PDIRTY_ASN1_SEQUENCE_EASY kuhl_m_kerberos_ticket_createSequenceEncryptedData(UCHAR eType, UCHAR kvNo, LPCVOID data, DWORD size) { PDIRTY_ASN1_SEQUENCE_EASY Seq_EncryptedData, Ctx_root; if(Seq_EncryptedData = KULL_M_ASN1_CREATE_SEQ()) { if(Ctx_root = KULL_M_ASN1_CREATE_CTX(ID_CTX_ENCRYPTEDDATA_ETYPE)) { kull_m_asn1_create(DIRTY_ASN1_ID_INTEGER, &eType, sizeof(UCHAR), &Ctx_root); kull_m_asn1_append(&Seq_EncryptedData, Ctx_root); } if(eType) { if(Ctx_root = KULL_M_ASN1_CREATE_CTX(ID_CTX_ENCRYPTEDDATA_KVNO)) { kull_m_asn1_create(DIRTY_ASN1_ID_INTEGER, &kvNo, sizeof(UCHAR), &Ctx_root); kull_m_asn1_append(&Seq_EncryptedData, Ctx_root); } } if(Ctx_root = KULL_M_ASN1_CREATE_CTX(ID_CTX_ENCRYPTEDDATA_CIPHER)) { kull_m_asn1_create(DIRTY_ASN1_ID_OCTET_STRING, data, size, &Ctx_root); kull_m_asn1_append(&Seq_EncryptedData, Ctx_root); } } return Seq_EncryptedData; }
PDIRTY_ASN1_SEQUENCE_EASY kuhl_m_kerberos_ticket_createSequencePrimaryName(PKERB_EXTERNAL_NAME name) { PDIRTY_ASN1_SEQUENCE_EASY Seq_ExternalName, Ctx_root, Seq_Names; UCHAR integer1; USHORT i; ANSI_STRING aString; if(Seq_ExternalName = KULL_M_ASN1_CREATE_SEQ()) { if(Ctx_root = KULL_M_ASN1_CREATE_CTX(ID_CTX_PRINCIPALNAME_NAME_TYPE)) { integer1 = (UCHAR) name->NameType; kull_m_asn1_create(DIRTY_ASN1_ID_INTEGER, &integer1, sizeof(UCHAR), &Ctx_root); kull_m_asn1_append(&Seq_ExternalName, Ctx_root); } if(Ctx_root = KULL_M_ASN1_CREATE_CTX(ID_CTX_PRINCIPALNAME_NAME_STRING)) { if(Seq_Names = KULL_M_ASN1_CREATE_SEQ()) { for(i = 0; i < name->NameCount; i++) { if(NT_SUCCESS(RtlUnicodeStringToAnsiString(&aString, &name->Names[i], TRUE))) { kull_m_asn1_create(DIRTY_ASN1_ID_GENERAL_STRING, aString.Buffer, aString.Length, &Seq_Names); RtlFreeAnsiString(&aString); } } kull_m_asn1_append(&Ctx_root, Seq_Names); } kull_m_asn1_append(&Seq_ExternalName, Ctx_root); } } return Seq_ExternalName; }
PDIRTY_ASN1_SEQUENCE_EASY kuhl_m_kerberos_ticket_createAppEncKrbCredPart(PKIWI_KERBEROS_TICKET ticket) { PDIRTY_ASN1_SEQUENCE_EASY App_EncKrbCredPart, Seq_EncKrbCredPart, Ctx_TicketInfo, Seq_TicketInfo, Seq_KrbCredInfo; if(App_EncKrbCredPart = KULL_M_ASN1_CREATE_APP(ID_APP_ENCKRBCREDPART)) { if(Seq_EncKrbCredPart = KULL_M_ASN1_CREATE_SEQ()) { if(Ctx_TicketInfo = KULL_M_ASN1_CREATE_CTX(ID_CTX_ENCKRBCREDPART_TICKET_INFO)) { if(Seq_TicketInfo = KULL_M_ASN1_CREATE_SEQ()) { if(Seq_KrbCredInfo = KULL_M_ASN1_CREATE_SEQ()) { kull_m_asn1_append_ctx_and_data_to_seq(&Seq_KrbCredInfo, ID_CTX_KRBCREDINFO_KEY, kuhl_m_kerberos_ticket_createSequenceEncryptionKey((UCHAR) ticket->KeyType, ticket->Key.Value, ticket->Key.Length)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_KrbCredInfo, ID_CTX_KRBCREDINFO_PREALM, kull_m_asn1_GenString(&ticket->AltTargetDomainName)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_KrbCredInfo, ID_CTX_KRBCREDINFO_PNAME, kuhl_m_kerberos_ticket_createSequencePrimaryName(ticket->ClientName)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_KrbCredInfo, ID_CTX_KRBCREDINFO_FLAGS, kull_m_asn1_BitStringFromULONG(ticket->TicketFlags)); /* ID_CTX_KRBCREDINFO_AUTHTIME