public FakeRealmService(string realm, Krb5Config config, IPrincipalService principalService, KerberosCompatibilityFlags compatibilityFlags = KerberosCompatibilityFlags.None) { Name = realm; Configuration = config; _principalService = principalService; _compatibilityFlags = compatibilityFlags; }
public void CreateServiceTicketOnCompatibilitySetting(string realm, KerberosCompatibilityFlags compatibilityFlags, string expectedRealm) { var key = KrbEncryptionKey.Generate(EncryptionType.AES128_CTS_HMAC_SHA1_96).AsKey(); var ticket = KrbKdcRep.GenerateServiceTicket <KrbTgsRep>(new ServiceTicketRequest { EncryptedPartKey = key, ServicePrincipal = new FakeKerberosPrincipal("*****@*****.**"), ServicePrincipalKey = key, Principal = new FakeKerberosPrincipal("*****@*****.**"), RealmName = realm, Compatibility = compatibilityFlags, }); Assert.IsNotNull(ticket); Assert.AreEqual(expectedRealm, ticket.CRealm); }
public void GeneratedTgtMatchesActiveDirectory(string realm, KerberosCompatibilityFlags compatibilityFlags, string expectedRealm) { var realmService = new FakeRealmService(realm, compatibilityFlags: compatibilityFlags); var principal = realmService.Principals.Find(KrbPrincipalName.FromString(UserUpn)); var principalKey = principal.RetrieveLongTermCredential(); var rst = new ServiceTicketRequest { Flags = ExpectedFlags, Principal = principal, EncryptedPartKey = principalKey, ServicePrincipalKey = new KerberosKey(key: TgtKey, etype: EncryptionType.AES256_CTS_HMAC_SHA1_96) }; var tgt = KrbAsRep.GenerateTgt(rst, realmService); Assert.IsNotNull(tgt); var encoded = tgt.EncodeApplication(); AssertIsExpectedKrbtgt(principalKey, rst.ServicePrincipalKey, encoded.ToArray(), expectedRealm); }
public FakeRealmSettings(KerberosCompatibilityFlags compatibilityFlags) { this.compatibilityFlags = compatibilityFlags; }
public FakeRealmService(string realm, Krb5Config config = null, KerberosCompatibilityFlags compatibilityFlags = KerberosCompatibilityFlags.None) { this.Name = realm; this.Configuration = config ?? Krb5Config.Kdc(); this.compatibilityFlags = compatibilityFlags; }