def toKRBCRED(self):
principal = self.principal
credential = self.credentials[0]
krbCredInfo = KrbCredInfo()
krbCredInfo['key'] = noValue
krbCredInfo['key']['keytype'] = credential['key']['keytype']
krbCredInfo['key']['keyvalue'] = credential['key']['keyvalue']
krbCredInfo['prealm'] = principal.realm.fields['data']
krbCredInfo['pname'] = noValue
krbCredInfo['pname']['name-type'] = principal.header['name_type']
seq_set_iter(krbCredInfo['pname'], 'name-string',
(principal.components[0].fields['data'], ))
krbCredInfo['flags'] = credential['tktflags']
krbCredInfo['starttime'] = KerberosTime.to_asn1(
datetime.utcfromtimestamp(credential['time']['starttime']))
krbCredInfo['endtime'] = KerberosTime.to_asn1(
datetime.utcfromtimestamp(credential['time']['endtime']))
krbCredInfo['renew-till'] = KerberosTime.to_asn1(
datetime.utcfromtimestamp(credential['time']['renew_till']))
krbCredInfo['srealm'] = credential['server'].realm.fields['data']
krbCredInfo['sname'] = noValue
krbCredInfo['sname']['name-type'] = credential['server'].header[
'name_type']
tmp_service_class = credential['server'].components[0].fields['data']
tmp_service_hostname = credential['server'].components[1].fields[
'data']
seq_set_iter(krbCredInfo['sname'], 'name-string',
(tmp_service_class, tmp_service_hostname))
encKrbCredPart = EncKrbCredPart()
seq_set_iter(encKrbCredPart, 'ticket-info', (krbCredInfo, ))
krbCred = KRB_CRED()
krbCred['pvno'] = 5
krbCred['msg-type'] = 22
krbCred['enc-part'] = noValue
krbCred['enc-part']['etype'] = 0
krbCred['enc-part']['cipher'] = encoder.encode(encKrbCredPart)
ticket = decoder.decode(credential.ticket['data'],
asn1Spec=Ticket())[0]
seq_set_iter(krbCred, 'tickets', (ticket, ))
encodedKrbCred = encoder.encode(krbCred)
return encodedKrbCred
def convert_ccache_to_kirbi(input_filename, output_filename):
ccache = CCache.loadFile(input_filename)
principal = ccache.principal
credential = ccache.credentials[0]
krb_cred_info = KrbCredInfo()
krb_cred_info['key'] = noValue
krb_cred_info['key']['keytype'] = credential['key']['keytype']
krb_cred_info['key']['keyvalue'] = credential['key']['keyvalue']
krb_cred_info['prealm'] = principal.realm.fields['data']
krb_cred_info['pname'] = noValue
krb_cred_info['pname']['name-type'] = principal.header['name_type']
seq_set_iter(krb_cred_info['pname'], 'name-string', (principal.components[0].fields['data'],))
krb_cred_info['flags'] = credential['tktflags']
# krb_cred_info['authtime'] = KerberosTime.to_asn1(datetime.datetime.fromtimestamp(credential['time']['authtime']))
krb_cred_info['starttime'] = KerberosTime.to_asn1(datetime.datetime.utcfromtimestamp(credential['time']['starttime']))
krb_cred_info['endtime'] = KerberosTime.to_asn1(datetime.datetime.utcfromtimestamp(credential['time']['endtime']))
krb_cred_info['renew-till'] = KerberosTime.to_asn1(datetime.datetime.utcfromtimestamp(credential['time']['renew_till']))
krb_cred_info['srealm'] = credential['server'].realm.fields['data']
krb_cred_info['sname'] = noValue
krb_cred_info['sname']['name-type'] = credential['server'].header['name_type']
seq_set_iter(krb_cred_info['sname'], 'name-string', (credential['server'].components[0].fields['data'], credential['server'].realm.fields['data']))
enc_krb_cred_part = EncKrbCredPart()
seq_set_iter(enc_krb_cred_part, 'ticket-info', (krb_cred_info,))
encoder.encode(krb_cred_info)
krb_cred = KRB_CRED()
krb_cred['pvno'] = 5
krb_cred['msg-type'] = 22
krb_cred['enc-part'] = noValue
krb_cred['enc-part']['etype'] = 0
krb_cred['enc-part']['cipher'] = encoder.encode(enc_krb_cred_part)
ticket = decoder.decode(credential.ticket['data'], asn1Spec=Ticket())[0]
seq_set_iter(krb_cred, 'tickets', (ticket,))
with open(output_filename, 'wb') as fo:
fo.write(encoder.encode(krb_cred))