Example #1
0
        private byte[] UnprotectPDU(byte[] header, byte[] stub_data, AuthData auth_data)
        {
            List <SecurityBuffer> buffers = new List <SecurityBuffer>();

            buffers.Add(new SecurityBufferInOut(SecurityBufferType.Data | SecurityBufferType.ReadOnly, header));
            var stub_data_buffer = new SecurityBufferInOut(SecurityBufferType.Data, stub_data);

            buffers.Add(stub_data_buffer);
            byte[] signature = auth_data.Data;
            auth_data.Data = new byte[0];
            MemoryStream stm    = new MemoryStream();
            BinaryWriter writer = new BinaryWriter(stm);

            auth_data.Write(writer, auth_data.Padding);

            buffers.Add(new SecurityBufferInOut(SecurityBufferType.Data | SecurityBufferType.ReadOnly, stm.ToArray()));

            if (_transport_security.AuthenticationLevel == RpcAuthenticationLevel.PacketIntegrity)
            {
                if (!_auth_context.VerifySignature(buffers, signature, _recv_sequence_no))
                {
                    throw new RpcTransportException("Invalid response PDU signature.");
                }
            }
            else
            {
                _auth_context.DecryptMessage(buffers, signature, _recv_sequence_no);
                stub_data = stub_data_buffer.ToArray();
            }

            Array.Resize(ref stub_data, stub_data.Length - auth_data.Padding);

            return(stub_data);
        }
Example #2
0
        internal byte[] ProtectPDU(byte[] header, ref byte[] stub_data, int auth_padding_length, int send_sequence_no)
        {
            List <SecurityBuffer> buffers = new List <SecurityBuffer>();

            buffers.Add(new SecurityBufferInOut(SecurityBufferType.Data | SecurityBufferType.ReadOnly, header));
            var stub_data_buffer = new SecurityBufferInOut(SecurityBufferType.Data, stub_data);

            buffers.Add(stub_data_buffer);
            buffers.Add(new SecurityBufferInOut(SecurityBufferType.Data | SecurityBufferType.ReadOnly,
                                                AuthData.ToArray(TransportSecurity, auth_padding_length, ContextId, new byte[0])));

            byte[] signature = new byte[0];
            if (TransportSecurity.AuthenticationLevel == RpcAuthenticationLevel.PacketIntegrity)
            {
                signature = AuthContext.MakeSignature(buffers, send_sequence_no);
            }
            else if (TransportSecurity.AuthenticationLevel == RpcAuthenticationLevel.PacketPrivacy)
            {
                signature = AuthContext.EncryptMessage(buffers, SecurityQualityOfProtectionFlags.None, send_sequence_no);
                stub_data = stub_data_buffer.ToArray();
                RpcUtils.DumpBuffer(true, "Send Encrypted Data", stub_data);
            }

            if (signature.Length > 0)
            {
                RpcUtils.DumpBuffer(true, "Send Signature Data", signature);
            }

            return(AuthData.ToArray(TransportSecurity, auth_padding_length, ContextId, signature));
        }
Example #3
0
        private byte[] ProtectPDU(byte[] header, ref byte[] stub_data, int auth_padding_length)
        {
            List <SecurityBuffer> buffers = new List <SecurityBuffer>();

            if (_negotiated_auth_type != RpcAuthenticationType.Kerberos)
            {
                buffers.Add(new SecurityBufferInOut(SecurityBufferType.Data | SecurityBufferType.ReadOnlyWithChecksum, header));
            }
            var stub_data_buffer = new SecurityBufferInOut(SecurityBufferType.Data, stub_data);

            buffers.Add(stub_data_buffer);
            if (_negotiated_auth_type != RpcAuthenticationType.Kerberos)
            {
                buffers.Add(new SecurityBufferInOut(SecurityBufferType.Data | SecurityBufferType.ReadOnlyWithChecksum,
                                                    AuthData.ToArray(_transport_security, auth_padding_length, 0, new byte[0])));
            }

            byte[] signature;
            if (_transport_security.AuthenticationLevel == RpcAuthenticationLevel.PacketIntegrity)
            {
                signature = _auth_context.MakeSignature(buffers, _send_sequence_no);
            }
            else
            {
                signature = _auth_context.EncryptMessage(buffers, SecurityQualityOfProtectionFlags.None, _send_sequence_no);
                stub_data = stub_data_buffer.ToArray();
                RpcUtils.DumpBuffer(true, "Send Encrypted Data", stub_data);
            }

            RpcUtils.DumpBuffer(true, "Send Signature Data", signature);
            return(AuthData.ToArray(_transport_security, auth_padding_length, 0, signature));
        }
Example #4
0
        internal static byte[] DecryptMessage(
            SecHandle context,
            EncryptedMessage message,
            int sequence_no)
        {
            SecurityBuffer buffer = new SecurityBufferInOut(SecurityBufferType.Data, message.Message);

            DecryptMessage(context, new[] { buffer }, message.Signature, sequence_no);
            return(buffer.ToArray());
        }
Example #5
0
        internal static EncryptedMessage EncryptMessage(
            SecHandle context,
            SecQopFlags flags,
            byte[] message,
            int sequence_no)
        {
            SecurityBuffer buffer    = new SecurityBufferInOut(SecurityBufferType.Data, message);
            var            signature = EncryptMessage(context, flags, new[] { buffer }, sequence_no);

            return(new EncryptedMessage(buffer.ToArray(), signature));
        }
        internal static byte[] DecryptMessage(
            SecHandle context,
            EncryptedMessage message,
            int sequence_no)
        {
            if (message is null)
            {
                throw new ArgumentNullException(nameof(message));
            }

            SecurityBuffer buffer = new SecurityBufferInOut(SecurityBufferType.Data, message.Message);

            DecryptMessage(context, new[] { buffer }, message.Signature, sequence_no);
            return(buffer.ToArray());
        }
        internal static EncryptedMessage EncryptMessage(
            SecHandle context,
            SecurityQualityOfProtectionFlags flags,
            byte[] message,
            int sequence_no)
        {
            if (message is null)
            {
                throw new ArgumentNullException(nameof(message));
            }

            SecurityBuffer buffer    = new SecurityBufferInOut(SecurityBufferType.Data, message);
            var            signature = EncryptMessage(context, flags, new[] { buffer }, sequence_no);

            return(new EncryptedMessage(buffer.ToArray(), signature));
        }