Module: RubySMB::Dcerpc::Icpr

Defined in:
lib/ruby_smb/dcerpc/icpr.rb,
lib/ruby_smb/dcerpc/icpr/cert_server_request_request.rb,
lib/ruby_smb/dcerpc/icpr/cert_server_request_response.rb

Defined Under Namespace

Classes: CertServerRequestRequest, CertServerRequestResponse, CertTransBlob

Constant Summary collapse

UUID =

3.2.4.1 ICertPassage Interface

'91ae6020-9e3c-11cf-8d7c-00aa00c091be'
VER_MAJOR = 
0
VER_MINOR = 
0
CERT_SERVER_REQUEST =

Operation numbers

0x0000
CR_DISP_ISSUED =

Disposition constants, see 3.2.1.4.2.1 ICertRequestD::Request (Opnum 3)

0x0003
CR_DISP_UNDER_SUBMISSION = 
0x0005

Instance Method Summary collapse

Instance Method Details

#cert_server_request(attributes:, authority:, csr:) ⇒ Object 



35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/ruby_smb/dcerpc/icpr.rb', line 35

def cert_server_request(attributes:, authority:, csr:)
  cert_server_request_request = CertServerRequestRequest.new(
    pwsz_authority: authority,
    pctb_attribs: { pb: (RubySMB::Utils.safe_encode(attributes.map { |k,v| "#{k}:#{v}" }.join("\n"), 'UTF-16le').force_encoding('ASCII-8bit') + "\x00\x00".b) },
    pctb_request: { pb: csr.to_der }
  )

  response = dcerpc_request(
    cert_server_request_request,
    auth_level: RubySMB::Dcerpc::RPC_C_AUTHN_LEVEL_PKT_PRIVACY,
    auth_type: RubySMB::Dcerpc::RPC_C_AUTHN_WINNT
  )
  begin
    cert_server_request_response = CertServerRequestResponse.read(response)
  rescue IOError
    raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading CertServerRequestResponse'
  end

  ret = {
    certificate: nil,
    disposition: cert_server_request_response.pdw_disposition.value,
    disposition_message: cert_server_request_response.pctb_disposition_message.buffer.chomp("\x00\x00").force_encoding('utf-16le').encode,
    status: {
      CR_DISP_ISSUED => :issued,
      CR_DISP_UNDER_SUBMISSION => :submitted,
    }.fetch(cert_server_request_response.pdw_disposition.value, :error)
  }

  # note: error_status == RPC_S_BINDING_HAS_NO_AUTH when not properly bound
  if ret[:status] == :error
    unless cert_server_request_response.error_status == WindowsError::NTStatus::STATUS_SUCCESS
      error_status = cert_server_request_response.error_status.value
      status_code = WindowsError::Win32.find_by_retval(error_status).first
      if status_code.nil? && (fault_name = RubySMB::Dcerpc::Fault::Status.name(error_status))
        status_code = WindowsError::ErrorCode.new(fault_name.to_s, error_status, 'DCERPC fault')
      end
      raise RubySMB::Dcerpc::Error::IcprError.new(
        "Error returned with cert_server_request: #{status_code || "0x#{error_status.to_s(16).rjust(8, '0')}"}",
        status_code: status_code
      )
    end
  elsif !cert_server_request_response.pctb_encoded_cert.buffer.empty?
    ret[:certificate] = OpenSSL::X509::Certificate.new(cert_server_request_response.pctb_encoded_cert.buffer)
  end

  ret
end