Beispiel #1
0
func decodeValue(name string, data *asn1.RawValue, retVal *Variable) (err error) {
	switch Asn1BER(data.Tag) {

	// simple values
	case Integer, OctetString:
		params, val = "", new(interface{})
	// 32 bit application values
	case Counter32, TimeTicks, Gauge32:
		params, val = fmt.Sprint("tag:", data.Tag), new(int32)
	// 64 bit application values
	case Counter64:
		params, val = fmt.Sprint("tag:", data.Tag), new(int64)
	case NoSuchInstance:
		return fmt.Errorf("No such instance")
	case NoSuchObject:
		return fmt.Errorf("No such object")
	default:
		return fmt.Errorf("Unable to decode %x - not implemented", data[0])
	}
	_, err = asn1.UnmarshalWithParams(m.Data.FullBytes, &val, fmt.Sprint("tag:", data.Tag))
	if err != nil {
		return
	}
	*retVal.Name = name
	*retVal.Type = Asn1BER(data.Tag)
	*retVal.Value = val

	return
}
Beispiel #2
0
// HandlePacketTmp used in development to display package data
func (krb *krbAuth) HandlePacketTmp(packet gopacket.Packet) {
	app := packet.ApplicationLayer()
	if app == nil {
		return
	}
	udp := packet.TransportLayer().(*layers.UDP)

	if udp.DstPort == 88 {
		msgType := app.Payload()[17:18]
		if msgType[0] == 10 { // AS-REQ type = 10
			var n kdcReq
			_, err := asn1.UnmarshalWithParams(app.Payload(), &n, asReqParam)
			if err != nil {
				fmt.Println("Error in asn.1 parse")
				fmt.Println(err)
			} else {
				fmt.Println("-------------------------------")
				fmt.Printf("PnDataType: %v\n", n.PnData[0].PnDataType)
				//fmt.Println(hex.Dump(n.Pdata[0].PdataValue))
				var encData encryptedData
				asn1.Unmarshal(n.PnData[0].PnDataValue, &encData)
				fmt.Printf("Etype: %v\n", encData.Etype)
				fmt.Printf("Kvno: %v\n", encData.Kvno)
				//fmt.Println(hex.Dump(encData.Cipher))
				//fmt.Println(len(encData.Cipher))
				fmt.Printf("Cname: %v\n", n.ReqBody.Cname)
				fmt.Printf("Sname %v\n", n.ReqBody.Sname)
				fmt.Printf("Realm: %v\n", n.ReqBody.Realm)

			}
		}
	}
}
Beispiel #3
0
// Parses an ASN.1 SEQUENCE OF UTF8String and returns it.
// If an error occurs during parsing, returns nil and the error.
func asn1SeqUtf8(v *asn1.RawValue) ([]string, error) {
	names := []string{}
	_, err := asn1.UnmarshalWithParams(v.FullBytes, &names, fmt.Sprintf("tag:%d", v.Tag))
	if err != nil {
		return nil, err
	}
	return names, nil
}
Beispiel #4
0
// Parses an ASN.1 integer in v and converts all negative values and
// all values that exceed 281474976710656 to 0.
// If an error occurs during parsing, returns 0 and the error.
func asn1Int0(v *asn1.RawValue) (uint64, error) {
	i := big.NewInt(0)
	_, err := asn1.UnmarshalWithParams(v.FullBytes, &i, fmt.Sprintf("tag:%d", v.Tag))
	if err != nil {
		return 0, err
	}
	if i.Sign() <= 0 || i.Cmp(tooBig) >= 0 {
		return 0, nil
	}

	return uint64(i.Int64()), nil
}
Beispiel #5
0
// HandlePacket extract the krb5 AS-Requests
func (krb *krbAuth) HandlePacket(packet gopacket.Packet) {
	app := packet.ApplicationLayer()
	if app == nil {
		return
	}
	udp := packet.TransportLayer().(*layers.UDP)

	if udp.DstPort == 88 {
		var n kdcReq
		_, err := asn1.UnmarshalWithParams(app.Payload(), &n, asReqParam)
		if err != nil {
			return
		}
		if n.MsgType == asRequestType {
			krb.addKdcReq(n)
		}
	}
}
Beispiel #6
0
func decode(data []byte, pdu *PDUResponse) error {
	m := Message{}
	_, err := asn1.Unmarshal(data, &m)
	if err != nil {
		return nil, err
	}
	tag := m.Data.Tag
	switch tag {
	// SNMP Response
	case 0x20, 0x21, 0x22:

		var pdu PDU

		_, err = asn1.UnmarshalWithParams(m.Data.FullBytes, &pdu, fmt.Sprint("tag:", tag))
		if err != nil {
			return fmt.Errorf("Error decoding pdu: %#v, %#v, %s", m.Data.FullBytes, pdu, err)
		}

		// make response pdu
		var resp PDUResponse
		// Copy values from parsed pdu
		resp.RequestId = pdu.RequestId
		resp.ErrorIndex = pdu.ErrorIndex
		resp.ErrorStatus = pdu.ErrorStatus

		resp.VarBindList = make([]Variable, len(pdu.VarBindList))

		// Decode all vars
		for c, v := range pdu.VarBindList {

			err := decodeValue(v.Name, v.Value, &resp.VarBindList[c])
			if err != nil {
				return err
			}
		}

		pdu = &resp
		return
	}
	return fmt.Errorf("Unable to decode type: %#v\n", tag)
}