예제 #1
0
        private void DecryptAsResponse(byte[] key)
        {
            var encryptType = (EncryptionType)Response.enc_part.etype.Value;
            int keyUsage    = (int)KeyUsageNumber.AS_REP_ENCRYPTEDPART;

            if (encryptType == EncryptionType.RC4_HMAC)
            {
                keyUsage = (int)KeyUsageNumber.TGS_REP_encrypted_part;
            }

            var encPartRawData = KerberosUtility.Decrypt(
                encryptType,
                key,
                Response.enc_part.cipher.ByteArrayValue,
                keyUsage);
            Asn1DecodingBuffer buf = new Asn1DecodingBuffer(encPartRawData);
            Asn1Tag            tag = null;

            Asn1StandardProcedure.TagBerDecode(buf, out tag);
            //Some implementations unconditionally send an encrypted EncTGSRepPart in the field
            //regardless of whether the reply is an AS-REP or a TGS-REP.([RFC4120] Section 5.4.2)
            if (tag.TagValue == 25)  //EncAsRepPart
            {
                EncPart = new EncASRepPart();
            }
            else if (tag.TagValue == 26) //EncTgsRepPart
            {
                EncPart = new EncTGSRepPart();
            }
            else
            {
                throw new Exception("Unknown tag number");
            }
            EncPart.BerDecode(new Asn1DecodingBuffer(encPartRawData));
            KerberosUtility.OnDumpMessage("KRB5:AS-REP(enc-part)",
                                          "Encrypted part of AS-REP",
                                          KerberosUtility.DumpLevel.PartialMessage,
                                          encPartRawData);
        }
        private void DecryptAsResponse(byte[] key)
        {
            var encryptType = (EncryptionType)Response.enc_part.etype.Value;
            int keyUsage  = (int)KeyUsageNumber.AS_REP_ENCRYPTEDPART;
            if (encryptType == EncryptionType.RC4_HMAC)
                keyUsage = (int)KeyUsageNumber.TGS_REP_encrypted_part;

            var encPartRawData = KerberosUtility.Decrypt(
                encryptType,
                key,
                Response.enc_part.cipher.ByteArrayValue,
                keyUsage);
            Asn1DecodingBuffer buf = new Asn1DecodingBuffer(encPartRawData);
            Asn1Tag tag = null;
            Asn1StandardProcedure.TagBerDecode(buf, out tag);
            //Some implementations unconditionally send an encrypted EncTGSRepPart in the field
            //regardless of whether the reply is an AS-REP or a TGS-REP.([RFC4120] Section 5.4.2)
            if (tag.TagValue == 25)  //EncAsRepPart
            {
                EncPart = new EncASRepPart();
            }
            else if (tag.TagValue == 26) //EncTgsRepPart
            {
                EncPart = new EncTGSRepPart();
            }
            else
            {
                throw new Exception("Unknown tag number");
            }
            EncPart.BerDecode(new Asn1DecodingBuffer(encPartRawData));
            KerberosUtility.OnDumpMessage("KRB5:AS-REP(enc-part)",
                "Encrypted part of AS-REP",
                KerberosUtility.DumpLevel.PartialMessage,
                encPartRawData);
        }