/// <summary>
/// Set Qop type
/// </summary>
/// <param name="dpspResponse">DpspResponse instance</param>
/// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param>
/// <returns>DIGEST_VALIDATION_REQ structure</returns>
private static DIGEST_VALIDATION_REQ SetQopType(
DpspResponse dpspResponse, DIGEST_VALIDATION_REQ digestValidationReq)
{
if (dpspResponse.MessageQop == null || dpspResponse.MessageQop.Length == 0)
{
digestValidationReq.QopType = QopType_Values.None;
}
else
{
switch (dpspResponse.MessageQop.ToLower())
{
case QOP_AUTHENTICATION_NAME:
digestValidationReq.QopType = QopType_Values.Authenticate;
break;
case QOP_AUTHENTICATION_AND_INTEGRITY_NAME:
digestValidationReq.QopType = QopType_Values.AuthenticateAndIntegrity;
break;
case QOP_AUTHENTICATION_WITH_INTEGRITY_AND_ENCRYPTION_NAME:
digestValidationReq.QopType =
QopType_Values.AuthenticateWithIntegrityProtectionAndEncryption;
break;
default:
throw new ArgumentException("invalid QopType value in digestResponse parameter");
}
}
return(digestValidationReq);
}
/// <summary>
/// Set alg type
/// </summary>
/// <param name="digestChallengeAlgorithm">digest challenge algorithm</param>
/// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param>
/// <returns>DIGEST_VALIDATION_REQ structure</returns>
private static DIGEST_VALIDATION_REQ SetAlgType(
string digestChallengeAlgorithm,
DIGEST_VALIDATION_REQ digestValidationReq)
{
if (digestChallengeAlgorithm == null || digestChallengeAlgorithm.Length == 0)
{
digestValidationReq.AlgType = AlgType_Values.NotPresentAndMD5Assumed;
}
else
{
switch (digestChallengeAlgorithm.ToLower())
{
case MD5_ALGORITHM_NAME:
digestValidationReq.AlgType = AlgType_Values.MD5DigestAndChecksum;
break;
case MD5_SESS_ALGORITHM_NAME:
digestValidationReq.AlgType = AlgType_Values.MD5SessDigestAndChecksum;
break;
default:
throw new ArgumentException("invalid digestChallengeAlgorithm parameter");
}
}
return(digestValidationReq);
}
/// <summary>
/// Update the DIGEST_VALIDATION_REQ structure info after modification.
/// For negative testing, user might need to modify the field of the structure.
/// For example, if user change the domain name value, the message size need to
/// recaculate after the modification.
/// </summary>
/// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param>
public static DIGEST_VALIDATION_REQ UpdatePacketInfo(
DIGEST_VALIDATION_REQ digestValidationReq)
{
if (digestValidationReq.Payload == null)
{
throw new ArgumentException(
"The payload field should not be null",
"digestValidationReq");
}
DIGEST_VALIDATION_REQ_Payload payload =
DIGEST_VALIDATION_REQ_Payload.Parse(digestValidationReq.Payload);
digestValidationReq.AccountNameLength =
(ushort)ConvertStringToByteArray(payload.AccountName, Encoding.Unicode).Length;
digestValidationReq.DomainLength =
(ushort)ConvertStringToByteArray(payload.Domain, Encoding.Unicode).Length;
digestValidationReq.ServerNameLength =
(ushort)ConvertStringToByteArray(payload.ServerName, Encoding.Unicode).Length;
// cacluate the size of payload
// CharValuesLength specify the number of bytes in the Payload field of the
// DIGEST_VALIDATION_REQ message, and MUST NOT exceed the total size in MsgSize
digestValidationReq.CharValuesLength = (ushort)digestValidationReq.Payload.Length;
// 16-bit unsigned integer that MUST specify
// the total number of bytes in the DIGEST_VALIDATION_REQ message
byte[] msgData = TypeMarshal.ToBytes <DIGEST_VALIDATION_REQ>(digestValidationReq);
digestValidationReq.MsgSize = (ushort)msgData.Length;
return(digestValidationReq);
}
/// <summary>
/// Create DPSP logon information structure
/// </summary>
/// <param name="parameterControl">
/// A set of bit flags that contain information pertaining to the logon validation processing.
