Home Explore Help
Register Sign In
publics
/
gokrb5.v7
0
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

pac

Jonathan Turner 9 years ago
parent
dd60e8a047
commit
622edd2e00
4 changed files with 29 additions and 30 deletions
Unified View Show Diff Stats
  1. 2 1
      iana/chksumtype/constants.go
  2. 2 2
      messages/Ticket.go
  3. 7 12
      pac/pac_client_info.go
  4. 18 15
      pac/pac_signature_data.go

+ 2 - 1
iana/chksumtype/constants.go
View File 

@@ -26,5 +26,6 @@ const (
 
 	//UNASSIGNED : 21-32770
 
 	//UNASSIGNED : 21-32770
 
 	GSSAPI = 32771
 
 	GSSAPI = 32771
 
 	//UNASSIGNED : 32772-2147483647
 
 	//UNASSIGNED : 32772-2147483647
 
-	KERB_CHECKSUM_HMAC_MD5 = 4294967158 // 0xFFFFFF76 documentation says this is -138 but in an unsigned int this is 4294967158
 
+	KERB_CHECKSUM_HMAC_MD5_UNSIGNED = 4294967158 // 0xFFFFFF76 documentation says this is -138 but in an unsigned int this is 4294967158
 
+	KERB_CHECKSUM_HMAC_MD5          = -138
 
 )
 
 )

+ 2 - 2
messages/Ticket.go
View File 

@@ -193,12 +193,12 @@ func (t *Ticket) GetPACType(key types.EncryptionKey) (pac.PACType, error) {
 
 			if err != nil {
 
 			if err != nil {
 
 				continue
 
 				continue
 
 			}
 
 			}
 
-			// TODO note does tthe entry contain and AuthorizationData or AuthorizationDataEntry. Assuming the former atm.
 
+			// TODO note does the entry contain and AuthorizationData or AuthorizationDataEntry. Assuming the former atm.
 
 			if ad2[0].ADType == adtype.AD_WIN2K_PAC {
 
 			if ad2[0].ADType == adtype.AD_WIN2K_PAC {
 
 				var pac pac.PACType
 
 				var pac pac.PACType
 
 				err = pac.Unmarshal(ad2[0].ADData)
 
 				err = pac.Unmarshal(ad2[0].ADData)
 
 				if err != nil {
 
 				if err != nil {
 
-					return pac, err
 
+					return pac, fmt.Errorf("Error unmarshaling PAC: %v", err)
 
 				}
 
 				}
 
 				err = pac.ProcessPACInfoBuffers(key)
 
 				err = pac.ProcessPACInfoBuffers(key)
 
 				return pac, err
 
 				return pac, err

+ 7 - 12
pac/pac_client_info.go
View File 

@@ -1,7 +1,7 @@
 
 package pac
 
 package pac
 
 
 
 import (
 
 import (
 
-	"fmt"
 
+	"encoding/binary"
 
 	"github.com/jcmturner/gokrb5/mstypes"
 
 	"github.com/jcmturner/gokrb5/mstypes"
 
 	"github.com/jcmturner/gokrb5/ndr"
 
 	"github.com/jcmturner/gokrb5/ndr"
 
 )
 
 )
 
@@ -14,20 +14,15 @@ type PAC_ClientInfo struct {
 
 }
 
 }
 
 
 
 func (k *PAC_ClientInfo) Unmarshal(b []byte) error {
 
 func (k *PAC_ClientInfo) Unmarshal(b []byte) error {
 
-	ch, _, p, err := ndr.ReadHeaders(&b)
 
-	if err != nil {
 
-		return fmt.Errorf("Error parsing byte stream headers: %v", err)
 
-	}
 
-	e := &ch.Endianness
 
-
 
-	//The next 4 bytes are an RPC unique pointer referent. We just skip these
 
-	p += 4
 
+	//The PAC_CLIENT_INFO structure is a simple structure that is not NDR-encoded.
 
