C# (CSharp) RequestContext.CreateResponse Examples

Example #1

        /// <summary>
        /// Requesthandler
        ///
        /// Trys to select the client desired authentication mechanism and responds with the selection status
        /// </summary>
        /// <param name="subsystem"></param>
        /// <param name="requestCtx"></param>
        private void HandleSelectAuthenticationMechanismsRequest(AuthenticationSubsystem subsystem,
                                                                 RequestContext <SelectAuthenticationMechanismsRequest, SelectAuthenticationMechanismsResponse> requestCtx)
        {
            List <string> compatibleAuthenticationMechanisms = ListCompatibleAuthenticationMechanisms();

            try
            {
                if (compatibleAuthenticationMechanisms.Contains(requestCtx.Request.AuthMechanismToSelect))
                {
                    MyServerContext.ServerAuthenticationContext = new ServerAuthenticationContext();
                    MyServerContext.ServerAuthenticationContext.AuthenticationMechanism =
                        CreateAuthenticationMechanism(requestCtx.Request.AuthMechanismToSelect);

                    MyServerContext.ServerAuthenticationContext.AuthenticationMechanism.Initialize(_context);

                    SelectAuthenticationMechanismsResponse response = requestCtx.CreateResponse();
                    response.Succeeded = true;
                    response.Execute();
                }
                else
                {
                    SelectAuthenticationMechanismsResponse response = requestCtx.CreateResponse();
                    response.Succeeded = false;
                    response.SetKnownErrorCode(AuthenticationSubsystemResponseBase.ErrorCodeEnum.AuthenticationMechanismNotAvailable);
                    response.Execute();
                }
            }
            catch (Exception ex)
            {
                SelectAuthenticationMechanismsResponse response = requestCtx.CreateResponse();
                response.Succeeded          = false;
                response.CustomErrorMessage = string.Format("An unexpected error occured: {0}", ex.Message);
                response.Execute();
            }
        }

Example #2

        public override void Authenticate(RequestContext <AuthenticateRequest, AuthenticateResponse> requestContext)
        {
            SslConnection connection = _context.Connection as SslConnection;

            X509Certificate cert           = connection.ClientCertificate;
            string          certHashString = cert.GetCertHashString();

            foreach (User user in ServerContext.AccessControlList.Users)
            {
                SslAuthenticationParameters auth = (SslAuthenticationParameters)user.GetAuthentication("ssl_auth");


                if (auth != null && auth.CertificateHash.Equals(certHashString))
                {
                    ServerContext.ServerAuthenticationContext.AuthenticatedPermissionMember = user;

                    AuthenticateResponse response = requestContext.CreateResponse();
                    response.Succeeded = true;
                    response.Execute();
                    return;
                }
            }

            _log.WarnFormat("Could not find user associated with certificate '{0}'", certHashString);

            AuthenticateResponse errorResponse = requestContext.CreateResponse();

            errorResponse.Succeeded          = false;
            errorResponse.CustomErrorMessage = "No client associated with specified certificate!";
            errorResponse.Execute();
        }

Example #3

        /// <summary>
        /// Selects the specified tpm device (if the authenticated user has the permission)
        /// </summary>
        /// <param name="subsystem"></param>
        /// <param name="requestContext"></param>
        private void HandleSelectTPMRequest(TPMSubsystem subsystem, RequestContext <SelectTPMRequest, SelectTPMResponse> requestContext)
        {
            if (!AssertUserAuthentication("select_" + requestContext.Request.TPMIdentifier, requestContext.CreateResponse()))
            {
                return;
            }

            SelectTPMResponse response = requestContext.CreateResponse();

            if (ServerContext.TPMContexts.ContainsKey(requestContext.Request.TPMIdentifier) == false)
            {
                response.Succeeded = false;
                response.SetKnownErrorCode(TPMSubsystemResponseBase.ErrorCodeEnum.TPMDeviceNotFound);
                response.Execute();
                return;
            }


            lock (_selectedTPMs)
            {
                int myId = (++_maxTPMIdentifier);

