HEX
Server: Apache/2.4.52 (Ubuntu)
System: Linux spn-python 5.15.0-89-generic #99-Ubuntu SMP Mon Oct 30 20:42:41 UTC 2023 x86_64
User: arjun (1000)
PHP: 8.1.2-1ubuntu2.20
Disabled: NONE
$ pwd: /lib/python3/dist-packages/samba/tests/krb5/__pycache__/
Upload Files
File: //lib/python3/dist-packages/samba/tests/krb5/__pycache__/fast_tests.cpython-310.pyc
o

eF�cu��@s(ddlZddlZej�dd�dejd<ddlZddlZddlZddlm	Z	ddl
mZddlm
Z
ddlmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZm Z m!Z!ddl"m#m$m%Z&ddl'm#m$m(Z(d	Z)d	Z*Gd
d�de
�Z+e,dkr�d	Z)d	Z*ddl-Z-e-�.�dSdS)
�Nz
bin/python�1�PYTHONUNBUFFERED)�security)�Krb5EncryptionKey)�KDCBaseTest)�AD_FX_FAST_ARMOR�AD_FX_FAST_USED�AES256_CTS_HMAC_SHA1_96�ARCFOUR_HMAC_MD5�FX_FAST_ARMOR_AP_REQUEST�KDC_ERR_ETYPE_NOSUPP�KDC_ERR_GENERIC�KDC_ERR_S_PRINCIPAL_UNKNOWN�KDC_ERR_NOT_US�KDC_ERR_PREAUTH_FAILED�KDC_ERR_PREAUTH_REQUIRED�%KDC_ERR_UNKNOWN_CRITICAL_FAST_OPTIONS�
KRB_AS_REP�KRB_TGS_REP�NT_PRINCIPAL�
NT_SRV_HST�NT_SRV_INST�PADATA_FX_COOKIE�PADATA_FX_FASTFcs�eZdZe�fdd��Z�fdd�Zdd�Zdd�Zd	d
�Zdd�Z	d
d�Z
dd�Zdd�Zdd�Z
dd�Zdd�Zdd�Zdd�Zdd�Zdd �Zd!d"�Zd#d$�Zd%d&�Zd'd(�Zd)d*�Zd+d,�Zd-d.�Zd/d0�Zd1d2�Zd3d4�Zd5d6�Zd7d8�Zd9d:�Z d;d<�Z!d=d>�Z"d?d@�Z#dAdB�Z$dCdD�Z%dEdF�Z&dGdH�Z'dIdJ�Z(dKdL�Z)dMdN�Z*dOdP�Z+dQdR�Z,dSdT�Z-dUdV�Z.dWdX�Z/dYdZ�Z0d[d\�Z1d]d^�Z2d_d`�Z3dadb�Z4dcdd�Z5dedf�Z6dgdh�Z7didj�Z8dkdl�Z9dmdn�Z:dodp�Z;dqdr�Z<dsdt�Z=dudv�Z>dwdx�Z?dydz�Z@d{d|�ZAd}d~�ZB	d�d�d��ZCd�d��ZDd�d��ZEd�d��ZF	�d�d�d��ZGd�d��ZHd�d��ZId�d��ZJd�d��ZKd�d��ZLd�d��ZMd�d��ZNd�d��ZOd�d��ZPd�d��ZQ�ZRS)��
FAST_Testscs&t���d|_d|_d|_d|_dS�N)�super�
setUpClass�user_tgt�user_service_ticket�mach_tgt�mach_service_ticket)�cls��	__class__��=/usr/lib/python3/dist-packages/samba/tests/krb5/fast_tests.pyr?s


zFAST_Tests.setUpClasscst���t|_t|_dSr)r�setUp�global_asn1_print�
do_asn1_print�global_hexdump�
do_hexdump��selfr#r%r&r'Is

