public override void ReadBody(NdrBinaryStream Stream)
{
ClaimSetSize = Stream.ReadInt();
Stream.Seek(4);
CompressionFormat = (CompressionFormat)Stream.ReadInt();
UncompressedClaimSetSize = Stream.ReadInt();
ReservedType = Stream.ReadShort();
ReservedFieldSize = Stream.ReadInt();
Stream.Align(8);
var size = Stream.ReadInt();
if (size != ClaimSetSize)
{
throw new InvalidDataException($"Data length {size} doesn't match expected ClaimSetSize {ClaimSetSize}");
}
var claimSet = Stream.ReadSpan(ClaimSetSize);
if (CompressionFormat != CompressionFormat.COMPRESSION_FORMAT_NONE)
{
claimSet = Compressions.Decompress(claimSet, UncompressedClaimSetSize, CompressionFormat);
}
ClaimsSet = new ClaimsSet();
ClaimsSet.Decode(claimSet.AsMemory());
ReservedField = Stream.Read(ReservedFieldSize);
}
public override void ReadBody(NdrBinaryStream stream)
{
var s4uProxyTargetString = stream.ReadRPCUnicodeString();
var transitListSize = stream.ReadInt();
stream.ReadInt(); // transit pointer
S4U2ProxyTarget = s4uProxyTargetString.ReadString(stream);
var realCount = stream.ReadInt();
if (realCount != transitListSize)
{
throw new InvalidDataException($"Expected S4UTransitedServices count {transitListSize} doesn't match actual count {realCount}");
}
var transitRpcStrings = new NdrString[realCount];
for (var i = 0; i < realCount; i++)
{
transitRpcStrings[i] = stream.ReadRPCUnicodeString();
}
var transits = new List <string>();
for (var i = 0; i < transitRpcStrings.Length; i++)
{
transits.Add(transitRpcStrings[i].ReadString(stream));
}
S4UTransitedServices = transits;
}
private static T TestPacEncoding <T>(T thing)
where T : NdrObject, new()
{
var stream = new NdrBinaryStream();
if (thing is NdrMessage message)
{
message.Encode(stream);
}
else
{
thing.WriteBody(stream);
}
var encoded = stream.ToMemory();
var decodedThing = new T();
if (decodedThing is NdrMessage decodedMessage)
{
decodedMessage.Decode(encoded);
}
else
{
decodedThing.ReadBody(encoded);
}
return(decodedThing);
}
public override void ReadBody(NdrBinaryStream stream)
{
Version = stream.ReadInt();
EncryptionType = (EncryptionType)stream.ReadInt();
SerializedData = stream.ReadToEnd();
}
public override void WriteBody(NdrBinaryStream stream)
{
stream.WriteRPCUnicodeString(S4U2ProxyTarget);
stream.WriteDeferredArray(S4UTransitedServices, true, (t, str) =>
{
str.WriteRPCUnicodeString(t.ToString());
});
}
public PrivilegedAttributeCertificate(byte[] pac)
{
Stream = new NdrBinaryStream(pac);
pacData = new byte[pac.Length];
Buffer.BlockCopy(pac, 0, pacData, 0, pac.Length);
var count = Stream.ReadInt();
var version = Stream.ReadInt();
if (version != PAC_VERSION)
{
throw new InvalidDataException($"Unknown PAC Version {version}");
}
var errors = new List <PacDecodeError>();
for (var i = 0; i < count; i++)
{
var type = (PacType)Stream.ReadInt();
var size = Stream.ReadInt();
var offset = Stream.ReadLong();
var pacInfoBuffer = new byte[size];
Buffer.BlockCopy(pac, (int)offset, pacInfoBuffer, 0, size);
int exclusionStart = 0;
int exclusionLength = 0;
try
{
ParsePacType(type, pacInfoBuffer, out exclusionStart, out exclusionLength);
}
catch (Exception ex)
{
errors.Add(new PacDecodeError()
{
Type = type,
Data = pacInfoBuffer,
Exception = ex
});
}
if (exclusionStart > 0 && exclusionLength > 0)
{
ZeroArray(pacData, offset + exclusionStart, exclusionLength);
}
}
DecodingErrors = errors;
HasRequiredFields = ServerSignature != null && KdcSignature != null;
}
public PrivilegedAttributeCertificate(KrbAuthorizationData authz)
