Beispiel #1
0
 static IPrivateKey DecodePrivateKey(string fname)
 {
     byte[]      buf = File.ReadAllBytes(fname);
     PEMObject[] fpo = AsnIO.DecodePEM(buf);
     if (fpo.Length == 0)
     {
         buf = AsnIO.FindBER(buf);
     }
     else
     {
         buf = null;
         foreach (PEMObject po in fpo)
         {
             string tt = po.type.ToUpperInvariant();
             if (tt.IndexOf("PRIVATE KEY") >= 0)
             {
                 if (buf != null)
                 {
                     throw new Exception(
                               "Multiple keys in '"
                               + fname + "'");
                 }
                 buf = po.data;
             }
         }
     }
     if (buf == null)
     {
         throw new Exception(string.Format(
                                 "No private key in file '{0}'", fname));
     }
     return(KF.DecodePrivateKey(buf));
 }
Beispiel #2
0
        public static object GetKerberosPacket(byte[] kerberosBuffer)
        {
            object result = null;

            byte[] asn_buffer = AsnIO.FindBER(kerberosBuffer);

            if (asn_buffer != null)
            {
                AsnElt asn_object = AsnElt.Decode(asn_buffer);

                try
                {
                    // Get the application number
                    switch (asn_object.TagValue)
                    {
                    case (int)MessageType.krb_tgs_rep:
                        result = new KerberosTgsRepPacket(kdc_rep: asn_object.Sub[0].Sub);
                        break;
                    }
                }
                catch
                {
                    // TODO: log
                }
            }

            return(result);
        }
Beispiel #3
0
    static byte[][] DecodeChain(string fname)
    {
        byte[]      buf = File.ReadAllBytes(fname);
        PEMObject[] fpo = AsnIO.DecodePEM(buf);
        if (fpo.Length == 0)
        {
            buf = AsnIO.FindBER(buf);
            if (buf == null)
            {
                throw new Exception(string.Format(
                                        "No certificate in file '{0}'", fname));
            }
            return(new byte[][] { buf });
        }
        List <byte[]> r = new List <byte[]>();

        foreach (PEMObject po in fpo)
        {
            string tt = po.type.ToUpperInvariant();
            if (tt == "CERTIFICATE" || tt == "X509 CERTIFICATE")
            {
                r.Add(po.data);
            }
        }
        if (r.Count == 0)
        {
            throw new Exception(string.Format(
                                    "No certificate in file '{0}'", fname));
        }
        return(r.ToArray());
    }
Beispiel #4
0
        private string dosyadanBase64Oku(string filePath)
        {
            FileStream fileStream = new FileStream(filePath, FileMode.Open, FileAccess.Read);

            byte[] signStream      = AsnIO.streamOku(fileStream);
            string base64Signature = System.Convert.ToBase64String(signStream);

            return(base64Signature);
        }
Beispiel #5
0
        public AS_REQ(byte[] data)
        {
            // decode the supplied bytes to an AsnElt object
            data = AsnIO.FindBER(data);
            AsnElt asn_AS_REQ = AsnElt.Decode(data);

            padata = new List <PA_DATA>();

            // AS-REQ::= [APPLICATION 10] KDC-REQ
            //  tag class == 1
            //  tag class == 10
            //  SEQUENCE
            if (asn_AS_REQ.TagValue != (int)Interop.KERB_MESSAGE_TYPE.AS_REQ)
            {
                throw new System.Exception("AS-REQ tag value should be 10");
            }

            if ((asn_AS_REQ.Sub.Length != 1) || (asn_AS_REQ.Sub[0].TagValue != 16))
            {
                throw new System.Exception("First AS-REQ sub should be a sequence");
            }