zFAST_Tests.setUpcCs&|�ttdd�tdd|jd�g�dS)NF��rep_type�expected_error_mode�use_fastr�r/r0r1�
gen_padata_fn)�_run_test_sequencerr�generate_enc_timestamp_padatar,r%r%r&�test_simpleN���
�zFAST_Tests.test_simplecC�|�tdd|jd�g�dS�NrF�r/r0r1�
gen_tgt_fn�r4r�get_user_tgtr,r%r%r&�test_simple_tgs]��
�zFAST_Tests.test_simple_tgsc	Cs*|��}|�tttfdd|dd�g�dS)NF)r/r0r1�sname�expected_sname�expect_edata)�get_krbtgt_snamer4rr
r�r-rAr%r%r&�test_simple_no_snamegs�
�zFAST_Tests.test_simple_no_snamec
Cs.|��}|�tttfd|jd|dd�g�dS)NF)r/r0r1r;r@rArB�rCr4rr
rr=rDr%r%r&�test_simple_tgs_no_snameu��
�z#FAST_Tests.test_simple_tgs_no_snamec
Cs*|��}|�ttdt|jd|d�g�dS)NT)r/r0r1�
fast_armor�gen_armor_tgt_fnr@rA�rCr4rr
r�get_mach_tgtrDr%r%r&�test_fast_no_sname�s�
�zFAST_Tests.test_fast_no_snamec
Cs.|��}|�tttfd|jdd|d�g�dS)NT)r/r0r1r;rIr@rArFrDr%r%r&�test_fast_tgs_no_sname�rHz!FAST_Tests.test_fast_tgs_no_snamec
Cs.|��}|�ttdt|jddi|d�g�dS)NTr@)r/r0r1rIrJ�	inner_reqrArKrDr%r%r&�test_fast_inner_no_sname�s��
�z#FAST_Tests.test_fast_inner_no_snamec
Cs.|��}|�ttd|jdddi|d�g�dS)NTr@)r/r0r1r;rIrOrA�rCr4rr
r=rDr%r%r&�test_fast_tgs_inner_no_sname�s��
�z'FAST_Tests.test_fast_tgs_inner_no_snamecCr8r9)r4rrLr,r%r%r&�test_simple_tgs_wrong_principal�r?z*FAST_Tests.test_simple_tgs_wrong_principalcC�|�ttd|jdd�g�dS�NF)r/r0r1r;rB�r4rr�get_user_service_ticketr,r%r%r&�test_simple_tgs_service_ticket���
�z)FAST_Tests.test_simple_tgs_service_ticketcCrTrU�r4rr�get_mach_service_ticketr,r%r%r&�#test_simple_tgs_service_ticket_mach�rYz.FAST_Tests.test_simple_tgs_service_ticket_machcC�6|�ttdt|jdd�tdd|jt|jdd�g�dS)NT�0)r/r0r1rIrJ�pac_optionsr)r/r0r1r3rIrJr_�r4rrrrL�generate_enc_challenge_padatar,r%r%r&�test_fast_no_claims��"�	�
�zFAST_Tests.test_fast_no_claimsc	C� |�tdd|jddd�g�dS)NrTr^)r/r0r1r;rIr_r<r,r%r%r&�test_fast_tgs_no_claims���
�z"FAST_Tests.test_fast_tgs_no_claimscCs:|�ttdt|jddd�tdd|jt|jddd�g�dS)NTr^)r/r0r1rIrJr_�kdc_optionsr)r/r0r1r3rIrJr_rgr`r,r%r%r&�test_fast_no_claims_or_canon�&�
�
�z'FAST_Tests.test_fast_no_claims_or_canonc
Cs"|�tdd|jdddd�g�dS)NrTr^)r/r0r1r;rIr_rgr<r,r%r%r&� test_fast_tgs_no_claims_or_canon��
�z+FAST_Tests.test_fast_tgs_no_claims_or_canoncCr])NTr^)r/r0r1rIrJrgr)r/r0r1r3rIrJrgr`r,r%r%r&�test_fast_no_canon)rczFAST_Tests.test_fast_no_canonc	Crd)NrTr^)r/r0r1r;rIrgr<r,r%r%r&�test_fast_tgs_no_canon>rfz!FAST_Tests.test_fast_tgs_no_canonc	Cs |�ttd|jddd�g�dS)NFr%)r/r0r1r;�etypesrB�r4rrrLr,r%r%r&�test_simple_tgs_no_etypesJrfz$FAST_Tests.test_simple_tgs_no_etypesc	Cs |�ttd|jddd�g�dS)NTr%)r/r0r1r;rIrnror,r%r%r&�test_fast_tgs_no_etypesVrfz"FAST_Tests.test_fast_tgs_no_etypescCs|�ttddd�g�dS)NFr%)r/r0r1rn)r4rrr,r%r%r&�test_simple_no_etypesbs�
