Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2

3
module Rex
4
  module Proto
5
    module Kerberos
6
      module Model
7
        # This class provides a representation of a Kerberos KRB-ERROR (response error)
8
        # message definition.
9
        class KrbError < Element
10
          # @!attribute pvno
11
          #   @return [Integer] The protocol version number
12
          attr_accessor :pvno
13
          # @!attribute msg_type
14
          #   @return [Integer] The type of a protocol message
15
          attr_accessor :msg_type
16
          # @!attribute ctime
17
          #   @return [Time] The current time of the client's host
18
          attr_accessor :ctime
19
          # @!attribute cusec
20
          #   @return [Integer] The microseconds part of the client timestamp
21
          attr_accessor :cusec
22
          # @!attribute stime
23
          #   @return [Time] The current time of the server
24
          attr_accessor :stime
25
          # @!attribute susec
26
          #   @return [Integer] The microseconds part of the server timestamp
27
          attr_accessor :susec
28
          # @!attribute error_code
29
          #   @return [Rex::Proto::Kerberos::Model::Error::ErrorCode] The error request returned by kerberos or the server when a request fails
30
          attr_accessor :error_code
31
          # @!attribute crealm
32
          #   @return [String] The realm part of the client's principal identifier
33
          attr_accessor :crealm
34
          # @!attribute cname
35
          #   @return [Rex::Proto::Kerberos::Model::PrincipalName] The name part of the client's principal identifier
36
          attr_accessor :cname
37
          # @!attribute realm
38
          #   @return [String] The realm part of the server's principal identifier
39
          attr_accessor :realm
40
          # @!attribute sname
41
          #   @return [Rex::Proto::Kerberos::Model::PrincipalName] The name part of the server's identity
42
          attr_accessor :sname
43
          # @!attribute etext
44
          #   @return [String] Additional text to help explain the error code
45
          attr_accessor :etext
46
          # @!attribute e_data
47
          #   @return [String] additional data about the error (ASN.1 encoded data)
48
          attr_accessor :e_data
49

50
          # Decodes the Rex::Proto::Kerberos::Model::KrbError from an input
51
          #
52
          # @param input [String, OpenSSL::ASN1::ASN1Data] the input to decode from
53
          # @return [self] if decoding succeeds
54
          # @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError] if decoding doesn't succeed
55
          def decode(input)
56
            case input
57
            when String
58
              decode_string(input)
59
            when OpenSSL::ASN1::ASN1Data
60
              decode_asn1(input)
61
            else
62
              raise ::Rex::Proto::Kerberos::Model::Error::KerberosDecodingError, 'Failed to decode KrbError, invalid input'
63
            end
64

65
            self
66
          end
67

68
          # Rex::Proto::Kerberos::Model::KrbError encoding isn't supported
69
          #
70
          # @raise [NotImplementedError]
71
          def encode
72
            raise ::NotImplementedError, 'KrbError encoding not supported'
73
          end
74

75
          # Decodes the e_data field as an Array<PreAuthDataEntry>
76
          #
77
          # @return [Array<Rex::Proto::Kerberos::Model::PreAuthDataEntry>]
78
          def e_data_as_pa_data
79
            pre_auth = []
80
            decoded = OpenSSL::ASN1.decode(self.e_data)
81
            decoded.each do |pre_auth_data|
82
              pre_auth << Rex::Proto::Kerberos::Model::PreAuthDataEntry.decode(pre_auth_data)
83
            end
84

85
            pre_auth
86
          end
87

88
          # Decodes the e_data field as a PreAuthData
89
          #
90
          # @return [Rex::Proto::Kerberos::Model::PreAuthData]
91
          def e_data_as_pa_data_entry
92
            if self.e_data
93
              decoded = OpenSSL::ASN1.decode(self.e_data)
94
              Rex::Proto::Kerberos::Model::PreAuthDataEntry.decode(decoded)
95
            else
96
              # This is implementation-defined, so may be different in some cases
97
              nil
98
            end
99
          end
100

101
          private
102

103
          # Decodes a Rex::Proto::Kerberos::Model::KrbError from an String
104
          #
105
          # @param input [String] the input to decode from
106
          def decode_string(input)
107
            asn1 = OpenSSL::ASN1.decode(input)
108

