/// <summary>
/// Set up the TCP/UDP transport connection with KDC.
/// </summary>
/// <param name="localPort">The server port</param>
/// <param name="transportType">Whether the transport is TCP or UDP transport.</param>
/// <param name="ipType">Ip Version</param>
/// <param name="transportSize">The buffer size of transport stack. </param>
/// <exception cref="System.ArgumentException">Thrown when the transportType is neither TCP nor UDP.</exception>
public void Start(ushort localPort, KileConnectionType transportType, KileIpType ipType, int transportSize)
{
SocketTransportConfig transportConfig = new SocketTransportConfig();
transportConfig.Role = Role.Server;
transportConfig.MaxConnections = ConstValue.MAX_CONNECTIONS;
transportConfig.BufferSize = transportSize;
if (ipType == KileIpType.Ipv4)
{
transportConfig.LocalIpAddress = IPAddress.Any;
}
else
{
transportConfig.LocalIpAddress = IPAddress.IPv6Any;
}
transportConfig.LocalIpPort = localPort;
if (transportType == KileConnectionType.TCP)
{
transportConfig.Type = StackTransportType.Tcp;
}
else if (transportType == KileConnectionType.UDP)
{
transportConfig.Type = StackTransportType.Udp;
}
else
{
throw new ArgumentException("ConnectionType can only be TCP or UDP.");
}
decoder = new KileDecoder(contextList, transportType);
transport = new TransportStack(transportConfig, decoder.DecodePacketCallback);
transport.Start();
}
/// <summary>
/// Kile Decoder Constructor
/// </summary>
/// <param name="serverContextList">Kile Server Context List</param>
/// <param name="transportType">Transport type, TCP or UDP.</param>
internal KileDecoder(
Dictionary <KileConnection, KileServerContext> serverContextList,
KileConnectionType transportType)
{
this.serverContextList = serverContextList;
connectionType = transportType;
isClientRole = false;
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="account">Account credential.</param>
/// <param name="logonName">Logon name.</param>
/// <param name="serviceName">Service name.</param>
/// <param name="kdcIpAddress">KDC IP address</param>
/// <param name="attributes">Client security attributes.</param>
/// <param name="connectionType">Connection type.</param>
public KileClientSecurityConfig(
AccountCredential account,
string logonName,
string serviceName,
IPAddress kdcIpAddress,
ClientSecurityContextAttribute attributes,
KileConnectionType connectionType)
: base(SecurityPackageType.Kerberos)
{
this.clientCredential = account;
this.logonName = logonName;
this.serviceName = serviceName;
this.kdcIpAddress = kdcIpAddress;
this.securityAttributes = attributes;
this.connectionType = connectionType;
}
public KerberosClientSecurityContext(AccountCredential clientCredential,
string logonName,
string serviceName,
IPAddress kdcIpAddress,
ClientSecurityContextAttribute contextAttributes,
KileConnectionType transportType)
{
if (clientCredential.DomainName == null)
{
throw new ArgumentNullException(nameof(clientCredential.DomainName));
}
if (clientCredential.AccountName == null)
{
throw new ArgumentNullException(nameof(clientCredential.AccountName));
}
if (clientCredential.Password == null)
{
throw new ArgumentNullException(nameof(clientCredential.Password));
}
if (kdcIpAddress == null)
{
throw new ArgumentNullException(nameof(kdcIpAddress));
}
if (logonName == null)
{
throw new ArgumentNullException(nameof(logonName));
}
if (serviceName == null)
{
throw new ArgumentNullException(nameof(serviceName));
}
client = new KileClient(clientCredential.DomainName, clientCredential.AccountName, clientCredential.Password,
KileAccountType.User);
service = serviceName;
domain = clientCredential.DomainName;
userLogonName = logonName;
contextAttribute = contextAttributes;
client.Connect(kdcIpAddress.ToString(), ConstValue.KDC_PORT, transportType);
contextSizes = new SecurityPackageContextSizes();
contextSizes.MaxTokenSize = ConstValue.MAX_TOKEN_SIZE;
contextSizes.MaxSignatureSize = ConstValue.MAX_SIGNATURE_SIZE;
contextSizes.BlockSize = ConstValue.BLOCK_SIZE;
contextSizes.SecurityTrailerSize = ConstValue.SECURITY_TRAILER_SIZE;
}
/// <summary>
/// Set up the TCP/UDP transport connection with KDC.
