public void ParsePaPkAsReq_SignedAuthPack_ParseAuthPack() { KrbPaPkAsReq asreq = KrbPaPkAsReq.Decode(signedPkAsReq); SignedCms signedCms = new SignedCms(); signedCms.Decode(asreq.SignedAuthPack.ToArray()); signedCms.CheckSignature(verifySignatureOnly: true); KrbAuthPack authPack = KrbAuthPack.Decode(signedCms.ContentInfo.Content); Assert.IsNotNull(authPack); var param = authPack.ClientPublicValue.Algorithm.Parameters.Value; var b64 = Convert.ToBase64String(param.ToArray()); var domainParams = KrbDiffieHellmanDomainParameters.DecodeSpecial(param); Assert.IsNotNull(domainParams); var special = domainParams.EncodeSpecial(); Assert.IsTrue(special.Span.SequenceEqual(param.ToArray())); var decodedPk = CryptEncode.CryptDecodePublicParameter(authPack.ClientPublicValue.SubjectPublicKey).Slice(16); }
private static KrbAuthPack ValidateAuthPack(PreAuthenticationContext preauth, PkInitState state) { state.Cms.CheckSignature(verifySignatureOnly: true); preauth.Principal.Validate(state.Cms.Certificates); var authPack = KrbAuthPack.Decode(state.Cms.ContentInfo.Content); return(authPack); }
private static async Task <KrbAuthPack> ValidateAuthPack(IKerberosPrincipal principal, KrbPaPkAsReq pkreq) { SignedCms signedCms = new SignedCms(); signedCms.Decode(pkreq.SignedAuthPack.ToArray()); signedCms.CheckSignature(verifySignatureOnly: true); await principal.Validate(signedCms.Certificates); var authPack = KrbAuthPack.Decode(signedCms.ContentInfo.Content); return(authPack); }