Class: Rex::Proto::Gss::Kerberos::MessageEncryptor
- Inherits:
-
Object
- Object
- Rex::Proto::Gss::Kerberos::MessageEncryptor
- Defined in:
- lib/rex/proto/gss/kerberos/message_encryptor.rb
Overview
Encrypt messages according to RFC4121 (Kerberos with GSS) Performs wrapping of tokens in the GSS structure, filler bytes, rotation and sequence number tracking and verification.
Instance Attribute Summary collapse
-
#decrypt_sequence_number ⇒ Object
The sequence number we expect to see after decrypting, which is expected to be incremented for each message.
-
#encrypt_sequence_number ⇒ Object
The sequence number to use when we are encrypting, which should be incremented for each message.
-
#encryptor ⇒ Object
- Rex::Proto::Kerberos::Crypto::*
-
Encryption class for encrypting/decrypting messages.
-
#is_initiator ⇒ Object
Are we (the encryptor) also the initiator in this interaction (vs being the Acceptor) This refers to the term used in RFC2743/RFC4121.
-
#key ⇒ Object
- Rex::Proto::Kerberos::Model::EncryptionKey
-
The encryption key to use for encryption and decryption.
-
#use_acceptor_subkey ⇒ Object
- Boolean
-
Whether the acceptor subkey is used for these operations.
Instance Method Summary collapse
-
#decrypt_and_verify(data) ⇒ Object
Decrypt a ciphertext, and verify its validity.
-
#encrypt_and_increment(data) ⇒ String, Integer
Encrypt the message, wrapping it in GSS structures, and increment the sequence number.
-
#initialize(key, encrypt_sequence_number, decrypt_sequence_number, is_initiator: true, use_acceptor_subkey: true) ⇒ MessageEncryptor
constructor
A new instance of MessageEncryptor.
Constructor Details
#initialize(key, encrypt_sequence_number, decrypt_sequence_number, is_initiator: true, use_acceptor_subkey: true) ⇒ MessageEncryptor
Returns a new instance of MessageEncryptor.
17 18 19 20 21 22 23 24 |
# File 'lib/rex/proto/gss/kerberos/message_encryptor.rb', line 17 def initialize(key, encrypt_sequence_number, decrypt_sequence_number, is_initiator: true, use_acceptor_subkey: true) @key = key @encrypt_sequence_number = encrypt_sequence_number @decrypt_sequence_number = decrypt_sequence_number @is_initiator = is_initiator @use_acceptor_subkey = use_acceptor_subkey @encryptor = Rex::Proto::Kerberos::Crypto::Encryption::from_etype(key.type) end |
Instance Attribute Details
#decrypt_sequence_number ⇒ Object
The sequence number we expect to see after decrypting, which is expected to be incremented for each message
55 56 57 |
# File 'lib/rex/proto/gss/kerberos/message_encryptor.rb', line 55 def decrypt_sequence_number @decrypt_sequence_number end |
#encrypt_sequence_number ⇒ Object
The sequence number to use when we are encrypting, which should be incremented for each message
50 51 52 |
# File 'lib/rex/proto/gss/kerberos/message_encryptor.rb', line 50 def encrypt_sequence_number @encrypt_sequence_number end |
#encryptor ⇒ Object
- Rex::Proto::Kerberos::Crypto::*
-
Encryption class for encrypting/decrypting messages
76 77 78 |
# File 'lib/rex/proto/gss/kerberos/message_encryptor.rb', line 76 def encryptor @encryptor end |
#is_initiator ⇒ Object
Are we (the encryptor) also the initiator in this interaction (vs being the Acceptor) This refers to the term used in RFC2743/RFC4121
66 67 68 |
# File 'lib/rex/proto/gss/kerberos/message_encryptor.rb', line 66 def is_initiator @is_initiator end |
#key ⇒ Object
- Rex::Proto::Kerberos::Model::EncryptionKey
-
The encryption key to use for encryption and decryption
60 61 62 |
# File 'lib/rex/proto/gss/kerberos/message_encryptor.rb', line 60 def key @key end |
#use_acceptor_subkey ⇒ Object
- Boolean
-
Whether the acceptor subkey is used for these operations
71 72 73 |
# File 'lib/rex/proto/gss/kerberos/message_encryptor.rb', line 71 def use_acceptor_subkey @use_acceptor_subkey end |
Instance Method Details
#decrypt_and_verify(data) ⇒ Object
Decrypt a ciphertext, and verify its validity
40 41 42 43 44 45 |
# File 'lib/rex/proto/gss/kerberos/message_encryptor.rb', line 40 def decrypt_and_verify(data) result = encryptor.gss_unwrap(data, @key, @decrypt_sequence_number, @is_initiator, use_acceptor_subkey: @use_acceptor_subkey) @decrypt_sequence_number += 1 result end |
#encrypt_and_increment(data) ⇒ String, Integer
Encrypt the message, wrapping it in GSS structures, and increment the sequence number
30 31 32 33 34 35 |
# File 'lib/rex/proto/gss/kerberos/message_encryptor.rb', line 30 def encrypt_and_increment(data) result = encryptor.gss_wrap(data, @key, @encrypt_sequence_number, @is_initiator, use_acceptor_subkey: @use_acceptor_subkey) @encrypt_sequence_number += 1 result end |