: base(authz.Type, AuthorizationDataType.AdWin2kPac)
{
var pac = authz.Data;
Stream = new NdrBinaryStream(pac);
pacData = MemoryMarshal.AsMemory(authz.Data);
var count = Stream.ReadInt();
var version = Stream.ReadInt();
if (version != PAC_VERSION)
{
throw new InvalidDataException($"Unknown PAC Version {version}");
}
var errors = new List <PacDecodeError>();
for (var i = 0; i < count; i++)
{
var type = (PacType)Stream.ReadInt();
var size = Stream.ReadInt();
var offset = Stream.ReadLong();
var pacInfoBuffer = pac.Slice((int)offset, size);
int exclusionStart = 0;
int exclusionLength = 0;
try
{
ParsePacType(type, pacInfoBuffer, out exclusionStart, out exclusionLength);
}
catch (Exception ex)
{
errors.Add(new PacDecodeError()
{
Type = type,
Data = pacInfoBuffer,
Exception = ex
});
}
if (exclusionStart > 0 && exclusionLength > 0)
{
pacData.Span.Slice((int)offset + exclusionStart, exclusionLength).Fill(0);
}
}
DecodingErrors = errors;
HasRequiredFields = ServerSignature != null && KdcSignature != null;
}
public override void WriteBody(NdrBinaryStream stream)
{
stream.WriteFiletime(ClientId);
var name = Encoding.Unicode.GetBytes(Name);
NameLength = (short)name.Length;
stream.WriteShort(NameLength);
stream.WriteBytes(name);
}
public override void WriteBody(NdrBinaryStream stream)
{
var claimsSet = Compress(ClaimsSet, CompressionFormat, out int originalSize);
stream.WriteDeferredBytes(claimsSet);
stream.WriteUnsignedInt((int)CompressionFormat);
stream.WriteUnsignedInt(originalSize);
stream.WriteShort(ReservedType);
stream.WriteDeferredBytes(ReservedField);
}
private static ReadOnlySpan <byte> Compress(ClaimsSet claimsSet, CompressionFormat compressionFormat, out int originalSize)
{
var stream = new NdrBinaryStream();
claimsSet.Encode(stream);
var encoded = stream.ToSpan();
originalSize = encoded.Length;
if (compressionFormat != CompressionFormat.COMPRESSION_FORMAT_NONE)
{
encoded = Compressions.Compress(encoded, compressionFormat);
}
return(encoded);
}
public override void ReadBody(NdrBinaryStream stream)
{
UpnLength = stream.ReadShort();
UpnOffset = stream.ReadShort();
DnsDomainNameLength = stream.ReadShort();
DnsDomainNameOffset = stream.ReadShort();
Flags = (UpnDomainFlags)stream.ReadInt();
stream.Align(8);
Upn = Encoding.Unicode.GetString(stream.Read(UpnLength));
stream.Align(8);
Domain = Encoding.Unicode.GetString(stream.Read(DnsDomainNameLength));
}
public override void WriteBody(NdrBinaryStream stream)
{
var upnBytes = Encoding.Unicode.GetBytes(Upn);
var domainBytes = Encoding.Unicode.GetBytes(Domain);
stream.WriteShort((short)upnBytes.Length);
stream.WriteShort(2 + 2 + 2 + 2 + 4 + 4); // + 4 to align on 8 boundary
stream.WriteShort((short)domainBytes.Length);
stream.WriteShort((short)(2 + 2 + 2 + 2 + 4 + 4 + upnBytes.Length));
stream.WriteUnsignedInt((int)Flags);
stream.Align(8);
stream.WriteBytes(upnBytes);
stream.Align(8);
stream.WriteBytes(domainBytes);
}
public PrivilegedAttributeCertificate()
{
Stream = new NdrBinaryStream();
}
public override void WriteBody(NdrBinaryStream stream)
{
stream.WriteUnsignedInt(Version);
stream.WriteUnsignedInt((int)EncryptionType);
stream.WriteBytes(SerializedData);
}
public override void WriteBody(NdrBinaryStream stream)
{
throw new NotSupportedException("Not functional yet");
}
public override void ReadBody(NdrBinaryStream stream)
{
ClientId = stream.ReadFiletime();
NameLength = stream.ReadShort();
Name = Encoding.Unicode.GetString(stream.Read(NameLength));
}