def krb5_asn1(principal, password, krb5_context=None):
# type: (str, str, Optional[heimdal.context]) -> List[bytes]
"""
Generate Kerberos password hashes.
:param principal: Kerberos principal name.
:param password: password string.
:param krb5_context: optional Kerberos context.
:returns: list of ASN1 encoded Kerberos hashes.
"""
list = []
if isinstance(principal, unicode):
principal = principal.encode('utf-8')
if isinstance(password, unicode):
password = password.encode('utf-8')
if not krb5_context:
krb5_context = heimdal.context()
for krb5_etype in krb5_context.get_permitted_enctypes():
if str(krb5_etype) == 'des3-cbc-md5' and configRegistry.is_false('password/krb5/enctype/des3-cbc-md5', True):
continue
krb5_principal = heimdal.principal(krb5_context, principal)
krb5_keyblock = heimdal.keyblock(krb5_context, krb5_etype, password, krb5_principal)
krb5_salt = heimdal.salt(krb5_context, krb5_principal)
list.append(heimdal.asn1_encode_key(krb5_keyblock, krb5_salt, 0))
return list
def test_salt(self): context = heimdal.context() principal = heimdal.principal(context, USER) before = middle = after = 0 before = sys.gettotalrefcount() salt = heimdal.salt(context, principal) middle = sys.gettotalrefcount() del salt after = sys.gettotalrefcount() self.assertGreater(middle, before) self.assertLess(after, middle) self.assertEqual(before, after)
def krb5_asn1(principal, password, krb5_context=None):
list=[]
if type(principal) == types.UnicodeType:
principal = str( principal )
if type(password) == types.UnicodeType:
password = str( password )
if not krb5_context:
krb5_context = heimdal.context()
for krb5_etype in krb5_context.get_permitted_enctypes():
if str(krb5_etype) == 'des3-cbc-md5' and configRegistry.is_false('password/krb5/enctype/des3-cbc-md5', True):
continue
krb5_principal = heimdal.principal(krb5_context, principal)
krb5_keyblock = heimdal.keyblock(krb5_context, krb5_etype, password, krb5_principal)
krb5_salt = heimdal.salt(krb5_context, krb5_principal)
list.append(heimdal.asn1_encode_key(krb5_keyblock, krb5_salt, 0))
return list
def krb5_asn1(principal, password, krb5_context=None):
list = []
if isinstance(principal, types.UnicodeType):
principal = str(principal)
if isinstance(password, types.UnicodeType):
password = str(password)
if not krb5_context:
krb5_context = heimdal.context()
for krb5_etype in krb5_context.get_permitted_enctypes():
if str(krb5_etype) == 'des3-cbc-md5' and configRegistry.is_false('password/krb5/enctype/des3-cbc-md5', True):
continue
krb5_principal = heimdal.principal(krb5_context, principal)
krb5_keyblock = heimdal.keyblock(krb5_context, krb5_etype, password, krb5_principal)
krb5_salt = heimdal.salt(krb5_context, krb5_principal)
list.append(heimdal.asn1_encode_key(krb5_keyblock, krb5_salt, 0))
return list
def test_keyblock_salt(self): salt = heimdal.salt(self.context, self.principal) keyblock = heimdal.keyblock(self.context, self.enctype, PASSWORD, salt) self.assertEqual(ENCSTR, str(keyblock.keytype())) self.assertEqual(self.VALUE, keyblock.keyvalue())
def test_salt(self): principal = heimdal.principal(self.context, USER) salt = heimdal.salt(self.context, principal) self.assertEqual(self.VALUE, salt.saltvalue())
