padata question

[Luke]

I'm writing some tools to work with Kerberos, and I'm trying to get  
the encrypted timestamp out of the client's AS_REQ, as seen from the  
network.

However, I'm not sure if I've successfully parsed the asn.1 structure  
of the packet.

I do get a padata field, and the padata-type is 2 (PA-ENC-TIMESTAMP),  
which is as it should be.

However, I just see the padata-value field as a raw octet string.   
Ethereal, however, notes that this octet string contains both an  
encryption type, and the encrypted timestamp, with the encrypted  
timestamp portion following 22 bytes after the start of the padata  
field.


So my question is:
Does the padata-value part of padata contain ASN.1 fields, or is it  
simply a string of raw bytes?  If it is just a set of raw bytes, how  
should i be parsing the padata-value field so that i get the  
encryption type and timestamp separated?

If it is ASN.1 encoded, any reason the parser I'm using  
(pyasn1.sourceforge.net) wouldn't be parsing this field correctly,  
but the rest of the packets/fields are perfect?  When I tried to  
parse it, i got an error saying i was 7 octets short...

I was having a bit of difficulty following the source on this one...


Thanks