Class: Rex::Proto::Kerberos::Model::AuthorizationData

Inherits:
Element
  • Object
show all
Defined in:
lib/rex/proto/kerberos/model/authorization_data.rb

Overview

This class provides a representation of a Kerberos AuthorizationData data definition.

Constant Summary

Constants included from Rex::Proto::Kerberos::Model

AD_IF_RELEVANT, AP_REQ, AS_REP, AS_REQ, AUTHENTICATOR, ERROR_CODES, KDC_OPTION_ALLOW_POST_DATE, KDC_OPTION_ENC_TKT_IN_SKEY, KDC_OPTION_FORWARDABLE, KDC_OPTION_FORWARDED, KDC_OPTION_POST_DATED, KDC_OPTION_PROXIABLE, KDC_OPTION_PROXY, KDC_OPTION_RENEW, KDC_OPTION_RENEWABLE, KDC_OPTION_RENEWABLE_OK, KDC_OPTION_RESERVED, KDC_OPTION_UNUSED_10, KDC_OPTION_UNUSED_11, KDC_OPTION_UNUSED_7, KDC_OPTION_UNUSED_9, KDC_OPTION_VALIDATE, KRB_ERROR, NT_PRINCIPAL, NT_SRV_HST, NT_SRV_INST, NT_SRV_XHST, NT_UID, NT_UNKNOWN, PA_ENC_TIMESTAMP, PA_PAC_REQUEST, PA_PW_SALT, PA_TGS_REQ, TGS_REP, TGS_REQ, TICKET, VERSION

Constants included from Crypto

Crypto::ENC_AS_RESPONSE, Crypto::ENC_KDC_REQUEST_BODY, Crypto::ENC_TGS_RESPONSE, Crypto::RC4_HMAC, Crypto::RSA_MD5

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods inherited from Element

attr_accessor, attributes, #attributes, decode, #initialize

Methods included from Crypto::RsaMd5

#checksum_rsa_md5

Methods included from Crypto::Rc4Hmac

#decrypt_rc4_hmac, #encrypt_rc4_hmac

Constructor Details

This class inherits a constructor from Rex::Proto::Kerberos::Model::Element

Instance Attribute Details

#elementsHash{Symbol => <Integer, String>}

Returns The type of the authorization data.

Returns:

  • (Hash{Symbol => <Integer, String>})

    The type of the authorization data


14
15
16
# File 'lib/rex/proto/kerberos/model/authorization_data.rb', line 14

def elements
  @elements
end

Instance Method Details

#decode(input) ⇒ Object

Rex::Proto::Kerberos::Model::AuthorizationData decoding isn't supported


19
20
21
# File 'lib/rex/proto/kerberos/model/authorization_data.rb', line 19

def decode(input)
  raise ::NotImplementedError, 'Authorization Data decoding not supported'
end

#encodeString

Encodes a Rex::Proto::Kerberos::Model::AuthorizationData into an ASN.1 String

Returns:

  • (String)

26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# File 'lib/rex/proto/kerberos/model/authorization_data.rb', line 26

def encode
  seqs = []
  elements.each do |elem|
    elems = []
    type_asn1 = OpenSSL::ASN1::ASN1Data.new([encode_type(elem[:type])], 0, :CONTEXT_SPECIFIC)
    elems << type_asn1
    data_asn1 = OpenSSL::ASN1::ASN1Data.new([encode_data(elem[:data])], 1, :CONTEXT_SPECIFIC)
    elems << data_asn1
    seqs << OpenSSL::ASN1::Sequence.new(elems)
  end

  seq = OpenSSL::ASN1::Sequence.new(seqs)

  seq.to_der
end

#encrypt(etype, key) ⇒ String

Encrypts the Rex::Proto::Kerberos::Model::AuthorizationData

Parameters:

  • etype (Integer)

    the crypto schema to encrypt

  • key (String)

    the key to encrypt

Returns:

  • (String)

    the encrypted result

Raises:


48
49
50
51
52
53
54
55
56
57
58
59
60
# File 'lib/rex/proto/kerberos/model/authorization_data.rb', line 48

def encrypt(etype, key)
  data = self.encode

  res = ''
  case etype
  when RC4_HMAC
    res = encrypt_rc4_hmac(data, key, 5)
  else
    raise ::NotImplementedError, 'EncryptedData schema is not supported'
  end

  res
end