diff options
Diffstat (limited to '3.2/charon.rb')
| -rwxr-xr-x | 3.2/charon.rb | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/3.2/charon.rb b/3.2/charon.rb new file mode 100755 index 0000000..51034b1 --- /dev/null +++ b/3.2/charon.rb @@ -0,0 +1,67 @@ +#!/usr/bin/env ruby + +require 'openssl' +require 'securerandom' +require 'sinatra' + +Users = { + "Athena" => "Passw0rd!" +} + +Services = { + "_TGS" => "eiqu@a5ahs8mooqu9Eng", + "Mail" => "{FvM<kgG}VpHxKJO;6Zo" +} + +def encrypt(obj, key) + cipher = OpenSSL::Cipher::AES.new(256, :CBC).encrypt + cipher.key = Digest::SHA2.digest(key) + s = cipher.update(obj) + cipher.final + s.unpack('H*')[0].upcase +end + +def decrypt(obj, key) + ticket = [obj].pack("H*").unpack("C*").pack("c*") + cipher = OpenSSL::Cipher::AES.new(256, :CBC).decrypt + cipher.key = Digest::SHA2.digest(key) + cipher.update(ticket) + cipher.final +end + +def ticket(username, ws_address, service) + ts = Time.now.to_i + p = [username, ws_address, service, 28800, ts].join(?\0) + s = encrypt(p, Services[service]) + "28800:#{ts}:#{s}" +end + +def noleak(msg, ul, ws) + puts "Error: #{msg}, returning nonsense to avoid leakage." + ticket(SecureRandom.alphanumeric(ul), ws, SecureRandom.alphanumeric(rand(24) + 8)) +end + +post '/login' do + request.body.rewind + data = JSON.parse(request.body.read) + next "Invalid request\n" unless data.keys == %w(username) + un = data["username"] + ul = un.length + ws = request.ip + next noleak("Invalid username", ul, ws) unless Users.keys.include?(un) + tgt = ticket(un, ws, "_TGS") + encrypt(tgt, Users[un]) +end + +post '/ticket' do + request.body.rewind + data = JSON.parse(request.body.read) + next "Invalid request\n" unless data.keys.sort == %w(service ticket username) + un, ws, sn, ls, ts = decrypt(data["ticket"], Services["_TGS"]).split(?\0) + ls = ls.to_i + ts = ts.to_i + next "Invalid ticket\n" unless sn == "_TGS" + next "Invalid ticket\n" unless un == data["username"] + next "Invalid ticket\n" unless ws == request.ip + next "Invalid ticket\n" unless Time.now.to_i >= ts + next "Ticket expired\n" unless Time.now.to_i < (ts + ls) + ticket(un, ws, data["service"]) +end |