                _selectedTPMs.Add(myId, ServerContext.TPMContexts[requestContext.Request.TPMIdentifier]);
                response.TPMSessionIdentifier = myId;
            }

            response.Execute();
        }

Example #4

File: TPMClientSubsystem.cs Project: smuthubabu/doTSS

        /// <summary>
        /// Handles a HMAC generation request from the server
        /// </summary>
        /// <param name="subsystem"></param>
        /// <param name="requestContext"></param>
        private void HandleGenerateHMACRequest(TPMClientSubsystem subsystem, RequestContext <GenerateHMACRequest, GenerateHMACResponse> requestContext)
        {
            TPMSession session = MyClientContext.TPMClient.FindSession(requestContext.Request.TpmSessionIdentifier);

            GenerateHMACResponse response = requestContext.CreateResponse();

            if (session == null)
            {
                _logger.WarnFormat("Received HMAC request for tpm session with id #{0}, but this id is not associated with an active session!",
                                   requestContext.Request.TpmSessionIdentifier);

                response.Succeeded = false;
                response.SetKnownErrorCode(GenerateHMACResponse.ErrorCodeEnum.TPMSessionNotFound);
                response.Execute();
                return;
            }

            _logger.DebugFormat("Requesting password: {0}", requestContext.Request.KeyInfo.KeyType);
            ProtectedPasswordStorage pw = session.RequestSecret(requestContext.Request.KeyInfo);

            if (pw == null)
            {
                response.Succeeded = false;
                response.SetKnownErrorCode(GenerateHMACResponse.ErrorCodeEnum.HMACSecretMissing);
                response.Execute();
                return;
            }

            HMACProvider hmacProvider = new HMACProvider(pw);

            response.Succeeded   = true;
            response.TpmAuthData = hmacProvider.Hash(requestContext.Request.HMACDataProviders);

            response.Execute();
        }

Example #5

File: TPMClientSubsystem.cs Project: smuthubabu/doTSS

        /// <summary>
        /// Gets the key data (which is needed to load the key)
        /// </summary>
        /// <param name="subsystem"></param>
        /// <param name="requestContext"></param>
        private void HandleGetKeyDataRequest(TPMClientSubsystem subsystem, RequestContext <GetKeyDataRequest, GetKeyDataResponse> requestContext)
        {
            TPMSession session = MyClientContext.TPMClient.FindSession(requestContext.Request.TpmSessionIdentifier);

            GetKeyDataResponse response = requestContext.CreateResponse();

            if (session == null)
            {
                _logger.WarnFormat("Received HMAC request for tpm session with id #{0}, but this id is not associated with an active session!",
                                   requestContext.Request.TpmSessionIdentifier);

                response.Succeeded = false;
                response.SetKnownErrorCode(TPMClientSubsystemResponseBase.ErrorCodeEnum.TPMSessionNotFound);
                response.Execute();
                return;
            }

            if (session.Keystore.ContainsIdentifier(requestContext.Request.Identifier) == false)
            {
                response.SetKnownErrorCode(TPMClientSubsystemResponseBase.ErrorCodeEnum.KeyIdentifierMissing);
                response.Succeeded = false;
                response.Execute();
                return;
            }

            response.KeyData = session.Keystore.GetKeyBlob(requestContext.Request.Identifier);
            response.Execute();
        }

Example #6

File: DebugSubsystem.cs Project: smuthubabu/doTSS

        private void HandlePrintOnServerConsoleWithResponseRequest(DebugSubsystem subsystem, RequestContext <RequestPrintOnServerConsoleWithResponse, ResponsePrintOnServerConsole> requestCtx)
        {
            Console.WriteLine(requestCtx.Request.Text);

            ResponsePrintOnServerConsole response = requestCtx.CreateResponse();

            response.Execute();
        }

Example #7

        /// <summary>
        /// Requesthandler
        ///
        /// Looks for all configured and compatible authentication methods for the requesting client
        /// </summary>
        /// <param name="subsystem"></param>
        /// <param name="requestCtx"></param>
        private void HandleListAuthenticationMechanisms(AuthenticationSubsystem subsystem,
                                                        RequestContext <ListAuthenticationMechanismsRequest, ListAuthenticationMechanismsResponse> requestCtx)
        {
            ListAuthenticationMechanismsResponse response = requestCtx.CreateResponse();

            response.AuthenticationModes = ListCompatibleAuthenticationMechanisms().ToArray();
            response.Execute();
        }

