221 lines
8.6 KiB
Go
221 lines
8.6 KiB
Go
|
package messages
|
||
|
|
||
|
import (
|
||
|
"fmt"
|
||
|
"time"
|
||
|
|
||
|
"github.com/jcmturner/gofork/encoding/asn1"
|
||
|
"gopkg.in/jcmturner/gokrb5.v7/asn1tools"
|
||
|
"gopkg.in/jcmturner/gokrb5.v7/crypto"
|
||
|
"gopkg.in/jcmturner/gokrb5.v7/iana"
|
||
|
"gopkg.in/jcmturner/gokrb5.v7/iana/asnAppTag"
|
||
|
"gopkg.in/jcmturner/gokrb5.v7/iana/errorcode"
|
||
|
"gopkg.in/jcmturner/gokrb5.v7/iana/keyusage"
|
||
|
"gopkg.in/jcmturner/gokrb5.v7/iana/msgtype"
|
||
|
"gopkg.in/jcmturner/gokrb5.v7/keytab"
|
||
|
"gopkg.in/jcmturner/gokrb5.v7/krberror"
|
||
|
"gopkg.in/jcmturner/gokrb5.v7/types"
|
||
|
)
|
||
|
|
||
|
/*AP-REQ ::= [APPLICATION 14] SEQUENCE {
|
||
|
pvno [0] INTEGER (5),
|
||
|
msg-type [1] INTEGER (14),
|
||
|
ap-options [2] APOptions,
|
||
|
ticket [3] Ticket,
|
||
|
authenticator [4] EncryptedData -- Authenticator
|
||
|
}
|
||
|
|
||
|
APOptions ::= KerberosFlags
|
||
|
-- reserved(0),
|
||
|
-- use-session-key(1),
|
||
|
-- mutual-required(2)*/
|
||
|
|
||
|
type marshalAPReq struct {
|
||
|
PVNO int `asn1:"explicit,tag:0"`
|
||
|
MsgType int `asn1:"explicit,tag:1"`
|
||
|
APOptions asn1.BitString `asn1:"explicit,tag:2"`
|
||
|
// Ticket needs to be a raw value as it is wrapped in an APPLICATION tag
|
||
|
Ticket asn1.RawValue `asn1:"explicit,tag:3"`
|
||
|
EncryptedAuthenticator types.EncryptedData `asn1:"explicit,tag:4"`
|
||
|
}
|
||
|
|
||
|
// APReq implements RFC 4120 KRB_AP_REQ: https://tools.ietf.org/html/rfc4120#section-5.5.1.
|
||
|
type APReq struct {
|
||
|
PVNO int `asn1:"explicit,tag:0"`
|
||
|
MsgType int `asn1:"explicit,tag:1"`
|
||
|
APOptions asn1.BitString `asn1:"explicit,tag:2"`
|
||
|
Ticket Ticket `asn1:"explicit,tag:3"`
|
||
|
EncryptedAuthenticator types.EncryptedData `asn1:"explicit,tag:4"`
|
||
|
Authenticator types.Authenticator `asn1:"optional"`
|
||
|
}
|
||
|
|
||
|
// NewAPReq generates a new KRB_AP_REQ struct.
|
||
|
func NewAPReq(tkt Ticket, sessionKey types.EncryptionKey, auth types.Authenticator) (APReq, error) {
|
||
|
var a APReq
|
||
|
ed, err := encryptAuthenticator(auth, sessionKey, tkt)
|
||
|
if err != nil {
|
||
|
return a, krberror.Errorf(err, krberror.KRBMsgError, "error creating Authenticator for AP_REQ")
|
||
|
}
|
||
|
a = APReq{
|
||
|
PVNO: iana.PVNO,
|
||
|
MsgType: msgtype.KRB_AP_REQ,
|
||
|
APOptions: types.NewKrbFlags(),
|
||
|
Ticket: tkt,
|
||
|
EncryptedAuthenticator: ed,
|
||
|
}
|
||
|
return a, nil
|
||
|
}
|
||
|
|
||
|
// Encrypt Authenticator
|
||
|
func encryptAuthenticator(a types.Authenticator, sessionKey types.EncryptionKey, tkt Ticket) (types.EncryptedData, error) {
|
||
|
var ed types.EncryptedData
|
||
|
m, err := a.Marshal()
|
||
|
if err != nil {
|
||
|
return ed, krberror.Errorf(err, krberror.EncodingError, "marshaling error of EncryptedData form of Authenticator")
|
||
|
}
|
||
|
usage := authenticatorKeyUsage(tkt.SName)
|
||
|
ed, err = crypto.GetEncryptedData(m, sessionKey, uint32(usage), tkt.EncPart.KVNO)
|
||
|
if err != nil {
|
||
|
return ed, krberror.Errorf(err, krberror.EncryptingError, "error encrypting Authenticator")
|
||
|
}
|
||
|
return ed, nil
|
||
|
}
|
||
|
|
||
|
// DecryptAuthenticator decrypts the Authenticator within the AP_REQ.
