/// <summary>
/// Construct Kerberos PAC pass-through logon information
/// </summary>
/// <param name="parameterControl">
/// A set of bit flags that contain information pertaining to the logon validation processing.
/// </param>
/// <param name="domainName">domain name</param>
/// <param name="userName">user name</param>
/// <param name="serverName">NetBIOS name of server </param>
/// <param name="kerbVerifyPacRequest">KERB_VERIFY_PAC_REQUEST packet</param>
/// <returns>Kerberos PAC netlogon information structure </returns>
public static _NETLOGON_LEVEL CreatePacLogonInfo(
NrpcParameterControlFlags parameterControl,
string domainName,
string userName,
string serverName,
KERB_VERIFY_PAC_REQUEST kerbVerifyPacRequest)
{
_NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();
byte[] logonData = TypeMarshal.ToBytes <KERB_VERIFY_PAC_REQUEST>(kerbVerifyPacRequest);
//Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
//that contains information about the logon identity.
_NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
parameterControl,
domainName,
userName,
serverName);
netLogonLevel.LogonGeneric = new _NETLOGON_GENERIC_INFO[1];
netLogonLevel.LogonGeneric[0].Identity = identityInfo;
netLogonLevel.LogonGeneric[0].PackageName = DtypUtility.ToRpcUnicodeString(KERBEROS_PACKAGENAME);
netLogonLevel.LogonGeneric[0].LogonData = logonData;
netLogonLevel.LogonGeneric[0].DataLength = (uint)logonData.Length;
return(netLogonLevel);
}
/// <summary>
/// Construct KERB_VERIFY_PAC_REQUEST structure
/// </summary>
/// <param name="serverSignature">
/// PAC_SIGNATURE_DATA Signature value ([MS-PAC] section 2.8)
/// for the Server Signature ([MS-PAC] section 2.8.1)
/// </param>
/// <param name="kdcSignature">
/// PAC_SIGNATURE_DATA SignatureType value ([MS-PAC] section 2.8)
/// for the Key Distribution Center (KDC) Signature ([MS-PAC] section 2.8.1)
/// </param>
/// <returns>KERB_VERIFY_PAC_REQUEST structure</returns>
public static KERB_VERIFY_PAC_REQUEST CreateKerbVerifyPacRequest(
PAC_SIGNATURE_DATA serverSignature,
PAC_SIGNATURE_DATA kdcSignature)
{
KERB_VERIFY_PAC_REQUEST kerbVerifyPacRequest = new KERB_VERIFY_PAC_REQUEST();
// ChecksumAndSignature (variable): The PAC_SIGNATURE_DATA Signature value
// ([MS-PAC] section 2.8) for the Server Signature ([MS-PAC] section 2.8.1) in the PAC.
// It MUST be followed by the PAC_SIGNATURE_DATA Signature value ([MS-PAC] section 2.8)
// for the KDC Signature ([MS-PAC] section 2.8.1) in the PAC.
int checksumAndSignatureLength = serverSignature.Signature.Length + kdcSignature.Signature.Length;
byte[] checksumAndSignature = new byte[checksumAndSignatureLength];
checksumAndSignature = ArrayUtility.ConcatenateArrays <byte>(
serverSignature.Signature,
kdcSignature.Signature);
kerbVerifyPacRequest.MessageType = KERB_VERIFY_PAC_REQUEST_MessageType_Values.Default;
kerbVerifyPacRequest.SignatureType = (uint)kdcSignature.SignatureType;
kerbVerifyPacRequest.SignatureLength = (uint)kdcSignature.Signature.Length;
kerbVerifyPacRequest.ChecksumLength = (uint)serverSignature.Signature.Length;
kerbVerifyPacRequest.ChecksumAndSignature = checksumAndSignature;
return(kerbVerifyPacRequest);
}
/// <summary>
/// Construct Kerberos PAC pass-through logon information
/// </summary>
/// <param name="parameterControl">
/// A set of bit flags that contain information pertaining to the logon validation processing.
/// </param>
/// <param name="domainName">domain name</param>
/// <param name="userName">user name</param>
/// <param name="serverName">NetBIOS name of server </param>
/// <param name="kerbVerifyPacRequest">KERB_VERIFY_PAC_REQUEST packet</param>
/// <returns>Kerberos PAC netlogon information structure </returns>
public static _NETLOGON_LEVEL CreatePacLogonInfo(
NrpcParameterControlFlags parameterControl,
string domainName,
string userName,
string serverName,
KERB_VERIFY_PAC_REQUEST kerbVerifyPacRequest)
{
_NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();
byte[] logonData = TypeMarshal.ToBytes<KERB_VERIFY_PAC_REQUEST>(kerbVerifyPacRequest);
//Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
//that contains information about the logon identity.
_NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
parameterControl,
domainName,
userName,
serverName);
netLogonLevel.LogonGeneric = new _NETLOGON_GENERIC_INFO[1];
netLogonLevel.LogonGeneric[0].Identity = identityInfo;
netLogonLevel.LogonGeneric[0].PackageName = DtypUtility.ToRpcUnicodeString(KERBEROS_PACKAGENAME);
netLogonLevel.LogonGeneric[0].LogonData = logonData;
netLogonLevel.LogonGeneric[0].DataLength = (uint)logonData.Length;
return netLogonLevel;
}
/// <summary>
/// Construct KERB_VERIFY_PAC_REQUEST structure
/// </summary>
/// <param name="serverSignature">
/// PAC_SIGNATURE_DATA Signature value ([MS-PAC] section 2.8)
/// for the Server Signature ([MS-PAC] section 2.8.1)
/// </param>
/// <param name="kdcSignature">
/// PAC_SIGNATURE_DATA SignatureType value ([MS-PAC] section 2.8)
/// for the Key Distribution Center (KDC) Signature ([MS-PAC] section 2.8.1)
/// </param>
/// <returns>KERB_VERIFY_PAC_REQUEST structure</returns>
public static KERB_VERIFY_PAC_REQUEST CreateKerbVerifyPacRequest(
PAC_SIGNATURE_DATA serverSignature,
PAC_SIGNATURE_DATA kdcSignature)
{
KERB_VERIFY_PAC_REQUEST kerbVerifyPacRequest = new KERB_VERIFY_PAC_REQUEST();
// ChecksumAndSignature (variable): The PAC_SIGNATURE_DATA Signature value
// ([MS-PAC] section 2.8) for the Server Signature ([MS-PAC] section 2.8.1) in the PAC.
// It MUST be followed by the PAC_SIGNATURE_DATA Signature value ([MS-PAC] section 2.8)
// for the KDC Signature ([MS-PAC] section 2.8.1) in the PAC.
int checksumAndSignatureLength = serverSignature.Signature.Length + kdcSignature.Signature.Length;
byte[] checksumAndSignature = new byte[checksumAndSignatureLength];
checksumAndSignature = ArrayUtility.ConcatenateArrays<byte>(
serverSignature.Signature,
kdcSignature.Signature);
kerbVerifyPacRequest.MessageType = KERB_VERIFY_PAC_REQUEST_MessageType_Values.Default;
kerbVerifyPacRequest.SignatureType = (uint)kdcSignature.SignatureType;
kerbVerifyPacRequest.SignatureLength = (uint)kdcSignature.Signature.Length;
kerbVerifyPacRequest.ChecksumLength = (uint)serverSignature.Signature.Length;
kerbVerifyPacRequest.ChecksumAndSignature = checksumAndSignature;
return kerbVerifyPacRequest;
}