            // extract the KDC-REP out
            AsnElt[] kdc_req = asn_AS_REQ.Sub[0].Sub;

            foreach (AsnElt s in kdc_req)
            {
                switch (s.TagValue)
                {
                case 1:
                    pvno = s.Sub[0].GetInteger();
                    break;

                case 2:
                    msg_type = s.Sub[0].GetInteger();
                    break;

                case 3:
                    // sequence of pa-data
                    foreach (AsnElt pa in s.Sub[0].Sub)
                    {
                        padata.Add(new PA_DATA(pa));
                    }
                    break;

                case 4:
                    // KDC-REQ-BODY
                    req_body = new KDCReqBody(s.Sub[0]);
                    break;

                default:
                    throw new System.Exception(String.Format("Invalid tag AS-REQ value : {0}", s.TagValue));
                }
            }
        }
Beispiel #6
0
        /*
         * Decode a public key (SubjectPublicKeyInfo).
         */
        public static IPublicKey DecodePublicKey(byte[] spki)
        {
            string pemType = null;

            spki = AsnIO.FindBER(spki, false, out pemType);
            if (spki == null)
            {
                throw new AsnException("Not an encoded object");
            }
            return(DecodePublicKey(AsnElt.Decode(spki)));
        }
Beispiel #7
0
        public AS_REQ(byte[] data)
        {
            // decode the supplied bytes to an AsnElt object
            data = AsnIO.FindBER(data);
            AsnElt asn_AS_REQ = AsnElt.Decode(data);

            padata = new List <PA_DATA>();

            // AS-REQ::= [APPLICATION 10] KDC-REQ
            //  tag class == 1
            //  tag class == 10
            //  SEQUENCE
            if (asn_AS_REQ.TagValue != 10)
            {
                throw new System.Exception("AS-REQ tag value should be 10");
            }
            if ((asn_AS_REQ.Count != 1) || (asn_AS_REQ.FirstElement.TagValue != 16))
            {
                throw new System.Exception("First AS-REQ sub should be a sequence");
            }

            // extract the KDC-REP out
            foreach (AsnElt s in asn_AS_REQ.FirstElement.EnumerateElements())
            {
                AsnElt firstElement = s.FirstElement;
                switch (s.TagValue)
                {
                case 1:
                    pvno = firstElement.GetInteger();
                    break;

                case 2:
                    msg_type = firstElement.GetInteger();
                    break;

                case 3:
                    // sequence of pa-data
                    foreach (AsnElt pa in firstElement.EnumerateElements())
                    {
                        padata.Add(new PA_DATA(pa));
                    }
                    break;

                case 4:
                    // KDC-REQ-BODY
                    req_body = new KDCReqBody(firstElement);
                    break;

                default:
                    throw new System.Exception(String.Format("Invalid tag AS-REQ value : {0}", s.TagValue));
                }
            }
        }
Beispiel #8
0
        public static object GetKerberosPacket(byte[] kerberosBuffer, string protocol)
        {
            object result = null;

            // Consider the TCP Record Mark when parsing Kerberos over TCP packets.
            if (protocol == "TCP")
            {
                var recordMarkLengthBuffer = kerberosBuffer.SubArray(0, 4);

                // The return value of ToInt32 method depends on system architecture.
                // Therfore we explicitly enforce BigEndian.
                if (BitConverter.IsLittleEndian)
                {
                    Array.Reverse(recordMarkLengthBuffer);
                }

                var recordMarkLength = BitConverter.ToInt32(recordMarkLengthBuffer, 0);

                if (recordMarkLength + 4 <= kerberosBuffer.Length)
                {
                    kerberosBuffer = kerberosBuffer.SubArray(4, recordMarkLength);
                }
                else
                {
                    throw new Exception("Kerberos record mark length is out of range");
                }
            }

            byte[] asn_buffer = AsnIO.FindBER(kerberosBuffer);

            if (asn_buffer != null)
            {
                AsnElt asn_object = AsnElt.Decode(asn_buffer);

