internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry)
{
entry = null;
try
{
var set = ClaimSetMetadataParser.Decode(new NdrPickledType(data));
if (!set.HasValue || set.Value.ClaimsSet == null || set.Value.usCompressionFormat != 0)
{
return(false);
}
var claims = ClaimSetParser.Decode(new NdrPickledType(set.Value.ClaimsSet));
if (!claims.HasValue || claims.Value.ClaimsArrays == null)
{
return(false);
}
List <KerberosClaimsArray> claims_array = new List <KerberosClaimsArray>();
foreach (var claim in claims.Value.ClaimsArrays.GetValue())
{
KerberosClaimsSource source = (KerberosClaimsSource)claim.usClaimsSourceType.Value;
claims_array.Add(new KerberosClaimsArray(source, claim.ClaimEntries.GetValue().Select(ConvertToClaim)));
}
entry = new KerberosAuthorizationDataPACClaimSet(type, data, claims_array.AsReadOnly());
return(true);
}
catch
{
return(false);
}
}
internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry)
{
entry = null;
if (data.Length < 12)
{
return(false);
}
int upn_length = BitConverter.ToUInt16(data, 0);
int upn_offset = BitConverter.ToUInt16(data, 2);
int dns_length = BitConverter.ToUInt16(data, 4);
int dns_offset = BitConverter.ToUInt16(data, 6);
KerberosUpnDnsInfoFlags flags = (KerberosUpnDnsInfoFlags)BitConverter.ToInt32(data, 8);
if (upn_length + upn_offset > data.Length || dns_length + dns_offset > data.Length)
{
return(false);
}
string upn = Encoding.Unicode.GetString(data, upn_offset, upn_length);
string dns = Encoding.Unicode.GetString(data, dns_offset, dns_length);
entry = new KerberosAuthorizationDataPACUpnDnsInfo(type, data, flags, upn, dns);
return(true);
}
private KerberosAuthorizationDataPACSignature(KerberosAuthorizationDataPACEntryType type, byte[] data, KerberosChecksumType sig_type,
byte[] signature, int?rodc_id)
: base(type, data)
{
SignatureType = sig_type;
Signature = signature;
RODCIdentifier = rodc_id;
}
private KerberosAuthorizationDataPACUpnDnsInfo(KerberosAuthorizationDataPACEntryType type, byte[] data,
KerberosUpnDnsInfoFlags flags, string upn, string dns)
: base(type, data)
{
Flags = flags;
UserPrincipalName = upn;
DnsDomainName = dns;
}
internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry)
{
entry = null;
try {
var info = KerbValidationInfoParser.Decode(new NdrPickledType(data));
if (!info.HasValue)
{
return(false);
}
entry = new KerberosAuthorizationDataPACLogon(type, data, info.Value);
return(true);
} catch {
return(false);
}
}
internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry)
{
entry = null;
if (data.Length < 10)
{
return(false);
}
long client_id = BitConverter.ToInt64(data, 0);
int name_length = BitConverter.ToUInt16(data, 8);
if (name_length + 10 > data.Length)
{
return(false);
}
string name = Encoding.Unicode.GetString(data, 10, name_length);
entry = new KerberosAuthorizationDataPACClientInfo(type, data, client_id, name);
return(true);
}
internal static bool Parse(KerberosAuthorizationDataPACEntryType type, byte[] data, out KerberosAuthorizationDataPACEntry entry)
{
entry = null;
if (data.Length < 4)
{
return(false);
}
int signature_length = 0;
KerberosChecksumType signature_type = (KerberosChecksumType)BitConverter.ToInt32(data, 0);
switch (signature_type)
{
case KerberosChecksumType.HMAC_MD5:
signature_length = 16;
break;
case KerberosChecksumType.HMAC_SHA1_96_AES_128:
case KerberosChecksumType.HMAC_SHA1_96_AES_256:
signature_length = 12;
break;
default:
signature_length = data.Length - 4;
break;
}
byte[] signature = new byte[signature_length];
Buffer.BlockCopy(data, 4, signature, 0, signature_length);
int?rodc_id = null;
int total_size = 4 + signature_length;
if (data.Length - total_size >= 2)
{
rodc_id = BitConverter.ToUInt16(data, total_size);
}
entry = new KerberosAuthorizationDataPACSignature(type, data, signature_type, signature, rodc_id);
return(true);
}
internal KerberosAuthorizationDataPACEntry(KerberosAuthorizationDataPACEntryType type, byte[] data)
{
PACType = type;
Data = data;
}
private KerberosAuthorizationDataPACClaimSet(KerberosAuthorizationDataPACEntryType type, byte[] data, IReadOnlyList <KerberosClaimsArray> claims_array)
: base(type, data)
{
ClaimsArray = claims_array;
}
internal static bool Parse(byte[] data, out KerberosAuthorizationDataPAC auth_data)
{
auth_data = null;
if (data.Length < 8)
{
return(false);
}
BinaryReader reader = new BinaryReader(new MemoryStream(data));
long count = reader.ReadInt32();
int version = reader.ReadInt32();
