a
    û)&iÒ%  ã                   @   sÌ   d dl Z d dlZe j d d¡ dejd< d dlmZ d dlm  m	  m
Z d dlmZmZmZmZmZmZmZmZmZmZmZmZ dZdZdZd	Zd
ZG dd„ deƒZedkrÈdZdZd dl Z e  !¡  dS )é    Nz
bin/pythonÚ1ZPYTHONUNBUFFERED)ÚKDCBaseTest)ÚAES128_CTS_HMAC_SHA1_96ÚAES256_CTS_HMAC_SHA1_96ÚARCFOUR_HMAC_MD5ÚKDC_ERR_PREAUTH_REQUIREDÚ
KRB_AS_REPÚ	KRB_ERRORÚKU_AS_REP_ENC_PARTÚKU_PA_ENC_TIMESTAMPÚPADATA_ENC_TIMESTAMPÚPADATA_ETYPE_INFO2ÚNT_PRINCIPALÚNT_SRV_INSTFéy   éz   i   c                       sŒ   e Zd Z‡ fdd„Zdd„ Zdd„ Zdd„ Zd	d
„ Zdd„ Zdd„ Z	dd„ Z
dd„ Zdd„ Zdd„ Zdd„ Zdd„ Zdd„ Zdd„ Z‡  ZS )ÚSimpleKerberosTestsc                    s   t t| ƒ ¡  t| _t| _d S )N)Úsuperr   ÚsetUpÚglobal_asn1_printZdo_asn1_printÚglobal_hexdumpZ
do_hexdump)Úself©Ú	__class__© úF/usr/lib/python3/dist-packages/samba/tests/krb5/compatability_tests.pyr   7   s    zSimpleKerberosTests.setUpc                 C   s*   |   ¡ }|  |¡\}}|  t|d ¡ d S ©Nr   )Úget_user_credsÚas_reqÚassertEqualÚMIT_ENC_AS_REP_PART_TYPE_TAG©r   ÚcredsÚencÚ_r   r   r   Útest_mit_EncASRepPart_tag<   s    z-SimpleKerberosTests.test_mit_EncASRepPart_tagc                 C   s*   |   ¡ }|  |¡\}}|  t|d ¡ d S r   )r   r   r   Ú HIEMDAL_ENC_AS_REP_PART_TYPE_TAGr!   r   r   r   Útest_heimdal_EncASRepPart_tagA   s    z1SimpleKerberosTests.test_heimdal_EncASRepPart_tagc                 C   s,   |   ¡ }|  |¡\}}d|v r(|  d¡ d S )NÚkvnozkvno present in EncryptedData©r   r   Úfail©r   r"   r$   r#   r   r   r   Útest_mit_EncryptedData_kvnoF   s    z/SimpleKerberosTests.test_mit_EncryptedData_kvnoc                 C   s,   |   ¡ }|  |¡\}}d|vr(|  d¡ d S )Nr(   zkvno absent in EncryptedDatar)   r+   r   r   r   Útest_heimdal_EncryptedData_kvnoL   s    z3SimpleKerberosTests.test_heimdal_EncryptedData_kvnoc                 C   sZ   |   ¡ }|  |¡\}}|  t|d ¡ | j|t ¡ d}t|d dd}|  t	|@ ¡ d S ©Nr   ©Zasn1SpecÚflagsé   )Úbase)
r   r   r   r    Ú
der_decodeÚ	krb5_asn1ZEncTGSRepPartÚintZ
assertTrueÚENC_PA_REP_FLAG©r   r"   r#   r$   Zas_repr0   r   r   r   Ú"test_mit_EncASRepPart_FAST_supportR   s    z6SimpleKerberosTests.test_mit_EncASRepPart_FAST_supportc                 C   sb   |   ¡ }|  |¡\}}|  t|d ¡ | j|t ¡ d}|d }t|d dd}|  t	|@ ¡ d S r.   )
r   r   r   r&   r3   r4   ZEncASRepPartr5   ZassertFalser6   r7   r   r   r   Ú&test_heimdal_EncASRepPart_FAST_support\   s    z:SimpleKerberosTests.test_heimdal_EncASRepPart_FAST_supportc                 C   sL   |   ¡ }tf}|  ||¡^}}|  |¡ |  |¡}d|d vrH|  d¡ d S )NÚsaltr   z8(MIT) Salt not populated for ARCFOUR_HMAC_MD5 encryption©r   r   Úas_pre_auth_reqÚcheck_preauth_repÚget_etype_info2r*   ©r   r"   ÚetypesÚrepr$   Úetype_info2r   r   r   Útest_mit_arcfour_saltg   s    