Example #8

        /// <summary>
        /// Retrieves informations about keys
        /// </summary>
        /// <param name="subsystem"></param>
        /// <param name="requestContext"></param>
        private void HandleKeyInfoRequest(TPMSubsystem subsystem, RequestContext <KeyInfoRequest, KeyInfoResponse> requestContext)
        {
            TPMContext      tpmContext;
            KeyInfoResponse response;

            lock (_selectedTPMs)
            {
                if (_selectedTPMs.ContainsKey(requestContext.Request.TPMIdentifier) == false)
                {
                    response           = requestContext.CreateResponse();
                    response.Succeeded = false;
                    response.SetKnownErrorCode(TPMSubsystemResponseBase.ErrorCodeEnum.TPMIdentifierNotValid);
                    response.Execute();
                    return;
                }

                tpmContext = _selectedTPMs[requestContext.Request.TPMIdentifier];
            }

            if (!AssertUserAuthentication("key_info_" + _selectedTPMs[requestContext.Request.TPMIdentifier].DeviceName, requestContext.CreateResponse()))
            {
                return;
            }

            KeyManagerHelper keyManagerHelper = new KeyManagerHelper(ServerContext, tpmContext, requestContext.Request.TPMIdentifier,
                                                                     new CommandAuthorizationHelper(ServerContext, requestContext.Request.TPMIdentifier, tpmContext));

            if (keyManagerHelper.ContainsIdentifier(requestContext.Request.KeyIdentifier) == false)
            {
                response           = requestContext.CreateResponse();
                response.Succeeded = false;
                response.SetKnownErrorCode(TPMSubsystemResponseBase.ErrorCodeEnum.NotAValidKeyIdentifier);
                response.Execute();
                return;
            }

            byte[] keyBlob = keyManagerHelper.GetKeyBlob(requestContext.Request.KeyIdentifier);
            response           = requestContext.CreateResponse();
            response.Succeeded = true;
            response.TPMKey    = TPMKeyCore.CreateFromBytes(keyBlob);
            response.Execute();
        }

Example #9

File: NamedPipeAuthentication.cs Project: deveck/doTSS

        public override void Authenticate(RequestContext<AuthenticateRequest, AuthenticateResponse> requestContext)
        {
            string remoteUser = ((NamedPipeServerStream)((NamedPipeConnection)requestContext.Context.Connection).PipeStream).GetImpersonationUserName();

            if (remoteUser == null)
            {
                AuthenticateResponse response = requestContext.CreateResponse();
                response.Succeeded = false;
                response.CustomErrorMessage = "Could not retrieve credentials from requesting client!";
                response.Execute();
            }
            else
            {
                ServerContext.ServerAuthenticationContext.AuthenticatedPermissionMember =
                    new ExternalUser(remoteUser, null);

                AuthenticateResponse response = requestContext.CreateResponse();
                response.Succeeded = true;
                response.Execute();
            }
        }

Example #10

File: UnixSocketAuthentication.cs Project: deveck/doTSS

        public override void Authenticate(RequestContext<AuthenticateRequest, AuthenticateResponse> requestContext)
        {
            PeerCred credentials = new PeerCred(((UnixSocketConnection)ServerContext.Connection).UnixSocket);

            if(credentials == null)
            {
                AuthenticateResponse response = requestContext.CreateResponse();
                response.Succeeded = false;
                response.CustomErrorMessage = "Could not retrieve credentials from requesting client!";
                response.Execute();
            }
            else
            {
                ServerContext.ServerAuthenticationContext.AuthenticatedPermissionMember =
                    new ExternalUser(credentials.UserID.ToString(), credentials.GroupID.ToString());

                AuthenticateResponse response = requestContext.CreateResponse();
                response.Succeeded = true;
                response.Execute();
            }
        }