�z FAST_Tests.test_simple_no_etypesc	Cs |�ttdt|jdd�g�dS)NTr%)r/r0r1rIrJrn)r4rrrrLr,r%r%r&�test_simple_fast_no_etypesl��
�z%FAST_Tests.test_simple_fast_no_etypesc
Cs$|�ttd|jd|jdd�g�dS)NTF)r/r0r1�gen_fast_fnrIrJrB)r4rr
�generate_empty_fastrLr,r%r%r&�test_empty_fastxs�
�zFAST_Tests.test_empty_fastc	Cs |�ttddt|jd�g�dS)NT�001)r/r0r1�fast_optionsrIrJ)r4rrrrLr,r%r%r&�!test_fast_unknown_critical_option�s�
�z,FAST_Tests.test_fast_unknown_critical_optionc	Cs |�ttdd|jdd�g�dS)NTF)r/r0r1rIrJrB)r4rr
rLr,r%r%r&�test_unarmored_as_req�rtz FAST_Tests.test_unarmored_as_reqcC�|�ttdd|jd�g�dS)NTr�r/r0r1rIrJ�r4rrrLr,r%r%r&�test_fast_invalid_armor_type���
�z'FAST_Tests.test_fast_invalid_armor_typecCr|)NT�r}r~r,r%r%r&�test_fast_invalid_armor_type2�r�z(FAST_Tests.test_fast_invalid_armor_type2c
C�2|�ttdt|jd�tdd|jt|jd�g�dS�NTr}r�r/r0r1r3rIrJr`r,r%r%r&�test_fast_encrypted_challenge����
�z(FAST_Tests.test_fast_encrypted_challengec
C�2|�ttdt|jd�ttd|jt|jd�g�dS�NTr}r�)r4rrrrLr�'generate_enc_challenge_padata_wrong_keyr,r%r%r&�'test_fast_encrypted_challenge_wrong_key�r�z2FAST_Tests.test_fast_encrypted_challenge_wrong_keyc
Cr�r�)r4rrrrLr�+generate_enc_challenge_padata_wrong_key_kdcr,r%r%r&�+test_fast_encrypted_challenge_wrong_key_kdc�s��
�z6FAST_Tests.test_fast_encrypted_challenge_wrong_key_kdccCs&|�ttdd�ttd|jd�g�dS)NFr.r2)r4rrrr�r,r%r%r&�%test_fast_encrypted_challenge_no_fast�r7z0FAST_Tests.test_fast_encrypted_challenge_no_fastc
Cs<|�ttdt|jd�tddtj|jdd�t|jd�g�dS)NTr}ri'��skewr�)r4rrrrL�	functools�partialrar,r%r%r&�(test_fast_encrypted_challenge_clock_skew�s$���
�z3FAST_Tests.test_fast_encrypted_challenge_clock_skewc
Cr�r�)r4rrrrWrar,r%r%r&�test_fast_invalid_tgts��
�z FAST_Tests.test_fast_invalid_tgtc
Cr�r�)r4rrrr[rar,r%r%r&�test_fast_invalid_tgt_mach/r�z%FAST_Tests.test_fast_invalid_tgt_machc
Cs2|�ttdt|jd�ttd|jt|jd�g�dSr�)r4rrrrLr5r,r%r%r&�test_fast_enc_timestampDs��
�z"FAST_Tests.test_fast_enc_timestampc
Cr�r�r`r,r%r%r&�	test_fastYr�zFAST_Tests.test_fastcCs|�tdd|jdd�g�dS)NrT�r/r0r1r;rIr<r,r%r%r&�
test_fast_tgslrYzFAST_Tests.test_fast_tgsc	Cs"|�tdd|j|jtd�g�dS)NrT)r/r0r1r;rJrI)r4rr=rLrr,r%r%r&�test_fast_tgs_armorw��
�zFAST_Tests.test_fast_tgs_armorcC�>|�ttdt|jddid�tdd|jt|jddid�g�dS)NT�realm�TEST�r/r0r1rIrJ�	outer_reqr�r/r0r1r3rIrJr�r`r,r%r%r&�test_fast_outer_wrong_realm��&����
�z&FAST_Tests.test_fast_outer_wrong_realmc	C�$|�tdd|jdddid�g�dS)NrTr�r��r/r0r1r;rIr�r<r,r%r%r&�test_fast_tgs_outer_wrong_realm����
