Home Explore Help
Sign In
coder
/
SMBLibrary-Fork
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: d98ed6c2b0
Branches Tags
SMBLibrary-F...
/
SMBLibrary
/
Authentication
/
GSSAPI
/
SPNEGO
/
SimpleProtectedNegotiationToken.cs

SimpleProtectedNegotiationToken.cs 4.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. /* Copyright (C) 2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
    2. 

  2.  * 
    3. 

  3.  * You can redistribute this program and/or modify it under the terms of
    4. 

  4.  * the GNU Lesser Public License as published by the Free Software Foundation,
    5. 

  5.  * either version 3 of the License, or (at your option) any later version.
    6. 

  6.  */
    7. 

  7. using System;
    8. 

  8. using System.Collections.Generic;
    9. 

  9. using System.Text;
    10. 

  10. using Utilities;
    11. 

  11. 

  12. namespace SMBLibrary.Authentication.GSSAPI
    13. 

  13. {
    14. 

  14.     public abstract class SimpleProtectedNegotiationToken
    15. 

  15.     {
    16. 

  16.         public const byte ApplicationTag = 0x60;
    17. 

  17. 

  18.         public static readonly byte[] SPNEGOIdentifier = new byte[] { 0x2b, 0x06, 0x01, 0x05, 0x05, 0x02 };
    19. 

  19. 

  20.         public abstract byte[] GetBytes();
    21. 

  21. 

  22.         /// <summary>
    23. 

  23.         /// https://tools.ietf.org/html/rfc2743
    24. 

  24.         /// </summary>
    25. 

  25.         /// <exception cref="System.IO.InvalidDataException"></exception>
    26. 

  26.         public static SimpleProtectedNegotiationToken ReadToken(byte[] tokenBytes, int offset)
    27. 

  27.         {
    28. 

  28.             byte tag = ByteReader.ReadByte(tokenBytes, ref offset);
    29. 

  29.             if (tag == ApplicationTag)
    30. 

  30.             {
    31. 

  31.                 // when an InitToken is sent, it is prepended by an Application Constructed Object specifier (0x60),
    32. 

  32.                 // and the OID for SPNEGO (see value in OID table above). This is the generic GSSAPI header.
    33. 

  33.                 int tokenLength = DerEncodingHelper.ReadLength(tokenBytes, ref offset);
    34. 

  34.                 tag = ByteReader.ReadByte(tokenBytes, ref offset);
    35. 

  35.                 if (tag == (byte)DerEncodingTag.ObjectIdentifier)
    36. 

  36.                 {
    37. 

  37.                     int objectIdentifierLength = DerEncodingHelper.ReadLength(tokenBytes, ref offset);
    38. 

  38.                     byte[] objectIdentifier = ByteReader.ReadBytes(tokenBytes, ref offset, objectIdentifierLength);
    39. 

  39.                     if (ByteUtils.AreByteArraysEqual(objectIdentifier, SPNEGOIdentifier))
    40. 

  40.                     {
    41. 

  41.                         tag = ByteReader.ReadByte(tokenBytes, ref offset);
    42. 

  42.                         if (tag == SimpleProtectedNegotiationTokenInit.NegTokenInitTag)
    43. 

  43.                         {
    44. 

  44.                             return new SimpleProtectedNegotiationTokenInit(tokenBytes, offset);
    45. 

  45.                         }
    46. 

  46.                     }
    47. 

  47.                 }
    48. 

  48.             }
    49. 

  49.             else if (tag == SimpleProtectedNegotiationTokenResponse.NegTokenRespTag)
    50. 

  50.             {
    51. 

  51.                 return new SimpleProtectedNegotiationTokenResponse(tokenBytes, offset);
    52. 

  52.             }
    53. 

  53.             return null;
    54. 

  54.         }
    55. 

  55. 

  56.         /// <summary>
    57. 

  57.         /// Will append the generic GSSAPI header.
    58. 

  58.         /// </summary>
    59. 

  59.         public static byte[] GetTokenBytes(SimpleProtectedNegotiationToken token)
    60. 

  60.         {
    61. 

  61.             if (token is SimpleProtectedNegotiationTokenInit)
    62. 

  62.             {
    63. 

  63.                 byte[] tokenBytes = token.GetBytes();
    64. 

  64.                 int objectIdentifierFieldSize = DerEncodingHelper.GetLengthFieldSize(SPNEGOIdentifier.Length);
    65. 

  65.                 int tokenLength = 1 + objectIdentifierFieldSize + SPNEGOIdentifier.Length + tokenBytes.Length;
    66. 

  66.                 int tokenLengthFieldSize = DerEncodingHelper.GetLengthFieldSize(tokenLength);
    67. 

  67.                 int headerLength = 1 + tokenLengthFieldSize + 1 + objectIdentifierFieldSize + SPNEGOIdentifier.Length;
    68. 

  68.                 byte[] buffer = new byte[headerLength + tokenBytes.Length];
    69. 

  69.                 int offset = 0;
    70. 

  70.                 ByteWriter.WriteByte(buffer, ref offset, ApplicationTag);
    71. 

  71.                 DerEncodingHelper.WriteLength(buffer, ref offset, tokenLength);
    72. 

  72.                 ByteWriter.WriteByte(buffer, ref offset, (byte)DerEncodingTag.ObjectIdentifier);
    73. 

  73.                 DerEncodingHelper.WriteLength(buffer, ref offset, SPNEGOIdentifier.Length);
    74. 

  74.                 ByteWriter.WriteBytes(buffer, ref offset, SPNEGOIdentifier);
    75. 

  75.                 ByteWriter.WriteBytes(buffer, ref offset, tokenBytes);
    76. 

  76.                 return buffer;
    77. 

  77.             }
    78. 

  78.             else
    79. 

  79.             {
    80. 

  80.                 return token.GetBytes();
    81. 

  81.             }
    82. 

  82.         }
    83. 

  83.     }
    84. 

  84. }
    85.