コード例 #1
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
class X509_Validity(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_CHOICE("not_before", ASN1_UTC_TIME(str(ZuluTime(-600))),
                     ASN1F_UTC_TIME, ASN1F_GENERALIZED_TIME),
        ASN1F_CHOICE("not_after", ASN1_UTC_TIME(str(ZuluTime(+86400))),
                     ASN1F_UTC_TIME, ASN1F_GENERALIZED_TIME))
コード例 #2
0
ファイル: ldap.py プロジェクト: phretor/scapy 
class LDAP_Filter(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_CHOICE(
        "filter",
        LDAP_FilterPresent(),
        ASN1F_PACKET("and", None, LDAP_FilterAnd, implicit_tag=0x80),
        ASN1F_PACKET("or", None, LDAP_FilterOr, implicit_tag=0x81),
        ASN1F_PACKET("not", None, _LDAP_Filter, implicit_tag=0x82),
        ASN1F_PACKET("equalityMatch",
                     AttributeValueAssertion(),
                     AttributeValueAssertion,
                     implicit_tag=0x83),
        ASN1F_PACKET("substrings",
                     LDAP_SubstringFilter(),
                     LDAP_SubstringFilter,
                     implicit_tag=0x84),
        ASN1F_PACKET("greaterOrEqual",
                     AttributeValueAssertion(),
                     AttributeValueAssertion,
                     implicit_tag=0x85),
        ASN1F_PACKET("lessOrEqual",
                     AttributeValueAssertion(),
                     AttributeValueAssertion,
                     implicit_tag=0x86),
        ASN1F_PACKET("present",
                     LDAP_FilterPresent(),
                     LDAP_FilterPresent,
                     implicit_tag=0x87),
        ASN1F_PACKET("approxMatch",
                     None,
                     AttributeValueAssertion,
                     implicit_tag=0x88),
    )
コード例 #3
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
class X509_GeneralName(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_CHOICE(
        "generalName",
        X509_DirectoryName(),
        ASN1F_PACKET("otherName", None, X509_OtherName, implicit_tag=0xa0),
        ASN1F_PACKET("rfc822Name", None, X509_RFC822Name, implicit_tag=0x81),
        ASN1F_PACKET("dNSName", None, X509_DNSName, implicit_tag=0x82),
        ASN1F_PACKET(
            "x400Address",
            None,
            X509_X400Address,  # noqa: E501
            explicit_tag=0xa3),
        ASN1F_PACKET(
            "directoryName",
            None,
            X509_DirectoryName,  # noqa: E501
            explicit_tag=0xa4),
        ASN1F_PACKET(
            "ediPartyName",
            None,
            X509_EDIPartyName,  # noqa: E501
            explicit_tag=0xa5),
        ASN1F_PACKET(
            "uniformResourceIdentifier",
            None,
            X509_URI,  # noqa: E501
            implicit_tag=0x86),
        ASN1F_PACKET("ipAddress", None, X509_IPAddress, implicit_tag=0x87),
        ASN1F_PACKET(
            "registeredID",
            None,
            X509_RegisteredID,  # noqa: E501
            implicit_tag=0x88))
コード例 #4
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
class X509_ExtNoticeReference(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_CHOICE("organization", ASN1_UTF8_STRING("Dummy Organization"),
                     ASN1F_IA5_STRING, ASN1F_ISO646_STRING, ASN1F_BMP_STRING,
                     ASN1F_UTF8_STRING),
        ASN1F_SEQUENCE_OF("noticeNumbers", [], ASN1P_INTEGER))
コード例 #5
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
class X509_AlgorithmIdentifier(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_OID("algorithm", "1.2.840.113549.1.1.11"),
        ASN1F_optional(
            ASN1F_CHOICE("parameters", ASN1_NULL(0), ASN1F_NULL,
                         ECParameters)))
コード例 #6
0
class OCSP_ResponderID(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_CHOICE("responderID", None,
                             ASN1F_PACKET("byName", OCSP_ByName(), OCSP_ByName,
                                          explicit_tag=0xa1),
                             ASN1F_PACKET("byKey", OCSP_ByKey(), OCSP_ByKey,
                                          explicit_tag=0xa2))
コード例 #7
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
class ECParameters(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_CHOICE(
        "curve",
        ASN1_OID("ansip384r1"),
        ASN1F_OID,  # for named curves
        ASN1F_NULL,  # for implicit curves
        ECSpecifiedDomain)
コード例 #8
0
class X509_OtherName(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_OID("type_id", "0"),
        ASN1F_CHOICE("value", None,
                     ASN1F_IA5_STRING, ASN1F_ISO646_STRING,
                     ASN1F_BMP_STRING, ASN1F_UTF8_STRING,
                     explicit_tag=0xa0))
コード例 #9
0
class OCSP_CertStatus(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_CHOICE("certStatus", None,
                             ASN1F_PACKET("good", OCSP_GoodInfo(),
                                          OCSP_GoodInfo, implicit_tag=0x80),
                             ASN1F_PACKET("revoked", OCSP_RevokedInfo(),
                                          OCSP_RevokedInfo, implicit_tag=0xa1),
                             ASN1F_PACKET("unknown", OCSP_UnknownInfo(),
                                          OCSP_UnknownInfo, implicit_tag=0x82))
コード例 #10
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
class X509_ExtUserNotice(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_optional(ASN1F_PACKET("noticeRef", None,
                                    X509_ExtNoticeReference)),
        ASN1F_optional(
            ASN1F_CHOICE("explicitText",
                         ASN1_UTF8_STRING("Dummy ExplicitText"),
                         ASN1F_IA5_STRING, ASN1F_ISO646_STRING,
                         ASN1F_BMP_STRING, ASN1F_UTF8_STRING)))
コード例 #11
0
class PKCS5_Algorithm_Identifier(ASN1_Packet):
    """PKCS5 Algorithm Identifier"""
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_OID("alg_id", PKCS12_ALGORITHM_PBE1_SHA_3DES_CBC),
        ASN1F_optional(
            ASN1F_CHOICE(
                "parameters",
                PKCS12_PBE1_Parameters(),
                PKCS12_PBE1_Parameters,
                PKCS5_Salt_Parameter,
            )))
コード例 #12
0
ファイル: gssapi.py プロジェクト: william-stearns/scapy 
class SPNEGO_negToken(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_CHOICE(
        "token", SPNEGO_negTokenInit(),
        ASN1F_PACKET("negTokenInit",
                     SPNEGO_negTokenInit(),
                     SPNEGO_negTokenInit,
                     implicit_tag=0xa0),
        ASN1F_PACKET("negTokenResp",
                     SPNEGO_negTokenResp(),
                     SPNEGO_negTokenResp,
                     implicit_tag=0xa1))
コード例 #13
0
class SNMP(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_enum_INTEGER("version", 1, {0: "v1", 1: "v2c", 2: "v2", 3: "v3"}),  # noqa: E501
        ASN1F_STRING("community", "public"),
        ASN1F_CHOICE("PDU", SNMPget(),
                     SNMPget, SNMPnext, SNMPresponse, SNMPset,
                     SNMPtrapv1, SNMPbulk, SNMPinform, SNMPtrapv2)
    )

