tests/krb5: Refactor encryption type selection

Add and use some methods to calculate the highest supported AES and RC4
encryption types, respectively.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

1 files changed, 36 insertions, 22 deletions

diff --git a/python/samba/tests/krb5/raw_testcase.py b/python/samba/tests/krb5/raw_testcase.py
index 9c77f705bee..63aca4eff3b 100644
--- a/python/samba/tests/krb5/raw_testcase.py
+++ b/python/samba/tests/krb5/raw_testcase.py
@@ -3995,6 +3995,40 @@ class RawKerberosTest(TestCase):
             if self.strict_checking:
                 self.assertIsNone(s2kparams)
 
+    @staticmethod
+    def greatest_common_etype(etypes, proposed_etypes):
+        return max(filter(lambda e: e in etypes, proposed_etypes),
+                   default=None)
+
+    def supported_aes_rc4_etypes(self, kdc_exchange_dict):
+        creds = kdc_exchange_dict['creds']
+        supported_etypes = self.get_default_enctypes(creds)
+
+        rc4_support = kdc_exchange_dict['rc4_support']
+
+        aes_etypes = set()
+        if kcrypto.Enctype.AES256 in supported_etypes:
+            aes_etypes.add(kcrypto.Enctype.AES256)
+        if kcrypto.Enctype.AES128 in supported_etypes:
+            aes_etypes.add(kcrypto.Enctype.AES128)
+
+        rc4_etypes = set()
+        if rc4_support and kcrypto.Enctype.RC4 in supported_etypes:
+            rc4_etypes.add(kcrypto.Enctype.RC4)
+
+        return aes_etypes, rc4_etypes
+
+    def greatest_aes_rc4_etypes(self, kdc_exchange_dict):
+        req_body = kdc_exchange_dict['req_body']
+        proposed_etypes = req_body['etype']
+
+        aes_etypes, rc4_etypes = self.supported_aes_rc4_etypes(kdc_exchange_dict)
+
+        expected_aes = self.greatest_common_etype(aes_etypes, proposed_etypes)
+        expected_rc4 = self.greatest_common_etype(rc4_etypes, proposed_etypes)
+
+        return expected_aes, expected_rc4
+
     def check_rep_padata(self,
                          kdc_exchange_dict,
                          callback_dict,
@@ -4002,9 +4036,6 @@ class RawKerberosTest(TestCase):
                          error_code):
         rep_msg_type = kdc_exchange_dict['rep_msg_type']
 
-        req_body = kdc_exchange_dict['req_body']
-        proposed_etypes = req_body['etype']
-
         sent_fast = self.sent_fast(kdc_exchange_dict)
         sent_enc_challenge = self.sent_enc_challenge(kdc_exchange_dict)
 
@@ -4013,25 +4044,8 @@ class RawKerberosTest(TestCase):
 
         rc4_support = kdc_exchange_dict['rc4_support']
 
-        def expected_etype(etypes, proposed_etypes):
-            return max(filter(lambda e: e in etypes, proposed_etypes),
-                       default=None)
-
-        creds = kdc_exchange_dict['creds']
-        supported_etypes = self.get_default_enctypes(creds)
-
-        aes_etypes = set()
-        if kcrypto.Enctype.AES256 in supported_etypes:
-            aes_etypes.add(kcrypto.Enctype.AES256)
-        if kcrypto.Enctype.AES128 in supported_etypes:
-            aes_etypes.add(kcrypto.Enctype.AES128)
-
-        rc4_etypes = set()
-        if rc4_support and kcrypto.Enctype.RC4 in supported_etypes:
-            rc4_etypes.add(kcrypto.Enctype.RC4)
-
-        expected_aes = expected_etype(aes_etypes, proposed_etypes)
-        expected_rc4 = expected_etype(rc4_etypes, proposed_etypes)
+        expected_aes, expected_rc4 = self.greatest_aes_rc4_etypes(
+            kdc_exchange_dict)
 
         expect_etype_info2 = ()
         expect_etype_info = False