|
||
|
// sessionKey may simply be the key within the decrypted EncPart of the ticket within the AP_REQ.
|
||
|
func (a *APReq) DecryptAuthenticator(sessionKey types.EncryptionKey) error {
|
||
|
usage := authenticatorKeyUsage(a.Ticket.SName)
|
||
|
ab, e := crypto.DecryptEncPart(a.EncryptedAuthenticator, sessionKey, uint32(usage))
|
||
|
if e != nil {
|
||
|
return fmt.Errorf("error decrypting authenticator: %v", e)
|
||
|
}
|
||
|
err := a.Authenticator.Unmarshal(ab)
|
||
|
if err != nil {
|
||
|
return fmt.Errorf("error unmarshaling authenticator: %v", err)
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func authenticatorKeyUsage(pn types.PrincipalName) int {
|
||
|
if pn.NameString[0] == "krbtgt" {
|
||
|
return keyusage.TGS_REQ_PA_TGS_REQ_AP_REQ_AUTHENTICATOR
|
||
|
}
|
||
|
return keyusage.AP_REQ_AUTHENTICATOR
|
||
|
}
|
||
|
|
||
|
// Unmarshal bytes b into the APReq struct.
|
||
|
func (a *APReq) Unmarshal(b []byte) error {
|
||
|
var m marshalAPReq
|
||
|
_, err := asn1.UnmarshalWithParams(b, &m, fmt.Sprintf("application,explicit,tag:%v", asnAppTag.APREQ))
|
||
|
if err != nil {
|
||
|
return krberror.Errorf(err, krberror.EncodingError, "unmarshal error of AP_REQ")
|
||
|
}
|
||
|
if m.MsgType != msgtype.KRB_AP_REQ {
|
||
|
return NewKRBError(types.PrincipalName{}, "", errorcode.KRB_AP_ERR_MSG_TYPE, errorcode.Lookup(errorcode.KRB_AP_ERR_MSG_TYPE))
|
||
|
}
|
||
|
a.PVNO = m.PVNO
|
||
|
a.MsgType = m.MsgType
|
||
|
a.APOptions = m.APOptions
|
||
|
a.EncryptedAuthenticator = m.EncryptedAuthenticator
|
||
|
a.Ticket, err = unmarshalTicket(m.Ticket.Bytes)
|
||
|
if err != nil {
|
||
|
return krberror.Errorf(err, krberror.EncodingError, "unmarshaling error of Ticket within AP_REQ")
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// Marshal APReq struct.
|
||
|
func (a *APReq) Marshal() ([]byte, error) {
|
||
|
m := marshalAPReq{
|
||
|
PVNO: a.PVNO,
|
||
|
MsgType: a.MsgType,
|
||
|
APOptions: a.APOptions,
|
||
|
EncryptedAuthenticator: a.EncryptedAuthenticator,
|
||
|
}
|
||
|
var b []byte
|
||
|
b, err := a.Ticket.Marshal()
|
||
|
if err != nil {
|
||
|
return b, err
|
||
|
}
|
||
|
m.Ticket = asn1.RawValue{
|
||
|
Class: asn1.ClassContextSpecific,
|
||
|
IsCompound: true,
|
||
|
Tag: 3,
|
||
|
Bytes: b,
|
||
|
}
|
||
|
mk, err := asn1.Marshal(m)
|
||
|
if err != nil {
|
||
|
return mk, krberror.Errorf(err, krberror.EncodingError, "marshaling error of AP_REQ")
|
||
|
}
|
||
|
mk = asn1tools.AddASNAppTag(mk, asnAppTag.APREQ)
|
||
|
return mk, nil
|
||
|
}
|
||
|
|
||
|
// Verify an AP_REQ using service's keytab, spn and max acceptable clock skew duration.
|
||
|
// The service ticket encrypted part and authenticator will be decrypted as part of this operation.
