def compare_primitive_info():
return (
(core.ObjectIdentifier('1.2.3'), core.ObjectIdentifier('1.2.3'),
True),
(core.Integer(1), Enum(1), False),
(core.Integer(1), core.Integer(1, implicit=5), True),
(core.Integer(1), core.Integer(1, explicit=5), True),
(core.Integer(1), core.Integer(2), False),
(core.OctetString(b''), core.OctetString(b''), True),
(core.OctetString(b''), core.OctetString(b'1'), False),
(core.OctetString(b''), core.OctetBitString(b''), False),
(core.ParsableOctetString(b'12'), core.OctetString(b'12'), True),
(core.ParsableOctetBitString(b'12'), core.OctetBitString(b'12'),
True),
(core.UTF8String('12'), core.UTF8String('12'), True),
(core.UTF8String('12'), core.UTF8String('1'), False),
(core.UTF8String('12'), core.IA5String('12'), False),
)
def test_wrong_asn1value2(self):
with self.assertRaises(TypeError):
CopySeq({'name': core.UTF8String('Test'), 'pair': core.Integer(1)})
async def amain(url, service, template, altname, onbehalf, cn = None, pfx_file = None, pfx_password = None, enroll_cert = None, enroll_password = None):
try:
if pfx_file is None:
pfx_file = 'cert_%s.pfx' % os.urandom(4).hex()
if pfx_password is None:
pfx_password = '******'
print('[+] Parsing connection parameters...')
su = SMBConnectionURL(url)
ip = su.get_target().get_hostname_or_ip()
if cn is None:
cn = '%s@%s' % (su.username, su.domain)
print('[*] Using CN: %s' % cn)
print('[+] Generating RSA privat key...')
key = rsa.generate_private_key(0x10001, 2048)
print('[+] Building certificate request...')
attributes = {
"CertificateTemplate": template,
}
csr = x509.CertificateSigningRequestBuilder()
csr = csr.subject_name(
x509.Name(
[
x509.NameAttribute(NameOID.COMMON_NAME, cn),
]
)
)
if altname:
altname = core.UTF8String(altname).dump()
csr = csr.add_extension(
x509.SubjectAlternativeName(
[
x509.OtherName(PRINCIPAL_NAME, altname),
]
),
critical=False,
)
csr = csr.sign(key, hashes.SHA256())
if onbehalf is not None:
agent_key = None
agent_cert = None
with open(enroll_cert, 'rb') as f:
agent_key, agent_cert, _ = pkcs12.load_key_and_certificates(f.read(), enroll_password)
pkcs7builder = pkcs7.PKCS7SignatureBuilder().set_data(csr).add_signer(agent_key, agent_cert, hashes.SHA1())
csr = pkcs7builder.sign(Encoding.DER, options=[pkcs7.PKCS7Options.Binary])
else:
csr = csr.public_bytes(Encoding.DER)
print('[+] Connecting to EPM...')
target, err = await EPM.create_target(ip, ICPRRPC().service_uuid, dc_ip = su.get_target().dc_ip, domain = su.get_target().domain)
if err is not None:
raise err
print('[+] Connecting to ICRPR service...')
gssapi = AuthenticatorBuilder.to_spnego_cred(su.get_credential(), target)
auth = DCERPCAuth.from_smb_gssapi(gssapi)
connection = DCERPC5Connection(auth, target)
rpc, err = await ICPRRPC.from_rpcconnection(connection, perform_dummy=True)
if err is not None:
raise err
logger.debug('DCE Connected!')
print('[+] Requesting certificate from the service...')
res, err = await rpc.request_certificate(service, csr, attributes)
if err is not None:
print('[-] Request failed!')
raise err
if res['encodedcert'] in [None, b'']:
raise Exception('No certificate was returned from server!. Full message: %s' % res)
print('[+] Got certificate!')
cert = x509.load_der_x509_certificate(res['encodedcert'])
print("[*] Cert subject: {}".format(cert.subject.rfc4514_string()))
print("[*] Cert issuer: {}".format(cert.issuer.rfc4514_string()))
print("[*] Cert Serial: {:X}".format(cert.serial_number))
try:
ext = cert.extensions.get_extension_for_oid(ExtensionOID.EXTENDED_KEY_USAGE)
for oid in ext.value:
print("[*] Cert Extended Key Usage: {}".format(EKUS_NAMES.get(oid.dotted_string, oid.dotted_string)))
except:
print('[-] Could not verify extended key usage')
try:
ext = cert.extensions.get_extension_for_oid(ExtensionOID.SUBJECT_ALTERNATIVE_NAME)
for name in ext.value.get_values_for_type(x509.OtherName):
if name.type_id == x509.ObjectIdentifier("1.3.6.1.4.1.311.20.2.3"):
print('[*] Certificate ALT NAME: %s' % core.UTF8String.load(name.value).native)
break
else:
print('[-] Certificate doesnt have ALT NAME')
except:
print('[-] Certificate doesnt have ALT NAME')
print('[+] Writing certificate to disk (file:"%s" pass: "******")...' % (pfx_file, pfx_password))
# Still waiting for the day oscrypto will have a pfx serializer :(
# Until that we'd need to use cryptography
with open(pfx_file, 'wb') as f:
data = pkcs12.serialize_key_and_certificates(
name=b"",
key=key,
cert=cert,
cas=None,
encryption_algorithm=BestAvailableEncryption(pfx_password.encode())
)
f.write(data)
print('[+] Finished!')
return True, None
except Exception as e:
traceback.print_exc()
return False, e
