feat: add issuancepolicy properties

SpecterOps · Mar 21, 2024 · 30fd376 · 30fd376
1 parent 90b55d0
commit 30fd376
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 2 deletions.
diff --git a/src/CommonLib/LDAPProperties.cs b/src/CommonLib/LDAPProperties.cs
@@ -55,6 +55,7 @@ public static class LDAPProperties
         public const string PKIOverlappedPeriod = "pkioverlapperiod";
         public const string TemplateSchemaVersion = "mspki-template-schema-version";
         public const string CertTemplateOID = "mspki-cert-template-oid";
+        public const string OIDGroupLink = "msds-oidtogrouplink";
         public const string PKIEnrollmentFlag = "mspki-enrollment-flag";
         public const string PKINameFlag = "mspki-certificate-name-flag";
         public const string ExtendedKeyUsage = "pkiextendedkeyusage";

diff --git a/src/CommonLib/Processors/LDAPPropertyProcessor.cs b/src/CommonLib/Processors/LDAPPropertyProcessor.cs
@@ -535,12 +535,26 @@ public static Dictionary<string, object> ReadCertTemplateProperties(ISearchResul
             return props;
         }
 
-        public Dictionary<string, object> ReadIssuancePolicyProperties(ISearchResultEntry entry)
+        public IssuancePolicyProperties ReadIssuancePolicyProperties(ISearchResultEntry entry)
         {
+            var ret = new IssuancePolicyProperties();
             var props = GetCommonProps(entry);
             props.Add("displayname", entry.GetProperty(LDAPProperties.DisplayName));
+            props.Add("oid", entry.GetProperty(LDAPProperties.CertTemplateOID));
 
-            return props;
+            var link = entry.GetProperty(LDAPProperties.OIDGroupLink);
+            if (!string.IsNullOrEmpty(link))
+            {
+                var linkedGroup = _utils.ResolveDistinguishedName(link);
+                if (linkedGroup != null)
+                {
+                    props.Add("oidgrouplink", linkedGroup.ObjectIdentifier);
+                    ret.GroupLink = linkedGroup;
+                }
+            }
+
+            ret.Props = props;
+            return ret;
         }
 
         /// <summary>
@@ -790,4 +804,10 @@ public class ComputerProperties
         public TypedPrincipal[] SidHistory { get; set; } = Array.Empty<TypedPrincipal>();
         public TypedPrincipal[] DumpSMSAPassword { get; set; } = Array.Empty<TypedPrincipal>();
     }
+
+    public class IssuancePolicyProperties
+    {
+        public Dictionary<string, object> Props { get; set; } = new();
+        public TypedPrincipal GroupLink { get; set; } = new TypedPrincipal();
+    }
 }