/// <summary> /// Try and parse data into an ASN1 authentication token. /// </summary> /// <param name="data">The data to parse.</param> /// <param name="token">The Negotiate authentication token.</param> /// <param name="values">Parsed DER Values.</param> internal static bool TryParse(byte[] data, DERValue[] values, out KerberosAuthenticationToken token) { token = null; try { var ret = new KerberosAPReplyAuthenticationToken(data, values); if (values.Length != 1 || !values[0].CheckApplication(15) || !values[0].HasChildren()) { return(false); } values = values[0].Children; if (values.Length != 1 || !values[0].CheckSequence() || !values[0].HasChildren()) { return(false); } foreach (var next in values[0].Children) { if (next.Type != DERTagType.ContextSpecific) { return(false); } switch (next.Tag) { case 0: if (next.ReadChildInteger() != 5) { return(false); } break; case 1: if ((KerberosMessageType)next.ReadChildInteger() != KerberosMessageType.KRB_AP_REP) { return(false); } break; case 2: if (!next.HasChildren()) { return(false); } ret.EncryptedPart = KerberosEncryptedData.Parse(next.Children[0]); break; default: return(false); } } token = ret; return(true); } catch (InvalidDataException) { return(false); } }
/// <summary> /// Try and parse data into an ASN1 authentication token. /// </summary> /// <param name="data">The data to parse.</param> /// <param name="token">The Negotiate authentication token.</param> /// <param name="values">Parsed DER Values.</param> internal static bool TryParse(byte[] data, DERValue[] values, out KerberosAuthenticationToken token) { token = null; try { var ret = new KerberosTGTRequestAuthenticationToken(data, values); if (values.Length != 1 || !values[0].HasChildren()) { return(false); } Queue <DERValue> queue = new Queue <DERValue>(values[0].Children); while (queue.Count > 0) { var next = queue.Dequeue(); if (next.Type != DERTagType.ContextSpecific) { return(false); } switch (next.Tag) { case 0: if (next.ReadChildInteger() != 5) { return(false); } break; case 1: if ((KRB_MSG_TYPE)next.ReadChildInteger() != KRB_MSG_TYPE.KRB_TGT_REQ) { return(false); } break; case 2: if (!next.Children[0].CheckSequence()) { return(false); } ret.ServerName = KerberosPrincipalName.Parse(next.Children[0]); break; case 3: ret.Realm = next.ReadChildGeneralString(); break; default: return(false); } } token = ret; return(true); } catch (InvalidDataException) { return(false); } }
/// <summary> /// Try and parse data into an ASN1 authentication token. /// </summary> /// <param name="data">The data to parse.</param> /// <param name="token">The Negotiate authentication token.</param> /// <param name="values">Parsed DER Values.</param> internal static bool TryParse(byte[] data, DERValue[] values, out KerberosAuthenticationToken token) { token = null; try { var ret = new KerberosErrorAuthenticationToken(data, values); if (values.Length != 1 || !values[0].CheckMsg(KerberosMessageType.KRB_ERROR) || !values[0].HasChildren()) { return(false); } values = values[0].Children; if (values.Length != 1 || !values[0].CheckSequence() || !values[0].HasChildren()) { return(false); } foreach (var next in values[0].Children) { if (next.Type != DERTagType.ContextSpecific) { return(false); } switch (next.Tag) { case 0: if (next.ReadChildInteger() != 5) { return(false); } break; case 1: if ((KerberosMessageType)next.ReadChildInteger() != KerberosMessageType.KRB_ERROR) { return(false); } break; case 2: ret.ClientTime = next.ReadChildGeneralizedTime(); break; case 3: ret.ClientUSec = next.ReadChildInteger(); break; case 4: ret.ServerTime = next.ReadChildGeneralizedTime(); break; case 5: ret.ServerUSec = next.ReadChildInteger(); break; case 6: ret.ErrorCode = (KerberosErrorType)next.ReadChildInteger(); break; case 7: ret.ClientRealm = next.ReadChildGeneralString(); break; case 8: if (!next.Children[0].CheckSequence()) { throw new InvalidDataException(); } ret.ClientName = KerberosPrincipalName.Parse(next.Children[0]); break; case 9: ret.ServerRealm = next.ReadChildGeneralString(); break; case 10: if (!next.Children[0].CheckSequence()) { throw new InvalidDataException(); } ret.ServerName = KerberosPrincipalName.Parse(next.Children[0]); break; case 11: ret.ErrorText = next.ReadChildGeneralString(); break; case 12: ret.ErrorData = next.ReadChildOctetString(); break; default: return(false); } } token = ret; return(true); } catch (InvalidDataException) { return(false); } }
/// <summary> /// Try and parse data into an Kerberos authentication token. /// </summary> /// <param name="data">The data to parse.</param> /// <param name="token">The Kerberos authentication token.</param> /// <param name="client">True if this is a token from a client.</param> /// <param name="token_count">The token count number.</param> /// <returns>True if parsed successfully.</returns> internal static bool TryParse(byte[] data, int token_count, bool client, out KerberosAuthenticationToken token) { token = null; try { if (!GSSAPIUtils.TryParse(data, out byte[] inner_token, out string oid))
/// <summary> /// Try and parse data into an ASN1 authentication token. /// </summary> /// <param name="data">The data to parse.</param> /// <param name="token">The Negotiate authentication token.</param> /// <param name="values">Parsed DER Values.</param> internal static bool TryParse(byte[] data, DERValue[] values, out KerberosAuthenticationToken token) { token = null; try { var ret = new KerberosAPRequestAuthenticationToken(data, values); if (values.Length != 1 || !values[0].CheckApplication(14) || !values[0].HasChildren()) { return(false); } values = values[0].Children; if (values.Length != 1 || !values[0].CheckSequence() || !values[0].HasChildren()) { return(false); } Queue <DERValue> queue = new Queue <DERValue>(values[0].Children); while (queue.Count > 0) { var next = queue.Dequeue(); if (next.Type != DERTagType.ContextSpecific) { return(false); } switch (next.Tag) { case 0: if (next.ReadChildInteger() != 5) { return(false); } break; case 1: if ((KRB_MSG_TYPE)next.ReadChildInteger() != KRB_MSG_TYPE.KRB_AP_REQ) { return(false); } break; case 2: if (!next.Children[0].CheckPrimitive(UniversalTag.BIT_STRING)) { return(false); } var bits = next.Children[0].ReadBitString(); var options = KerberosAPRequestOptions.None; if (bits[1]) { options |= KerberosAPRequestOptions.UseSessionKey; } if (bits[2]) { options |= KerberosAPRequestOptions.MutualAuthRequired; } ret.Options = options; break; case 3: if (!next.HasChildren()) { return(false); } ret.Ticket = KerberosTicket.Parse(next.Children[0]); break; case 4: if (!next.HasChildren()) { return(false); } ret.Authenticator = KerberosEncryptedData.Parse(next.Children[0]); break; default: return(false); } } token = ret; return(true); } catch (InvalidDataException) { return(false); } }