Class: Metasploit::Credential::Pkcs12

Inherits:

Private

• Object
• ApplicationRecord
• Private
• Metasploit::Credential::Pkcs12

Defined in:

app/models/metasploit/credential/pkcs12.rb

Overview

A private Pkcs12 file.

Instance Attribute Summary

• #data ⇒ String

  A private pkcs12 file, base64 encoded - i.e.

• #metadata ⇒ JSONB

  Metadata for this Pkcs12: adcs_ca: The Certificate Authority that issued the certificate adcs_template: The certificate template used to issue the certificate pkcs12_password: The password to decrypt the Pkcs12.

Attributes inherited from Private

#cores, #created_at, #id, #type, #updated_at

Instance Method Summary

• #adcs_ca ⇒ String

  The CA that issued the certificate.

• #adcs_template ⇒ String

  The certificate template used to issue the certificate.

• #openssl_pkcs12 ⇒ OpenSSL::PKCS12

  Converts the private pkcs12 data in #data to an ‘OpenSSL::PKCS12` instance.

• #pkcs12_password ⇒ String

  The password to decrypt the Pkcs12.

• #status ⇒ String

  The status if the certificate (active or inactive).

• #to_s ⇒ String

  The key data‘s fingerprint, suitable for displaying to the user.

Instance Attribute Details

#data ⇒ String

A private pkcs12 file, base64 encoded - i.e. starting with ‘MIIMhgIBAzCCDFAGCSqGSIb3DQEHAaCC.…’

Returns:

• (String)

# File 'app/models/metasploit/credential/pkcs12.rb', line 11

#metadata ⇒ JSONB

Metadata for this Pkcs12:

adcs_ca: The Certificate Authority that issued the certificate
adcs_template: The certificate template used to issue the certificate
pkcs12_password: The password to decrypt the Pkcs12

Returns:

• (JSONB)

# File 'app/models/metasploit/credential/pkcs12.rb', line 16

Instance Method Details

#adcs_ca ⇒ String

The CA that issued the certificate

Returns:

• (String)

# File 'app/models/metasploit/credential/pkcs12.rb', line 55

def adcs_ca
  metadata['adcs_ca']
end

#adcs_template ⇒ String

The certificate template used to issue the certificate

Returns:

• (String)

# File 'app/models/metasploit/credential/pkcs12.rb', line 62

def adcs_template
  metadata['adcs_template']
end

#openssl_pkcs12 ⇒ OpenSSL::PKCS12

Converts the private pkcs12 data in #data to an ‘OpenSSL::PKCS12` instance.

Returns:

• (OpenSSL::PKCS12)

Raises:

• (ArgumentError) —

  if #data cannot be loaded

# File 'app/models/metasploit/credential/pkcs12.rb', line 84

def openssl_pkcs12
  if data
    begin
      password = metadata.fetch('pkcs12_password', '')
      OpenSSL::PKCS12.new(Base64.strict_decode64(data), password)
    rescue OpenSSL::PKCS12::PKCS12Error => error
      raise ArgumentError.new(error)
    end
  end
end

#pkcs12_password ⇒ String

The password to decrypt the Pkcs12

Returns:

• (String)

# File 'app/models/metasploit/credential/pkcs12.rb', line 69

def pkcs12_password
  metadata['pkcs12_password']
end

#status ⇒ String

The status if the certificate (active or inactive)

Returns:

• (String)

# File 'app/models/metasploit/credential/pkcs12.rb', line 76

def status
  metadata['status']
end

#to_s ⇒ String

The key data‘s fingerprint, suitable for displaying to the user. The Pkcs12 password is voluntarily not included.

Returns:

• (String)

# File 'app/models/metasploit/credential/pkcs12.rb', line 99

def to_s
  return '' unless data

  cert = openssl_pkcs12.certificate
  result = []
  result << "subject:#{cert.subject.to_s}"
  result << "issuer:#{cert.issuer.to_s}"
  result << "ADCS CA:#{metadata['adcs_ca']}" if metadata['adcs_ca']
  result << "ADCS template:#{metadata['adcs_template']}" if metadata['adcs_template']
  result.join(',')
end