|
||
|
func (a *APReq) Verify(kt *keytab.Keytab, d time.Duration, cAddr types.HostAddress) (bool, error) {
|
||
|
// Decrypt ticket's encrypted part with service key
|
||
|
//TODO decrypt with service's session key from its TGT is use-to-user. Need to figure out how to get TGT.
|
||
|
//if types.IsFlagSet(&a.APOptions, flags.APOptionUseSessionKey) {
|
||
|
// //If the USE-SESSION-KEY flag is set in the ap-options field, it indicates to
|
||
|
// //the server that user-to-user authentication is in use, and that the ticket
|
||
|
// //is encrypted in the session key from the server's TGT rather than in the server's secret key.
|
||
|
// err := a.Ticket.Decrypt(tgt.DecryptedEncPart.Key)
|
||
|
// if err != nil {
|
||
|
// return false, krberror.Errorf(err, krberror.DecryptingError, "error decrypting encpart of ticket provided using session key")
|
||
|
// }
|
||
|
//} else {
|
||
|
// // Because it is possible for the server to be registered in multiple
|
||
|
// // realms, with different keys in each, the srealm field in the
|
||
|
// // unencrypted portion of the ticket in the KRB_AP_REQ is used to
|
||
|
// // specify which secret key the server should use to decrypt that
|
||
|
// // ticket.The KRB_AP_ERR_NOKEY error code is returned if the server
|
||
|
// // doesn't have the proper key to decipher the ticket.
|
||
|
// // The ticket is decrypted using the version of the server's key
|
||
|
// // specified by the ticket.
|
||
|
// err := a.Ticket.DecryptEncPart(*kt, &a.Ticket.SName)
|
||
|
// if err != nil {
|
||
|
// return false, krberror.Errorf(err, krberror.DecryptingError, "error decrypting encpart of service ticket provided")
|
||
|
// }
|
||
|
//}
|
||
|
err := a.Ticket.DecryptEncPart(kt, &a.Ticket.SName)
|
||
|
if err != nil {
|
||
|
return false, krberror.Errorf(err, krberror.DecryptingError, "error decrypting encpart of service ticket provided")
|
||
|
}
|
||
|
|
||
|
// Check time validity of ticket
|
||
|
ok, err := a.Ticket.Valid(d)
|
||
|
if err != nil || !ok {
|
||
|
return ok, err
|
||
|
}
|
||
|
|
||
|
// Check client's address is listed in the client addresses in the ticket
|
||
|
if len(a.Ticket.DecryptedEncPart.CAddr) > 0 {
|
||
|
//The addresses in the ticket (if any) are then searched for an address matching the operating-system reported
|
||
|
//address of the client. If no match is found or the server insists on ticket addresses but none are present in
|
||
|
//the ticket, the KRB_AP_ERR_BADADDR error is returned.
|
||
|
if !types.HostAddressesContains(a.Ticket.DecryptedEncPart.CAddr, cAddr) {
|
||
|
return false, NewKRBError(a.Ticket.SName, a.Ticket.Realm, errorcode.KRB_AP_ERR_BADADDR, "client address not within the list contained in the service ticket")
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// Decrypt authenticator with session key from ticket's encrypted part
|
||
|
err = a.DecryptAuthenticator(a.Ticket.DecryptedEncPart.Key)
|
||
|
if err != nil {
|
||
|
return false, NewKRBError(a.Ticket.SName, a.Ticket.Realm, errorcode.KRB_AP_ERR_BAD_INTEGRITY, "could not decrypt authenticator")
|
||
|
}
|
||
|
|
||
|
// Check CName in authenticator is the same as that in the ticket
|
||
|
if !a.Authenticator.CName.Equal(a.Ticket.DecryptedEncPart.CName) {
|
||
|
return false, NewKRBError(a.Ticket.SName, a.Ticket.Realm, errorcode.KRB_AP_ERR_BADMATCH, "CName in Authenticator does not match that in service ticket")
|
||
|
}
|
||
|
|
||
|
// Check the clock skew between the client and the service server
|
||
|
ct := a.Authenticator.CTime.Add(time.Duration(a.Authenticator.Cusec) * time.Microsecond)
|
||
|
t := time.Now().UTC()
|
||
|
if t.Sub(ct) > d || ct.Sub(t) > d {
|
||
|
return false, NewKRBError(a.Ticket.SName, a.Ticket.Realm, errorcode.KRB_AP_ERR_SKEW, fmt.Sprintf("clock skew with client too large. greater than %v seconds", d))
|
||
|
}
|
||
|
return true, nil
|
||
|
}
|