Exemple #1
0
        internal static byte[] CreateGssApiWrapper(byte[] inner_token, string oid, ushort token_id)
        {
            var builder = new DERBuilder();

            using (var app = builder.CreateApplication(0))
            {
                app.WriteObjectId(oid);
                byte[] ba = BitConverter.GetBytes(token_id);
                Array.Reverse(ba);
                app.WriteRawBytes(ba);
                app.WriteRawBytes(inner_token);
            }
            return(builder.ToArray());
        }
Exemple #2
0
        /// <summary>
        /// Create a new KRB-ERROR authentication token.
        /// </summary>
        /// <param name="client_time">Optional client time.</param>
        /// <param name="server_time">Server time.</param>
        /// <param name="error_code">Error code.</param>
        /// <param name="client_realm">Optional client realm.</param>
        /// <param name="client_name">Optional client name.</param>
        /// <param name="server_realm">Server realm</param>
        /// <param name="server_name">Server name.</param>
        /// <param name="error_text">Optional error text.</param>
        /// <param name="error_data">Optional error data.</param>
        /// <returns>The KRB-ERROR authentication token.</returns>
        public static KerberosErrorAuthenticationToken Create(DateTime server_time, KerberosErrorType error_code,
                                                              string server_realm, KerberosPrincipalName server_name, DateTime?client_time = null, string client_realm = null,
                                                              KerberosPrincipalName client_name = null, string error_text = null, byte[] error_data = null)
        {
            if (server_realm is null)
            {
                throw new ArgumentNullException(nameof(server_realm));
            }

            if (server_name is null)
            {
                throw new ArgumentNullException(nameof(server_name));
            }

            DERBuilder builder = new DERBuilder();

            using (var app = builder.CreateApplication(30))
            {
                using (var seq = app.CreateSequence())
                {
                    seq.WriteKerberosHeader(KerberosMessageType.KRB_ERROR);
                    if (client_time.HasValue)
                    {
                        seq.WriteKerberosTime(2, client_time.Value);
                    }
                    seq.WriteKerberosTime(4, server_time);
                    seq.WriteContextSpecific(6, b => b.WriteInt32((int)error_code));
                    if (client_realm != null)
                    {
                        seq.WriteContextSpecific(7, b => b.WriteGeneralString(client_realm));
                    }
                    if (client_name != null)
                    {
                        seq.WriteContextSpecific(8, b => b.WritePrincipalName(client_name));
                    }
                    seq.WriteContextSpecific(9, b => b.WriteGeneralString(server_realm));
                    seq.WriteContextSpecific(10, b => b.WritePrincipalName(server_name));
                    if (error_text != null)
                    {
                        seq.WriteContextSpecific(11, b => b.WriteGeneralString(error_text));
                    }
                    if (error_data != null)
                    {
                        seq.WriteContextSpecific(12, b => b.WriteOctetString(error_data));
                    }
                }
            }
            return((KerberosErrorAuthenticationToken)Parse(builder.CreateGssApiWrapper(OIDValues.KERBEROS, 0x300)));
        }