2014-12-17 00:39:42 +00:00
|
|
|
# -*- coding: binary -*-
|
|
|
|
|
|
|
|
module Rex
|
|
|
|
module Proto
|
|
|
|
module Kerberos
|
|
|
|
module Model
|
2014-12-21 01:32:38 +00:00
|
|
|
# This class provides a representation of a KRB_AP_REQ definition, containing the Kerberos protocol version number,
|
|
|
|
# the message type KRB_AP_REQ, an options field to indicate any options in use, and the ticket and authenticator
|
|
|
|
# themselves
|
2014-12-17 00:39:42 +00:00
|
|
|
class ApReq < Element
|
|
|
|
# @!attribute pvno
|
|
|
|
# @return [Fixnum] The protocol version number
|
|
|
|
attr_accessor :pvno
|
|
|
|
# @!attribute msg_type
|
2014-12-19 01:30:12 +00:00
|
|
|
# @return [Fixnum] The type of the protocol message
|
2014-12-17 00:39:42 +00:00
|
|
|
attr_accessor :msg_type
|
|
|
|
# @!attribute options
|
|
|
|
# @return [Fixnum] request options, affects processing
|
|
|
|
attr_accessor :options
|
|
|
|
# @!attribute ticket
|
|
|
|
# @return [Rex::Proto::Kerberos::Model::Ticket] The ticket authenticating the client to the server
|
|
|
|
attr_accessor :ticket
|
|
|
|
# @!attribute authenticator
|
|
|
|
# @return [Rex::Proto::Kerberos::Model::EncryptedData] This contains the authenticator, which includes the
|
|
|
|
# client's choice of a subkey
|
|
|
|
attr_accessor :authenticator
|
|
|
|
|
2014-12-19 01:30:12 +00:00
|
|
|
# Rex::Proto::Kerberos::Model::ApReq decoding isn't supported
|
|
|
|
#
|
|
|
|
# @raise [RuntimeError]
|
2014-12-17 00:39:42 +00:00
|
|
|
def decode(input)
|
|
|
|
raise ::RuntimeError, 'AP-REQ decoding not supported'
|
|
|
|
end
|
|
|
|
|
2014-12-19 01:30:12 +00:00
|
|
|
# Encodes the Rex::Proto::Kerberos::Model::ApReq into an ASN.1 String
|
|
|
|
#
|
|
|
|
# @return [String]
|
2014-12-17 00:39:42 +00:00
|
|
|
def encode
|
|
|
|
elems = []
|
|
|
|
elems << OpenSSL::ASN1::ASN1Data.new([encode_pvno], 0, :CONTEXT_SPECIFIC)
|
|
|
|
elems << OpenSSL::ASN1::ASN1Data.new([encode_msg_type], 1, :CONTEXT_SPECIFIC)
|
|
|
|
elems << OpenSSL::ASN1::ASN1Data.new([encode_options], 2, :CONTEXT_SPECIFIC)
|
|
|
|
elems << OpenSSL::ASN1::ASN1Data.new([encode_ticket], 3, :CONTEXT_SPECIFIC)
|
|
|
|
elems << OpenSSL::ASN1::ASN1Data.new([encode_authenticator], 4, :CONTEXT_SPECIFIC)
|
|
|
|
seq = OpenSSL::ASN1::Sequence.new(elems)
|
|
|
|
|
|
|
|
seq_asn1 = OpenSSL::ASN1::ASN1Data.new([seq], AP_REQ, :APPLICATION)
|
|
|
|
|
|
|
|
seq_asn1.to_der
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
# Encodes the pvno field
|
|
|
|
#
|
|
|
|
# @return [OpenSSL::ASN1::Integer]
|
|
|
|
def encode_pvno
|
|
|
|
bn = OpenSSL::BN.new(pvno)
|
|
|
|
int = OpenSSL::ASN1::Integer(bn)
|
|
|
|
|
|
|
|
int
|
|
|
|
end
|
|
|
|
|
|
|
|
# Encodes the msg_type field
|
|
|
|
#
|
|
|
|
# @return [OpenSSL::ASN1::Integer]
|
|
|
|
def encode_msg_type
|
|
|
|
bn = OpenSSL::BN.new(msg_type)
|
|
|
|
int = OpenSSL::ASN1::Integer(bn)
|
|
|
|
|
|
|
|
int
|
|
|
|
end
|
|
|
|
|
|
|
|
# Encodes the options field
|
|
|
|
#
|
|
|
|
# @return [OpenSSL::ASN1::BitString]
|
|
|
|
def encode_options
|
|
|
|
OpenSSL::ASN1::BitString.new([options].pack('N'))
|
|
|
|
end
|
|
|
|
|
|
|
|
# Encodes the ticket field
|
|
|
|
#
|
|
|
|
# @return [String]
|
|
|
|
def encode_ticket
|
|
|
|
ticket.encode
|
|
|
|
end
|
|
|
|
|
|
|
|
# Encodes the authenticator field
|
|
|
|
#
|
|
|
|
# @return [String]
|
|
|
|
def encode_authenticator
|
|
|
|
authenticator.encode
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|