Class: Rex::Proto::Kerberos::Model::KdcRequestBody

Inherits:

Element

• Object
• Element
• Rex::Proto::Kerberos::Model::KdcRequestBody

Defined in:

lib/rex/proto/kerberos/model/kdc_request_body.rb

Overview

This class provides a representation of a Kerberos KDC-REQ-BODY (request body) data definition

Constant Summary

Constants included from Rex::Proto::Kerberos::Model

AD_IF_RELEVANT, AP_REQ, AS_REP, AS_REQ, AUTHENTICATOR, ERROR_CODES, KDC_OPTION_ALLOW_POST_DATE, KDC_OPTION_ENC_TKT_IN_SKEY, KDC_OPTION_FORWARDABLE, KDC_OPTION_FORWARDED, KDC_OPTION_POST_DATED, KDC_OPTION_PROXIABLE, KDC_OPTION_PROXY, KDC_OPTION_RENEW, KDC_OPTION_RENEWABLE, KDC_OPTION_RENEWABLE_OK, KDC_OPTION_RESERVED, KDC_OPTION_UNUSED_10, KDC_OPTION_UNUSED_11, KDC_OPTION_UNUSED_7, KDC_OPTION_UNUSED_9, KDC_OPTION_VALIDATE, KRB_ERROR, NT_PRINCIPAL, NT_SRV_HST, NT_SRV_INST, NT_SRV_XHST, NT_UID, NT_UNKNOWN, PA_ENC_TIMESTAMP, PA_PAC_REQUEST, PA_PW_SALT, PA_TGS_REQ, TGS_REP, TGS_REQ, TICKET, VERSION

Constants included from Crypto

Crypto::ENC_AS_RESPONSE, Crypto::ENC_KDC_REQUEST_BODY, Crypto::ENC_TGS_RESPONSE, Crypto::RC4_HMAC, Crypto::RSA_MD5

Instance Attribute Summary

• #cname ⇒ Rex::Proto::Kerberos::Model::PrincipalName

  The name part of the client’s principal identifier.

• #enc_auth_data ⇒ Rex::Proto::Kerberos::Model::EncryptedData

  An encoding of the desired authorization-data encrypted.

• #etype ⇒ Array<Fixnum>

  The desired encryption algorithm to be used in the response.

• #from ⇒ Time

  Start time when the ticket is to be postdated.

• #nonce ⇒ Fixnum

  Random number.

• #options ⇒ Fixnum

  The ticket flags.

• #realm ⇒ String

  The realm part of the server’s principal identifier.

• #rtime ⇒ Time

  Optional requested renew-till time.

• #sname ⇒ Rex::Proto::Kerberos::Model::PrincipalName

  The name part of the server’s identity.

• #till ⇒ Time

  Expiration date requested by the client.

Instance Method Summary

• #checksum(etype) ⇒ String

  Makes a checksum from the Rex::Proto::Kerberos::Model::KdcRequestBody.

• #decode(input) ⇒ self

  Decodes the Rex::Proto::Kerberos::Model::KdcRequestBody attributes from input.

• #encode ⇒ String

  Encodes the Rex::Proto::Kerberos::Model::KdcRequestBody into an ASN.1 String.

Methods inherited from Element

attr_accessor, attributes, #attributes, decode, #initialize

Methods included from Crypto::RsaMd5

#checksum_rsa_md5

Methods included from Crypto::Rc4Hmac

#decrypt_rc4_hmac, #encrypt_rc4_hmac

Constructor Details

This class inherits a constructor from Rex::Proto::Kerberos::Model::Element

Instance Attribute Details

#cname ⇒ Rex::Proto::Kerberos::Model::PrincipalName

Returns The name part of the client’s principal identifier.

Returns:

• (Rex::Proto::Kerberos::Model::PrincipalName) —

  The name part of the client's principal identifier

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 15

def cname
  @cname
end

#enc_auth_data ⇒ Rex::Proto::Kerberos::Model::EncryptedData

Returns An encoding of the desired authorization-data encrypted.

Returns:

• (Rex::Proto::Kerberos::Model::EncryptedData) —

  An encoding of the desired authorization-data encrypted

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 39

def enc_auth_data
  @enc_auth_data
end

#etype ⇒ Array<Fixnum>

Returns The desired encryption algorithm to be used in the response.

