SAPCredv2 fails if PSE subject has more than just CommonName and LPS is on

[rstenet]

Hi,

if LPS is off or subject has only CN then it works.

Steps to reproduce the problem

1 Create pse and cred file

sapgenpse gen_pse -x "1234567890" -p test2.pse "CN=PSEowner, C=BG"
sapgenpse seclogin -x "1234567890" -lps -p test2.pse

2 Create test script read_cred.py

from pysap.SAPCredv2 import *

with open("cred_v2", "rb") as fd:
    cred_v2_string = fd.read()

cred_v2_asn1 = SAPCredv2(cred_v2_string)
cred_v2_asn1.show()

cred_v2_plain = cred_v2_asn1.creds[0].cred.decrypt("none")
cred_v2_plain.show()

3 Execute

saphost:sidadm 170> python2 read_cred.py
Traceback (most recent call last):
  File "read_cred.py", line 6, in <module>
    cred_v2_asn1 = SAPCredv2(cred_v2_string)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/base_classes.py", line 266, in __call__
    i.__init__(*args, **kargs)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/packet.py", line 158, in __init__
    self.dissect(_pkt)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/packet.py", line 875, in dissect
    s = self.do_dissect(s)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/asn1packet.py", line 35, in do_dissect
    return self.ASN1_root.dissect(self, x)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/asn1fields.py", line 138, in dissect
    v, s = self.m2i(pkt, s)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/asn1fields.py", line 416, in m2i
    c, s = self.extract_packet(self.cls, s)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/asn1fields.py", line 122, in extract_packet
    c = cls(s)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/base_classes.py", line 266, in __call__
    i.__init__(*args, **kargs)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/packet.py", line 158, in __init__
    self.dissect(_pkt)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/packet.py", line 875, in dissect
    s = self.do_dissect(s)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/asn1packet.py", line 35, in do_dissect
    return self.ASN1_root.dissect(self, x)
  File "/usr/lib64/python2.7/site-packages/scapy-2.4.4-py2.7.egg/scapy/asn1fields.py", line 138, in dissect
    v, s = self.m2i(pkt, s)
  File "build/bdist.linux-x86_64/egg/pysap/utils/fields.py", line 353, in m2i
scapy.asn1.asn1.ASN1_Error
saphost:sidadm 171>

[martingalloar]

The reason why this fails in LPS is because the Cred structure differs when enabling LPS or not. The current implementation only considers a sequence of commonName, while we should be allowing for any X.509 OID within 2.5.4.X. I'll give it a try shortly and get back, but this is a good catch! Thanks for reporting!

[martingalloar]

Can you git pull and try it again now?

It seems to be properly fixed now:

$ pysapgenpse -c seclogin -dvf ~/sec/cred_v2 -x "Pa$$w0rd!"
pysapgenpse version: 0.1.20.dev0
pysapgenpse: Reading credentials file '/home/martin/sec/cred_v2'

 0 (LPS:FALLBACK): /C=AR/CN=PSEOwner
	 (LPS:N/A): /home/martin/sec/test.pse
		 Credential cipher format version 2, algorithm AES256
		 PIN:		1234567890


 1 readable SSO-Credentials available

[rstenet]

Hi Martin, yes it is working now.