internal static void Decode <T>(AsnReader reader, Asn1Tag expectedTag, out T decoded) where T : KrbPaS4uX509User, new() { if (reader == null) { throw new ArgumentNullException(nameof(reader)); } decoded = new T(); AsnReader sequenceReader = reader.ReadSequence(expectedTag); AsnReader explicitReader; explicitReader = sequenceReader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 0)); KrbS4uUserId.Decode <KrbS4uUserId>(explicitReader, out KrbS4uUserId tmpUserId); decoded.UserId = tmpUserId; explicitReader.ThrowIfNotEmpty(); explicitReader = sequenceReader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 1)); KrbChecksum.Decode <KrbChecksum>(explicitReader, out KrbChecksum tmpChecksum); decoded.Checksum = tmpChecksum; explicitReader.ThrowIfNotEmpty(); sequenceReader.ThrowIfNotEmpty(); }
private static ReadOnlyMemory <byte> EncodeS4URequest(string s4u, X509Certificate2 certificate, int nonce, string realm, KrbEncryptionKey sessionKey) { var userId = new KrbS4uUserId() { CName = new KrbPrincipalName { Type = PrincipalNameType.NT_ENTERPRISE, Name = new[] { s4u } }, Nonce = nonce, Realm = realm }; if (certificate != null) { userId.SubjectCertificate = certificate.RawData; } var paX509 = new KrbPaS4uX509User { UserId = userId, Checksum = KrbChecksum.Create(userId.Encode(), sessionKey.AsKey(), (KeyUsage)26) }; return(paX509.Encode()); }