Home Explore Help
Register Sign In
publics
/
gokrb5.v7
0
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

test decrypt

Jonathan Turner 9 years ago
parent
ceb5659ec0
commit
f24fe484d4
7 changed files with 52 additions and 22 deletions
Split View Show Diff Stats
  1. 7 1
      crypto/EncryptionEngine.go
  2. 2 2
      crypto/aes-cts-hmac-sha1-96.go
  3. 29 14
      debug.go
  4. 8 2
      messages/KDCRep.go
  5. 1 1
      messages/KDCRep_test.go
  6. 2 1
      testenv/krb5kdc-vagrant/bootstrap.sh
  7. 3 1
      testenv/krbclient-vagrant/bootstrap.sh

+ 7 - 1
crypto/EncryptionEngine.go
View File 

@@ -118,6 +118,13 @@ func GetChecksum(pt, key []byte, usage int, etype EType) ([]byte, error) {
 
 		return nil, fmt.Errorf("Unable to derive key for checksum: %v", err)
 
 	}
 
 	mac := hmac.New(etype.GetHash, k)
 
+	//TODO do I need to append the ivz before taking the hash?
 
+	//ivz := make([]byte, etype.GetConfounderByteSize())
 
+	//pt = append(ivz, pt...)
 
+	//if r := len(pt)%etype.GetMessageBlockByteSize(); r != 0 {
 
+	//	t := make([]byte, etype.GetMessageBlockByteSize() - r)
 
+	//	pt = append(pt, t...)
 
+	//}
 
 	mac.Write(pt)
 
 	return mac.Sum(nil), nil
 
 }
 
@@ -129,7 +136,6 @@ func VerifyChecksum(key, ct, pt []byte, usage int, etype EType) bool {
 
 	//random confounder prefix and sufficient padding to bring it to a
 
 	//multiple of the message block size.  When the HMAC is computed, the
 
 	//key is used in the protocol key form.
 
-	// HMAC(Ki, P1)[1..h] - note this starts from 1 not zero hence getting the last etype.GetHMACBitLength()/8 + 1 bytes not 12 and [1:12]
 
 	h := ct[len(ct)-etype.GetHMACBitLength()/8+1:]
 
 	expectedMAC, _ := GetChecksum(pt, key, usage, etype)
 
 	return hmac.Equal(h, expectedMAC[1:etype.GetHMACBitLength()/8])

+ 2 - 2
crypto/aes-cts-hmac-sha1-96.go
View File 

@@ -123,7 +123,7 @@ func AESCTSEncrypt(key, iv, message []byte, e EType) ([]byte, []byte, error) {
 
 	ct = append(ct, lb...)
 
 	ct = append(ct, pb...)
 
 	return lb, ct[:l], nil
 
-	//TODO do we need to add the hash to the beginning?
 
+	//TODO do we need to add the hash to the end?
 
 }
 
 
 func AESCTSDecrypt(key, ciphertext []byte, e EType) ([]byte, error) {
 
@@ -141,7 +141,7 @@ func AESCTSDecrypt(key, ciphertext []byte, e EType) ([]byte, error) {
 
 	}
 
 	var mode cipher.BlockMode
 
 	//iv full of zeros
 
-	ivz := make([]byte, aes.BlockSize)
 
+	ivz := make([]byte, e.GetConfounderByteSize())
 
 
 	//If ciphertext is multiple of blocksize we just need to swap back the last two blocks and then do CBC
 
 	//If the ciphertext is just one block we can't swap so we just decrypt

+ 29 - 14
debug.go
View File 

@@ -1,13 +1,18 @@
 
 package main
 
 
 import (
 
-	"net"
 
-	"github.com/jcmturner/gokrb5/messages"
 
-	"time"
 
+	"encoding/hex"
 
 	"fmt"
 
+	"github.com/jcmturner/gokrb5/keytab"
 
+	"github.com/jcmturner/gokrb5/messages"
 
+	"github.com/jcmturner/gokrb5/types"
 
+	"net"
 
 	"os"
 
+	"time"
 
 )
 
 
+const ktab = "05020000004b0001000b544553542e474f4b5242350009746573747573657231000000015898e0770100120020bbdc430aab7e2d4622a0b6951481453b0962e9db8e2f168942ad175cda6d9de900000001"
 
+
 
 func main() {
 
 	udpAddr, _ := net.ResolveUDPAddr("udp", "10.80.88.88:88")
 
 	realm := "TEST.GOKRB5"
 
@@ -15,7 +20,14 @@ func main() {
 
 	conn, _ := net.DialUDP("udp", nil, udpAddr)
 
 	defer conn.Close()
 
 
+	var pas types.PADataSequence
 
+	pa := types.PAData{
 
+		PADataType: 149,
 
+	}
 
+	pas = append(pas, pa)
 
+
 
 	a := messages.NewASReq()
 
+	a.PAData = pas
 
 	a.ReqBody.Realm = realm
 
 	a.ReqBody.CName.NameString = []string{"testuser1"}
 
 	a.ReqBody.SName.NameType = 2
 
@@ -28,23 +40,26 @@ func main() {
 
 	if err != nil {
 
 		fmt.Fprintf(os.Stderr, "Error marshalling AS_REQ: %v\n", err)
 