+	var p int
 
+	var e binary.ByteOrder = binary.LittleEndian
 
 
 
-	k.ClientID = mstypes.Read_FileTime(&b, &p, e)
 
-	k.NameLength = ndr.Read_uint16(&b, &p, e)
 
+	k.ClientID = mstypes.Read_FileTime(&b, &p, &e)
 
+	k.NameLength = ndr.Read_uint16(&b, &p, &e)
 
 	s := make([]rune, k.NameLength, k.NameLength)
 
 	s := make([]rune, k.NameLength, k.NameLength)
 
 	for i := 0; i < len(s); i++ {
 
 	for i := 0; i < len(s); i++ {
 
-		s[i] = rune(ndr.Read_uint16(&b, &p, e))
 
+		s[i] = rune(ndr.Read_uint16(&b, &p, &e))
 
 	}
 
 	}
 
 	k.Name = string(s)
 
 	k.Name = string(s)

+ 18 - 15
pac/pac_signature_data.go
View File 

@@ -1,7 +1,7 @@
 
 package pac
 
 package pac
 
 
 
 import (
 
 import (
 
-	"fmt"
 
+	"encoding/binary"
 
 	"github.com/jcmturner/gokrb5/iana/chksumtype"
 
 	"github.com/jcmturner/gokrb5/iana/chksumtype"
 
 	"github.com/jcmturner/gokrb5/ndr"
 
 	"github.com/jcmturner/gokrb5/ndr"
 
 )
 
 )
 
@@ -37,27 +37,30 @@ type PAC_SignatureData struct {
 
 }
 
 }
 
 
 
 func (k *PAC_SignatureData) Unmarshal(b []byte) ([]byte, error) {
 
 func (k *PAC_SignatureData) Unmarshal(b []byte) ([]byte, error) {
 
-	ch, _, p, err := ndr.ReadHeaders(&b)
 
-	if err != nil {
 
-		return []byte{}, fmt.Errorf("Error parsing byte stream headers: %v", err)
 
-	}
 
-	e := &ch.Endianness
 
-
 
-	//The next 4 bytes are an RPC unique pointer referent. We just skip these
 
-	p += 4
 
+	//ch, _, p, err := ndr.ReadHeaders(&b)
 
+	//if err != nil {
 
+	//	return []byte{}, fmt.Errorf("Error parsing byte stream headers: %v", err)
 
+	//}
 
+	//e := &ch.Endianness
 
+	//
 
+	////The next 4 bytes are an RPC unique pointer referent. We just skip these
 
+	//p += 4
 
+	var p int
 
+	var e binary.ByteOrder = binary.LittleEndian
 
 
 
-	k.SignatureType = ndr.Read_uint32(&b, &p, e)
 
+	k.SignatureType = ndr.Read_uint32(&b, &p, &e)
 
 	var c int
 
 	var c int
 
 	switch k.SignatureType {
 
 	switch k.SignatureType {
 
-	case chksumtype.KERB_CHECKSUM_HMAC_MD5:
 
+	case chksumtype.KERB_CHECKSUM_HMAC_MD5_UNSIGNED:
 
 		c = 16
 
 		c = 16
 
 	case chksumtype.HMAC_SHA1_96_AES128:
 
 	case chksumtype.HMAC_SHA1_96_AES128:
 
 		c = 12
 
 		c = 12
 
 	case chksumtype.HMAC_SHA1_96_AES256:
 
 	case chksumtype.HMAC_SHA1_96_AES256:
 
 		c = 12
 
 		c = 12
 
 	}
 
 	}
 
-	k.Signature = ndr.Read_bytes(&b, &p, c, e)
 
-	k.RODCIdentifier = ndr.Read_uint16(&b, &p, e)
 
+	sp := p
 
+	k.Signature = ndr.Read_bytes(&b, &p, c, &e)
 
+	k.RODCIdentifier = ndr.Read_uint16(&b, &p, &e)
 
 
 
 	//Check that there is only zero padding left
 
 	//Check that there is only zero padding left
 
 	for _, v := range b[p:] {
 
 	for _, v := range b[p:] {
 
@@ -69,8 +72,8 @@ func (k *PAC_SignatureData) Unmarshal(b []byte) ([]byte, error) {
 
 	// Create bytes with zeroed signature needed for checksum verification
 
 	// Create bytes with zeroed signature needed for checksum verification
 
 	rb := make([]byte, len(b), len(b))
 
 	rb := make([]byte, len(b), len(b))
 
 	copy(rb, b)
 
 	copy(rb, b)
 
-	z := make([]byte, c, c)
 
-	copy(rb[p:p+c], z)
 
+	z := make([]byte, len(b), len(b))
 
+	copy(rb[sp:sp+c], z)
 
 
 
 	return rb, nil
 
 	return rb, nil
 
 }
 
 }