(self)
| 3442 | ) |
| 3443 | |
| 3444 | def as_req(self): |
| 3445 | now_time = datetime.now(timezone.utc).replace(microsecond=0) |
| 3446 | |
| 3447 | # 1. Build and populate KDC-REQ |
| 3448 | kdc_req = self._base_kdc_req(now_time=now_time) |
| 3449 | kdc_req.addresses = [ |
| 3450 | HostAddress( |
| 3451 | addrType=ASN1_INTEGER(20), # Netbios |
| 3452 | address=ASN1_STRING(self.host.ljust(16, " ")), |
| 3453 | ) |
| 3454 | ] |
| 3455 | kdc_req.cname = PrincipalName.fromUPN(self.upn) |
| 3456 | kdc_req.sname = PrincipalName.fromSPN(self.spn) |
| 3457 | |
| 3458 | # 2. Build the list of PADATA |
| 3459 | padata = [ |
| 3460 | PADATA( |
| 3461 | padataType=ASN1_INTEGER(128), # PA-PAC-REQUEST |
| 3462 | padataValue=PA_PAC_REQUEST(includePac=ASN1_BOOLEAN(-1)), |
| 3463 | ) |
| 3464 | ] |
| 3465 | |
| 3466 | # Cookie support |
| 3467 | if self.fxcookie: |
| 3468 | padata.insert( |
| 3469 | 0, |
| 3470 | PADATA( |
| 3471 | padataType=133, # PA-FX-COOKIE |
| 3472 | padataValue=self.fxcookie, |
| 3473 | ), |
| 3474 | ) |
| 3475 | |
| 3476 | # FAST |
| 3477 | if self.fast: |
| 3478 | # Calculate the armor key |
| 3479 | self.calc_fast_armorkey() |
| 3480 | |
| 3481 | # [MS-KILE] sect 3.2.5.5 |
| 3482 | # "When sending the AS-REQ, add a PA-PAC-OPTIONS [167]" |
| 3483 | padata.append( |
| 3484 | PADATA( |
| 3485 | padataType=ASN1_INTEGER(167), # PA-PAC-OPTIONS |
| 3486 | padataValue=PA_PAC_OPTIONS( |
| 3487 | options="Claims", |
| 3488 | ), |
| 3489 | ) |
| 3490 | ) |
| 3491 | |
| 3492 | # Pre-auth is requested |
| 3493 | if self.pre_auth: |
| 3494 | if self.x509: |
| 3495 | # Special PKINIT (RFC4556) factor |
| 3496 | |
| 3497 | # RFC4556 - 3.2.1. Generation of Client Request |
| 3498 | |
| 3499 | # RFC4556 - 3.2.1 - (5) AuthPack |
| 3500 | authpack = KRB_AuthPack( |
| 3501 | pkAuthenticator=KRB_PKAuthenticator( |
no test coverage detected