private Authenticator CreateAuthenticator(KerberosTicket ticket, AuthorizationData data, EncryptionKey subKey, ChecksumType checksumType, byte[] checksumBody)
{
Authenticator plaintextAuthenticator = CreateAuthenticator(ticket, data, subKey);
byte[] checkData = KerberosUtility.GetChecksum(ticket.SessionKey.keyvalue.ByteArrayValue, checksumBody, (int)KeyUsageNumber.TGS_REQ_PA_TGS_REQ_adataOR_AP_REQ_Authenticator_cksum, checksumType);
plaintextAuthenticator.cksum = new Checksum(new KerbInt32((int)checksumType), new Asn1OctetString(checkData));
return(plaintextAuthenticator);
}
public static KerberosMICToken GSS_GetMIC(KerberosMICToken_Flags_Values flags, long sequenceNumber, ChecksumType type, byte[] key, byte[] data)
{
var applicableChecksumType = new List <ChecksumType>()
{
ChecksumType.hmac_sha1_96_aes128,
ChecksumType.hmac_sha1_96_aes256
};
if (!applicableChecksumType.Any(checksumType => checksumType == type))
{
throw new InvalidOperationException("The checksum type is not applicable!");
}
var obj = new KerberosMICToken();
obj.Header.TOK_ID = KerberosMICToken_TOK_ID_Values.GSS_GetMIC;
obj.Header.Flags = flags;
obj.Header.Filler = new byte[5] {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
obj.Header.SND_SEQ = sequenceNumber;
var headerBytes = TypeMarshal.ToBytes(obj.Header);
var checksumData = data.Concat(headerBytes).ToArray();
int usage;
if (flags.HasFlag(KerberosMICToken_Flags_Values.SentByAcceptor))
{
usage = (int)TokenKeyUsage.KG_USAGE_ACCEPTOR_SIGN;
}
else
{
usage = (int)TokenKeyUsage.KG_USAGE_INITIATOR_SIGN;
}
obj.SGN_CKSUM = KerberosUtility.GetChecksum(key, checksumData, usage, type);
return(obj);
}