    def answers(self, other):
        return (isinstance(self.PDU, SNMPresponse) and
                isinstance(other.PDU, (SNMPget, SNMPnext, SNMPset)) and
                self.PDU.id == other.PDU.id)
コード例 #14
0
ファイル: ldap.py プロジェクト: phretor/scapy 
class LDAP_BindRequest(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_INTEGER("version", 2), LDAPDN("bind_name", ""),
        ASN1F_CHOICE(
            "authentication",
            None,
            ASN1F_LDAP_Authentication_simple,
            ASN1F_LDAP_Authentication_krbv42LDAP,
            ASN1F_LDAP_Authentication_krbv42DSA,
            ASN1F_PACKET("sasl",
                         LDAP_SaslCredentials(),
                         LDAP_SaslCredentials,
                         implicit_tag=0xa3),
        ))
コード例 #15
0
ファイル: ldap.py プロジェクト: phretor/scapy 
class LDAP_SubstringFilterStr(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_CHOICE(
        "str",
        ASN1_STRING(""),
        ASN1F_PACKET("initial",
                     LDAP_SubstringFilterInitial(),
                     LDAP_SubstringFilterInitial,
                     implicit_tag=0x0),
        ASN1F_PACKET("any",
                     LDAP_SubstringFilterAny(),
                     LDAP_SubstringFilterAny,
                     implicit_tag=0x1),
        ASN1F_PACKET("final",
                     LDAP_SubstringFilterFinal(),
                     LDAP_SubstringFilterFinal,
                     implicit_tag=0x2),
    )
コード例 #16
0
ファイル: ldap.py プロジェクト: phretor/scapy 
class LDAP(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_INTEGER("messageID", 0),
        ASN1F_CHOICE(
            "protocolOp", LDAP_SearchRequest(),
            ASN1F_PACKET("bindRequest",
                         LDAP_BindRequest(),
                         LDAP_BindRequest,
                         implicit_tag=0x60),
            ASN1F_PACKET("bindResponse",
                         LDAP_BindResponse(),
                         LDAP_BindResponse,
                         implicit_tag=0x61),
            ASN1F_PACKET("unbindRequest",
                         LDAP_UnbindRequest(),
                         LDAP_UnbindRequest,
                         implicit_tag=0x42),
            ASN1F_PACKET("searchRequest",
                         LDAP_SearchRequest(),
                         LDAP_SearchRequest,
                         implicit_tag=0x63),
            ASN1F_PACKET("searchResponse",
                         LDAP_SearchResponseEntry(),
                         LDAP_SearchResponseEntry,
                         implicit_tag=0x64),
            ASN1F_PACKET("searchResponse",
                         LDAP_SearchResponseResultCode(),
                         LDAP_SearchResponseResultCode,
                         implicit_tag=0x65),
            ASN1F_PACKET("abandonRequest",
                         LDAP_AbandonRequest(),
                         LDAP_AbandonRequest,
                         implicit_tag=0x70)),
        # LDAP v3 only
        ASN1F_optional(
            ASN1F_SEQUENCE_OF("Controls", [], LDAP_Control, implicit_tag=0x0)))

