Module: Rex::Proto::Kerberos::Crypto::GssNewEncryptionType
- Included in:
- AesBlockCipherBase
- Defined in:
- lib/rex/proto/kerberos/crypto/gss_new_encryption_type.rb
Overview
The RFC4121 implementation of GSS wrapping (Section 4.2.6.2) which applies to “newer encryption types” (defined as those not in section 1 of RFC4121) This mixin may be included by Encryption providers in Rex::Proto::Kerberos::Crypto
Constant Summary collapse
- GSS_SENT_BY_ACCEPTOR =
1
- GSS_SEALED =
2
- GSS_ACCEPTOR_SUBKEY =
4
- GSS_HEADER_LEN =
The length of the GSS header
16
- TOK_ID_GSS_WRAP =
0x0504
Instance Method Summary collapse
- #gss_unwrap(ciphertext, key, expected_sequence_number, is_initiator, use_acceptor_subkey: true) ⇒ Object
-
#gss_wrap(plaintext, key, sequence_number, is_initiator, use_acceptor_subkey: true) ⇒ String, Integer
Encrypt the message, wrapping it in GSS structures.
Instance Method Details
#gss_unwrap(ciphertext, key, expected_sequence_number, is_initiator, use_acceptor_subkey: true) ⇒ Object
56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 |
# File 'lib/rex/proto/kerberos/crypto/gss_new_encryption_type.rb', line 56 def gss_unwrap(ciphertext, key, expected_sequence_number, is_initiator, use_acceptor_subkey: true) # Handle wrap-around sequence_number &= 0xFFFFFFFFFFFFFFFF expected_flags = GSS_SEALED expected_flags |= GSS_ACCEPTOR_SUBKEY if use_acceptor_subkey if is_initiator key_usage = Rex::Proto::Kerberos::Crypto::KeyUsage::GSS_ACCEPTOR_SEAL expected_flags |= GSS_SENT_BY_ACCEPTOR else key_usage = Rex::Proto::Kerberos::Crypto::KeyUsage::GSS_INITIATOR_SEAL end header = ciphertext[0,GSS_HEADER_LEN] ciphertext = ciphertext[GSS_HEADER_LEN, ciphertext.length] tok_id, flags, filler, ec, rrc, snd_seq = header.unpack('nCCnnQ>') raise Rex::Proto::Kerberos::Model::Error::KerberosError, 'Invalid token ID' unless tok_id == TOK_ID_GSS_WRAP raise Rex::Proto::Kerberos::Model::Error::KerberosError, 'Invalid filler' unless filler == 0xFF raise Rex::Proto::Kerberos::Model::Error::KerberosError, 'Unexpected flags' unless flags == expected_flags raise Rex::Proto::Kerberos::Model::Error::KerberosError, "Invalid sequence number (received #{snd_seq}; expected #{expected_sequence_number})" unless expected_sequence_number == snd_seq # Could do some sanity checking here of those values ciphertext = rotate(ciphertext, -rrc) plaintext = self.decrypt(ciphertext, key.value, key_usage) plaintext = plaintext[0, plaintext.length - ec - GSS_HEADER_LEN] end |
#gss_wrap(plaintext, key, sequence_number, is_initiator, use_acceptor_subkey: true) ⇒ String, Integer
Encrypt the message, wrapping it in GSS structures
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/rex/proto/kerberos/crypto/gss_new_encryption_type.rb', line 23 def gss_wrap(plaintext, key, sequence_number, is_initiator, use_acceptor_subkey: true) # Handle wrap-around sequence_number &= 0xFFFFFFFFFFFFFFFF flags = GSS_SEALED flags |= GSS_ACCEPTOR_SUBKEY if use_acceptor_subkey if is_initiator key_usage = Rex::Proto::Kerberos::Crypto::KeyUsage::GSS_INITIATOR_SEAL else key_usage = Rex::Proto::Kerberos::Crypto::KeyUsage::GSS_ACCEPTOR_SEAL flags |= GSS_SENT_BY_ACCEPTOR end tok_id = TOK_ID_GSS_WRAP filler = 0xFF ec = calculate_ec(plaintext) rrc = calculate_rrc # RFC4121, Section 4.2.4 plaintext_header = [tok_id, flags, filler, 0, 0, sequence_number].pack('nCCnnQ>') header = [tok_id, flags, filler, ec, rrc, sequence_number].pack('nCCnnQ>') # "x" chosen as the filler based on the Linux implementation of the kerberos client # https://salsa.debian.org/debian/krb5/-/blob/0269810b1aec6c554fb746433f045d59fd34ab3a/src/lib/gssapi/krb5/k5sealv3.c#L160 ec_filler = "x" * ec plaintext = plaintext + ec_filler + plaintext_header ciphertext = self.encrypt(plaintext, key.value, key_usage) rotated = rotate(ciphertext, rrc) result = [header + rotated, header_length, ec] end |