lib/rex/proto/kerberos/model/krb_error.rb
# -*- coding: binary -*-
module Rex
module Proto
module Kerberos
module Model
# This class provides a representation of a Kerberos KRB-ERROR (response error)
# message definition.
class KrbError < Element
# @!attribute pvno
# @return [Integer] The protocol version number
attr_accessor :pvno
# @!attribute msg_type
# @return [Integer] The type of a protocol message
attr_accessor :msg_type
# @!attribute ctime
# @return [Time] The current time of the client's host
attr_accessor :ctime
# @!attribute cusec
# @return [Integer] The microseconds part of the client timestamp
attr_accessor :cusec
# @!attribute stime
# @return [Time] The current time of the server
attr_accessor :stime
# @!attribute susec
# @return [Integer] The microseconds part of the server timestamp
attr_accessor :susec
# @!attribute error_code
# @return [Rex::Proto::Kerberos::Model::Error::ErrorCode] The error request returned by kerberos or the server when a request fails
attr_accessor :error_code
# @!attribute crealm
# @return [String] The realm part of the client's principal identifier
attr_accessor :crealm
# @!attribute cname
# @return [Rex::Proto::Kerberos::Model::PrincipalName] The name part of the client's principal identifier
attr_accessor :cname
# @!attribute realm
# @return [String] The realm part of the server's principal identifier
attr_accessor :realm
# @!attribute sname
# @return [Rex::Proto::Kerberos::Model::PrincipalName] The name part of the server's identity
attr_accessor :sname
# @!attribute etext
# @return [String] Additional text to help explain the error code
attr_accessor :etext
# @!attribute e_data
# @return [String] additional data about the error (ASN.1 encoded data)
attr_accessor :e_data
# Decodes the Rex::Proto::Kerberos::Model::KrbError from an input
#
# @param input [String, OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [self] if decoding succeeds
# @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError] if decoding doesn't succeed
def decode(input)
case input
when String
decode_string(input)
when OpenSSL::ASN1::ASN1Data
decode_asn1(input)
else
raise ::Rex::Proto::Kerberos::Model::Error::KerberosDecodingError, 'Failed to decode KrbError, invalid input'
end
self
end
# Rex::Proto::Kerberos::Model::KrbError encoding isn't supported
#
# @raise [NotImplementedError]
def encode
raise ::NotImplementedError, 'KrbError encoding not supported'
end
# Decodes the e_data field as an Array<PreAuthDataEntry>
#
# @return [Array<Rex::Proto::Kerberos::Model::PreAuthDataEntry>]
def e_data_as_pa_data
pre_auth = []
decoded = OpenSSL::ASN1.decode(self.e_data)
decoded.each do |pre_auth_data|
pre_auth << Rex::Proto::Kerberos::Model::PreAuthDataEntry.decode(pre_auth_data)
end
pre_auth
end
# Decodes the e_data field as a PreAuthData
#
# @return [Rex::Proto::Kerberos::Model::PreAuthData]
def e_data_as_pa_data_entry
if self.e_data
decoded = OpenSSL::ASN1.decode(self.e_data)
Rex::Proto::Kerberos::Model::PreAuthDataEntry.decode(decoded)
else
# This is implementation-defined, so may be different in some cases
nil
end
end
private
# Decodes a Rex::Proto::Kerberos::Model::KrbError from an String
#
# @param input [String] the input to decode from
def decode_string(input)
asn1 = OpenSSL::ASN1.decode(input)
decode_asn1(asn1)
end
# Decodes a Rex::Proto::Kerberos::Model::KrbError
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @raise [Rex::Proto::Kerberos::Model::Error::KerberosDecodingError] if decoding doesn't succeed
def decode_asn1(input)
input.value[0].value.each do |val|
case val.tag
when 0
self.pvno = decode_pvno(val)
when 1
self.msg_type = decode_msg_type(val)
when 2
self.ctime = decode_ctime(val)
when 3
self.cusec = decode_cusec(val)
when 4
self.stime = decode_stime(val)
when 5
self.susec = decode_susec(val)
when 6
self.error_code = decode_error_code(val)
when 7
self.crealm = decode_crealm(val)
when 8
self.cname = decode_cname(val)
when 9
self.realm = decode_realm(val)
when 10
self.sname = decode_sname(val)
when 11
self.etext = decode_etext(val)
when 12
self.e_data = decode_e_data(val)
else
raise ::Rex::Proto::Kerberos::Model::Error::KerberosDecodingError, "Failed to decode KRB-ERROR SEQUENCE (#{val.tag})"
end
end
end
# Decodes the pvno from an OpenSSL::ASN1::ASN1Data
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Integer]
def decode_pvno(input)
input.value[0].value.to_i
end
# Decodes the msg_type from an OpenSSL::ASN1::ASN1Data
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Integer]
def decode_msg_type(input)
input.value[0].value.to_i
end
# Decodes the ctime field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Time]
def decode_ctime(input)
input.value[0].value
end
# Decodes the cusec field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Integer]
def decode_cusec(input)
input.value[0].value
end
# Decodes the stime field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Time]
def decode_stime(input)
input.value[0].value
end
# Decodes the susec field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Integer]
def decode_susec(input)
input.value[0].value.to_i
end
# Decodes the error_code field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Rex::Proto::Kerberos::Model::Error::ErrorCode]
def decode_error_code(input)
value = input.value[0].value.to_i
Error::ErrorCodes::ERROR_MAP[value] || Error::ErrorCode.new('UNKNOWN', value, 'Unknown error')
end
# Decodes the crealm field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [String]
def decode_crealm(input)
input.value[0].value
end
# Decodes the cname field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Rex::Proto::Kerberos::Model::PrincipalName]
def decode_cname(input)
Rex::Proto::Kerberos::Model::PrincipalName.decode(input.value[0])
end
# Decodes the realm field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [String]
def decode_realm(input)
input.value[0].value
end
# Decodes the sname field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [Rex::Proto::Kerberos::Model::PrincipalName]
def decode_sname(input)
Rex::Proto::Kerberos::Model::PrincipalName.decode(input.value[0])
end
# Decodes the e-text field
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [String]
def decode_etext(input)
input.value[0].value
end
# Decodes the e_data from an OpenSSL::ASN1::ASN1Data
#
# @param input [OpenSSL::ASN1::ASN1Data] the input to decode from
# @return [String]
def decode_e_data(input)
input.value[0].value
end
end
end
end
end
end