func decodeValue(name string, data *asn1.RawValue, retVal *Variable) (err error) { switch Asn1BER(data.Tag) { // simple values case Integer, OctetString: params, val = "", new(interface{}) // 32 bit application values case Counter32, TimeTicks, Gauge32: params, val = fmt.Sprint("tag:", data.Tag), new(int32) // 64 bit application values case Counter64: params, val = fmt.Sprint("tag:", data.Tag), new(int64) case NoSuchInstance: return fmt.Errorf("No such instance") case NoSuchObject: return fmt.Errorf("No such object") default: return fmt.Errorf("Unable to decode %x - not implemented", data[0]) } _, err = asn1.UnmarshalWithParams(m.Data.FullBytes, &val, fmt.Sprint("tag:", data.Tag)) if err != nil { return } *retVal.Name = name *retVal.Type = Asn1BER(data.Tag) *retVal.Value = val return }
// HandlePacketTmp used in development to display package data func (krb *krbAuth) HandlePacketTmp(packet gopacket.Packet) { app := packet.ApplicationLayer() if app == nil { return } udp := packet.TransportLayer().(*layers.UDP) if udp.DstPort == 88 { msgType := app.Payload()[17:18] if msgType[0] == 10 { // AS-REQ type = 10 var n kdcReq _, err := asn1.UnmarshalWithParams(app.Payload(), &n, asReqParam) if err != nil { fmt.Println("Error in asn.1 parse") fmt.Println(err) } else { fmt.Println("-------------------------------") fmt.Printf("PnDataType: %v\n", n.PnData[0].PnDataType) //fmt.Println(hex.Dump(n.Pdata[0].PdataValue)) var encData encryptedData asn1.Unmarshal(n.PnData[0].PnDataValue, &encData) fmt.Printf("Etype: %v\n", encData.Etype) fmt.Printf("Kvno: %v\n", encData.Kvno) //fmt.Println(hex.Dump(encData.Cipher)) //fmt.Println(len(encData.Cipher)) fmt.Printf("Cname: %v\n", n.ReqBody.Cname) fmt.Printf("Sname %v\n", n.ReqBody.Sname) fmt.Printf("Realm: %v\n", n.ReqBody.Realm) } } } }
// Parses an ASN.1 SEQUENCE OF UTF8String and returns it. // If an error occurs during parsing, returns nil and the error. func asn1SeqUtf8(v *asn1.RawValue) ([]string, error) { names := []string{} _, err := asn1.UnmarshalWithParams(v.FullBytes, &names, fmt.Sprintf("tag:%d", v.Tag)) if err != nil { return nil, err } return names, nil }
// Parses an ASN.1 integer in v and converts all negative values and // all values that exceed 281474976710656 to 0. // If an error occurs during parsing, returns 0 and the error. func asn1Int0(v *asn1.RawValue) (uint64, error) { i := big.NewInt(0) _, err := asn1.UnmarshalWithParams(v.FullBytes, &i, fmt.Sprintf("tag:%d", v.Tag)) if err != nil { return 0, err } if i.Sign() <= 0 || i.Cmp(tooBig) >= 0 { return 0, nil } return uint64(i.Int64()), nil }
// HandlePacket extract the krb5 AS-Requests func (krb *krbAuth) HandlePacket(packet gopacket.Packet) { app := packet.ApplicationLayer() if app == nil { return } udp := packet.TransportLayer().(*layers.UDP) if udp.DstPort == 88 { var n kdcReq _, err := asn1.UnmarshalWithParams(app.Payload(), &n, asReqParam) if err != nil { return } if n.MsgType == asRequestType { krb.addKdcReq(n) } } }
func decode(data []byte, pdu *PDUResponse) error { m := Message{} _, err := asn1.Unmarshal(data, &m) if err != nil { return nil, err } tag := m.Data.Tag switch tag { // SNMP Response case 0x20, 0x21, 0x22: var pdu PDU _, err = asn1.UnmarshalWithParams(m.Data.FullBytes, &pdu, fmt.Sprint("tag:", tag)) if err != nil { return fmt.Errorf("Error decoding pdu: %#v, %#v, %s", m.Data.FullBytes, pdu, err) } // make response pdu var resp PDUResponse // Copy values from parsed pdu resp.RequestId = pdu.RequestId resp.ErrorIndex = pdu.ErrorIndex resp.ErrorStatus = pdu.ErrorStatus resp.VarBindList = make([]Variable, len(pdu.VarBindList)) // Decode all vars for c, v := range pdu.VarBindList { err := decodeValue(v.Name, v.Value, &resp.VarBindList[c]) if err != nil { return err } } pdu = &resp return } return fmt.Errorf("Unable to decode type: %#v\n", tag) }