109
            decode_asn1(asn1)
110
          end
111

112
          # Decodes a Rex::Proto::Kerberos::Model::KrbError
113
          #
114
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
115
          # @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError] if decoding doesn't succeed
116
          def decode_asn1(input)
117
            input.value[0].value.each do |val|
118
              case val.tag
119
              when 0
120
                self.pvno = decode_pvno(val)
121
              when 1
122
                self.msg_type = decode_msg_type(val)
123
              when 2
124
                self.ctime = decode_ctime(val)
125
              when 3
126
                self.cusec = decode_cusec(val)
127
              when 4
128
                self.stime = decode_stime(val)
129
              when 5
130
                self.susec = decode_susec(val)
131
              when 6
132
                self.error_code = decode_error_code(val)
133
              when 7
134
                self.crealm = decode_crealm(val)
135
              when 8
136
                self.cname = decode_cname(val)
137
              when 9
138
                self.realm = decode_realm(val)
139
              when 10
140
                self.sname = decode_sname(val)
141
              when 11
142
                self.etext = decode_etext(val)
143
              when 12
144
                self.e_data = decode_e_data(val)
145
              else
146
                raise ::Rex::Proto::Kerberos::Model::Error::KerberosDecodingError, "Failed to decode KRB-ERROR SEQUENCE (#{val.tag})"
147
              end
148
            end
149
          end
150

151
          # Decodes the pvno from an OpenSSL::ASN1::ASN1Data
152
          #
153
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
154
          # @return [Integer]
155
          def decode_pvno(input)
156
            input.value[0].value.to_i
157
          end
158

159
          # Decodes the msg_type from an OpenSSL::ASN1::ASN1Data
160
          #
161
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
162
          # @return [Integer]
163
          def decode_msg_type(input)
164
            input.value[0].value.to_i
165
          end
166

167
          # Decodes the ctime field
168
          #
169
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
170
          # @return [Time]
171
          def decode_ctime(input)
172
            input.value[0].value
173
          end
174

175
          # Decodes the cusec field
176
          #
177
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
178
          # @return [Integer]
179
          def decode_cusec(input)
180
            input.value[0].value
181
          end
182

183
          # Decodes the stime field
184
          #
185
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
186
          # @return [Time]
187
          def decode_stime(input)
188
            input.value[0].value
189
          end
190

191
          # Decodes the susec field
192
          #
193
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
194
          # @return [Integer]
195
          def decode_susec(input)
196
            input.value[0].value.to_i
197
          end
198

199
          # Decodes the error_code field
200
          #
201
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
202
          # @return [Rex::Proto::Kerberos::Model::Error::ErrorCode]
203
          def decode_error_code(input)
204
            value = input.value[0].value.to_i
205

206
            Error::ErrorCodes::ERROR_MAP[value] || Error::ErrorCode.new('UNKNOWN', value, 'Unknown error')
207
          end
208

209
          # Decodes the crealm field
210
          #
211
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
212
          # @return [String]
213
          def decode_crealm(input)
214
            input.value[0].value
215
          end
216

217
          # Decodes the cname field
218
          #
219
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
220
          # @return [Rex::Proto::Kerberos::Model::PrincipalName]
221
          def decode_cname(input)
222
            Rex::Proto::Kerberos::Model::PrincipalName.decode(input.value[0])
223
          end
224

225
          # Decodes the realm field
226
          #
227
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
228
          # @return [String]
229
          def decode_realm(input)
230
            input.value[0].value
231
          end
232

233
          # Decodes the sname field
234
          #
235
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
236
          # @return [Rex::Proto::Kerberos::Model::PrincipalName]
237
          def decode_sname(input)
238
            Rex::Proto::Kerberos::Model::PrincipalName.decode(input.value[0])
239
          end
240

241
          # Decodes the e-text field
242
          #
243
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
244
          # @return [String]
245
          def decode_etext(input)
246
            input.value[0].value
247
          end
248

249
          # Decodes the e_data from an OpenSSL::ASN1::ASN1Data
250
          #
251
          # @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
252
          # @return [String]
253
          def decode_e_data(input)
254
            input.value[0].value
255
          end
256
        end
257
      end
258
    end
259
  end
260
end
261

262