class X509_ExtPolicyInformation(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_OID("policyIdentifier", "2.5.29.32.0"), ASN1F_optional( ASN1F_SEQUENCE_OF("policyQualifiers", None, X509_ExtPolicyQualifierInfo)))
class X509_Attribute(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_OID("type", "2.5.4.6"), ASN1F_SET_OF("values", [X509_AttributeValue()], X509_AttributeValue))
class NEGOEX_EXCHANGE_NTLM_ITEM(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_SEQUENCE(ASN1F_SEQUENCE(ASN1F_OID("oid", ""), ASN1F_PRINTABLE_STRING("token", ""), explicit_tag=0x31), explicit_tag=0x80))
class X509_AlgorithmIdentifier(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_OID("algorithm", "1.2.840.113549.1.1.11"), ASN1F_optional( ASN1F_CHOICE("parameters", ASN1_NULL(0), ASN1F_NULL, ECParameters)))
class X509_OtherName(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_OID("type_id", "0"), ASN1F_CHOICE("value", None, ASN1F_IA5_STRING, ASN1F_ISO646_STRING, ASN1F_BMP_STRING, ASN1F_UTF8_STRING, explicit_tag=0xa0))
class SNMPtrapv1(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SNMP_PDU_TRAPv1(ASN1F_OID("enterprise", "1.3"), ASN1F_IPADDRESS("agent_addr", "0.0.0.0"), ASN1F_enum_INTEGER("generic_trap", 0, SNMP_trap_types), # noqa: E501 ASN1F_INTEGER("specific_trap", 0), ASN1F_TIME_TICKS("time_stamp", IntAutoTime()), # noqa: E501 ASN1F_SEQUENCE_OF("varbindlist", [], SNMPvarbind) # noqa: E501 )
def __init__(self, **kargs): seq = [ASN1F_OID("extnID", "2.5.29.19"), ASN1F_optional( ASN1F_BOOLEAN("critical", False)), ASN1F_PACKET("extnValue", X509_ExtBasicConstraints(), X509_ExtBasicConstraints, explicit_tag=0x04)] ASN1F_SEQUENCE.__init__(self, *seq, **kargs)
class PKCS5_Algorithm_Identifier(ASN1_Packet): """PKCS5 Algorithm Identifier""" ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_OID("alg_id", PKCS12_ALGORITHM_PBE1_SHA_3DES_CBC), ASN1F_optional( ASN1F_CHOICE( "parameters", PKCS12_PBE1_Parameters(), PKCS12_PBE1_Parameters, PKCS5_Salt_Parameter, )))
class GSSAPI_BLOB(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SNMP_GSSAPI_APPLICATION( ASN1F_OID("MechType", "1.3.6.1.5.5.2"), ASN1F_PACKET("innerContextToken", SPNEGO_negToken(), SPNEGO_negToken, next_cls_cb=lambda pkt: _GSSAPI_OIDS.get( pkt.MechType.val, conf.raw_layer)) ) @classmethod def dispatch_hook(cls, _pkt=None, *args, **kargs): if _pkt and len(_pkt) >= 1: if ord(_pkt[:1]) & 0xa0 >= 0xa0: # XXX: sometimes the token is raw, we should look from # the session what to use here. For now: hardcode SPNEGO # (THIS IS A VERY STRONG ASSUMPTION) return SPNEGO_negToken return cls
class SAPPSE_Obj(ASN1_Packet): """SAP PSEv2 Object definition""" ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_PRINTABLE_STRING("object_name", "PKRoot"), ASN1F_GENERALIZED_TIME("created", None), ASN1F_OID("object_type", sappse_obj_oid["PKRoot"]), ASN1F_CHOICE_SAFE("object_value", None, X509_SubjectPublicKeyInfo, # SKnew, SKold, DECSKnew, DECSKold, SignSK X509_Cert, # Cert, SignCert, EncCert SAPPSE_Obj_PKRoot, # PKRoot SAPPSE_Obj_CertList, # CertList, CSet, SignCSet, EncCSet #ASN1F_SET_OF("cert_pairs", None, X509_CertPair), # CrossCSet #ASN1F_SEQUENCE_OF("forward_certification_path", None, # FCPath # ASN1F_SET_OF("cross_certs", None, # X509_Cert)), #ASN1F_SET_OF("pklist", SAPPSE_Obj_PKList(), SAPPSE_Obj_PKList), # PKList, EKList, PCAList #ASN1F_SET_OF("crlset", SAPPSE_Obj_CRLSet(), SAPPSE_Obj_CRLSet), # CRLSet #ASN1F_STRING("serial_number"), # SerialNumber #ASN1F_STRING("quipu_password"), # QuipuPWD #SAPPSE_Obj_EDBKey, # EDBKey ) )