�z*FAST_Tests.test_fast_tgs_outer_wrong_realmcCr�)NT�nonce�123r�rr�r`r,r%r%r&�test_fast_outer_wrong_nonce�r�z&FAST_Tests.test_fast_outer_wrong_noncec	Cr�)NrTr�r�r�r<r,r%r%r&�test_fast_tgs_outer_wrong_nonce�r�z*FAST_Tests.test_fast_tgs_outer_wrong_noncecCr�)NT�kdc-options�11111111111111111r�rr�r`r,r%r%r&�test_fast_outer_wrong_flags�r�z&FAST_Tests.test_fast_outer_wrong_flagsc	Cr�)NrTr�r�r�r<r,r%r%r&�test_fast_tgs_outer_wrong_flags�r�z*FAST_Tests.test_fast_tgs_outer_wrong_flagscCs>|�ttdt|jddid�tdd|jt|jddid�g�dS)NTr@r�rr�r`r,r%r%r&�test_fast_outer_no_sname�r�z#FAST_Tests.test_fast_outer_no_snamec	Cs$|�tdd|jdddid�g�dS)NrTr@r�r<r,r%r%r&�test_fast_tgs_outer_no_snamer�z'FAST_Tests.test_fast_tgs_outer_no_snamecCr�)NT�till�15000101000000Zr�rr�r`r,r%r%r&�test_fast_outer_wrong_tillr�z%FAST_Tests.test_fast_outer_wrong_tillc	Cr�)NrTr�r�r�r<r,r%r%r&�test_fast_tgs_outer_wrong_till8r�z)FAST_Tests.test_fast_tgs_outer_wrong_tillc	Cs"|�tdd|j|jdd�g�dS)NrT)r/r0r1�gen_authdata_fnr;rI)r4r�generate_fast_used_auth_datar=r,r%r%r&�test_fast_authdata_fast_usedFr�z'FAST_Tests.test_fast_authdata_fast_usedc
Cs0|�tdd|jd�ttd|j|jdd�g�dS)NrFr:)r/r0r1r�r;rB)r4rr=r
r�r,r%r%r&� test_fast_authdata_fast_not_usedRs��
�z+FAST_Tests.test_fast_authdata_fast_not_usedcCs>|��}|�tdd|jdd�ttd|j|jd|dd�g�dS)NrTr�F)r/r0r1r�r;rIrArB)rCr4rr=r
�generate_fast_armor_auth_datarDr%r%r&�test_fast_ad_fx_fast_armorks$�	�
�z%FAST_Tests.test_fast_ad_fx_fast_armorcCs6|�ttdt|jd�tdd|j|jt|jd�g�dS)NTr}r)r/r0r1r3r�rIrJ)r4rrrrLrar�r,r%r%r&�test_fast_ad_fx_fast_armor2�s ��
�z&FAST_Tests.test_fast_ad_fx_fast_armor2cCs:|��}|�tdd|jdd�ttd|jd|dd�g�dS)NrTr�F)r/r0r1r;rIrArB)rCr4rr=r
�gen_tgt_fast_armor_auth_datarDr%r%r&�!test_fast_ad_fx_fast_armor_ticket�s"�
�
�z,FAST_Tests.test_fast_ad_fx_fast_armor_ticketc
Cs2|�ttdt|jd�tdd|jt|jd�g�dSr�)r4rrrrLrar�r,r%r%r&�"test_fast_ad_fx_fast_armor_ticket2�s��
�z-FAST_Tests.test_fast_ad_fx_fast_armor_ticket2cC�|�ttd|jdd�g�dS�NTr�rVr,r%r%r&�test_fast_tgs_service_ticket�s�
�z'FAST_Tests.test_fast_tgs_service_ticketcCr�r�rZr,r%r%r&�!test_fast_tgs_service_ticket_mach�rYz,FAST_Tests.test_fast_tgs_service_ticket_machcCs|�tdd|jdd�g�dS)NrF)r/r0r1r;�include_subkeyr<r,r%r%r&�test_simple_tgs_no_subkey�rYz$FAST_Tests.test_simple_tgs_no_subkeycCs,|��}|�ttd|jdd|dd�g�dS)NTF)r/r0r1r;rIr�rArBrQrDr%r%r&�test_fast_tgs_no_subkey�s�
�z"FAST_Tests.test_fast_tgs_no_subkeycCs:|�ttdt|jddd�tdd|jt|jddd�g�dS)NT�01)r/r0r1rIrJry�
expected_anonr)r/r0r1r3rIrJryr�r`r,r%r%r&�test_fast_hide_client_namesriz&FAST_Tests.test_fast_hide_client_namesc
Cs"|�tdd|jdddd�g�dS)NrTr�)r/r0r1r;rIryr�r<r,r%r%r&�test_fast_tgs_hide_client_namesrkz*FAST_Tests.test_fast_tgs_hide_client_namescCs4|�ttdt|jd�tdd|jt|jdd�g�dS)NTr}rr�)r/r0r1r3rIrJ�repeat)r4rrrrL�$generate_enc_challenge_padata_replayr,r%r%r&�$test_fast_encrypted_challenge_replay's ��
�z/FAST_Tests.test_fast_encrypted_challenge_replaycC�|d}|�|�}|g|fS�N�preauth_key)�"get_enc_timestamp_pa_data_from_key�r-�kdc_exchange_dict�
callback_dict�req_body�key�padatar%r%r&r5@�

z(FAST_Tests.generate_enc_timestamp_padatarc	Cs4|d}|d}|�||�}|j||d�}|g|fS)N�	armor_keyr�r�)�generate_client_challenge_key�get_challenge_pa_data)	r-r�r�r�r�r�r��client_challenge_keyr�r%r%r&raIs
�
z(FAST_Tests.generate_enc_challenge_padatacCs0|d}|d}|�||�}|�|�}|g|fS)Nr�r�)�generate_kdc_challenge_keyr�)r-r�r�r�r�r��kdc_challenge_keyr�r%r%r&r�Vs
�

z6FAST_Tests.generate_enc_challenge_padata_wrong_key_kdccCr�r�)r�r�r%r%r&r�br�z2FAST_Tests.generate_enc_challenge_padata_wrong_keycCsJ|�d�}|dur |d}|d}|�||�}|�|�}||d<|g|fS)N�
replay_padatar�r�)�getr�r�)r-r�r�r�r�r�r�r�r%r%r&r�ks

�

z/FAST_Tests.generate_enc_challenge_padata_replay�c	Cs|�td�}|S�N�)�PA_DATA_creater)	r-�_kdc_exchange_dict�_callback_dict�	_req_body�_fast_padata�_fast_armor�	_checksum�
_fast_options�fast_padatar%r%r&rv|szFAST_Tests.generate_empty_fastcG	Cs~|jr|��tt�d��}|��}|��}|��}|��}|�	�}|j
t|gd�}|��}	|�	�}
|j
t|	|
gd�}|�
|�}|j}
|��dd�}|�	�}d}|j
t||gd�}|�
|�}|j}d}d}|D�]S}|�d�}|�|ttf�|�d�}|dkr�d}n
t|tjj�s�|f}|D]
}|�|td	��q�|�d
�}|�t|�t�|r�|�d|�|�d�}|dur�|�d|�n
t|vr�|�d|�|�dd�}|dur�|�}nd}|�d
d�}nd}d}|�d
|�d}|tkr�|�d�}|�} n|�d|�d} t|�dk�r|j}!d}"nd}!|j }"|�dt!t"f�}#|tk�r#|nd}$|}%d|v�r2|�d�}&n
|tk�r:|}&n|}&|tk�rD|
}'n|}'|tk�rO| j#}(n|}(|�dd�})|)du�ra|�$|�|�d|(�}*|�dd�}+|�d|�},|�d|&�}-|�d|'�}.|�%�}/|�&t'j(j)�}0|tk�r�|�r�|�*|0|j+�}1|0}2n1d}1|0}2n,|du�r�|�&t'j(j)�}2|�*|2|j+�}3t'�,|3j-|0j-dd�}1t.|1d�}1n	|�*|0| j+�}1|0}2|�dd��s�d}0|�r�|�dd�}4|4du�r�t/j0|j1|d�}4nd}4|du�r�|j2nd}5dd �}6|�d!d"�}7|�d#|�}8|�d$d�}9|tk�r*|9du�r*|�3|�|�4||d|�5��}:nd}:|�rA|9};|du�r>t/j0|6|gd%�nd}<nd};|9}<|�d&d�}=|=du�rU|=�g}>nd}>|�sf|�d'|�|�d(|�|�d'd�}?|�d(d�}@|�d)d�}A|Adu�r�t�6|A�}A|�d*d�}B|Bdu�r�t�6|B�}B|tk�r|j7did|,�d|*�d|+�d|.�d|-�d+|
�d)|A�d*|B�d,|�d-|4�d.|5�d/|;�d0|�d1|<�d2|!�d3|"�d4|j8�d5i�d|�d6|#�d7|/�d8|0�d9|:�d:|>�d;|1�d<|�d=|2�d#|8�d'|?�d(|@�d>d�d!|7�d|)��}Cng|j9did|,�d|*�d|+�d|.�d|-�d+|�d)|A�d*|B�d,|�d-|4�d.|5�d/|;�d0|�d1|<�d2|!�d3|"�d4|j8�d|�d5i�d?| �d;|1�d<|�d=|2�d8|0�d:|>�d@d�d#|8�d'|?�d(|@�d>d�d!|7�d|)��}C|�dAdB�}Dt|D�D]B}E|j:|C|$|%|&|#dC�}Ft|�dk�r�|�;|F|�d}d}�qs|�<|F|�dD|Cv�r�|�=|CdD�}nd}t>|v�r�|CdE}�qsd}�qs|�?i|�qhdS)FNz/forwardable,renewable,canonicalize,renewable-ok)�	name_type�names����hostr/r0rr%��r1rIrJryr�r;rnr@rB�expected_cnamer�F�expected_crealmrA�expected_srealms
