Beispiel #1
0
 private static bool ParseCanary(string canaryString, out byte[] userContextIdBinary, out byte[] timeStampBinary, out byte[] hashBinary)
 {
     userContextIdBinary = null;
     timeStampBinary     = null;
     hashBinary          = null;
     if (string.IsNullOrEmpty(canaryString) || canaryString.Length != 76)
     {
         return(false);
     }
     byte[] array;
     try
     {
         array = Canary.Decode(canaryString);
     }
     catch (FormatException)
     {
         return(false);
     }
     if (array.Length != 56)
     {
         return(false);
     }
     userContextIdBinary = new byte[16];
     timeStampBinary     = new byte[8];
     hashBinary          = new byte[32];
     Array.Copy(array, 0, userContextIdBinary, 0, 16);
     Array.Copy(array, 16, timeStampBinary, 0, 8);
     Array.Copy(array, 24, hashBinary, 0, 32);
     return(true);
 }
 public static void SendCanary(this HttpContext context, ref CanaryStatus canaryStatus, ref bool shouldAddLog)
 {
     if (context.Request.IsAuthenticated && !context.IsLogoffRequest())
     {
         bool       flag = false;
         string     cachedUserUniqueKey = context.GetCachedUserUniqueKey();
         string     canaryName          = context.GetCanaryName();
         HttpCookie httpCookie          = context.Request.Cookies[canaryName];
         if (httpCookie != null && Canary.RestoreCanary(httpCookie.Value, cachedUserUniqueKey) != null)
         {
             flag = true;
         }
         if (!flag)
         {
             if (httpCookie != null)
             {
                 EcpEventLogConstants.Tuple_ResetCanaryInCookie.LogEvent(new object[]
                 {
                     EcpEventLogExtensions.GetUserNameToLog(),
                     cachedUserUniqueKey,
                     canaryName,
                     context.GetRequestUrlForLog(),
                     (httpCookie != null) ? httpCookie.Value : string.Empty
                 });
             }
             Canary     canary      = new Canary(Guid.NewGuid(), cachedUserUniqueKey);
             HttpCookie httpCookie2 = new HttpCookie(canaryName, canary.ToString());
             httpCookie2.HttpOnly = false;
             httpCookie2.Path     = EcpUrl.GetEcpVDirForCanary();
             context.Response.Cookies.Add(httpCookie2);
             canaryStatus |= CanaryStatus.IsCanaryRenewed;
         }
     }
     shouldAddLog = true;
 }
        private static bool HasValidCanary(this HttpContext context, string canaryInHeader, string canaryInForm, string canaryInUrl, out string canaryVersion, ref CanaryStatus canaryStatus)
        {
            bool flag  = context.User is InboundProxySession;
            bool flag2 = !flag || !string.IsNullOrEmpty(context.Request.Headers["msExchEcpOutboundProxyVersion"]);

            canaryVersion = (flag2 ? "14.2" : "14.1");
            string     canaryName          = context.GetCanaryName();
            HttpCookie httpCookie          = context.Request.Cookies[canaryName];
            string     text                = (httpCookie == null) ? string.Empty : httpCookie.Value;
            string     cachedUserUniqueKey = context.GetCachedUserUniqueKey();
            Canary     canary              = Canary.RestoreCanary(text, cachedUserUniqueKey);
            bool       flag3               = !flag2 || canary != null;
            bool       flag4               = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInForm);
            bool       flag5               = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInHeader);
            bool       flag6               = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInUrl);
            bool       flag7               = false;

            if (httpCookie != null && !string.IsNullOrEmpty(httpCookie.Value) && flag3)
            {
                flag7 = (flag5 || flag4 || flag6);
            }
            if (flag7)
            {
                if (flag4)
                {
                    canaryStatus |= (CanaryStatus)3;
                }
                if (flag5)
                {
                    canaryStatus |= (CanaryStatus)1;
                }
                if (flag6)
                {
                    canaryStatus |= (CanaryStatus)2;
                }
            }
            else if (!flag3)
            {
                EcpEventLogConstants.Tuple_InvalidCanaryInCookieDetected.LogPeriodicEvent(EcpEventLogExtensions.GetPeriodicKeyPerUser(), new object[]
                {
                    EcpEventLogExtensions.GetUserNameToLog(),
                    cachedUserUniqueKey,
                    canaryName,
                    context.GetRequestUrlForLog(),
                    text
                });
            }
            else
            {
                EcpEventLogConstants.Tuple_InvalidCanaryDetected.LogPeriodicEvent(EcpEventLogExtensions.GetPeriodicKeyPerUser(), new object[]
                {
                    EcpEventLogExtensions.GetUserNameToLog(),
                    context.GetRequestUrlForLog(),
                    text,
                    string.Format("{0} in header, {1} in form, in URL {2}", canaryInHeader, canaryInForm, canaryInUrl)
                });
            }
            return(flag7);
        }
Beispiel #4
0
 private Canary(byte[] userContextIdBinary, byte[] timeStampBinary, string logonUniqueKey)
 {
     byte[] array  = Canary.ComputeHash(userContextIdBinary, timeStampBinary, logonUniqueKey);
     byte[] array2 = new byte[userContextIdBinary.Length + timeStampBinary.Length + array.Length];
     userContextIdBinary.CopyTo(array2, 0);
     timeStampBinary.CopyTo(array2, userContextIdBinary.Length);
     array.CopyTo(array2, userContextIdBinary.Length + timeStampBinary.Length);
     this.UserContextId  = new Guid(userContextIdBinary).ToString("N");
     this.LogonUniqueKey = logonUniqueKey;
     this.canaryString   = Canary.Encode(array2);
 }
Beispiel #5
0
 public bool ValidateCanary(string canaryString)
 {
     byte[] userContextIdBinary;
     byte[] timeStampBinary;
     byte[] a;
     if (!Canary.ParseCanary(canaryString, out userContextIdBinary, out timeStampBinary, out a))
     {
         return(false);
     }
     if (Canary.IsExpired(timeStampBinary))
     {
         return(false);
     }
     byte[] b = Canary.ComputeHash(userContextIdBinary, timeStampBinary, this.LogonUniqueKey);
     return(Canary.AreEqual(a, b));
 }
Beispiel #6
0
 public static Canary RestoreCanary(string canaryString, string logonUniqueKey)
 {
     byte[] userContextIdBinary;
     byte[] timeStampBinary;
     byte[] b;
     if (Canary.ParseCanary(canaryString, out userContextIdBinary, out timeStampBinary, out b))
     {
         if (Canary.IsExpired(timeStampBinary))
         {
             return(null);
         }
         byte[] a = Canary.ComputeHash(userContextIdBinary, timeStampBinary, logonUniqueKey);
         if (Canary.AreEqual(a, b))
         {
             return(new Canary(userContextIdBinary, timeStampBinary, logonUniqueKey));
         }
     }
     return(null);
 }