Example #11

File: UnixSocketAuthentication.cs Project: smuthubabu/doTSS

        public override void Authenticate(RequestContext <AuthenticateRequest, AuthenticateResponse> requestContext)
        {
            PeerCred credentials = new PeerCred(((UnixSocketConnection)ServerContext.Connection).UnixSocket);

            if (credentials == null)
            {
                AuthenticateResponse response = requestContext.CreateResponse();
                response.Succeeded          = false;
                response.CustomErrorMessage = "Could not retrieve credentials from requesting client!";
                response.Execute();
            }
            else
            {
                ServerContext.ServerAuthenticationContext.AuthenticatedPermissionMember =
                    new ExternalUser(credentials.UserID.ToString(), credentials.GroupID.ToString());

                AuthenticateResponse response = requestContext.CreateResponse();
                response.Succeeded = true;
                response.Execute();
            }
        }

Example #12

        public override void Authenticate(RequestContext <AuthenticateRequest, AuthenticateResponse> requestContext)
        {
            foreach (User user in ServerContext.AccessControlList.Users)
            {
                if (user.Id == _user && user.IdType == IdTypeEnum.User)
                {
                    ServerContext.ServerAuthenticationContext.AuthenticatedPermissionMember = user;

                    AuthenticateResponse response = requestContext.CreateResponse();
                    response.Succeeded = true;
                    response.Execute();
                    return;
                }
            }

            AuthenticateResponse errorResponse = requestContext.CreateResponse();

            errorResponse.Succeeded          = false;
            errorResponse.CustomErrorMessage = "Could not retrieve credentials from requesting client!";
            errorResponse.Execute();
        }

Example #13

        /// <summary>
        /// Lists all available TPM devices, that can be accessed by the authenticated user
        /// </summary>
        /// <param name="subsystem"></param>
        /// <param name="requestContext"></param>
        private void HandleListTPMsRequest(TPMSubsystem subsystem, RequestContext <ListTPMsRequest, ListTPMsResponse> requestContext)
        {
            if (!AssertUserAuthentication(null, requestContext.CreateResponse()))
            {
                return;
            }

            List <string> tpmDevices = new List <string> ();

            foreach (KeyValuePair <string, TPMContext> ctx in ServerContext.TPMContexts)
            {
                if (IsAllowedToUseTPMDevice(ctx.Key))
                {
                    tpmDevices.Add(ctx.Key);
                }
            }

            ListTPMsResponse response = requestContext.CreateResponse();

            response.TPMDevices = tpmDevices.ToArray();
            response.Execute();
        }

Example #14

File: NamedPipeAuthentication.cs Project: smuthubabu/doTSS

        public override void Authenticate(RequestContext <AuthenticateRequest, AuthenticateResponse> requestContext)
        {
            string remoteUser = ((NamedPipeServerStream)((NamedPipeConnection)requestContext.Context.Connection).PipeStream).GetImpersonationUserName();

            if (remoteUser == null)
            {
                AuthenticateResponse response = requestContext.CreateResponse();
                response.Succeeded          = false;
                response.CustomErrorMessage = "Could not retrieve credentials from requesting client!";
                response.Execute();
            }
            else
            {
                ServerContext.ServerAuthenticationContext.AuthenticatedPermissionMember =
                    new ExternalUser(remoteUser, null);


                AuthenticateResponse response = requestContext.CreateResponse();
                response.Succeeded = true;
                response.Execute();
            }
        }

Example #15

 /// <summary>
 /// Starts the authentication process
 /// </summary>
 /// <param name="subsystem"></param>
 /// <param name="requestCtx"></param>
 private void HandleAuthenticateRequest(AuthenticationSubsystem subsystem,
                                        RequestContext <AuthenticateRequest, AuthenticateResponse> requestCtx)
 {
     if (MyServerContext.ServerAuthenticationContext == null ||
         MyServerContext.ServerAuthenticationContext.AuthenticationMechanism == null)
     {
         AuthenticateResponse response = requestCtx.CreateResponse();
         response.Succeeded = false;
         response.SetKnownErrorCode(AuthenticationSubsystemResponseBase.ErrorCodeEnum.NoAuthenticationMechanismSelected);
         response.Execute();
     }
     else
     {
         MyServerContext.ServerAuthenticationContext.AuthenticationMechanism.Authenticate(requestCtx);
     }
 }