not present */ kull_m_asn1_append_ctx_and_data_to_seq(&Seq_KrbCredInfo, ID_CTX_KRBCREDINFO_STARTTIME, kull_m_asn1_GenTime(&ticket->StartTime)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_KrbCredInfo, ID_CTX_KRBCREDINFO_ENDTIME, kull_m_asn1_GenTime(&ticket->EndTime)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_KrbCredInfo, ID_CTX_KRBCREDINFO_RENEW_TILL, kull_m_asn1_GenTime(&ticket->RenewUntil)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_KrbCredInfo, ID_CTX_KRBCREDINFO_SREAL, kull_m_asn1_GenString(&ticket->DomainName)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_KrbCredInfo, ID_CTX_KRBCREDINFO_SNAME, kuhl_m_kerberos_ticket_createSequencePrimaryName(ticket->ServiceName)); kull_m_asn1_append(&Seq_TicketInfo, Seq_KrbCredInfo); } kull_m_asn1_append(&Ctx_TicketInfo, Seq_TicketInfo); } kull_m_asn1_append(&Seq_EncKrbCredPart, Ctx_TicketInfo); } kull_m_asn1_append(&App_EncKrbCredPart, Seq_EncKrbCredPart); } } return App_EncKrbCredPart; }
PDIRTY_ASN1_SEQUENCE_EASY kuhl_m_kerberos_ticket_createAppKrbCred(PKIWI_KERBEROS_TICKET ticket) { PDIRTY_ASN1_SEQUENCE_EASY App_KrbCred, Seq_KrbCred, Ctx_KrbCred, Seq_Root, App_EncKrbCredPart; UCHAR integer1; if(App_KrbCred = KULL_M_ASN1_CREATE_APP(ID_APP_KRB_CRED)) { if(Seq_KrbCred = KULL_M_ASN1_CREATE_SEQ()) { if(Ctx_KrbCred = KULL_M_ASN1_CREATE_CTX(ID_CTX_KRB_CRED_PVNO)) { integer1 = KERBEROS_VERSION; kull_m_asn1_create(DIRTY_ASN1_ID_INTEGER, &integer1, sizeof(UCHAR), &Ctx_KrbCred); kull_m_asn1_append(&Seq_KrbCred, Ctx_KrbCred); } if(Ctx_KrbCred = KULL_M_ASN1_CREATE_CTX(ID_CTX_KRB_CRED_MSG_TYPE)) { integer1 = ID_APP_KRB_CRED; kull_m_asn1_create(DIRTY_ASN1_ID_INTEGER, &integer1, sizeof(UCHAR), &Ctx_KrbCred); kull_m_asn1_append(&Seq_KrbCred, Ctx_KrbCred); } if(Ctx_KrbCred = KULL_M_ASN1_CREATE_CTX(ID_CTX_KRB_CRED_TICKETS)) { if(Seq_Root = KULL_M_ASN1_CREATE_SEQ()) { kull_m_asn1_append(&Seq_Root, kuhl_m_kerberos_ticket_createAppTicket(ticket)); kull_m_asn1_append(&Ctx_KrbCred, Seq_Root); } kull_m_asn1_append(&Seq_KrbCred, Ctx_KrbCred); } if(Ctx_KrbCred = KULL_M_ASN1_CREATE_CTX(ID_CTX_KRB_CRED_ENC_PART)) { if(App_EncKrbCredPart = kuhl_m_kerberos_ticket_createAppEncKrbCredPart(ticket)) { kull_m_asn1_append(&Ctx_KrbCred, kuhl_m_kerberos_ticket_createSequenceEncryptedData(KERB_ETYPE_NULL, 0, App_EncKrbCredPart, kull_m_asn1_getSize(App_EncKrbCredPart))); LocalFree(App_EncKrbCredPart); } kull_m_asn1_append(&Seq_KrbCred, Ctx_KrbCred); } kull_m_asn1_append(&App_KrbCred, Seq_KrbCred); } } return App_KrbCred; }