                // Get the application number.
                switch (asn_object.TagValue)
                {
                case (int)MessageType.krb_tgs_rep:
                    result = new KerberosTgsRepPacket(kdc_rep: asn_object.Sub[0].Sub);
                    break;

                case (int)MessageType.krb_as_rep:
                    result = new KerberosAsRepPacket(kdc_rep: asn_object.Sub[0].Sub);
                    break;
                }
            }

            return(result);
        }
Beispiel #9
0
    static void ProcessFile(string fname)
    {
        StringBuilder sb = new StringBuilder();

        foreach (byte b in Encoding.UTF8.GetBytes(fname))
        {
            if (b >= 32 && b <= 126 && b != (byte)'%')
            {
                sb.Append((char)b);
            }
            else
            {
                sb.AppendFormat("%{0:X2}", (int)b);
            }
        }
        Console.WriteLine("; ##### " + sb.ToString());
        try {
            byte[] enc;
            if (fname == "-")
            {
                enc = ReadAllBytes(Console.OpenStandardInput());
            }
            else
            {
                enc = File.ReadAllBytes(fname);
            }
            enc = AsnIO.FindBER(enc);
            if (enc == null)
            {
                throw new IOException(
                          "no BER object in file " + fname);
            }
            AsnElt ae = AsnElt.Decode(enc);
            Parse(Console.Out, 0, ae);
            Console.WriteLine();
        } catch (Exception e) {
            Console.Error.WriteLine(e.ToString());
            Environment.Exit(1);
        }
    }
Beispiel #10
0
        /*
         * Decode the provided private key. This method accepts both
         * PKCS#8 and the "internal" format; the source object may be
         * raw DER, Base64-encoded DER, or PEM. The key type is
         * automatically detected.
         */
        public static IPrivateKey DecodePrivateKey(byte[] enc)
        {
            string pemType;

            enc = AsnIO.FindBER(enc, false, out pemType);
            if (enc == null)
            {
                throw new AsnException("Not an encoded object");
            }
            AsnElt ak = AsnElt.Decode(enc);

            ak.CheckConstructed();
            if (pemType != null)
            {
                switch (pemType)
                {
                case "RSA PRIVATE KEY":
                    return(DecodePrivateKeyRSA(ak));

                /* disabled DSA
                 * case "DSA PRIVATE KEY":
                 *      return DecodePrivateKeyDSA(ak);
                 */
                case "EC PRIVATE KEY":
                    return(DecodePrivateKeyEC(ak));

                case "PRIVATE KEY":
                    return(DecodePrivateKeyPKCS8(ak));

                default:
                    throw new AsnException(
                              "Unknown PEM object: " + pemType);
                }
            }
            if (ak.Sub.Length == 3 &&
                ak.GetSub(0).TagValue == AsnElt.INTEGER &&
                ak.GetSub(1).TagValue == AsnElt.SEQUENCE &&
                ak.GetSub(2).TagValue == AsnElt.OCTET_STRING)
            {
                return(DecodePrivateKeyPKCS8(ak));
            }
            if (ak.Sub.Length >= 9)
            {
                bool mayBeRSA = true;
                for (int i = 0; i < 9; i++)
                {
                    if (ak.GetSub(i).TagValue != AsnElt.INTEGER)
                    {
                        mayBeRSA = false;
                        break;
                    }
                }
                if (mayBeRSA)
                {
                    return(DecodePrivateKeyRSA(ak));
                }
            }

            /* disabled DSA
             * if (ak.Sub.Length >= 6) {
             *      bool mayBeDSA = true;
             *      for (int i = 0; i < 6; i ++) {
             *              if (ak.GetSub(i).TagValue != AsnElt.INTEGER) {
             *                      mayBeDSA = false;
             *                      break;
             *              }
             *      }
             *      if (mayBeDSA) {
             *              return DecodePrivateKeyDSA(ak);
             *      }
             * }
             */
            if (ak.Sub.Length >= 2 &&
                ak.GetSub(0).TagValue == AsnElt.INTEGER &&
                ak.GetSub(1).TagValue == AsnElt.OCTET_STRING)
            {
                return(DecodePrivateKeyEC(ak));
            }
            throw new AsnException("Unrecognized private key format");
        }