/// <summary>Creates multiple principals in the KDC and adds them to a keytab file.</summary>
/// <param name="keytabFile">keytab file to add the created principal.s</param>
/// <param name="principals">principals to add to the KDC, do not include the domain.
/// </param>
/// <exception cref="System.Exception">
/// thrown if the principals or the keytab file could not be
/// created.
/// </exception>
public virtual void CreatePrincipal(FilePath keytabFile, params string[] principals
)
{
string generatedPassword = UUID.RandomUUID().ToString();
Org.Apache.Directory.Server.Kerberos.Shared.Keytab.Keytab keytab = new Org.Apache.Directory.Server.Kerberos.Shared.Keytab.Keytab
();
IList <KeytabEntry> entries = new AList <KeytabEntry>();
foreach (string principal in principals)
{
CreatePrincipal(principal, generatedPassword);
principal = principal + "@" + GetRealm();
KerberosTime timestamp = new KerberosTime();
foreach (KeyValuePair <EncryptionType, EncryptionKey> entry in KerberosKeyFactory.
GetKerberosKeys(principal, generatedPassword))
{
EncryptionKey ekey = entry.Value;
byte keyVersion = unchecked ((byte)ekey.GetKeyVersion());
entries.AddItem(new KeytabEntry(principal, 1L, timestamp, keyVersion, ekey));
}
}
keytab.SetEntries(entries);
keytab.Write(keytabFile);
}
public KrbFastFinished(
KerberosTime param0,
Microseconds param1,
Realm param2,
PrincipalName param3,
Checksum param4)
{
this.timestamp = param0;
this.usec = param1;
this.crealm = param2;
this.cname = param3;
this.ticket_checksum = param4;
}
/// <summary>
/// Update the context.
/// </summary>
/// <param name="pdu">The Pdu to update the context.</param>
internal override void UpdateContext(KilePdu pdu)
{
if (pdu != null)
{
Type pduType = pdu.GetType();
if (pduType == typeof(KileAsRequest))
{
KileAsRequest request = (KileAsRequest)pdu;
if (request.Request != null && request.Request.req_body != null)
{
cName = request.Request.req_body.cname;
cRealm = request.Request.req_body.realm;
sName = request.Request.req_body.sname;
encryptType = request.Request.req_body.etype;
addresses = request.Request.req_body.addresses;
nonce = request.Request.req_body.nonce;
endTime = request.Request.req_body.till;
rtime = request.Request.req_body.rtime;
}
}
else if (pduType == typeof(KileAsResponse))
{
KileAsResponse response = (KileAsResponse)pdu;
tgsSessionKey = response.EncPart.key;
}
else if (pduType == typeof(KileTgsRequest))
{
KileTgsRequest request = (KileTgsRequest)pdu;
encryptType = request.Request.req_body.etype;
nonce = request.Request.req_body.nonce;
tgsTicket = request.tgtTicket;
sName = request.Request.req_body.sname;
if (request.authenticator != null)
{
tgsSubSessionKey = request.authenticator.subkey;
}
}
else if (pduType == typeof(KileTgsResponse))
{
KileTgsResponse response = (KileTgsResponse)pdu;
apSessionKey = response.EncPart.key;
}
else if (pduType == typeof(KileApRequest))
{
KileApRequest request = (KileApRequest)pdu;
apRequestCtime = request.Authenticator.ctime;
apRequestCusec = request.Authenticator.cusec;
if (request.Authenticator.cksum != null)
{
int flag = BitConverter.ToInt32(request.Authenticator.cksum.checksum.mValue,
ConstValue.AUTHENTICATOR_CHECKSUM_LENGTH + sizeof(ChecksumFlags));
checksumFlag = (ChecksumFlags)flag;
}
apSubKey = request.Authenticator.subkey;
if (request.Authenticator.seq_number != null)
{
currentRemoteSequenceNumber = (ulong)request.Authenticator.seq_number.mValue;
currentLocalSequenceNumber = currentRemoteSequenceNumber;
}
}
else if (pduType == typeof(KileApResponse))
{
KileApResponse response = (KileApResponse)pdu;
if (response.ApEncPart.subkey != null)
{
acceptorSubKey = response.ApEncPart.subkey;
}
}
else
{
// Do nothing.
}
}
}