explicitarmorstgsarmorr�Tru)rycSst|�|fSr)�list)r�r�r�r�r%r%r&�_generate_padata_copy1sz<FAST_Tests._run_test_sequence.<locals>._generate_padata_copyr_rrgr3)r�r�rOr��expected_flags�unexpected_flags�expected_supported_etypes�ticket_decryption_key�generate_fast_fn�generate_fast_armor_fn�generate_fast_padata_fn�fast_armor_type�generate_padata_fn�check_error_fn�check_rep_fn�check_kdc_private_fnr��client_as_etypes�
expected_salt�authenticator_subkeyr��	auth_datar��	armor_tgt�armor_subkey�pac_request�tgt�body_checksum_typer��)�cnamer�r@rn�fast_cookie�preauth_etype_info2)@�strict_checking�check_kdc_fast_support�str�	krb5_asn1�
KDCOptions�get_client_creds�get_service_creds�get_krbtgt_creds�get_username�	get_realm�PrincipalName_createrr�TicketDecryptionKey_from_creds�tgs_supported_enctypesr�pop�assertInrr�
isinstance�collections�abc�	Container�range�assertIs�type�boolr
�assertNotIn�len�generic_check_kdc_error�generic_check_kdc_repr	r
r
�
assertTrue�get_salt�	RandomKey�kcrypto�Enctype�AES256�generate_armor_key�session_key�cf2r�rr�r��generate_simple_fast�generate_ap_req�assertIsNotNone�PasswordKey_from_etype_info2�get_kvno�TicketFlags�as_exchange_dict�generic_check_kdc_private�tgs_exchange_dict�_generic_kdc_exchange�check_reply�check_error_rep�create_fast_cookier�assertEqual)Gr-�
test_sequence�kdc_options_default�client_creds�target_creds�krbtgt_creds�client_username�client_realm�client_cname�krbtgt_username�krbtgt_realm�krbtgt_sname�krbtgt_decryption_key�
krbtgt_etypes�target_username�target_realm�target_service�target_sname�target_decryption_key�
target_etypesrr�kdc_dictr/r0�errorr1r�rJrryr;r
rrrnr
�crealmr@�srealm�	tgt_cnamerBr�r�r�rAr�rrr�r�explicit_armor_keyr�r�r�r_rgr3r�r�r�r�rrOr�r�r�r�r��_�repr%r%r&r4�s������





�





�
�
���
��
��
�
���







��������	�
���
������������������� �!�
#��������	�
���
������������������� �"�
�
����zFAST_Tests._run_test_sequencecC�|�td�}|Sr�)�AuthorizationData_creater�r-rr%r%r&r���z(FAST_Tests.generate_fast_armor_auth_datacCr]r�)r^rr_r%r%r&r��r`z'FAST_Tests.generate_fast_used_auth_datacs4|��}|����fdd�}|��}|j|||d�S)Ncs|d���|S)Nzauthorization-data)�append)�enc_part�rr%r&�	modify_fn�sz:FAST_Tests.gen_tgt_fast_armor_auth_data.<locals>.modify_fn)rd�
checksum_keys)r=r��get_krbtgt_checksum_key�modified_ticket)r-rrdrer%rcr&r��s�z'FAST_Tests.gen_tgt_fast_armor_auth_datacCs,|�|�|jr|�dt|��|�t|�S)Nr)r6r�assertNotEqualr(r�r)r-�cookier%r%r&r@�s
zFAST_Tests.create_fast_cookiecCs~|��}tj}d|��|f}|jd|tjdgd�}t|ddd�}|�tj	|@�|�tj
|@�|�tj|@�dS)Nz%s-%dz<SID=%s>zmsDS-SupportedEncryptionTypes)�base�scope�attrsr)�	get_samdbr�DOMAIN_RID_KRBTGT�get_domain_sid�search�ldb�
SCOPE_BASE�intr+�KERB_ENCTYPE_FAST_SUPPORTED�(KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED�KERB_ENCTYPE_CLAIMS_SUPPORTED)r-�samdb�
krbtgt_rid�
krbtgt_sid�resrNr%r%r&r�s"
����z!FAST_Tests.check_kdc_fast_supportcC�(|jdur|��}|�|�t|�_|jSr)r �get_mach_creds�get_tgtr%)r-�
mach_credsr%r%r&rL��
zFAST_Tests.get_mach_tgtcCr{r)rrr}r%)r-�
user_credsr%r%r&r=rzFAST_Tests.get_user_tgtcC�2|jdur|��}|��}|�||�t|�_|jSr)rr=r�get_service_ticketr%)r-r�
service_credsr%r%r&rW�

�z"FAST_Tests.get_user_service_ticketcCr�r)r!rLrr�r%)r-r r�r%r%r&r[r�z"FAST_Tests.get_mach_service_ticket)r)r�)S�__name__�
__module__�__qualname__�classmethodrr'r6r>rErGrMrNrPrRrSrXr\rbrerhrjrlrmrprqrrrsrwrzr{rr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r5rar�r�r�rvr4r�r�r�r@rrLr=rWr[�
__classcell__r%r%r#r&r>s�	






�
	
�A	r�__main__)/�sys�os�path�insert�environr�r rq�samba.dcerpcr�samba.tests.krb5.raw_testcaser�samba.tests.krb5.kdc_base_testr�"samba.tests.krb5.rfc4120_constantsrrr	r
rrr
rrrrrrrrrrrr�samba.tests.krb5.rfc4120_pyasn1�tests�krb5�rfc4120_pyasn1r�samba.tests.krb5.kcryptor.r(r*rr��unittest�mainr%r%r%r&�<module>sB
Tl�
@ Telegram