/// </param>
/// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param>
/// <returns>Dpsp netlogon information structure</returns>
public static _NETLOGON_LEVEL CreateDpspLogonInfo(
NrpcParameterControlFlags parameterControl,
DIGEST_VALIDATION_REQ digestValidationReq)
{
if (digestValidationReq.Payload == null)
{
throw new ArgumentException(
"invalid digestValidationReq parameter: the payload field is null",
"digestValidationReq");
}
_NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();
DIGEST_VALIDATION_REQ_Payload payload =
DIGEST_VALIDATION_REQ_Payload.Parse(digestValidationReq.Payload);
byte[] logonData = TypeMarshal.ToBytes <DIGEST_VALIDATION_REQ>(digestValidationReq);
//Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
//that contains information about the logon identity.
_NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
parameterControl,
payload.Domain,
payload.Username,
payload.ServerName);
netLogonLevel.LogonGeneric = new _NETLOGON_GENERIC_INFO[1];
netLogonLevel.LogonGeneric[0].Identity = identityInfo;
netLogonLevel.LogonGeneric[0].PackageName = DtypUtility.ToRpcUnicodeString(DIGEST_PACKAGENAME);
netLogonLevel.LogonGeneric[0].LogonData = logonData;
netLogonLevel.LogonGeneric[0].DataLength = (uint)logonData.Length;
return(netLogonLevel);
}
/// <summary>
/// Encode common part of DigestValidationRequest
/// </summary>
/// <param name="serverName">server name</param>
/// <param name="domainName">domain name</param>
/// <param name="accountName">account name</param>
/// <param name="digestType">digest type</param>
/// <param name="digestChallengeAlgorithm">digest challenge algorithm</param>
/// <param name="dpspResponse">dpspResponse</param>
/// <param name="payload">DIGEST_VALIDATION_REQ_Payload structure</param>
/// <param name="digestValidationReq">digestValidationReq</param>
private static void EncodeCommonPartOfDigestValidationRequest(
string serverName,
string domainName,
string accountName,
DigestType_Values digestType,
string digestChallengeAlgorithm,
DpspResponse dpspResponse,
ref DIGEST_VALIDATION_REQ_Payload payload,
ref DIGEST_VALIDATION_REQ digestValidationReq
)
{
digestValidationReq.MessageType = DIGEST_VALIDATION_REQ_MessageType_Values.Default;
digestValidationReq.Version = DIGEST_VALIDATION_REQ_Version_Values.Default;
digestValidationReq.DigestType = digestType;
digestValidationReq = SetQopType(dpspResponse, digestValidationReq);
digestValidationReq = SetAlgType(digestChallengeAlgorithm, digestValidationReq);
digestValidationReq.CharsetType = CharsetType_Values.UTF8;
digestValidationReq.NameFormat = NameFormat_Values.None;
digestValidationReq.Flags =
DIGEST_VALIDATION_FLAGS.FormatOfUserNameAndRealmIsDeterminedByDC
| DIGEST_VALIDATION_FLAGS.RequestIsSentFromServer;
digestValidationReq.Reserved3 = DIGEST_VALIDATION_REQ_Reserved3_Values.Default;
digestValidationReq.Reserved4 = Reserved4_Values.Default;
digestValidationReq.Pad1 = DIGEST_VALIDATION_REQ_Pad1_Values.Default;
// Each of the strings MUST be included. If the string value is empty,
// then a terminating null character MUST be used for the value.
