e54a4de825c0295a9aa34f70fcf343..24a1e7cfbc8f2dc6a98ff09f236e54a6cfeecc0f 100644 (file)
@@ -54,11 +54,13 @@ from samba.tests.krb5.rfc4120_constants import (
     KRB_TGS_REP,
     KRB_ERROR,
     KU_AS_REP_ENC_PART,
+    KU_ENC_CHALLENGE_CLIENT,
     KU_PA_ENC_TIMESTAMP,
     KU_TGS_REP_ENC_PART_SUB_KEY,
     KU_TICKET,
     NT_PRINCIPAL,
     NT_SRV_HST,
+    PADATA_ENCRYPTED_CHALLENGE,
     PADATA_ENC_TIMESTAMP,
     PADATA_ETYPE_INFO2,
 )
@@ -511,6 +513,23 @@ class KDCBaseTest(RawKerberosTest):
 
         return padata
 
+    def get_challenge_pa_data(self, client_challenge_key, skew=0):
+        patime, pausec = self.get_KerberosTimeWithUsec(offset=skew)
+        padata = self.PA_ENC_TS_ENC_create(patime, pausec)
+        padata = self.der_encode(padata,
+                                 asn1Spec=krb5_asn1.PA_ENC_TS_ENC())
+
+        padata = self.EncryptedData_create(client_challenge_key,
+                                           KU_ENC_CHALLENGE_CLIENT,
+                                           padata)
+        padata = self.der_encode(padata,
+                                 asn1Spec=krb5_asn1.EncryptedData())
+
+        padata = self.PA_DATA_create(PADATA_ENCRYPTED_CHALLENGE,
+                                     padata)
+
+        return padata
+
     def get_as_rep_enc_data(self, key, rep):
         ''' Decrypt and Decode the encrypted data in an AS-REP
         '''