ÿz)SimpleKerberosTests.test_mit_arcfour_saltc                 C   sL   |   ¡ }tf}|  ||¡^}}|  |¡ |  |¡}d|d v rH|  d¡ d S )Nr:   r   z8(Heimdal) Salt populated for ARCFOUR_HMAC_MD5 encryptionr;   r?   r   r   r   Útest_heimdal_arcfour_saltq   s    

ÿz-SimpleKerberosTests.test_heimdal_arcfour_saltc                 C   s^   |   ¡ }|  ¡ }|  ¡ }|  |¡}|  |¡}| j||dd |  ||¡}| j||ddd d S ©NF)Úservice_ticketT)rF   Zexpect_ticket_checksum©Zget_client_credsZget_service_credsZget_krbtgt_credsZTicketDecryptionKey_from_credsZget_tgtZverify_ticketZget_service_ticket©r   Z
user_credsZtarget_credsZkrbtgt_credsÚkeyZtgtrF   r   r   r   Útest_heimdal_ticket_signature{   s    


ÿz1SimpleKerberosTests.test_heimdal_ticket_signaturec                 C   s^   |   ¡ }|  ¡ }|  ¡ }|  |¡}|  |¡}| j||dd |  ||¡}| j||ddd d S rE   rG   rH   r   r   r   Útest_mit_ticket_signature   s    


ÿz-SimpleKerberosTests.test_mit_ticket_signaturec                 C   sŠ   |  ¡ }| ¡ }| jt|gd}| jtd|gd}| jdd}t d¡}d }	| j|	t	|ƒ|||d |d d|d d d}
|  
|
¡}|||||fS )N)Z	name_typeÚnamesZkrbtgti Œ  )ÚoffsetÚforwardableéÿÿÿ©ÚpadataÚkdc_optionsÚcnameÚrealmÚsnameZ	from_timeZ	till_timeZ
renew_timeZnoncer@   Z	addressesZadditional_tickets)Zget_usernameZ	get_realmZPrincipalName_creater   r   Zget_KerberosTimer4   Ú
KDCOptionsÚAS_REQ_createÚstrÚsend_recv_transaction)r   r"   r@   ÚuserrT   rS   rU   ÚtillrR   rQ   ÚreqrA   r   r   r   r<   ¥   s8    þþ
õ
z#SimpleKerberosTests.as_pre_auth_reqc                 C   s.   |   |¡ |  |d t¡ |  |d t¡ d S )Númsg-typez
error-code)ÚassertIsNotNoner   r	   r   )r   rA   r   r   r   r=   Å   s    
z%SimpleKerberosTests.check_preauth_repc                 C   sN   | j |d t ¡ d}|D ]}|d tkr|d } q8q| j |t ¡ d}|S )Nze-datar/   zpadata-typezpadata-value)r3   r4   ZMETHOD_DATAr   ZETYPE_INFO2)r   rA   Z
rep_padataZparB   r   r   r   r>   Ê   s    þþz#SimpleKerberosTests.get_etype_info2c                 C   s  t ttf}|  ||¡\}}}}}|  |¡ |  |¡}|  ||d ¡}	|  ¡ \}
}|  |
|¡}| j	|t
 ¡ d}|  |	t|¡}| j	|t
 ¡ d}|  t|¡}t
 d¡}|g}| j|t|ƒ|||d |d d|d d d}|  |¡}|  |¡ |d }|  |t¡ |d }|	 t|d d ¡}||fS )	Nr   r/   rN   rO   rP   r]   zenc-partZcipher)r   r   r   r<   r=   r>   ZPasswordKey_from_etype_info2Zget_KerberosTimeWithUsecZPA_ENC_TS_ENC_createZ
der_encoder4   ZPA_ENC_TS_ENCZEncryptedData_creater   ZEncryptedDataZPA_DATA_creater   rV   rW   rX   rY   r^   r   r   Zdecryptr
   )r   r"   r@   rA   rS   rU   rT   r[   rB   rI   ZpatimeZpausecZpa_tsrR   rQ   r\   Zmsg_typeZenc_partZenc_as_rep_partr   r   r   r   Ú   sL    ý


õ

ÿzSimpleKerberosTests.as_req)Ú__name__Ú
__module__Ú__qualname__r   r%   r'   r,   r-   r8   r9   rC   rD   rJ   rK   r<   r=   r>   r   Ú__classcell__r   r   r   r   r   5   s   


 r   Ú__main__)"ÚsysÚosÚpathÚinsertÚenvironZsamba.tests.krb5.kdc_base_testr   Zsamba.tests.krb5.rfc4120_pyasn1ZtestsZkrb5Zrfc4120_pyasn1r4   Z"samba.tests.krb5.rfc4120_constantsr   r   r   r   r   r	   r
   r   r   r   r   r   r   r   r&   r    r6   r   r_   ZunittestÚmainr   r   r   r   Ú<module>   s$   
8 U