private KDC_REQ_BODY CreateKdcRequestBody(KdcOptions kdcOptions, PrincipalName sName, AuthorizationData authData = null) { KDC_REQ_BODY kdcReqBody = this.CreateKdcRequestBody(kdcOptions, sName); if (authData == null) { return(kdcReqBody); } Asn1BerEncodingBuffer asnEncBuffer = new Asn1BerEncodingBuffer(); authData.BerEncode(asnEncBuffer, true); EncryptedData encryptData = new EncryptedData(); encryptData.etype = new KerbInt32(0); byte[] encryptAsnEncoded = asnEncBuffer.Data; if (this.Context.SessionKey != null && this.Context.SessionKey.keytype != null && this.Context.SessionKey.keyvalue != null && this.Context.SessionKey.keyvalue.Value != null) { encryptAsnEncoded = KerberosUtility.Encrypt( (EncryptionType)this.Context.SessionKey.keytype.Value, this.Context.SessionKey.keyvalue.ByteArrayValue, encryptAsnEncoded, (int)KeyUsageNumber.TGS_REQ_KDC_REQ_BODY_AuthorizationData ); encryptData.etype = new KerbInt32(this.Context.SessionKey.keytype.Value); } encryptData.cipher = new Asn1OctetString(encryptAsnEncoded); kdcReqBody.enc_authorization_data = encryptData; return(kdcReqBody); }
private void SendTgsRequest(string sName, KdcOptions kdcOptions, Asn1SequenceOf <PA_DATA> seqPadata = null, AuthorizationData dataInAuthentiator = null, AuthorizationData dataInEncAuthData = null, MsgType msgType = MsgType.KRB_TGS_REQ) { if (string.IsNullOrEmpty(sName)) { throw new ArgumentNullException("sName"); } PrincipalName sname = new PrincipalName(new KerbInt32((int)PrincipalType.NT_SRV_INST), KerberosUtility.String2SeqKerbString(sName.Split('/'))); KDC_REQ_BODY kdcReqBody = this.CreateKdcRequestBody(kdcOptions, sname, dataInEncAuthData); // almost same as AS request Asn1BerEncodingBuffer bodyBuffer = new Asn1BerEncodingBuffer(); kdcReqBody.BerEncode(bodyBuffer); ChecksumType checksumType = KerberosUtility.GetChecksumType(this.Context.SelectedEType); PA_DATA paTgsReq = CreatePaTgsReqest(checksumType, bodyBuffer.Data, dataInAuthentiator); // use AS session key encrypt authenticator. Asn1SequenceOf <PA_DATA> tempPaData = null; if (seqPadata == null || seqPadata.Elements == null || seqPadata.Elements.Length == 0) { tempPaData = new Asn1SequenceOf <PA_DATA>(new PA_DATA[] { paTgsReq }); } else { PA_DATA[] paDatas = new PA_DATA[seqPadata.Elements.Length + 1]; Array.Copy(seqPadata.Elements, paDatas, seqPadata.Elements.Length); paDatas[seqPadata.Elements.Length] = paTgsReq; tempPaData = new Asn1SequenceOf <PA_DATA>(paDatas); } KerberosTgsRequest tgsRequest = new KerberosTgsRequest(KerberosConstValue.KERBEROSV5, kdcReqBody, tempPaData, Context.TransportType); tgsRequest.Request.msg_type.Value = (long)msgType; this.client.SendPdu(tgsRequest); }
public KDC_REQ() { this.pvno = null; this.msg_type = null; this.padata = null; this.req_body = null; }
public KrbFastReq( FastOptions param0, Asn1SequenceOf<PA_DATA> param1, KDC_REQ_BODY param2) { this.fast_options = param0; this.padata = param1; this.req_body = param2; }
private KerberosAsRequest CreateAsRequest(KDC_REQ_BODY kdcReqBody, Asn1SequenceOf <PA_DATA> paDatas, long pvno = KerberosConstValue.KERBEROSV5) { KerberosAsRequest request = new KerberosAsRequest( pvno, kdcReqBody, paDatas, Context.TransportType); return(request); }
public TGS_REQ( Asn1Integer param0, Asn1Integer param1, Asn1SequenceOf<PA_DATA> param2, KDC_REQ_BODY param3) { this.pvno = param0; this.msg_type = param1; this.padata = param2; this.req_body = param3; }
public AS_REQ( Asn1Integer param0, Asn1Integer param1, Asn1SequenceOf <PA_DATA> param2, KDC_REQ_BODY param3) { this.pvno = param0; this.msg_type = param1; this.padata = param2; this.req_body = param3; }
private KerberosAsRequest SendAsRequest(KdcOptions kdcOptions, Asn1SequenceOf <PA_DATA> seqPaData) { string sName = KerberosConstValue.KERBEROS_SNAME; string domain = this.Context.Realm.Value; PrincipalName sname = new PrincipalName(new KerbInt32((int)PrincipalType.NT_SRV_INST), KerberosUtility.String2SeqKerbString(sName, domain)); KDC_REQ_BODY kdcReqBody = CreateKdcRequestBody(kdcOptions, sname); KerberosAsRequest asRequest = this.CreateAsRequest(kdcReqBody, seqPaData); this.client.SendPdu(asRequest); return(asRequest); }
