Example #1
0
 internal static void WritePrincipalName(this DERBuilder builder, KerberosPrincipalName name)
 {
     using (var seq = builder.CreateSequence())
     {
         seq.WriteContextSpecific(0, b => b.WriteInt32((int)name.NameType));
         seq.WriteContextSpecific(1, b => b.WriteSequence(name.Names,
                                                          (s, v) => s.WriteGeneralString(v)));
     }
 }
Example #2
0
        internal static byte[] CreateGssApiWrapper(byte[] inner_token, string oid, ushort token_id)
        {
            var builder = new DERBuilder();

            using (var app = builder.CreateApplication(0))
            {
                app.WriteObjectId(oid);
                byte[] ba = BitConverter.GetBytes(token_id);
                Array.Reverse(ba);
                app.WriteRawBytes(ba);
                app.WriteRawBytes(inner_token);
            }
            return(builder.ToArray());
        }
Example #3
0
        /// <summary>
        /// Create a new KRB-ERROR authentication token.
        /// </summary>
        /// <param name="client_time">Optional client time.</param>
        /// <param name="server_time">Server time.</param>
        /// <param name="error_code">Error code.</param>
        /// <param name="client_realm">Optional client realm.</param>
        /// <param name="client_name">Optional client name.</param>
        /// <param name="server_realm">Server realm</param>
        /// <param name="server_name">Server name.</param>
        /// <param name="error_text">Optional error text.</param>
        /// <param name="error_data">Optional error data.</param>
        /// <returns>The KRB-ERROR authentication token.</returns>
        public static KerberosErrorAuthenticationToken Create(DateTime server_time, KerberosErrorType error_code,
                                                              string server_realm, KerberosPrincipalName server_name, DateTime?client_time = null, string client_realm = null,
                                                              KerberosPrincipalName client_name = null, string error_text = null, byte[] error_data = null)
        {
            if (server_realm is null)
            {
                throw new ArgumentNullException(nameof(server_realm));
            }

            if (server_name is null)
            {
                throw new ArgumentNullException(nameof(server_name));
            }

            DERBuilder builder = new DERBuilder();

            using (var app = builder.CreateApplication(30))
            {
                using (var seq = app.CreateSequence())
                {
                    seq.WriteKerberosHeader(KerberosMessageType.KRB_ERROR);
                    if (client_time.HasValue)
                    {
                        seq.WriteKerberosTime(2, client_time.Value);
                    }
                    seq.WriteKerberosTime(4, server_time);
                    seq.WriteContextSpecific(6, b => b.WriteInt32((int)error_code));
                    if (client_realm != null)
                    {
                        seq.WriteContextSpecific(7, b => b.WriteGeneralString(client_realm));
                    }
                    if (client_name != null)
                    {
                        seq.WriteContextSpecific(8, b => b.WritePrincipalName(client_name));
                    }
                    seq.WriteContextSpecific(9, b => b.WriteGeneralString(server_realm));
                    seq.WriteContextSpecific(10, b => b.WritePrincipalName(server_name));
                    if (error_text != null)
                    {
                        seq.WriteContextSpecific(11, b => b.WriteGeneralString(error_text));
                    }
                    if (error_data != null)
                    {
                        seq.WriteContextSpecific(12, b => b.WriteOctetString(error_data));
                    }
                }
            }
            return((KerberosErrorAuthenticationToken)Parse(builder.CreateGssApiWrapper(OIDValues.KERBEROS, 0x300)));
        }
Example #4
0
        private static DERBuilder CreateBuilder(KerberosTicket ticket)
        {
            if (ticket is null)
            {
                throw new ArgumentNullException(nameof(ticket));
            }

            DERBuilder builder = new DERBuilder();

            using (var seq = builder.CreateSequence())
            {
                seq.WriteKerberosHeader(KerberosMessageType.KRB_TGT_REP);
                seq.WriteContextSpecific(2, ticket.TicketData);
            }
            return(builder);
        }
        private static DERBuilder CreateBuilder(string realm, KerberosPrincipalName server_name)
        {
            DERBuilder builder = new DERBuilder();

            using (var seq = builder.CreateSequence())
            {
                seq.WriteKerberosHeader(KerberosMessageType.KRB_TGT_REQ);
                if (server_name != null)
                {
                    seq.WriteContextSpecific(2, b => b.WritePrincipalName(server_name));
                }
                if (realm != null)
                {
                    seq.WriteContextSpecific(3, b => b.WriteGeneralString(realm));
                }
            }
            return(builder);
        }
Example #6
0
 internal static byte[] CreateGssApiWrapper(this DERBuilder inner_token, string oid, ushort token_id)
 {
     return(CreateGssApiWrapper(inner_token.ToArray(), oid, token_id));
 }
Example #7
0
 internal static void WriteKerberosTime(this DERBuilder builder, int context, DateTime time)
 {
     builder.WriteContextSpecific(context, b => b.WriteGeneralizedTime(time));
     builder.WriteContextSpecific(context + 1, b => b.WriteInt32(time.Millisecond * 1000));
 }
Example #8
0
 internal static void WriteKerberosHeader(this DERBuilder builder, KerberosMessageType msg_type)
 {
     builder.WriteContextSpecific(0, b => b.WriteInt32(5));
     builder.WriteContextSpecific(1, b => b.WriteInt32((int)msg_type));
 }