/// <summary>Creates multiple principals in the KDC and adds them to a keytab file.</summary> /// <param name="keytabFile">keytab file to add the created principal.s</param> /// <param name="principals">principals to add to the KDC, do not include the domain. /// </param> /// <exception cref="System.Exception"> /// thrown if the principals or the keytab file could not be /// created. /// </exception> public virtual void CreatePrincipal(FilePath keytabFile, params string[] principals ) { string generatedPassword = UUID.RandomUUID().ToString(); Org.Apache.Directory.Server.Kerberos.Shared.Keytab.Keytab keytab = new Org.Apache.Directory.Server.Kerberos.Shared.Keytab.Keytab (); IList <KeytabEntry> entries = new AList <KeytabEntry>(); foreach (string principal in principals) { CreatePrincipal(principal, generatedPassword); principal = principal + "@" + GetRealm(); KerberosTime timestamp = new KerberosTime(); foreach (KeyValuePair <EncryptionType, EncryptionKey> entry in KerberosKeyFactory. GetKerberosKeys(principal, generatedPassword)) { EncryptionKey ekey = entry.Value; byte keyVersion = unchecked ((byte)ekey.GetKeyVersion()); entries.AddItem(new KeytabEntry(principal, 1L, timestamp, keyVersion, ekey)); } } keytab.SetEntries(entries); keytab.Write(keytabFile); }
public KrbFastFinished( KerberosTime param0, Microseconds param1, Realm param2, PrincipalName param3, Checksum param4) { this.timestamp = param0; this.usec = param1; this.crealm = param2; this.cname = param3; this.ticket_checksum = param4; }
/// <summary> /// Update the context. /// </summary> /// <param name="pdu">The Pdu to update the context.</param> internal override void UpdateContext(KilePdu pdu) { if (pdu != null) { Type pduType = pdu.GetType(); if (pduType == typeof(KileAsRequest)) { KileAsRequest request = (KileAsRequest)pdu; if (request.Request != null && request.Request.req_body != null) { cName = request.Request.req_body.cname; cRealm = request.Request.req_body.realm; sName = request.Request.req_body.sname; encryptType = request.Request.req_body.etype; addresses = request.Request.req_body.addresses; nonce = request.Request.req_body.nonce; endTime = request.Request.req_body.till; rtime = request.Request.req_body.rtime; } } else if (pduType == typeof(KileAsResponse)) { KileAsResponse response = (KileAsResponse)pdu; tgsSessionKey = response.EncPart.key; } else if (pduType == typeof(KileTgsRequest)) { KileTgsRequest request = (KileTgsRequest)pdu; encryptType = request.Request.req_body.etype; nonce = request.Request.req_body.nonce; tgsTicket = request.tgtTicket; sName = request.Request.req_body.sname; if (request.authenticator != null) { tgsSubSessionKey = request.authenticator.subkey; } } else if (pduType == typeof(KileTgsResponse)) { KileTgsResponse response = (KileTgsResponse)pdu; apSessionKey = response.EncPart.key; } else if (pduType == typeof(KileApRequest)) { KileApRequest request = (KileApRequest)pdu; apRequestCtime = request.Authenticator.ctime; apRequestCusec = request.Authenticator.cusec; if (request.Authenticator.cksum != null) { int flag = BitConverter.ToInt32(request.Authenticator.cksum.checksum.mValue, ConstValue.AUTHENTICATOR_CHECKSUM_LENGTH + sizeof(ChecksumFlags)); checksumFlag = (ChecksumFlags)flag; } apSubKey = request.Authenticator.subkey; if (request.Authenticator.seq_number != null) { currentRemoteSequenceNumber = (ulong)request.Authenticator.seq_number.mValue; currentLocalSequenceNumber = currentRemoteSequenceNumber; } } else if (pduType == typeof(KileApResponse)) { KileApResponse response = (KileApResponse)pdu; if (response.ApEncPart.subkey != null) { acceptorSubKey = response.ApEncPart.subkey; } } else { // Do nothing. } } }