/// </summary>
/// <param name="kdcAddress">The IP address of the KDC.</param>
/// <param name="kdcPort">The port of the KDC.</param>
/// <param name="transportType">Whether the transport is TCP or UDP transport.</param>
/// <exception cref="System.ArgumentException">Thrown when the connection type is neither TCP nor UDP</exception>
public void Connect(string kdcAddress, int kdcPort, KileConnectionType transportType)
{
SocketTransportConfig transportConfig = new SocketTransportConfig();
transportConfig.Role = Role.Client;
transportConfig.MaxConnections = 1;
transportConfig.BufferSize = transportBufferSize;
transportConfig.RemoteIpPort = kdcPort;
transportConfig.RemoteIpAddress = IPAddress.Parse(kdcAddress);
// For UDP bind
if (transportConfig.RemoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork)
{
transportConfig.LocalIpAddress = IPAddress.Any;
}
else if (transportConfig.RemoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetworkV6)
{
transportConfig.LocalIpAddress = IPAddress.IPv6Any;
}
if (transportType == KileConnectionType.TCP)
{
transportConfig.Type = StackTransportType.Tcp;
}
else if (transportType == KileConnectionType.UDP)
{
transportConfig.Type = StackTransportType.Udp;
}
else
{
throw new ArgumentException("ConnectionType can only be TCP or UDP.");
}
kdcTransport = new TransportStack(transportConfig, decoder.DecodePacketCallback);
if (transportType == KileConnectionType.TCP)
{
kdcTransport.Connect();
}
else
{
kdcTransport.Start();
}
context.TransportType = transportType;
}
public KerberosClientSecurityContext(AccountCredential clientCredential,
string logonName,
string serviceName,
IPAddress kdcIpAddress,
ClientSecurityContextAttribute contextAttributes,
KileConnectionType transportType)
{
if (clientCredential.DomainName == null)
{
throw new ArgumentNullException(nameof(clientCredential.DomainName));
}
if (clientCredential.AccountName == null)
{
throw new ArgumentNullException(nameof(clientCredential.AccountName));
}
if (clientCredential.Password == null)
{
throw new ArgumentNullException(nameof(clientCredential.Password));
}
if (kdcIpAddress == null)
{
throw new ArgumentNullException(nameof(kdcIpAddress));
}
if (logonName == null)
{
throw new ArgumentNullException(nameof(logonName));
}
if (serviceName == null)
{
throw new ArgumentNullException(nameof(serviceName));
}
client = new KileClient(clientCredential.DomainName, clientCredential.AccountName, clientCredential.Password,
KileAccountType.User);
this.serverName = serviceName;
domain = clientCredential.DomainName;
userLogonName = logonName;
contextAttribute = contextAttributes;
client.Connect(kdcIpAddress.ToString(), ConstValue.KDC_PORT, transportType);
InitContextSize();
}
/// <summary>
/// Create a KileDecrypter instance.
/// User should call following methods in sequence to initialize: AsExchange, TgsExchange and ApExchange.
/// After exchanges are done, call DecryptRequest or DecryptResponse from first encrypted message to last.
/// Do not skip any request or response.
/// </summary>
/// <param name="domain">
/// The realm part of the client's principal identifier.
/// This argument cannot be null.
/// </param>
/// <param name="cName">
/// The account to logon the remote machine. Either user account or computer account.
/// This argument cannot be null.
/// </param>
/// <param name="password">
/// The password of the user.
/// This argument cannot be null.
/// </param>
/// <param name="accountType">
/// The type of the logon account. User or Computer.
/// </param>
/// <param name="connectionType">
/// The connection type, TCP or UDP.
/// </param>
/// <exception cref="System.ArgumentNullException">
/// Thrown when any parameter is null.
/// </exception>
public KileDecrypter(
string domain,
string cName,
string password,
KileAccountType accountType,
KileConnectionType connectionType)
{
if (domain == null)
{
throw new ArgumentNullException(nameof(domain));
}
if (cName == null)
{
throw new ArgumentNullException(nameof(cName));
}
if (password == null)
{
throw new ArgumentNullException(nameof(password));
}
kileDecoder = new KileDecoder();
kileDecoder.connectionType = connectionType;
string salt = KileRole.GenerateSalt(domain, cName, accountType);
kileDecoder.clientContext = new KileClientContext();
kileDecoder.clientContext.Password = password;
kileDecoder.clientContext.TransportType = connectionType;
kileDecoder.clientContext.Salt = salt;
kileDecoder.serverContext = new KileServerContext();
kileDecoder.serverContext.TransportType = connectionType;
kileDecoder.serverContext.Salt = salt;
kileDecoder.serverContextList = new Dictionary <KileConnection, KileServerContext>(new KileServerContextComparer());
kileDecoder.serverContextList.Add(new KileConnection(FAKE_ENDPOINT), kileDecoder.serverContext);
}
public void Start(ushort localPort, KileConnectionType transportType, KileIpType ipType, int transportSize)
{
SocketTransportConfig transportConfig = new SocketTransportConfig();
transportConfig.Role = Role.Server;
transportConfig.MaxConnections = ConstValue.MAX_CONNECTIONS;
transportConfig.BufferSize = transportSize;
if (ipType == KileIpType.Ipv4)
{
transportConfig.LocalIpAddress = IPAddress.Any;
}
else
{
transportConfig.LocalIpAddress = IPAddress.IPv6Any;
}
transportConfig.LocalIpPort = localPort;
if (transportType == KileConnectionType.TCP)
{
transportConfig.Type = StackTransportType.Tcp;
}
else if (transportType == KileConnectionType.UDP)
{
transportConfig.Type = StackTransportType.Udp;
}
else
{
throw new ArgumentException("ConnectionType can only be TCP or UDP.");
}
decoder = new KileDecoder(contextList, transportType);
transport = new TransportStack(transportConfig, decoder.DecodePacketCallback);
transport.Start();
}
public void Start(ushort localPort, KileConnectionType transportType)
{
Start(localPort, transportType, KileIpType.Ipv6, transportBufferSize);
}
public void Start(ushort localPort, KileConnectionType transportType)
{
Start(localPort, transportType, KileIpType.Ipv6, transportBufferSize);
}
