/// <summary>
/// Make keys for given encryption types.
/// </summary>
/// <param name="principal">Principal name</param>
/// <param name="realm">Realm</param>
/// <param name="password">Password</param>
/// <param name="salt">Salt</param>
/// <param name="type">Encryption type</param>
public void MakeKey(string principal, string realm, string password, string salt, EncryptionType type)
{
EncryptionKey key = KerberosUtility.MakeKey(type, password, salt);
var existingKey = QueryKey(principal, realm, type);
if (existingKey != null)
{
throw new Exception("Key already exist.");
}
KeytabItem item = new KeytabItem()
{
Principal = principal,
Realm = realm,
Kvno = 0, // Set to 0 for self generated keys.
KeyType = type,
Key = key
};
keytabItems.Add(item);
}
/// <summary>
/// Load keys from keytab file.
/// </summary>
/// <param name="filename">Filename</param>
public void LoadKeytab(string filename)
{
FileStream fs = new FileStream(filename, FileMode.Open, FileAccess.Read);
byte[] buf = new byte[fs.Length];
fs.Read(buf, 0, (int)fs.Length);
Keytab kt = Keytab.Decode(buf);
foreach (var entry in kt.entries)
{
string principal = entry.Components[0].ToString() +
(entry.NumComponents > 1 ? ("/" + entry.Components[1].ToString()) : "");
KeytabItem item = new KeytabItem()
{
Principal = principal,
Realm = entry.Realm.ToString(),
Kvno = entry.Kvno,
KeyType = (EncryptionType)entry.Key.type,
Key = new EncryptionKey(new KerbInt32((long)entry.Key.type), new Asn1OctetString(entry.Key.Data.Data))
};
keytabItems.Add(item);
// For Windows keytab compatibility
// Computer name is used instead of service principal name in Windows AD database.
// Add cifs SPN manually when encountering computer name.
if (principal.EndsWith("$"))
{
string cifsPrincipal = string.Format("cifs/{0}.{1}", principal.Remove(principal.Length - 1).ToLower(), entry.Realm.ToString().ToLower());
item = new KeytabItem()
{
Principal = cifsPrincipal,
Realm = entry.Realm.ToString(),
Kvno = entry.Kvno,
KeyType = (EncryptionType)entry.Key.type,
Key = new EncryptionKey(new KerbInt32((long)entry.Key.type), new Asn1OctetString(entry.Key.Data.Data))
};
keytabItems.Add(item);
}
}
fs.Close();
}
/// <summary>
/// Make keys for given encryption types.
/// </summary>
/// <param name="principal">Principal name</param>
/// <param name="realm">Realm</param>
/// <param name="password">Password</param>
/// <param name="salt">Salt</param>
/// <param name="type">Encryption type</param>
public void MakeKey(string principal, string realm, string password, string salt, EncryptionType type)
{
EncryptionKey key = KerberosUtility.MakeKey(type, password, salt);
var existingKey = QueryKey(principal, realm, type);
if (existingKey != null) throw new Exception("Key already exist.");
KeytabItem item = new KeytabItem()
{
Principal = principal,
Realm = realm,
Kvno = 0, // Set to 0 for self generated keys.
KeyType = type,
Key = key
};
keytabItems.Add(item);
}
/// <summary>
/// Load keys from keytab file.
/// </summary>
/// <param name="filename">Filename</param>
public void LoadKeytab(string filename)
{
FileStream fs = new FileStream(filename, FileMode.Open, FileAccess.Read);
byte[] buf = new byte[fs.Length];
fs.Read(buf, 0, (int)fs.Length);
Keytab kt = Keytab.Decode(buf);
foreach (var entry in kt.entries)
{
string principal = entry.Components[0].ToString() +
(entry.NumComponents > 1 ? ("/" + entry.Components[1].ToString()) : "");
KeytabItem item = new KeytabItem()
{
Principal = principal,
Realm = entry.Realm.ToString(),
Kvno = entry.Kvno,
KeyType = (EncryptionType)entry.Key.type,
Key = new EncryptionKey(new KerbInt32((long)entry.Key.type), new Asn1OctetString(entry.Key.Data.Data))
};
keytabItems.Add(item);
// For Windows keytab compatibility
// Computer name is used instead of service principal name in Windows AD database.
// Add cifs SPN manually when encountering computer name.
if (principal.EndsWith("$"))
{
string cifsPrincipal = string.Format("cifs/{0}.{1}", principal.Remove(principal.Length - 1).ToLower(), entry.Realm.ToString().ToLower());
item = new KeytabItem()
{
Principal = cifsPrincipal,
Realm = entry.Realm.ToString(),
Kvno = entry.Kvno,
KeyType = (EncryptionType)entry.Key.type,
Key = new EncryptionKey(new KerbInt32((long)entry.Key.type), new Asn1OctetString(entry.Key.Data.Data))
};
keytabItems.Add(item);
}
}
fs.Close();
}
