From: Joseph Sutton Date: Tue, 6 Jul 2021 00:47:18 +0000 (+1200) Subject: tests/krb5: Add method to generate FAST encrypted challenge padata X-Git-Tag: ldb-2.5.0~926 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aafc86896969d02ff1daecdf2668bfa642860082;p=thirdparty%2Fsamba.git tests/krb5: Add method to generate FAST encrypted challenge padata Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett Reviewed-by: Andreas Schneider --- diff --git a/python/samba/tests/krb5/kdc_base_test.py b/python/samba/tests/krb5/kdc_base_test.py index 1b550179e0e..24a1e7cfbc8 100644 --- a/python/samba/tests/krb5/kdc_base_test.py +++ b/python/samba/tests/krb5/kdc_base_test.py @@ -54,11 +54,13 @@ from samba.tests.krb5.rfc4120_constants import ( KRB_TGS_REP, KRB_ERROR, KU_AS_REP_ENC_PART, + KU_ENC_CHALLENGE_CLIENT, KU_PA_ENC_TIMESTAMP, KU_TGS_REP_ENC_PART_SUB_KEY, KU_TICKET, NT_PRINCIPAL, NT_SRV_HST, + PADATA_ENCRYPTED_CHALLENGE, PADATA_ENC_TIMESTAMP, PADATA_ETYPE_INFO2, ) @@ -511,6 +513,23 @@ class KDCBaseTest(RawKerberosTest): return padata + def get_challenge_pa_data(self, client_challenge_key, skew=0): + patime, pausec = self.get_KerberosTimeWithUsec(offset=skew) + padata = self.PA_ENC_TS_ENC_create(patime, pausec) + padata = self.der_encode(padata, + asn1Spec=krb5_asn1.PA_ENC_TS_ENC()) + + padata = self.EncryptedData_create(client_challenge_key, + KU_ENC_CHALLENGE_CLIENT, + padata) + padata = self.der_encode(padata, + asn1Spec=krb5_asn1.EncryptedData()) + + padata = self.PA_DATA_create(PADATA_ENCRYPTED_CHALLENGE, + padata) + + return padata + def get_as_rep_enc_data(self, key, rep): ''' Decrypt and Decode the encrypted data in an AS-REP '''