public PaFxFastReq CreateTgsPaFxFast( EncryptionKey armorKey, KerberosTicket armorTicket, FastOptions fastOptions, ApOptions apOptions, Asn1SequenceOf<PA_DATA> seqPaData, string sName, byte[] apReq, IFastArmor armor = null ) { string domain = this.Context.Realm.Value; PrincipalName sname = new PrincipalName(new KerbInt32((int)PrincipalType.NT_SRV_INST), KerberosUtility.String2SeqKerbString(sName.Split('/'))); KDC_REQ_BODY innerKdcReqBody = CreateKdcRequestBody(KdcOptions.CANONICALIZE | KdcOptions.FORWARDABLE | KdcOptions.RENEWABLE, sname); //Generate checksum var checksumType = KerberosUtility.GetChecksumType(Context.SelectedEType); var chksum = KerberosUtility.GetChecksum( armorKey.keyvalue.ByteArrayValue, apReq, (int)KeyUsageNumber.FAST_REQ_CHECKSUM, checksumType); Checksum checkSum = new Checksum(new KerbInt32((int)checksumType), new Asn1OctetString(chksum)); KerberosFastRequest fastReq = new KerberosFastRequest(fastOptions, seqPaData, innerKdcReqBody); KerberosArmoredRequest armoredReq = new KerberosArmoredRequest(armor, checkSum, (long)Context.SelectedEType, armorKey.keyvalue.ByteArrayValue, fastReq); PA_FX_FAST_REQUEST paFxFastReq = new PA_FX_FAST_REQUEST(); paFxFastReq.SetData(PA_FX_FAST_REQUEST.armored_data, armoredReq.FastArmoredReq); PaFxFastReq paFxfast = new PaFxFastReq(paFxFastReq); return paFxfast; }
/// <summary> /// Parse raw PA_DATA type to PaFxFast object. /// </summary> /// <param name="data">Raw PA_DATA</param> /// <returns>Reference to PaFxFast object</returns> public static PaFxFastReq Parse(PA_DATA data) { if (data.padata_type.Value != (long)PaDataType.PA_FX_FAST) throw new Exception(); PA_FX_FAST_REQUEST request = new PA_FX_FAST_REQUEST(); request.BerDecode(new Asn1DecodingBuffer(data.padata_value.ByteArrayValue)); return new PaFxFastReq(request); }
public PaFxFastReq CreateAsPaFxFast( EncryptionKey subKey, FastOptions fastOptions, ApOptions apOptions, Asn1SequenceOf<PA_DATA> seqPaData, string sName, KDC_REQ_BODY kdcReqBody, KrbFastArmorType armorType ) { string domain = this.Context.Realm.Value; PrincipalName sname = new PrincipalName(new KerbInt32((int)PrincipalType.NT_SRV_INST), KerberosUtility.String2SeqKerbString(sName, domain)); var armorKey = KerberosUtility.MakeArmorKey( Context.SelectedEType, subKey.keyvalue.ByteArrayValue, Context.ArmorSessionKey.keyvalue.ByteArrayValue); Context.FastArmorkey = new EncryptionKey(new KerbInt32((long)Context.SelectedEType), new Asn1OctetString(armorKey)); Asn1BerEncodingBuffer encodebuf = new Asn1BerEncodingBuffer(); kdcReqBody.BerEncode(encodebuf); var checksumType = KerberosUtility.GetChecksumType(Context.SelectedEType); var chksum = KerberosUtility.GetChecksum( armorKey, encodebuf.Data, (int)KeyUsageNumber.FAST_REQ_CHECKSUM, checksumType); Checksum checkSum = new Checksum(new KerbInt32((int)checksumType), new Asn1OctetString(chksum)); Authenticator plaintextAuthenticator = CreateAuthenticator(Context.ArmorTicket, null, subKey); KerberosApRequest apReq = new KerberosApRequest(Context.Pvno, new APOptions(KerberosUtility.ConvertInt2Flags((int)apOptions)), Context.ArmorTicket, plaintextAuthenticator, KeyUsageNumber.AP_REQ_Authenticator); KDC_REQ_BODY innerKdcReqBody = CreateKdcRequestBody(KdcOptions.CANONICALIZE | KdcOptions.FORWARDABLE | KdcOptions.RENEWABLE, sname); KerberosFastRequest fastReq = new KerberosFastRequest(fastOptions, seqPaData, innerKdcReqBody); FastArmorApRequest fastArmor = new FastArmorApRequest(apReq.Request); fastArmor.armorType = armorType; KerberosArmoredRequest armoredReq = new KerberosArmoredRequest(fastArmor, checkSum, (long)Context.SelectedEType, armorKey, fastReq); PA_FX_FAST_REQUEST paFxFastReq = new PA_FX_FAST_REQUEST(); paFxFastReq.SetData(PA_FX_FAST_REQUEST.armored_data, armoredReq.FastArmoredReq); PaFxFastReq paFxfast = new PaFxFastReq(paFxFastReq); return paFxfast; }
public PaFxFastReq(PA_FX_FAST_REQUEST fastRequest) { FastRequest = fastRequest; }