PDIRTY_ASN1_SEQUENCE_EASY kuhl_m_kerberos_ticket_createSequenceEncryptionKey(UCHAR eType, LPCVOID data, DWORD size) { PDIRTY_ASN1_SEQUENCE_EASY Seq_EncryptionKey, Ctx_root; if(Seq_EncryptionKey = KULL_M_ASN1_CREATE_SEQ()) { if(Ctx_root = KULL_M_ASN1_CREATE_CTX(ID_CTX_ENCRYPTIONKEY_KEYTYPE)) { kull_m_asn1_create(DIRTY_ASN1_ID_INTEGER, &eType, sizeof(UCHAR), &Ctx_root); kull_m_asn1_append(&Seq_EncryptionKey, Ctx_root); } if(Ctx_root = KULL_M_ASN1_CREATE_CTX(ID_CTX_ENCRYPTIONKEY_KEYVALUE)) { kull_m_asn1_create(DIRTY_ASN1_ID_OCTET_STRING, data, size, &Ctx_root); kull_m_asn1_append(&Seq_EncryptionKey, Ctx_root); } } return Seq_EncryptionKey; }
PDIRTY_ASN1_SEQUENCE_EASY kuhl_m_kerberos_ticket_createAppTicket(PKIWI_KERBEROS_TICKET ticket) { PDIRTY_ASN1_SEQUENCE_EASY App_Ticket, Seq_Ticket, Ctx_Ticket; UCHAR integer1; if(App_Ticket = KULL_M_ASN1_CREATE_APP(ID_APP_TICKET)) { if(Seq_Ticket = KULL_M_ASN1_CREATE_SEQ()) { if(Ctx_Ticket = KULL_M_ASN1_CREATE_CTX(ID_CTX_TICKET_TKT_VNO)) { integer1 = KERBEROS_VERSION; kull_m_asn1_create(DIRTY_ASN1_ID_INTEGER, &integer1, sizeof(UCHAR), &Ctx_Ticket); kull_m_asn1_append(&Seq_Ticket, Ctx_Ticket); } if(Ctx_Ticket = KULL_M_ASN1_CREATE_CTX(ID_CTX_TICKET_REALM)) { kull_m_asn1_append(&Ctx_Ticket, kull_m_asn1_GenString(&ticket->DomainName)); kull_m_asn1_append(&Seq_Ticket, Ctx_Ticket); } if(Ctx_Ticket = KULL_M_ASN1_CREATE_CTX(ID_CTX_TICKET_SNAME)) { kull_m_asn1_append(&Ctx_Ticket, kuhl_m_kerberos_ticket_createSequencePrimaryName(ticket->ServiceName)); kull_m_asn1_append(&Seq_Ticket, Ctx_Ticket); } if(Ctx_Ticket = KULL_M_ASN1_CREATE_CTX(ID_CTX_TICKET_ENC_PART)) { kull_m_asn1_append(&Ctx_Ticket, kuhl_m_kerberos_ticket_createSequenceEncryptedData((UCHAR) ticket->TicketEncType, (UCHAR) ticket->TicketKvno, ticket->Ticket.Value, ticket->Ticket.Length)); kull_m_asn1_append(&Seq_Ticket, Ctx_Ticket); } kull_m_asn1_append(&App_Ticket, Seq_Ticket); } } return App_Ticket; }
PDIRTY_ASN1_SEQUENCE_EASY kuhl_m_kerberos_ticket_createAppEncTicketPart(PKIWI_KERBEROS_TICKET ticket, LPCVOID PacAuthData, DWORD PacAuthDataSize) { PDIRTY_ASN1_SEQUENCE_EASY App_EncTicketPart, Seq_EncTicketPart, Ctx_EncTicketPart, Ctx_Root, Seq_1, Seq_2, Seq_3, Seq_4, OctetString; UCHAR integer1; USHORT integer2; if(App_EncTicketPart = KULL_M_ASN1_CREATE_APP(ID_APP_ENCTICKETPART)) { if(Seq_EncTicketPart = KULL_M_ASN1_CREATE_SEQ()) { kull_m_asn1_append_ctx_and_data_to_seq(&Seq_EncTicketPart, ID_CTX_ENCTICKETPART_FLAGS, kull_m_asn1_BitStringFromULONG(ticket->TicketFlags)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_EncTicketPart, ID_CTX_ENCTICKETPART_KEY, kuhl_m_kerberos_ticket_createSequenceEncryptionKey((UCHAR) ticket->KeyType, ticket->Key.Value, ticket->Key.Length)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_EncTicketPart, ID_CTX_ENCTICKETPART_CREALM, kull_m_asn1_GenString(&ticket->AltTargetDomainName)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_EncTicketPart, ID_CTX_ENCTICKETPART_CNAME, kuhl_m_kerberos_ticket_createSequencePrimaryName(ticket->ClientName)); if(Ctx_EncTicketPart = KULL_M_ASN1_CREATE_CTX(ID_CTX_ENCTICKETPART_TRANSITED)) { if(Seq_1 = KULL_M_ASN1_CREATE_SEQ()) { integer1 = 0; kull_m_asn1_append_ctx_and_data_to_seq(&Seq_1, ID_CTX_TRANSITEDENCODING_TR_TYPE, kull_m_asn1_create(DIRTY_ASN1_ID_INTEGER, &integer1, sizeof(UCHAR), NULL)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_1, ID_CTX_TRANSITEDENCODING_CONTENTS, kull_m_asn1_create(DIRTY_ASN1_ID_OCTET_STRING, NULL, 0, NULL)); kull_m_asn1_append(&Ctx_EncTicketPart, Seq_1); } kull_m_asn1_append(&Seq_EncTicketPart, Ctx_EncTicketPart); } kull_m_asn1_append_ctx_and_data_to_seq(&Seq_EncTicketPart, ID_CTX_ENCTICKETPART_AUTHTIME, kull_m_asn1_GenTime(&ticket->StartTime)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_EncTicketPart, ID_CTX_ENCTICKETPART_STARTTIME, kull_m_asn1_GenTime(&ticket->StartTime)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_EncTicketPart, ID_CTX_ENCTICKETPART_ENDTIME, kull_m_asn1_GenTime(&ticket->EndTime)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_EncTicketPart, ID_CTX_ENCTICKETPART_RENEW_TILL, kull_m_asn1_GenTime(&ticket->RenewUntil)); /* ID_CTX_ENCTICKETPART_CADDR not present */ if(Ctx_EncTicketPart = KULL_M_ASN1_CREATE_CTX(ID_CTX_ENCTICKETPART_AUTHORIZATION_DATA)) { if(Seq_1 = KULL_M_ASN1_CREATE_SEQ()) { if(Seq_2 = KULL_M_ASN1_CREATE_SEQ()) { integer1 = ID_AUTHDATA_AD_IF_RELEVANT; kull_m_asn1_append_ctx_and_data_to_seq(&Seq_2, ID_CTX_AUTHORIZATIONDATA_AD_TYPE, kull_m_asn1_create(DIRTY_ASN1_ID_INTEGER, &integer1, sizeof(UCHAR), NULL)); if(Ctx_Root = KULL_M_ASN1_CREATE_CTX(ID_CTX_AUTHORIZATIONDATA_AD_DATA)) { if(OctetString = kull_m_asn1_create(DIRTY_ASN1_ID_OCTET_STRING, NULL, 0, NULL)) { if(Seq_3 = KULL_M_ASN1_CREATE_SEQ()) { if(Seq_4 = KULL_M_ASN1_CREATE_SEQ()) { integer2 = _byteswap_ushort(ID_AUTHDATA_AD_WIN2K_PAC); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_4, ID_AUTHDATA_AD_WIN2K_PAC, kull_m_asn1_create(DIRTY_ASN1_ID_INTEGER, &integer2, sizeof(USHORT), NULL)); kull_m_asn1_append_ctx_and_data_to_seq(&Seq_4, ID_CTX_AUTHORIZATIONDATA_AD_DATA, kull_m_asn1_create(DIRTY_ASN1_ID_OCTET_STRING, PacAuthData, PacAuthDataSize, NULL)); kull_m_asn1_append(&Seq_3, Seq_4); } kull_m_asn1_append(&OctetString, Seq_3); } kull_m_asn1_append(&Ctx_Root, OctetString); } kull_m_asn1_append(&Seq_2, Ctx_Root); } kull_m_asn1_append(&Seq_1, Seq_2); } kull_m_asn1_append(&Ctx_EncTicketPart, Seq_1); } kull_m_asn1_append(&Seq_EncTicketPart, Ctx_EncTicketPart); } kull_m_asn1_append(&App_EncTicketPart, Seq_EncTicketPart); } } return App_EncTicketPart; }