private KDC_REQ_BODY CreateKdcRequestBody(KdcOptions kdcOptions, PrincipalName sName) { KerbUInt32 nonce = new KerbUInt32((uint)Math.Abs((int)DateTime.Now.Ticks)); KerberosTime till = new KerberosTime(KerberosConstValue.TGT_TILL_TIME); KerberosTime rtime = new KerberosTime(KerberosConstValue.TGT_RTIME); HostAddresses addresses = new HostAddresses(new HostAddress[1] { new HostAddress(new KerbInt32((int)AddressType.NetBios), new Asn1OctetString(Encoding.ASCII.GetBytes(System.Net.Dns.GetHostName()))) }); KDCOptions options = new KDCOptions(KerberosUtility.ConvertInt2Flags((int)kdcOptions)); KDC_REQ_BODY kdcReqBody = new KDC_REQ_BODY(options, Context.CName.Name, Context.Realm, sName, null, till, rtime, nonce, Context.SupportedEType, addresses, null, null); return(kdcReqBody); }
public KerberosTgsRequest(long pvno, KDC_REQ_BODY kdcReqBody, Asn1SequenceOf <PA_DATA> paDatas, TransportType transportType) { this.Request = new TGS_REQ(new Asn1Integer(pvno), new Asn1Integer((long)MsgType.KRB_TGS_REQ), paDatas, kdcReqBody); this.transportType = transportType; }
public KerberosFastRequest(FastOptions options, Asn1SequenceOf <PA_DATA> seqPaData, KDC_REQ_BODY kdcReqBody) { this.FastReq = new KrbFastReq(options, seqPaData, kdcReqBody); }
private KerberosAsRequest CreateAsRequest(KDC_REQ_BODY kdcReqBody, Asn1SequenceOf<PA_DATA> paDatas, long pvno = KerberosConstValue.KERBEROSV5) { KerberosAsRequest request = new KerberosAsRequest( pvno, kdcReqBody, paDatas, Context.TransportType); return request; }
public PaFxFastReq CreateAsPaFxFast( EncryptionKey subKey, FastOptions fastOptions, ApOptions apOptions, Asn1SequenceOf<PA_DATA> seqPaData, string sName, KDC_REQ_BODY kdcReqBody, KrbFastArmorType armorType ) { string domain = this.Context.Realm.Value; PrincipalName sname = new PrincipalName(new KerbInt32((int)PrincipalType.NT_SRV_INST), KerberosUtility.String2SeqKerbString(sName, domain)); var armorKey = KerberosUtility.MakeArmorKey( Context.SelectedEType, subKey.keyvalue.ByteArrayValue, Context.ArmorSessionKey.keyvalue.ByteArrayValue); Context.FastArmorkey = new EncryptionKey(new KerbInt32((long)Context.SelectedEType), new Asn1OctetString(armorKey)); Asn1BerEncodingBuffer encodebuf = new Asn1BerEncodingBuffer(); kdcReqBody.BerEncode(encodebuf); var checksumType = KerberosUtility.GetChecksumType(Context.SelectedEType); var chksum = KerberosUtility.GetChecksum( armorKey, encodebuf.Data, (int)KeyUsageNumber.FAST_REQ_CHECKSUM, checksumType); Checksum checkSum = new Checksum(new KerbInt32((int)checksumType), new Asn1OctetString(chksum)); Authenticator plaintextAuthenticator = CreateAuthenticator(Context.ArmorTicket, null, subKey); KerberosApRequest apReq = new KerberosApRequest(Context.Pvno, new APOptions(KerberosUtility.ConvertInt2Flags((int)apOptions)), Context.ArmorTicket, plaintextAuthenticator, KeyUsageNumber.AP_REQ_Authenticator); KDC_REQ_BODY innerKdcReqBody = CreateKdcRequestBody(KdcOptions.CANONICALIZE | KdcOptions.FORWARDABLE | KdcOptions.RENEWABLE, sname); KerberosFastRequest fastReq = new KerberosFastRequest(fastOptions, seqPaData, innerKdcReqBody); FastArmorApRequest fastArmor = new FastArmorApRequest(apReq.Request); fastArmor.armorType = armorType; KerberosArmoredRequest armoredReq = new KerberosArmoredRequest(fastArmor, checkSum, (long)Context.SelectedEType, armorKey, fastReq); PA_FX_FAST_REQUEST paFxFastReq = new PA_FX_FAST_REQUEST(); paFxFastReq.SetData(PA_FX_FAST_REQUEST.armored_data, armoredReq.FastArmoredReq); PaFxFastReq paFxfast = new PaFxFastReq(paFxFastReq); return paFxfast; }
private KDC_REQ_BODY CreateKdcRequestBody( KdcOptions kdcOptions, PrincipalName sName, KerberosTime from, KerberosTime till ) { KerbUInt32 nonce = new KerbUInt32((uint)Math.Abs((int)DateTime.Now.Ticks)); KerberosTime rtime = new KerberosTime(KerberosConstValue.TGT_RTIME); HostAddresses addresses = new HostAddresses(new HostAddress[1] { new HostAddress(new KerbInt32((int)AddressType.NetBios), new Asn1OctetString(Encoding.ASCII.GetBytes(System.Net.Dns.GetHostName()))) }); KDCOptions options = new KDCOptions(KerberosUtility.ConvertInt2Flags((int)kdcOptions)); KDC_REQ_BODY kdcReqBody = new KDC_REQ_BODY(options, Context.CName.Name, Context.Realm, sName, from, till, rtime, nonce, Context.SupportedEType, addresses, null, null); return kdcReqBody; }
public KerberosFastRequest(FastOptions options, Asn1SequenceOf<PA_DATA> seqPaData, KDC_REQ_BODY kdcReqBody) { this.FastReq = new KrbFastReq(options, seqPaData, kdcReqBody); }
public KerberosAsRequest(long pvno, KDC_REQ_BODY kdcReqBody, Asn1SequenceOf<PA_DATA> paDatas, TransportType transportType) { this.Request = new AS_REQ(new Asn1Integer(pvno), new Asn1Integer((long)MsgType.KRB_AS_REQ), paDatas, kdcReqBody); this.transportType = transportType; }