public void TestChallengeHash()
        {
            var expected = new byte[] { 0xD0, 0x2E, 0x43, 0x86, 0xBC, 0xE9, 0x12, 0x26 };
            var actual   =
                MsChapV2.GetChallengeHash(_authenticatorChallenge, _peerChallenge, "User".GetUserBuffer());

            Assert.Equal(expected, actual);
        }
        public void TestPasswordHash()
        {
            var expected = new byte[]
            { 0x44, 0xEB, 0xBA, 0x8D, 0x53, 0x12, 0xB8, 0xD6, 0x11, 0x47, 0x44, 0x11, 0xF5, 0x69, 0x89, 0xAE };
            var actual = MsChapV2.GetNtPasswordHash("clientPass".ToSecureString());

            Assert.Equal(expected, actual);
        }
        public void TestPassword()
        {
            var expected = new byte[]
            {
                0x63, 0x00, 0x6C, 0x00, 0x69, 0x00, 0x65, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x50, 0x00, 0x61, 0x00, 0x73,
                0x00, 0x73, 0x00
            };
            var actual = MsChapV2.GetPasswordBuffer("clientPass".ToSecureString());

            Assert.Equal(expected, actual);
        }
        public void TestNtResponse()
        {
            var expected = new byte[]
            {
                0x82, 0x30, 0x9E, 0xCD, 0x8D, 0x70, 0x8B, 0x5E, 0xA0, 0x8F, 0xAA, 0x39, 0x81, 0xCD, 0x83, 0x54, 0x42,
                0x33, 0x11, 0x4A, 0x3D, 0x85, 0xD6, 0xDF
            };
            var actual = MsChapV2.GetNtResponse(_authenticatorChallenge, _peerChallenge, "User".GetUserBuffer(),
                                                "clientPass".ToSecureString());

            Assert.Equal(expected, actual);
        }
Exemple #5
0
        public static byte[] GetAuthenticationPacket(TacacsAuthenticationType type, TacacsAuthenticationService service,
                                                     string user, SecureString password,
                                                     SecureString sharedSecret)
        {
            byte[] intBuf = { 0x00, 0x00, 0x00, 0x00 };
            Rng.GetBytes(intBuf, 0, 4);
            var sessionId = BitConverter.ToInt32(intBuf, 0);

            var header = new TacacsHeader
            {
                Version        = TacacsHeaderExtensions.VersionOne,
                Type           = TacacsType.Authentication,
                SequenceNumber = 0x01,
                Flags          = TacacsFlags.Encrypted,
                SessionId      = sessionId,
                Length         = 0
            };

            byte[] authenticationData;
            switch (type)
            {
            case TacacsAuthenticationType.Ascii:
                throw new NotSupportedException("ASCII authentication method not supported");

            case TacacsAuthenticationType.Pap:
                throw new NotSupportedException("PAP authentication method not supported");

            case TacacsAuthenticationType.Arap:
                throw new NotSupportedException("ARAP authentication method not supported");

            case TacacsAuthenticationType.MsChap:
                throw new NotSupportedException("MS-CHAP authentication method not supported");

            case TacacsAuthenticationType.Chap:
                authenticationData = Chap.GetAuthenticationData(service, user, password);
                break;

            case TacacsAuthenticationType.MsChapV2:
                authenticationData = MsChapV2.GetAuthenticationData(service, user, password);
                break;

            default:
                throw new ArgumentOutOfRangeException(nameof(type), type, null);
            }

            return(CreatePacket(header, authenticationData, sharedSecret));
        }