Returns:

• (Array<Fixnum>) —

  The desired encryption algorithm to be used in the response

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 36

def etype
  @etype
end

#from ⇒ Time

Returns Start time when the ticket is to be postdated.

Returns:

• (Time) —

  Start time when the ticket is to be postdated

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 24

def from
  @from
end

#nonce ⇒ Fixnum

Returns random number.

Returns:

• (Fixnum) —

  random number

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 33

def nonce
  @nonce
end

#options ⇒ Fixnum

Returns The ticket flags.

Returns:

• (Fixnum) —

  The ticket flags

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 12

def options
  @options
end

#realm ⇒ String

Returns The realm part of the server’s principal identifier.

Returns:

• (String) —

  The realm part of the server's principal identifier

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 18

def realm
  @realm
end

#rtime ⇒ Time

Returns Optional requested renew-till time.

Returns:

• (Time) —

  Optional requested renew-till time

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 30

def rtime
  @rtime
end

#sname ⇒ Rex::Proto::Kerberos::Model::PrincipalName

Returns The name part of the server’s identity.

Returns:

• (Rex::Proto::Kerberos::Model::PrincipalName) —

  The name part of the server's identity

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 21

def sname
  @sname
end

#till ⇒ Time

Returns Expiration date requested by the client.

Returns:

• (Time) —

  Expiration date requested by the client

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 27

def till
  @till
end

Instance Method Details

#checksum(etype) ⇒ String

Makes a checksum from the Rex::Proto::Kerberos::Model::KdcRequestBody

Parameters:

• etype (Fixnum) —

  the crypto schema to checksum

Returns:

• (String) —

  the checksum

Raises:

• (NotImplementedError) —

  if the encryption schema isn't supported

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 86

def checksum(etype)
  data = self.encode

  res = ''
  case etype
  when RSA_MD5
    res = checksum_rsa_md5(data)
  else
    raise ::NotImplementedError, 'EncryptedData schema is not supported'
  end

  res
end

#decode(input) ⇒ self

Decodes the Rex::Proto::Kerberos::Model::KdcRequestBody attributes from input

Parameters:

• input (String, OpenSSL::ASN1::Sequence) —

  the input to decode from

Returns:

• (self) —

  if decoding succeeds

Raises:

• (RuntimeError) —

  if decoding doesn't succeed

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 46

def decode(input)
  case input
  when String
    decode_string(input)
  when OpenSSL::ASN1::Sequence
    decode_asn1(input)
  else
    raise ::RuntimeError, 'Failed to decode KdcRequestBody, invalid input'
  end

  self
end

#encode ⇒ String

Encodes the Rex::Proto::Kerberos::Model::KdcRequestBody into an ASN.1 String

Returns:

• (String)

# File 'lib/rex/proto/kerberos/model/kdc_request_body.rb', line 62

def encode
  elems = []

  elems << OpenSSL::ASN1::ASN1Data.new([encode_options], 0, :CONTEXT_SPECIFIC) if options
  elems << OpenSSL::ASN1::ASN1Data.new([encode_cname], 1, :CONTEXT_SPECIFIC) if cname
  elems << OpenSSL::ASN1::ASN1Data.new([encode_realm], 2, :CONTEXT_SPECIFIC) if realm
  elems << OpenSSL::ASN1::ASN1Data.new([encode_sname], 3, :CONTEXT_SPECIFIC) if sname
  elems << OpenSSL::ASN1::ASN1Data.new([encode_from], 4, :CONTEXT_SPECIFIC) if from
  elems << OpenSSL::ASN1::ASN1Data.new([encode_till], 5, :CONTEXT_SPECIFIC) if till
  elems << OpenSSL::ASN1::ASN1Data.new([encode_rtime], 6, :CONTEXT_SPECIFIC) if rtime
  elems << OpenSSL::ASN1::ASN1Data.new([encode_nonce], 7, :CONTEXT_SPECIFIC) if nonce
  elems << OpenSSL::ASN1::ASN1Data.new([encode_etype], 8, :CONTEXT_SPECIFIC) if etype
  elems << OpenSSL::ASN1::ASN1Data.new([encode_enc_auth_data], 10, :CONTEXT_SPECIFIC) if enc_auth_data

  seq = OpenSSL::ASN1::Sequence.new(elems)

  seq.to_der
end