 	}
 
-	var m messages.ASReq
 
-	m.Unmarshal(b)
 
-	b, err = m.Marshal()
 
-	if err != nil {
 
-		fmt.Fprintf(os.Stderr, "Error marshalling AS_REQ: %v\n", err)
 
-	}
 
-	fmt.Fprintf(os.Stdout, "AS_REQ post marshal: %+v\n", m)
 
-	_, _ = conn.Write(b)
 
 
+	_, _ = conn.Write(b)
 
 
 	buf := make([]byte, 4096)
 
-	n,_,err := conn.ReadFrom(buf)
 
-
 
+	n, _, err := conn.ReadFrom(buf)
 
 	var r messages.ASRep
 
 	r.Unmarshal(buf[:n])
 
-	fmt.Fprintf(os.Stdout, "AS REP: %+v\n", r)
 
+	fmt.Fprintf(os.Stdout, "AS_REP: %+v\n", r)
 
 
+	kb, _ := hex.DecodeString(ktab)
 
+	kt, err := keytab.Parse(kb)
 
+	if err != nil {
 
+		fmt.Fprintf(os.Stderr, "KT load err: %v\n", err)
 
+	}
 
+	fmt.Fprintf(os.Stdout, "KT: %+v", kt)
 
+	err = r.DecryptEncPart(kt)
 
+	if err != nil {
 
+		fmt.Fprintf(os.Stderr, "Decrypt err: %v\n", err)
 
+	}
 
 
+	fmt.Fprintf(os.Stdout, "AS REP: %+v\n", r)
 
 
 }

+ 8 - 2
messages/KDCRep.go
View File 

@@ -127,14 +127,20 @@ func decryptKDCRepEncPart(ct []byte, kt keytab.Keytab) (EncKDCRepPart, error) {
 
 	//TODO create the etype based on the EType value in the EncPart and find the corresponding entry in the keytab
 
 	//k.EncPart.EType
 
 	var etype crypto.Aes256CtsHmacSha96
 
+	var denc EncKDCRepPart
 
 	//Derive the key
 
 	//Key Usage Number: 3 - "AS-REP encrypted part (includes TGS session key or application session key), encrypted with the client key"
 
 	key, err := etype.DeriveKey(kt.Entries[0].Key.KeyMaterial, crypto.GetUsageKe(3))
 
+	if err != nil {
 
+		return denc, fmt.Errorf("Error deriving key: %v", err)
 
+	}
 
 	// Strip off the checksum from the end
 
-	//TODO should this check be moved to the Decrypt method?
 
+	//TODO should this check be moved to the Decrypt method? No as makes it hard to test
 
 	b, err := etype.Decrypt(key, ct[:len(ct)-etype.GetHMACBitLength()/8])
 
+	if err != nil {
 
+		return denc, fmt.Errorf("Error decrypting: %v", err)
 
+	}
 
 	//Verify checksum
 
-	var denc EncKDCRepPart
 
 	if !etype.VerifyChecksum(kt.Entries[0].Key.KeyMaterial, ct, b, 3) {
 
 		return denc, errors.New("Error decrypting encrypted part: checksum verification failed")
 
 	}

+ 1 - 1
messages/KDCRep_test.go
View File 

@@ -245,7 +245,7 @@ func TestUnmarshalASRepDecodeAndDecrypt(t *testing.T) {
 
 	//t.Log("Finished testing unecrypted parts of AS REP")
 
 	kt, err := keytab.Load(dir + "/tmp.keytab")
 
 	if err != nil {
 
-		fmt.Printf("keytab parse error: %v\n", err)
 
+		t.Fatalf("keytab parse error: %v\n", err)
 
 	}
 
 	err = asRep.DecryptEncPart(kt)
 
 	if err != nil {

+ 2 - 1
testenv/krb5kdc-vagrant/bootstrap.sh
View File 

@@ -6,10 +6,11 @@ setenforce 0
 
 sed -i "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/sysconfig/selinux
 
 
 yum update -y && yum clean all
 
-yum install -y tcpdump krb5-server krb5-workstation httpd mod_auth_kerb mod_ssl
 
+yum install -y tcpdump krb5-server krb5-workstation httpd mod_auth_kerb mod_ssl ntp
 
 
 systemctl stop firewalld
 
 systemctl disable firewalld
 
+systemctl enable ntpd
 
 
 cat <<EOF >> /etc/sysctl.conf
 
 net.ipv6.conf.all.disable_ipv6 = 1

+ 3 - 1
testenv/krbclient-vagrant/bootstrap.sh
View File 

@@ -6,10 +6,12 @@ setenforce 0
 
 sed -i "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/sysconfig/selinux
 
 
 yum update -y && yum clean all
 
-yum install -y tcpdump krb5-workstation
 
+yum install -y tcpdump krb5-workstation ntp
 
 
 systemctl stop firewalld
 
 systemctl disable firewalld
 
+systemctl enable ntpd
 
+
 
 
 cat <<EOF >> /etc/sysctl.conf
 
 net.ipv6.conf.all.disable_ipv6 = 1