public KDC_REQ_BODY(
KDCOptions param0,
PrincipalName param1,
Realm param2,
PrincipalName param3,
KerberosTime param4,
KerberosTime param5,
KerberosTime param6,
KerbUInt32 param7,
Asn1SequenceOf<KerbInt32> param8,
HostAddresses param9,
EncryptedData param10,
Asn1SequenceOf<Ticket> param11)
{
this.kdc_options = param0;
this.cname = param1;
this.realm = param2;
this.sname = param3;
this.from = param4;
this.till = param5;
this.rtime = param6;
this.nonce = param7;
this.etype = param8;
this.addresses = param9;
this.enc_authorization_data = param10;
this.additional_tickets = param11;
}
public KerberosArmoredRequest(IFastArmor fastArmor, Checksum checkSum, EncryptedData encFastReq)
{
FastArmor = fastArmor;
CheckSum = checkSum;
ArmorKey = null;
EType = (long) encFastReq.etype.Value;
EncFastReq = encFastReq;
}
public AP_REP(
Asn1Integer param0,
Asn1Integer param1,
EncryptedData param2)
{
this.pvno = param0;
this.msg_type = param1;
this.enc_part = param2;
}
public KrbFastArmoredReq(
KrbFastArmor param0,
Checksum param1,
EncryptedData param2)
{
this.armor = param0;
this.req_checksum = param1;
this.enc_fast_req = param2;
}
public Ticket(
Asn1Integer param0,
Realm param1,
PrincipalName param2,
EncryptedData param3)
{
this.tkt_vno = param0;
this.realm = param1;
this.sname = param2;
this.enc_part = param3;
}
public KRB_CRED(
Asn1Integer param0,
Asn1Integer param1,
Asn1SequenceOf<Ticket> param2,
EncryptedData param3)
{
this.pvno = param0;
this.msg_type = param1;
this.tickets = param2;
this.enc_part = param3;
}
public AP_REQ(
Asn1Integer param0,
Asn1Integer param1,
APOptions param2,
Ticket param3,
EncryptedData param4)
{
this.pvno = param0;
this.msg_type = param1;
this.ap_options = param2;
this.ticket = param3;
this.authenticator = param4;
}
/// <summary>
/// Create an instance.
/// </summary>
public KpasswordRequest(KerberosTicket ticket, Authenticator authenticator, string newPwd, bool isAuthErrorRequired = false)
{
//Create KerberosApRequest
long pvno = KerberosConstValue.KERBEROSV5;
APOptions option = new APOptions(KerberosUtility.ConvertInt2Flags((int)ApOptions.None));
KerberosApRequest ap_req = new KerberosApRequest(pvno, option, ticket, authenticator, KeyUsageNumber.AP_REQ_Authenticator);
//Create KRB_PRIV
ChangePasswdData pwd_data = new ChangePasswdData(new Asn1OctetString(newPwd), null, null);
priv_enc_part = new EncKrbPrivPart();
priv_enc_part.user_data = pwd_data.newpasswd;
priv_enc_part.usec = authenticator.cusec;
priv_enc_part.seq_number = authenticator.seq_number;
priv_enc_part.s_address = new HostAddress(new KerbInt32((int)AddressType.NetBios), new Asn1OctetString(Encoding.ASCII.GetBytes(System.Net.Dns.GetHostName())));
Asn1BerEncodingBuffer asnBuffPriv = new Asn1BerEncodingBuffer();
priv_enc_part.BerEncode(asnBuffPriv, true);
byte[] encAsnEncodedPriv = null;
if (!isAuthErrorRequired)
{
encAsnEncodedPriv = KerberosUtility.Encrypt((EncryptionType)authenticator.subkey.keytype.Value,
authenticator.subkey.keyvalue.ByteArrayValue,
asnBuffPriv.Data,
(int)KeyUsageNumber.KRB_PRIV_EncPart);
}
else
{
encAsnEncodedPriv = KerberosUtility.Encrypt((EncryptionType)authenticator.subkey.keytype.Value,
authenticator.subkey.keyvalue.ByteArrayValue,
asnBuffPriv.Data,
(int)KeyUsageNumber.None);
}
var encrypted = new EncryptedData();
encrypted.etype = new KerbInt32(authenticator.subkey.keytype.Value);
encrypted.cipher = new Asn1OctetString(encAsnEncodedPriv);
KRB_PRIV krb_priv = new KRB_PRIV(new Asn1Integer(pvno), new Asn1Integer((long)MsgType.KRB_PRIV), encrypted);
//Calculate the msg_length and ap_req_length
krb_priv.BerEncode(privBuffer, true);
ap_req.Request.BerEncode(apBuffer, true);
version = 0x0001;
ap_req_length = (ushort)apBuffer.Data.Length;
msg_length = (ushort)(ap_req_length + privBuffer.Data.Length + 3 * sizeof(ushort));
//Convert Endian
version = KerberosUtility.ConvertEndian(version);
ap_req_length = KerberosUtility.ConvertEndian(ap_req_length);
msg_length = KerberosUtility.ConvertEndian(msg_length);
}
public AS_REP(
Asn1Integer param0,
Asn1Integer param1,
Asn1SequenceOf<PA_DATA> param2,
Realm param3,
PrincipalName param4,
Ticket param5,
EncryptedData param6)
{
this.pvno = param0;
this.msg_type = param1;
this.padata = param2;
this.crealm = param3;
this.cname = param4;
this.ticket = param5;
this.enc_part = param6;
}
/// <summary>
/// Create an instance.
