internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry)
{
entry = null;
try
{
var set = ClaimSetMetadataParser.Decode(new NdrPickledType(data));
if (!set.HasValue || set.Value.ClaimsSet == null || set.Value.usCompressionFormat != 0)
{
return(false);
}
var claims = ClaimSetParser.Decode(new NdrPickledType(set.Value.ClaimsSet));
if (!claims.HasValue || claims.Value.ClaimsArrays == null)
{
return(false);
}
List <KerberosClaimsArray> claims_array = new List <KerberosClaimsArray>();
foreach (var claim in claims.Value.ClaimsArrays.GetValue())
{
KerberosClaimsSource source = (KerberosClaimsSource)claim.usClaimsSourceType.Value;
claims_array.Add(new KerberosClaimsArray(source, claim.ClaimEntries.GetValue().Select(ConvertToClaim)));
}
entry = new KerberosAuthorizationDataPACClaimSet(type, data, claims_array.AsReadOnly());
return(true);
}
catch
{
return(false);
}
}
internal static bool Parse(byte[] data, out KerberosAuthorizationDataPAC auth_data)
{
auth_data = null;
if (data.Length < 8)
{
return(false);
}
BinaryReader reader = new BinaryReader(new MemoryStream(data));
long count = reader.ReadInt32();
int version = reader.ReadInt32();
if (version != 0)
{
return(false);
}
if (reader.RemainingLength() < count * 16)
{
return(false);
}
List <KerberosAuthorizationDataPACEntry> entries = new List <KerberosAuthorizationDataPACEntry>();
for (long i = 0; i < count; ++i)
{
int type = reader.ReadInt32();
int length = reader.ReadInt32();
long offset = reader.ReadInt64();
if (offset >= data.LongLength || (offset + length) > data.LongLength)
{
return(false);
}
byte[] entry_data = new byte[length];
Buffer.BlockCopy(data, (int)offset, entry_data, 0, length);
KerberosAuthorizationDataPACEntryType entry_type = (KerberosAuthorizationDataPACEntryType)type;
KerberosAuthorizationDataPACEntry pac_entry = null;
switch (entry_type)
{
case KerberosAuthorizationDataPACEntryType.UserClaims:
case KerberosAuthorizationDataPACEntryType.DeviceClaims:
if (!KerberosAuthorizationDataPACClaimSet.Parse(entry_type, entry_data, out pac_entry))
{
pac_entry = null;
}
break;
case KerberosAuthorizationDataPACEntryType.KDCChecksum:
case KerberosAuthorizationDataPACEntryType.ServerChecksum:
if (!KerberosAuthorizationDataPACSignature.Parse(entry_type, entry_data, out pac_entry))
{
pac_entry = null;
}
break;
case KerberosAuthorizationDataPACEntryType.ClientInfo:
if (!KerberosAuthorizationDataPACClientInfo.Parse(entry_type, entry_data, out pac_entry))
{
pac_entry = null;
}
break;
case KerberosAuthorizationDataPACEntryType.UserPrincipalName:
if (!KerberosAuthorizationDataPACUpnDnsInfo.Parse(entry_type, entry_data, out pac_entry))
{
pac_entry = null;
}
break;
}
if (pac_entry == null)
{
pac_entry = new KerberosAuthorizationDataPACEntry(entry_type, entry_data);
}
entries.Add(pac_entry);
}
auth_data = new KerberosAuthorizationDataPAC(data, entries.AsReadOnly());
return(true);
}
