padata question
Luke
secureboot at gmail.com
Wed Dec 7 10:40:41 EST 2005
I'm writing some tools to work with Kerberos, and I'm trying to get
the encrypted timestamp out of the client's AS_REQ, as seen from the
network.
However, I'm not sure if I've successfully parsed the asn.1 structure
of the packet.
I do get a padata field, and the padata-type is 2 (PA-ENC-TIMESTAMP),
which is as it should be.
However, I just see the padata-value field as a raw octet string.
Ethereal, however, notes that this octet string contains both an
encryption type, and the encrypted timestamp, with the encrypted
timestamp portion following 22 bytes after the start of the padata
field.
So my question is:
Does the padata-value part of padata contain ASN.1 fields, or is it
simply a string of raw bytes? If it is just a set of raw bytes, how
should i be parsing the padata-value field so that i get the
encryption type and timestamp separated?
If it is ASN.1 encoded, any reason the parser I'm using
(pyasn1.sourceforge.net) wouldn't be parsing this field correctly,
but the rest of the packets/fields are perfect? When I tried to
parse it, i got an error saying i was 7 octets short...
I was having a bit of difficulty following the source on this one...
Thanks
More information about the Kerberos
mailing list