Example #16

File: DummyAuthentication.cs Project: deveck/doTSS

        public override void Authenticate(RequestContext<AuthenticateRequest, AuthenticateResponse> requestContext)
        {
            foreach(User user in ServerContext.AccessControlList.Users)
            {
                if(user.Id == _user && user.IdType == IdTypeEnum.User)
                {
                    ServerContext.ServerAuthenticationContext.AuthenticatedPermissionMember = user;

                    AuthenticateResponse response = requestContext.CreateResponse();
                    response.Succeeded = true;
                    response.Execute();
                    return;
                }
            }

            AuthenticateResponse errorResponse = requestContext.CreateResponse();
            errorResponse.Succeeded = false;
            errorResponse.CustomErrorMessage = "Could not retrieve credentials from requesting client!";
            errorResponse.Execute();
        }

Example #17

        private void HandleTPMRequest(TPMSubsystem subsystem, RequestContext <TPMRequest, TPMResponse> requestContext)
        {
            if (!AssertUserAuthentication(null, requestContext.CreateResponse()))
            {
                return;
            }



            TPMContext  tpmContext;
            TPMResponse response;

            lock (_selectedTPMs)
            {
                if (_selectedTPMs.ContainsKey(requestContext.Request.TPMIdentifier) == false)
                {
                    response           = requestContext.CreateResponse();
                    response.Succeeded = false;
                    response.SetKnownErrorCode(TPMSubsystemResponseBase.ErrorCodeEnum.TPMIdentifierNotValid);
                    response.Execute();
                    return;
                }

                tpmContext = _selectedTPMs[requestContext.Request.TPMIdentifier];
            }

            string commandIdentifier = requestContext.Request.CommandRequest.CommandIdentifier;

            if (IsAllowedToRunCommand(commandIdentifier, tpmContext) == false)
            {
                response           = requestContext.CreateResponse();
                response.Succeeded = false;
                response.SetKnownCommonError(SubsystemResponse.CommonErrorCodes.NotPermitted);
                response.Execute();
                return;
            }

            _logger.DebugFormat("Executing {0}", requestContext.Request.CommandRequest.CommandIdentifier);

            response = requestContext.CreateResponse();
            try
            {
                TPMCommandResponse commandResponse;

                //Locking here is not a good idea, because the Process method
                //block until the final command is executed. This could take a long time,
                //because the user might be asked to authenticate several commands
                //lock (tpmContext)
                //{
                ICommandAuthorizationHelper commandAuthHelper = new CommandAuthorizationHelper(ServerContext, requestContext.Request.TPMIdentifier, tpmContext);
                commandResponse = tpmContext.TPM.Process(requestContext.Request.CommandRequest,
                                                         commandAuthHelper,
                                                         new KeyManagerHelper(ServerContext, tpmContext, requestContext.Request.TPMIdentifier, commandAuthHelper));
                //}

                response.CommandResponse = commandResponse;
                response.Execute();
            }
            catch (Exception ex)
            {
                _logger.FatalFormat("Error processing TPMRequest: {0}", ex);
                response.Succeeded          = false;
                response.CustomErrorMessage = ex.Message;
                response.Execute();
            }
        }

Example #18

File: SslAuthentication.cs Project: deveck/doTSS

        public override void Authenticate(RequestContext<AuthenticateRequest, AuthenticateResponse> requestContext)
        {
            SslConnection connection = _context.Connection as SslConnection;

            X509Certificate cert = connection.ClientCertificate;
            string certHashString = cert.GetCertHashString();

            foreach(User user in ServerContext.AccessControlList.Users)
            {
                SslAuthenticationParameters auth = (SslAuthenticationParameters)user.GetAuthentication("ssl_auth");

                if(auth != null && auth.CertificateHash.Equals(certHashString))
                {
                    ServerContext.ServerAuthenticationContext.AuthenticatedPermissionMember = user;

                    AuthenticateResponse response = requestContext.CreateResponse();
                    response.Succeeded = true;
                    response.Execute();
                    return;
                }
            }

            _log.WarnFormat("Could not find user associated with certificate '{0}'", certHashString);

            AuthenticateResponse errorResponse = requestContext.CreateResponse();
            errorResponse.Succeeded = false;
            errorResponse.CustomErrorMessage = "No client associated with specified certificate!";
            errorResponse.Execute();
        }