class Rex::Proto::Kerberos::Model::Authenticator

This class provides a representation of an Authenticator, sent with a ticket to the server to certify the client's knowledge of the encryption key in the ticket.

Attributes

checksum[RW]

@!attribute checksum

@return [Rex::Proto::Kerberos::Model::Checksum] The checksum of the application data that
accompanies the KRB_AP_REQ.
cname[RW]

@!attribute cname

@return [Rex::Proto::Kerberos::Model::PrincipalName] The name part of the client's principal
identifier
crealm[RW]

@!attribute crealm

@return [String] The realm in which the client is registered
ctime[RW]

@!attribute ctime

@return [Time] The current time of the client's host
cusec[RW]

@!attribute cusec

@return [Fixnum] The microsecond part of the client's timestamp
subkey[RW]

@!attribute subkey

@return [Rex::Proto::Kerberos::Model::EncryptionKey] the client's choice for an encryption
key which is to be used to protect this specific application session
vno[RW]

@!attribute vno

@return [Fixnum] The authenticator version number

Public Instance Methods

decode(input) click to toggle source

Rex::Proto::Kerberos::Model::Authenticator decoding isn't supported

@raise [NotImplementedError]

# File lib/rex/proto/kerberos/model/authenticator.rb, line 38
def decode(input)
  raise ::NotImplementedError, 'Authenticator decoding not supported'
end
encode() click to toggle source

Encodes the Rex::Proto::Kerberos::Model::Authenticator into an ASN.1 String

@return [String]

# File lib/rex/proto/kerberos/model/authenticator.rb, line 45
def encode
  elems = []
  elems << OpenSSL::ASN1::ASN1Data.new([encode_vno], 0, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_crealm], 1, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_cname], 2, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_checksum], 3, :CONTEXT_SPECIFIC) if checksum
  elems << OpenSSL::ASN1::ASN1Data.new([encode_cusec], 4, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_ctime], 5, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_subkey], 6, :CONTEXT_SPECIFIC) if subkey

  seq = OpenSSL::ASN1::Sequence.new(elems)
  seq_asn1 = OpenSSL::ASN1::ASN1Data.new([seq], AUTHENTICATOR, :APPLICATION)

  seq_asn1.to_der
end
encrypt(etype, key) click to toggle source

Encrypts the Rex::Proto::Kerberos::Model::Authenticator

@param etype [Fixnum] the crypto schema to encrypt @param key [String] the key to encrypt @return [String] the encrypted result @raise [NotImplementedError] if the encryption schema isn't supported

# File lib/rex/proto/kerberos/model/authenticator.rb, line 67
def encrypt(etype, key)
  data = self.encode

  res = ''
  case etype
  when RC4_HMAC
    res = encrypt_rc4_hmac(data, key, 7)
  else
    raise ::NotImplementedError, 'EncryptedData schema is not supported'
  end

  res
end

Private Instance Methods

encode_checksum() click to toggle source

Encodes the checksum field

@return [String]

# File lib/rex/proto/kerberos/model/authenticator.rb, line 111
def encode_checksum
  checksum.encode
end
encode_cname() click to toggle source

Encodes the cname field

@return [String]

# File lib/rex/proto/kerberos/model/authenticator.rb, line 104
def encode_cname
  cname.encode
end
encode_crealm() click to toggle source

Encodes the crealm field

@return [OpenSSL::ASN1::GeneralString]

# File lib/rex/proto/kerberos/model/authenticator.rb, line 97
def encode_crealm
  OpenSSL::ASN1::GeneralString.new(crealm)
end
encode_ctime() click to toggle source

Encodes the ctime field

@return [OpenSSL::ASN1::GeneralizedTime]

# File lib/rex/proto/kerberos/model/authenticator.rb, line 128
def encode_ctime
  OpenSSL::ASN1::GeneralizedTime.new(ctime)
end
encode_cusec() click to toggle source

Encodes the cusec field

@return [OpenSSL::ASN1::Integer]

# File lib/rex/proto/kerberos/model/authenticator.rb, line 118
def encode_cusec
  bn = OpenSSL::BN.new(cusec.to_s)
  int = OpenSSL::ASN1::Integer.new(bn)

  int
end
encode_subkey() click to toggle source

Encodes the subkey field

@return [String]

# File lib/rex/proto/kerberos/model/authenticator.rb, line 135
def encode_subkey
  subkey.encode
end
encode_vno() click to toggle source

Encodes the vno field

@return [OpenSSL::ASN1::Integer]

# File lib/rex/proto/kerberos/model/authenticator.rb, line 87
def encode_vno
  bn = OpenSSL::BN.new(vno.to_s)
  int = OpenSSL::ASN1::Integer.new(bn)

  int
end