    def mysummary(self):
        return (self.protocolOp.__class__.__name__.replace("_", " "), [LDAP])
コード例 #17
0
ファイル: x509.py プロジェクト: commial/scapy 
 def __init__(self, name, default, **kwargs):
     ASN1F_CHOICE.__init__(self, name, default,
                           ASN1F_PRINTABLE_STRING, ASN1F_UTF8_STRING,
                           ASN1F_IA5_STRING, ASN1F_T61_STRING,
                           ASN1F_UNIVERSAL_STRING, ASN1F_BIT_STRING,
                           **kwargs)
コード例 #18
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
class X509_ExtComment(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_CHOICE("comment", ASN1_UTF8_STRING("Dummy comment."),
                             ASN1F_IA5_STRING, ASN1F_ISO646_STRING,
                             ASN1F_BMP_STRING, ASN1F_UTF8_STRING)
コード例 #19
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
class X509_ExtPolicyQualifierInfo(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_OID("policyQualifierId", "1.3.6.1.5.5.7.2.1"),
        ASN1F_CHOICE("qualifier", ASN1_IA5_STRING("cps_str"), ASN1F_IA5_STRING,
                     X509_ExtUserNotice))
コード例 #20
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
class X509_ExtDistributionPointName(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_CHOICE("distributionPointName", None, X509_ExtFullName,
                             X509_ExtNameRelativeToCRLIssuer)
コード例 #21
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
class X509_AttributeValue(ASN1_Packet):
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_CHOICE("value", ASN1_PRINTABLE_STRING("FR"),
                             ASN1F_PRINTABLE_STRING, ASN1F_UTF8_STRING,
                             ASN1F_IA5_STRING, ASN1F_T61_STRING,
                             ASN1F_UNIVERSAL_STRING)
コード例 #22
0
ファイル: x509.py プロジェクト: Hem1700/packet_sniffer 
 def __init__(self, name, default, **kwargs):
     ASN1F_CHOICE.__init__(self, name, default, ASN1F_PRINTABLE_STRING,
                           ASN1F_UTF8_STRING, ASN1F_IA5_STRING,
                           ASN1F_T61_STRING, ASN1F_UNIVERSAL_STRING,
                           ASN1F_BIT_STRING, **kwargs)
コード例 #23
0
class SAPPSEFile(ASN1_Packet):
    """SAP PSE definition"""
    ASN1_codec = ASN1_Codecs.BER
    ASN1_root = ASN1F_SEQUENCE(
        ASN1F_INTEGER("version", 2),
        ASN1F_CHOICE(
            "enc_cont",
            SAPPSEv2_Enc_Cont(),
            SAPPSEv2_Enc_Cont,
            SAPPSEv4_Enc_Cont,
        ))

