CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/rex/proto/kerberos/model/encrypted_data.rb
Views: 11765
1
# -*- coding: binary -*-

2


3
module Rex

4
  module Proto

5
    module Kerberos

6
      module Model

7
        # This class provides a representation of an encrypted message.

8
        class EncryptedData < Element

9
          # @!attribute name_type

10
          #   @return [Integer] The encryption algorithm

11
          attr_accessor :etype

12
          # @!attribute kvno

13
          #   @return [Integer] The version number of the key

14
          attr_accessor :kvno

15
          # @!attribute cipher

16
          #   @return [String] The enciphered text

17
          attr_accessor :cipher

18


19
          def ==(other)

20
            etype == other.etype &&

21
              kvno == other.kvno &&

22
              cipher == other.cipher

23
          end

24


25
          # Decodes a Rex::Proto::Kerberos::Model::EncryptedData

26
          #

27
          # @param input [String, OpenSSL::ASN1::Sequence] the input to decode from

28
          # @return [self]

29
          # @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError] if decoding doesn't succeed

30
          def decode(input)

31
            case input

32
            when String

33
              decode_string(input)

34
            when OpenSSL::ASN1::Sequence

35
              decode_asn1(input)

36
            else

37
              raise ::Rex::Proto::Kerberos::Model::Error::KerberosDecodingError, 'Failed to decode EncryptedData Name, invalid input'

38
            end

39


40
            self

41
          end

42


43
          # Encodes a Rex::Proto::Kerberos::Model::EncryptedData into an ASN.1 String

44
          #

45
          # @return [String]

46
          def encode

47
            elems = []

48
            etype_asn1 = OpenSSL::ASN1::ASN1Data.new([encode_etype], 0, :CONTEXT_SPECIFIC)

49
            elems << etype_asn1

50


51
            if kvno

52
              kvno_asn1 = OpenSSL::ASN1::ASN1Data.new([encode_kvno], 1, :CONTEXT_SPECIFIC)

53
              elems << kvno_asn1

54
            end

55


56
            cipher_asn1 = OpenSSL::ASN1::ASN1Data.new([encode_cipher], 2, :CONTEXT_SPECIFIC)

57
            elems << cipher_asn1

58


59
            seq = OpenSSL::ASN1::Sequence.new(elems)

60


61
            seq.to_der

62
          end

63


64
          # Decrypts the cipher with etype encryption schema, presuming that the

65
          # data is an ASN1 structure

66
          #

67
          # @param key [String] the key to decrypt

68
          # @param msg_type [Integer] the message type

69
          # @return [String] the decrypted `cipher`

70
          # @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError] if decryption doesn't succeed

71
          # @raise [NotImplementedError] if encryption isn't supported

72
          def decrypt_asn1(key, msg_type)

73
            if cipher.nil? || cipher.empty?

74
              return ''

75
            end

76


77
            encryptor = Rex::Proto::Kerberos::Crypto::Encryption::from_etype(etype)

78
            encryptor.decrypt_asn1(cipher, key, msg_type)

79
          end

80


81


82
          private

83


84
          # Encodes the etype

85
          #

86
          # @return [OpenSSL::ASN1::Integer]

87
          def encode_etype

88
            bn = OpenSSL::BN.new(etype.to_s)

89
            int = OpenSSL::ASN1::Integer.new(bn)

90


91
            int

92
          end

93


94
          # Encodes the kvno

95
          #

96
          # @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError]

97
          def encode_kvno

98
            bn = OpenSSL::BN.new(kvno.to_s)

99
            int = OpenSSL::ASN1::Integer.new(bn)

100


101
            int

102
          rescue OpenSSL::ASN1::ASN1Error

103
            raise Rex::Proto::Kerberos::Model::Error::KerberosDecodingError

104
          end

105


106
          # Encodes the cipher

107
          #

108
          # @return [OpenSSL::ASN1::OctetString]

109
          def encode_cipher

110
            OpenSSL::ASN1::OctetString.new(cipher)

111
          end

112


113
          # Decodes a Rex::Proto::Kerberos::Model::EncryptedData from an String

114
          #

115
          # @param input [String] the input to decode from

116
          def decode_string(input)

117
            asn1 = OpenSSL::ASN1.decode(input)

118


119
            decode_asn1(asn1)

120
          end

121


122
          # Decodes a Rex::Proto::Kerberos::Model::EncryptedData from an

123
          # OpenSSL::ASN1::Sequence

124
          #

125
          # @param input [OpenSSL::ASN1::Sequence] the input to decode from

126
          # @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError] if decoding doesn't succeed

127
          def decode_asn1(input)

128
            seq_values = input.value

129


130
            seq_values.each do |val|

131
              case val.tag

132
              when 0

133
                self.etype = decode_etype(val)

134
              when 1

135
                self.kvno = decode_kvno(val)

136
              when 2

137
                self.cipher = decode_cipher(val)

138
              else

139
                raise ::Rex::Proto::Kerberos::Model::Error::KerberosDecodingError, 'Failed to decode EncryptedData SEQUENCE'

140
              end

141
            end

142
          end

143


144
          # Decodes the etype from an OpenSSL::ASN1::ASN1Data

145
          #

146
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from

147
          # @return [Integer]

148
          def decode_etype(input)

149
            input.value[0].value.to_i

150
          end

151


152
          # Decodes the kvno from an OpenSSL::ASN1::ASN1Data

153
          #

154
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from

155
          # @return [Integer]

156
          def decode_kvno(input)

157
            input.value[0].value.to_i

158
          end

159


160
          # Decodes the cipher from an OpenSSL::ASN1::ASN1Data

161
          #

162
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from

163
          # @return [String]

164
          def decode_cipher(input)

165
            input.value[0].value

166
          end

167


168
        end

169
      end

170
    end

171
  end

172
end

173


174