private void ProcessKdcProxy(KdcProxyMessage proxyMessage, string source)
{
var message = proxyMessage.UnwrapMessage();
var kdcBody = new
{
AsReq = TryDecode(message, m => KrbAsReq.DecodeApplication(m)),
AsRep = TryDecode(message, m => KrbAsRep.DecodeApplication(m)),
TgsReq = TryDecode(message, m => KrbTgsReq.DecodeApplication(m)),
TgsRep = TryDecode(message, m => KrbTgsRep.DecodeApplication(m)),
KrbError = TryDecode(message, m => KrbError.DecodeApplication(m))
};
if (kdcBody.AsReq != null)
{
ExplodeObject(kdcBody.AsReq, $"AS-REQ ({source})");
}
else if (kdcBody.AsRep != null)
{
ExplodeObject(kdcBody.AsRep, $"AS-REP ({source})");
}
else if (kdcBody.TgsReq != null)
{
ExplodeObject(kdcBody.TgsReq, $"TGS-REQ ({source})");
}
else if (kdcBody.TgsRep != null)
{
ExplodeObject(kdcBody.TgsRep, $"TGS-REP ({source})");
}
else if (kdcBody.KrbError != null)
{
ExplodeObject(kdcBody.KrbError, $"Krb-Error ({source})");
}
}
protected override IKerberosMessage DecodeMessageCore(ReadOnlyMemory <byte> message)
{
var asReq = KrbAsReq.DecodeApplication(message);
this.SetRealmContext(asReq.Realm);
return(asReq);
}
public void TestParseAsReqWithPaData()
{
var asReqBin = ReadDataFile("messages\\as-req-preauth").Skip(4).ToArray();
var asreq = KrbAsReq.DecodeApplication(asReqBin);
Assert.IsNotNull(asreq);
var bytes = asreq.Encode();
Assert.IsTrue(bytes.Length > 0);
}
public void AsReqRoundtripParse()
{
var creds = new KerberosPasswordCredential("sdfsdfsdf", "sdfsdfsdf", "sdfsdfsdf");
var asReq = KrbAsReq.CreateAsReq(creds, AuthenticationOptions.AllAuthentication);
var encoded = asReq.EncodeApplication();
var decoded = KrbAsReq.DecodeApplication(encoded);
Assert.IsNotNull(decoded);
}
public void ParseAsReqApplicationMessage()
{
var asReqBin = ReadDataFile("messages\\as-req").Skip(4).ToArray();
var asReq = KrbAsReq.DecodeApplication(asReqBin);
Assert.IsNotNull(asReq);
var addr = asReq.Body.Addresses[0].DecodeAddress();
Assert.IsNotNull(addr);
Assert.AreEqual("APP03 ", addr);
}
public void Message_AsReqPreAuth()
{
var file = ReadDataFile("messages\\as-req-preauth");
var decoded = TestSimpleRoundtrip(
"as-req-preauth",
file.Skip(4).ToArray(),
v => KrbAsReq.DecodeApplication(v),
t => t.EncodeApplication().ToArray()
);
Assert.IsNotNull(decoded);
}
public void DecryptAsReqApplicationMessage()
{
var asReqBin = ReadDataFile("messages\\as-req-preauth").Skip(4).ToArray();
var asReq = KrbAsReq.DecodeApplication(asReqBin);
Assert.IsNotNull(asReq);
KerberosKey key = CreateKey();
var ts = asReq.DecryptTimestamp(key);
Assert.AreEqual(636985444450060358L, ts.Ticks);
}
public void TestParseAllMessagesRoundtrip()
{
var allMessages = ReadDataFiles("messages\\");
foreach (var file in allMessages)
{
var key = file.Key.Substring(file.Key.LastIndexOf('\\') + 1);
Debug.WriteLine(file.Value.HexDump());
switch (key)
{
case "as-rep":
var asrep = TestSimpleRoundtrip(
key,
file.Value.Skip(4).ToArray(),
v => new KrbAsRep().DecodeAsApplication(v),
t => t.EncodeApplication().ToArray()
);
break;
case "as-req":
TestSimpleRoundtrip(
key,
file.Value.Skip(4).ToArray(),
v => KrbAsReq.DecodeApplication(v),
t => t.EncodeApplication().ToArray());
break;
case "as-req-preauth":
TestSimpleRoundtrip(
key,
file.Value.Skip(4).ToArray(),
v => KrbAsReq.DecodeApplication(v),
t => t.EncodeApplication().ToArray());
break;
case "krb-error-preauth-required":
TestSimpleRoundtrip(
key,
file.Value.Skip(4).ToArray(),
v => KrbError.DecodeApplication(v),
t => t.EncodeApplication().ToArray());
break;
case "tgs-rep-testuser-host-app03":
TestSimpleRoundtrip(
key,
file.Value.Skip(4).ToArray(),
v => KrbTgsRep.DecodeApplication(v),
t => t.EncodeApplication().ToArray()
);
break;
case "tgs-rep-testuser-host-appservice":
TestSimpleRoundtrip(
key,
file.Value.Skip(4).ToArray(),
v => KrbTgsRep.DecodeApplication(v),
t => t.EncodeApplication().ToArray()
);
break;
case "tgs-rep-testuser-krbtgt-renew":
TestSimpleRoundtrip(
key,
file.Value.Skip(4).ToArray(),
v => KrbTgsRep.DecodeApplication(v),
t => t.EncodeApplication().ToArray()
);
break;
case "tgs-req-testuser-host-app03":
var thing = TestSimpleRoundtrip(
key,
file.Value.Skip(4).ToArray(),
v => KrbTgsReq.DecodeApplication(v),
t => t.EncodeApplication().ToArray()
);
break;
case "tgs-req-testuser-host-appservice":
TestSimpleRoundtrip(
key,
file.Value.Skip(4).ToArray(),
v => KrbTgsReq.DecodeApplication(v),
t => t.EncodeApplication().ToArray());
break;
case "tgs-req-testuser-krbtgt-renew":
TestSimpleRoundtrip(
key,
file.Value.Skip(4).ToArray(),
v => KrbTgsReq.DecodeApplication(v),
t => t.EncodeApplication().ToArray());
break;
}
}
}
protected override IKerberosMessage DecodeMessageCore(ReadOnlyMemory <byte> message)
{
return(KrbAsReq.DecodeApplication(message));
}