/// </summary>
public KerberosApRequest(long pvno, APOptions ap_options, KerberosTicket ticket, Authenticator authenticator, KeyUsageNumber keyUsageNumber)
{
Asn1BerEncodingBuffer asnBuffPlainAuthenticator = new Asn1BerEncodingBuffer();
authenticator.BerEncode(asnBuffPlainAuthenticator, true);
KerberosUtility.OnDumpMessage("KRB5:Authenticator",
"Authenticator in AP-REQ structure",
KerberosUtility.DumpLevel.PartialMessage,
asnBuffPlainAuthenticator.Data);
byte[] encAsnEncodedAuth = KerberosUtility.Encrypt((EncryptionType)ticket.SessionKey.keytype.Value,
ticket.SessionKey.keyvalue.ByteArrayValue,
asnBuffPlainAuthenticator.Data,
(int)keyUsageNumber);
var encrypted = new EncryptedData();
encrypted.etype = new KerbInt32(ticket.SessionKey.keytype.Value);
encrypted.cipher = new Asn1OctetString(encAsnEncodedAuth);
long msg_type = (long)MsgType.KRB_AP_REQ;
Request = new AP_REQ(new Asn1Integer(pvno), new Asn1Integer(msg_type), ap_options, ticket.Ticket, encrypted);
Authenticator = authenticator;
}
public KerberosArmoredResponse(EncryptedData encFastRep)
{
EType = (long)encFastRep.etype.Value;
ArmorKey = null;
EncFastRep = encFastRep;
}
private KDC_REQ_BODY CreateKdcRequestBody(
KdcOptions kdcOptions,
PrincipalName sName,
AuthorizationData data = null
)
{
KDC_REQ_BODY kdcReqBody = CreateKdcRequestBody(kdcOptions, sName);
if (data == null)
return kdcReqBody;
Asn1BerEncodingBuffer asnBuffer = new Asn1BerEncodingBuffer();
// Fix me: NullReferenceException if data is null.
if (data != null) data.BerEncode(asnBuffer, true);
EncryptedData eData = new EncryptedData();
eData.etype = new KerbInt32(0);
byte[] encAsnEncoded = asnBuffer.Data;
if (Context.SessionKey != null && Context.SessionKey.keytype != null
&& Context.SessionKey.keyvalue != null && Context.SessionKey.keyvalue.Value != null)
{
encAsnEncoded = KerberosUtility.Encrypt((EncryptionType)Context.SessionKey.keytype.Value,
Context.SessionKey.keyvalue.ByteArrayValue,
asnBuffer.Data,
(int)KeyUsageNumber.TGS_REQ_KDC_REQ_BODY_AuthorizationData);
eData.etype = new KerbInt32(Context.SessionKey.keytype.Value);
}
eData.cipher = new Asn1OctetString(encAsnEncoded);
kdcReqBody.enc_authorization_data = eData;
return kdcReqBody;
}
public KrbFastArmoredRep(
EncryptedData param0)
{
this.enc_fast_rep = param0;
}
public KerberosArmoredResponse(EncryptedData encFastRep)
{
EType = (long)encFastRep.etype.Value;
ArmorKey = null;
EncFastRep = encFastRep;
}