Home Explore Help
Sign In
coder
/
SMBLibrary-Fork
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: ac77fb6554
Branches Tags
SMBLibrary-F...
/
SMBLibrary
/
Authentication
/
GSSAPI
/
SPNEGO
/
SimpleProtectedNegotiationToken.cs

SimpleProtectedNegotiationToken.cs 3.9 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 
  1. /* Copyright (C) 2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
    2. 

  2.  * 
    3. 

  3.  * You can redistribute this program and/or modify it under the terms of
    4. 

  4.  * the GNU Lesser Public License as published by the Free Software Foundation,
    5. 

  5.  * either version 3 of the License, or (at your option) any later version.
    6. 

  6.  */
    7. 

  7. using System;
    8. 

  8. using System.Collections.Generic;
    9. 

  9. using System.Text;
    10. 

  10. using Utilities;
    11. 

  11. 

  12. namespace SMBLibrary.Authentication
    13. 

  13. {
    14. 

  14.     public abstract class SimpleProtectedNegotiationToken
    15. 

  15.     {
    16. 

  16.         public const byte ApplicationTag = 0x60;
    17. 

  17. 

  18.         public static readonly byte[] SPNEGOIdentifier = new byte[] { 0x2b, 0x06, 0x01, 0x05, 0x05, 0x02 };
    19. 

  19. 

  20.         public abstract byte[] GetBytes();
    21. 

  21. 

  22.         /// <summary>
    23. 

  23.         /// https://tools.ietf.org/html/rfc2743
    24. 

  24.         /// </summary>
    25. 

  25.         public static SimpleProtectedNegotiationToken ReadToken(byte[] tokenBytes, int offset)
    26. 

  26.         {
    27. 

  27.             byte tag = ByteReader.ReadByte(tokenBytes, ref offset);
    28. 

  28.             if (tag == ApplicationTag)
    29. 

  29.             {
    30. 

  30.                 // when an InitToken is sent, it is prepended by an Application Constructed Object specifier (0x60),
    31. 

  31.                 // and the OID for SPNEGO (see value in OID table above). This is the generic GSSAPI header.
    32. 

  32.                 int tokenLength = DerEncodingHelper.ReadLength(tokenBytes, ref offset);
    33. 

  33.                 tag = ByteReader.ReadByte(tokenBytes, ref offset);
    34. 

  34.                 if (tag == (byte)DerEncodingTag.ObjectIdentifier)
    35. 

  35.                 {
    36. 

  36.                     int objectIdentifierLength = DerEncodingHelper.ReadLength(tokenBytes, ref offset);
    37. 

  37.                     byte[] objectIdentifier = ByteReader.ReadBytes(tokenBytes, ref offset, objectIdentifierLength);
    38. 

  38.                     if (ByteUtils.AreByteArraysEqual(objectIdentifier, SPNEGOIdentifier))
    39. 

  39.                     {
    40. 

  40.                         tag = ByteReader.ReadByte(tokenBytes, ref offset);
    41. 

  41.                         if (tag == SimpleProtectedNegotiationTokenInit.NegTokenInitTag)
    42. 

  42.                         {
    43. 

  43.                             return new SimpleProtectedNegotiationTokenInit(tokenBytes, offset);
    44. 

  44.                         }
    45. 

  45.                     }
    46. 

  46.                 }
    47. 

  47.             }
    48. 

  48.             else if (tag == SimpleProtectedNegotiationTokenResponse.NegTokenRespTag)
    49. 

  49.             {
    50. 

  50.                 return new SimpleProtectedNegotiationTokenResponse(tokenBytes, offset);
    51. 

  51.             }
    52. 

  52.             return null;
    53. 

  53.         }
    54. 

  54. 

  55.         /// <summary>
    56. 

  56.         /// Will append the generic GSSAPI header.
    57. 

  57.         /// </summary>
    58. 

  58.         public static byte[] GetTokenBytes(SimpleProtectedNegotiationToken token)
    59. 

  59.         {
    60. 

  60.             if (token is SimpleProtectedNegotiationTokenInit)
    61. 

  61.             {
    62. 

  62.                 byte[] tokenBytes = token.GetBytes();
    63. 

  63.                 int objectIdentifierFieldSize = DerEncodingHelper.GetLengthFieldSize(SPNEGOIdentifier.Length);
    64. 

  64.                 int tokenLength = 1 + objectIdentifierFieldSize + SPNEGOIdentifier.Length + tokenBytes.Length;
    65. 

  65.                 int tokenLengthFieldSize = DerEncodingHelper.GetLengthFieldSize(tokenLength);
    66. 

  66.                 int headerLength = 1 + tokenLengthFieldSize + 1 + objectIdentifierFieldSize + SPNEGOIdentifier.Length;
    67. 

  67.                 byte[] buffer = new byte[headerLength + tokenBytes.Length];
    68. 

  68.                 int offset = 0;
    69. 

  69.                 ByteWriter.WriteByte(buffer, ref offset, ApplicationTag);
    70. 

  70.                 DerEncodingHelper.WriteLength(buffer, ref offset, tokenLength);
    71. 

  71.                 ByteWriter.WriteByte(buffer, ref offset, (byte)DerEncodingTag.ObjectIdentifier);
    72. 

  72.                 DerEncodingHelper.WriteLength(buffer, ref offset, SPNEGOIdentifier.Length);
    73. 

  73.                 ByteWriter.WriteBytes(buffer, ref offset, SPNEGOIdentifier);
    74. 

  74.                 ByteWriter.WriteBytes(buffer, ref offset, tokenBytes);
    75. 

  75.                 return buffer;
    76. 

  76.             }
    77. 

  77.             else
    78. 

  78.             {
    79. 

  79.                 return token.GetBytes();
    80. 

  80.             }
    81. 

  81.         }
    82. 

  82.     }
    83. 

  83. }
    84.