public ClaimsSetMetadata(byte[] data)
{
var pacStream = new NdrBinaryReader(data);
Header = new RpcHeader(pacStream);
ClaimSetSize = pacStream.ReadInt();
pacStream.Seek(4);
CompressionFormat = (CompressionFormat)pacStream.ReadInt();
UncompressedClaimSetSize = pacStream.ReadInt();
ReservedType = pacStream.ReadShort();
ReservedFieldSize = pacStream.ReadInt();
pacStream.Align(8);
var size = pacStream.ReadInt();
if (size != ClaimSetSize)
{
throw new InvalidDataException($"Data length {size} doesn't match expected ClaimSetSize {ClaimSetSize}");
}
var claimSet = pacStream.Read(ClaimSetSize);
if (CompressionFormat != CompressionFormat.COMPRESSION_FORMAT_NONE)
{
claimSet = Compressions.Decompress(claimSet, UncompressedClaimSetSize, CompressionFormat);
}
ClaimsSet = new ClaimsSet(claimSet);
ReservedField = pacStream.Read(ReservedFieldSize);
}
public PacClientInfo(byte[] data)
{
var pacStream = new NdrBinaryReader(data);
ClientId = pacStream.ReadFiletime();
NameLength = pacStream.ReadShort();
Name = Encoding.Unicode.GetString(pacStream.Read(NameLength));
}
public UpnDomainInfo(byte[] data)
{
var pacStream = new NdrBinaryReader(data);
UpnLength = pacStream.ReadShort();
UpnOffset = pacStream.ReadShort();
DnsDomainNameLength = pacStream.ReadShort();
DnsDomainNameOffset = pacStream.ReadShort();
Flags = (UpnDomainFlags)pacStream.ReadInt();
pacStream.Align(8);
Upn = Encoding.Unicode.GetString(pacStream.Read(UpnLength));
pacStream.Align(8);
Domain = Encoding.Unicode.GetString(pacStream.Read(DnsDomainNameLength));
}
public PrivilegedAttributeCertificate(byte[] pacData)
{
var pacStream = new NdrBinaryReader(pacData);
var count = pacStream.ReadInt();
var version = pacStream.ReadInt();
if (version != PAC_VERSION)
{
throw new InvalidDataException($"Unknown PAC Version {version}");
}
var errors = new List <PacDecodeError>();
for (var i = 0; i < count; i++)
{
var type = (PacType)pacStream.ReadInt();
var size = pacStream.ReadInt();
var offset = pacStream.ReadLong();
var data = new byte[size];
Buffer.BlockCopy(pacData, (int)offset, data, 0, size);
try
{
ParsePacType(type, data);
}
catch (Exception ex)
{
errors.Add(new PacDecodeError()
{
Type = type,
Data = data,
Exception = ex
});
}
}
DecodingErrors = errors;
}
public PacSignature(byte[] data)
{
var pacStream = new NdrBinaryReader(data);
Type = (SignatureType)pacStream.ReadUnsignedInt();
switch (Type)
{
case SignatureType.KERB_CHECKSUM_HMAC_MD5:
Signature = pacStream.Read(16);
break;
case SignatureType.HMAC_SHA1_96_AES128:
case SignatureType.HMAC_SHA1_96_AES256:
Signature = pacStream.Read(12);
break;
}
if (pacStream.Position < pacStream.Length)
{
RODCIdentifier = pacStream.ReadShort();
}
}
protected NdrObject(NdrBinaryReader stream)
{
Stream = stream;
}
protected NdrObject(byte[] data)
{
Stream = new NdrBinaryReader(data);
}