    def decrypt(self, pin):
        """Decrypts a PSE file given a provided PIN. Calls the respective decryption function
        based on the PSE version.
        """

        if self.version == 2:
            return self.decrypt_non_lps(pin)
        elif self.version == 256:
            return self.decrypt_lps(pin)
        else:
            raise ValueError("Unsupported or invalid PSE version")

    def decrypt_lps(self, pin):
        """Decrypts an LPS encrypted PSE file given a provided PIN.

        :param pin:
        :type pin: string

        :return: decrypted object
        :rtype: SAPPSE_Cont

        :raise ValueError: if the provided PIN doesn't match with the one used for encryption
        :raise NotImplementedError: if the algorithm specified is not supported
        :raise Exception: if the algorithm specified is not valid
        """

        # Decrypt the encryption key using the LPS method
        cipher = SAP_LPS_Cipher(self.enc_cont.encrypted_pin.val)
        log_pse.debug("Obtained LPS cipher object (version={}, lps={})".format(
            cipher.version, cipher.lps_type))
        key = cipher.decrypt()

        # Choose the proper algorithms and values according to the algorithm ID
        if self.enc_cont.algorithm_identifier.alg_id == NIST_ALGORITHM_AES_256_CBC:
            salt = self.enc_cont.algorithm_identifier.parameters.salt.val
            algorithm = algorithms.AES
            mode = modes.CBC
            key, iv = key[:32], key[32:]
        else:
            raise Exception("Invalid PBE algorithm")

        # Decrypt the cipher text with the derived key and IV
        decryptor = Cipher(algorithm(key), mode(iv),
                           backend=default_backend()).decryptor()
        plain = decryptor.update(
            self.enc_cont.cipher_text.val) + decryptor.finalize()

        return plain

    def decrypt_non_lps(self, pin):
        """Decrypts a non-LPS encrypted PSE file given a provided PIN. Implements PKCS12 PBE1
        based encryption for v2 PSE files.

        :param pin:
        :type pin: string

        :return: decrypted object
        :rtype: SAPPSE_Cont

        :raise ValueError: if the provided PIN doesn't match with the one used for encryption
        :raise NotImplementedError: if the algorithm specified is not supported
        :raise Exception: if the algorithm specified is not valid
        """

        cipher_text = self.enc_cont.cipher_text.val

        # Choose the proper algorithms and values according to the algorithm ID
        if self.enc_cont.algorithm_identifier.alg_id == PKCS12_ALGORITHM_PBE1_SHA_3DES_CBC:
            salt = self.enc_cont.algorithm_identifier.parameters.salt.val
            iterations = self.enc_cont.algorithm_identifier.parameters.iterations.val
            hash_algorithm = SHA1
            enc_algorithm = algorithms.TripleDES
            enc_mode = modes.CBC
            iv = None
            pbes_cls = PKCS12_PBES1
        elif self.enc_cont.algorithm_identifier.alg_id == PKCS5_ALGORITHM_PBES2:
            raise NotImplementedError("PBE algorithm not implemented")
        else:
            raise Exception("Invalid PBE algorithm")

        # Build the PBE class
        pbes = pbes_cls(salt, iterations, iv, pin, hash_algorithm,
                        enc_algorithm, enc_mode, default_backend())

        # On version 2, we can check that the PIN was valid before decrypting the whole
        # cipher text
        if self.version == 2:
            encrypted_pin = pbes.encrypt(pin)
            if encrypted_pin != self.enc_cont.encrypted_pin.val:
                raise ValueError("Invalid PIN supplied")

        # Decrypt and parse the cipher text
        plain_text = pbes.decrypt(cipher_text)

        return plain_text