public static byte[] GetAuthenticationPacket(TacacsAuthenticationType type, TacacsAuthenticationService service,
string user, SecureString password,
SecureString sharedSecret)
{
byte[] intBuf = { 0x00, 0x00, 0x00, 0x00 };
Rng.GetBytes(intBuf, 0, 4);
var sessionId = BitConverter.ToInt32(intBuf, 0);
var header = new TacacsHeader
{
Version = TacacsHeaderExtensions.VersionOne,
Type = TacacsType.Authentication,
SequenceNumber = 0x01,
Flags = TacacsFlags.Encrypted,
SessionId = sessionId,
Length = 0
};
byte[] authenticationData;
switch (type)
{
case TacacsAuthenticationType.Ascii:
throw new NotSupportedException("ASCII authentication method not supported");
case TacacsAuthenticationType.Pap:
throw new NotSupportedException("PAP authentication method not supported");
case TacacsAuthenticationType.Arap:
throw new NotSupportedException("ARAP authentication method not supported");
case TacacsAuthenticationType.MsChap:
throw new NotSupportedException("MS-CHAP authentication method not supported");
case TacacsAuthenticationType.Chap:
authenticationData = Chap.GetAuthenticationData(service, user, password);
break;
case TacacsAuthenticationType.MsChapV2:
authenticationData = MsChapV2.GetAuthenticationData(service, user, password);
break;
default:
throw new ArgumentOutOfRangeException(nameof(type), type, null);
}
return(CreatePacket(header, authenticationData, sharedSecret));
}