if (version != 0)
{
return(false);
}
if (reader.RemainingLength() < count * 16)
{
return(false);
}
List <KerberosAuthorizationDataPACEntry> entries = new List <KerberosAuthorizationDataPACEntry>();
for (long i = 0; i < count; ++i)
{
int type = reader.ReadInt32();
int length = reader.ReadInt32();
long offset = reader.ReadInt64();
if (offset >= data.LongLength || (offset + length) > data.LongLength)
{
return(false);
}
byte[] entry_data = new byte[length];
Buffer.BlockCopy(data, (int)offset, entry_data, 0, length);
KerberosAuthorizationDataPACEntryType entry_type = (KerberosAuthorizationDataPACEntryType)type;
KerberosAuthorizationDataPACEntry pac_entry = null;
switch (entry_type)
{
case KerberosAuthorizationDataPACEntryType.UserClaims:
case KerberosAuthorizationDataPACEntryType.DeviceClaims:
if (!KerberosAuthorizationDataPACClaimSet.Parse(entry_type, entry_data, out pac_entry))
{
pac_entry = null;
}
break;
case KerberosAuthorizationDataPACEntryType.KDCChecksum:
case KerberosAuthorizationDataPACEntryType.ServerChecksum:
if (!KerberosAuthorizationDataPACSignature.Parse(entry_type, entry_data, out pac_entry))
{
pac_entry = null;
}
break;
case KerberosAuthorizationDataPACEntryType.ClientInfo:
if (!KerberosAuthorizationDataPACClientInfo.Parse(entry_type, entry_data, out pac_entry))
{
pac_entry = null;
}
break;
case KerberosAuthorizationDataPACEntryType.UserPrincipalName:
if (!KerberosAuthorizationDataPACUpnDnsInfo.Parse(entry_type, entry_data, out pac_entry))
{
pac_entry = null;
}
break;
}
if (pac_entry == null)
{
pac_entry = new KerberosAuthorizationDataPACEntry(entry_type, entry_data);
}
entries.Add(pac_entry);
}
auth_data = new KerberosAuthorizationDataPAC(data, entries.AsReadOnly());
return(true);
}
internal KerberosAuthorizationDataPACLogon(KerberosAuthorizationDataPACEntryType type,
byte[] data, KERB_VALIDATION_INFO logon_info) : base(type, data)
{
LogonTime = logon_info.LogonTime.ToTime();
LogoffTime = logon_info.LogoffTime.ToTime();
KickOffTime = logon_info.KickOffTime.ToTime();
PasswordLastSet = logon_info.PasswordLastSet.ToTime();
PasswordCanChange = logon_info.PasswordCanChange.ToTime();
PasswordMustChange = logon_info.PasswordMustChange.ToTime();
EffectiveName = logon_info.EffectiveName.ToString();
FullName = logon_info.FullName.ToString();
LogonScript = logon_info.LogonScript.ToString();
ProfilePath = logon_info.ProfilePath.ToString();
HomeDirectory = logon_info.HomeDirectory.ToString();
HomeDirectoryDrive = logon_info.HomeDirectoryDrive.ToString();
LogonCount = logon_info.LogonCount;
BadPasswordCount = logon_info.BadPasswordCount;
LogonDomainSid = logon_info.LogonDomainId.GetValue().ToSid();
LogonDomainName = logon_info.LogonDomainName.ToString();
User = LogonDomainSid.CreateRelative((uint)logon_info.UserId);
PrimaryGroup = LogonDomainSid.CreateRelative((uint)logon_info.PrimaryGroupId);
if (logon_info.GroupIds != null)
{
Groups = logon_info.GroupIds.GetValue().Select(r => new UserGroup(LogonDomainSid.CreateRelative((uint)r.RelativeId), (GroupAttributes)r.Attributes)).ToList().AsReadOnly();
}
else
{
Groups = new UserGroup[0];
}
UserFlags = (KerberosUserFlags)logon_info.UserFlags;
List <sbyte> session_key = new List <sbyte>();
if (logon_info.UserSessionKey.data != null)
{
foreach (var key in logon_info.UserSessionKey.data)
{
if (key.data != null)
{
session_key.AddRange(key.data);
}
}
}
UserSessionKey = (byte[])(object)session_key.ToArray();
LogonServer = logon_info.LogonServer.ToString();
LogonDomainName = logon_info.LogonDomainName.ToString();
if (logon_info.ExtraSids != null)
{
ExtraSids = logon_info.ExtraSids.GetValue().Select(r => new UserGroup(r.Sid.GetValue().ToSid(), (GroupAttributes)r.Attributes)).ToList().AsReadOnly();
}
else
{
ExtraSids = new UserGroup[0];
}
UserAccountControl = (UserAccountControlFlags)logon_info.UserAccountControl;
if (logon_info.ResourceGroupDomainSid != null)
{
ResourceGroupDomainSid = logon_info.ResourceGroupDomainSid.GetValue().ToSid();
}
if (logon_info.ResourceGroupIds != null)
{
ResourceGroups = logon_info.ResourceGroupIds.GetValue().Select(r => new UserGroup(LogonDomainSid.CreateRelative((uint)r.RelativeId), (GroupAttributes)r.Attributes)).ToList().AsReadOnly();
}
else
{
ResourceGroups = new UserGroup[0];
}
}
private KerberosAuthorizationDataPACClientInfo(KerberosAuthorizationDataPACEntryType type, byte[] data, long client_id, string name)
: base(type, data)
{
ClientId = client_id;
Name = name;
}