class X509_ExtPolicyQualifierInfo(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_OID("policyQualifierId", "1.3.6.1.5.5.7.2.1"), ASN1F_CHOICE("qualifier", ASN1_IA5_STRING("cps_str"), ASN1F_IA5_STRING, X509_ExtUserNotice))
class X509_PolicyMapping(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE(ASN1F_OID("issuerDomainPolicy", None), ASN1F_OID("subjectDomainPolicy", None))
class ASN1P_OID(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_OID("oid", "0")
class X509_RegisteredID(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_OID("registeredID", "")
class X509_AttributeTypeAndValue(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_OID("type", "2.5.4.6"), ASN1F_X509_DirectoryString("value", ASN1_PRINTABLE_STRING("FR")))
class X509_AccessDescription(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_OID("accessMethod", "0"), ASN1F_PACKET("accessLocation", X509_GeneralName(), X509_GeneralName))
class SPNEGO_MechType(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_OID("oid", None)
class SNMPvarbind(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE(ASN1F_OID("oid", "1.3"), ASN1F_field("value", ASN1_NULL(0)))
class X509_ExtQcStatement(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_OID("statementId", "0.4.0.1862.1.1"), ASN1F_optional(ASN1F_field("statementInfo", None)))
class SAPCredv2_Cred_LPS(ASN1_Packet): """SAP Credv2 Credential with LPS definition""" ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_INTEGER("version", 2), ASN1F_SEQUENCE( ASN1F_SET( ASN1F_SEQUENCE(ASN1F_OID("oid", "2.5.4.3"), ASN1F_PRINTABLE_STRING("value", None)))), ASN1F_UTF8_STRING("pse_path", None), ASN1F_BIT_STRING("cipher", None), ) @property def common_name(self): return self.value.val @property def pse_file_path(self): return self.pse_path.val @property def lps_type(self): return ord(self.cipher.val_readable[1]) @property def lps_type_str(self): if self.lps_type in SAP_LPS_Cipher.lps_types: lps = SAP_LPS_Cipher.lps_types[self.lps_type] else: lps = "OFF" return lps @property def cipher_format_version(self): return ord(self.cipher.val_readable[0]) @property def cipher_algorithm(self): if self.version == 2: return CIPHER_ALGORITHM_AES256 else: return CIPHER_ALGORITHM_3DES def decrypt(self, username=None): """Decrypt a credential file using LPS. :param username: Username to use when decrypting. Not used but kept to match signature :type username: string :return: decrypted object :rtype: SAPCredv2_Cred_Plain """ cipher = SAP_LPS_Cipher(self.cipher.val_readable) log_cred.debug( "Obtained LPS cipher object (version={}, lps={})".format( cipher.version, cipher.lps_type)) plain = cipher.decrypt() # Get the pin from the raw data plain_size = ord(plain[0]) pin = plain[plain_size + 1:] # Create a plain credential container plain_cred = SAPCredv2_Cred_Plain() plain_cred.pin = ASN1_IA5_STRING(pin) return plain_cred
class ECFieldID(ASN1_Packet): # No characteristic-two-field support for now. ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE(ASN1F_OID("fieldType", "prime-field"), ASN1F_INTEGER("prime", 0))
class OCSP_ResponseBytes(ASN1_Packet): ASN1_codec = ASN1_Codecs.BER ASN1_root = ASN1F_SEQUENCE( ASN1F_OID("responseType", "1.3.6.1.5.5.7.48.1.1"), ASN1F_OCSP_BasicResponse(explicit_tag=0x04))