payload.Username = dpspResponse.GetAttributeValue(DpspUtility.USER_NAME_DIRECTIVE);
payload.Realm = dpspResponse.GetAttributeValue(DpspUtility.REALM_DIRECTIVE);
payload.Nonce = dpspResponse.GetAttributeValue(DpspUtility.NONCE_DIRECTIVE);
payload.CNonce = dpspResponse.GetAttributeValue(DpspUtility.CNONCE_DIRECTIVE);
payload.NonceCount = dpspResponse.GetAttributeValue(DpspUtility.NONCE_COUNT_DIRECTIVE);
payload.QOP = dpspResponse.GetAttributeValue(DpspUtility.MESSAGE_QOP_DIRECTIVE);
payload.Response = dpspResponse.GetAttributeValue(DpspUtility.RESPONSE_DIRECTIVE);
payload.AccountName = accountName;;
payload.ServerName = serverName;
payload.Domain = domainName;
}
/// <summary>
/// Set Qop type
/// </summary>
/// <param name="dpspResponse">DpspResponse instance</param>
/// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param>
/// <returns>DIGEST_VALIDATION_REQ structure</returns>
private static DIGEST_VALIDATION_REQ SetQopType(
DpspResponse dpspResponse, DIGEST_VALIDATION_REQ digestValidationReq)
{
if (dpspResponse.MessageQop == null || dpspResponse.MessageQop.Length == 0)
{
digestValidationReq.QopType = QopType_Values.None;
}
else
{
switch (dpspResponse.MessageQop.ToLower())
{
case QOP_AUTHENTICATION_NAME:
digestValidationReq.QopType = QopType_Values.Authenticate;
break;
case QOP_AUTHENTICATION_AND_INTEGRITY_NAME:
digestValidationReq.QopType = QopType_Values.AuthenticateAndIntegrity;
break;
case QOP_AUTHENTICATION_WITH_INTEGRITY_AND_ENCRYPTION_NAME:
digestValidationReq.QopType =
QopType_Values.AuthenticateWithIntegrityProtectionAndEncryption;
break;
default:
throw new ArgumentException("invalid QopType value in digestResponse parameter");
}
}
return digestValidationReq;
}
/// <summary>
/// Set alg type
/// </summary>
/// <param name="digestChallengeAlgorithm">digest challenge algorithm</param>
/// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param>
/// <returns>DIGEST_VALIDATION_REQ structure</returns>
private static DIGEST_VALIDATION_REQ SetAlgType(
string digestChallengeAlgorithm,
DIGEST_VALIDATION_REQ digestValidationReq)
{
if (digestChallengeAlgorithm == null || digestChallengeAlgorithm.Length == 0)
{
digestValidationReq.AlgType = AlgType_Values.NotPresentAndMD5Assumed;
}
else
{
switch (digestChallengeAlgorithm.ToLower())
{
case MD5_ALGORITHM_NAME:
digestValidationReq.AlgType = AlgType_Values.MD5DigestAndChecksum;
break;
case MD5_SESS_ALGORITHM_NAME:
digestValidationReq.AlgType = AlgType_Values.MD5SessDigestAndChecksum;
break;
default:
throw new ArgumentException("invalid digestChallengeAlgorithm parameter");
}
}
return digestValidationReq;
}
/// <summary>
/// Encode common part of DigestValidationRequest
/// </summary>
/// <param name="serverName">server name</param>
/// <param name="domainName">domain name</param>
/// <param name="accountName">account name</param>
/// <param name="digestType">digest type</param>
/// <param name="digestChallengeAlgorithm">digest challenge algorithm</param>
/// <param name="dpspResponse">dpspResponse</param>
/// <param name="payload">DIGEST_VALIDATION_REQ_Payload structure</param>
/// <param name="digestValidationReq">digestValidationReq</param>
private static void EncodeCommonPartOfDigestValidationRequest(
string serverName,
string domainName,
string accountName,
DigestType_Values digestType,
string digestChallengeAlgorithm,
DpspResponse dpspResponse,
ref DIGEST_VALIDATION_REQ_Payload payload,
ref DIGEST_VALIDATION_REQ digestValidationReq
)
{
digestValidationReq.MessageType = DIGEST_VALIDATION_REQ_MessageType_Values.Default;
digestValidationReq.Version = DIGEST_VALIDATION_REQ_Version_Values.Default;
digestValidationReq.DigestType = digestType;
digestValidationReq = SetQopType(dpspResponse, digestValidationReq);
digestValidationReq = SetAlgType(digestChallengeAlgorithm, digestValidationReq);
digestValidationReq.CharsetType = CharsetType_Values.UTF8;
digestValidationReq.NameFormat = NameFormat_Values.None;
digestValidationReq.Flags =
DIGEST_VALIDATION_FLAGS.FormatOfUserNameAndRealmIsDeterminedByDC
| DIGEST_VALIDATION_FLAGS.RequestIsSentFromServer;
digestValidationReq.Reserved3 = DIGEST_VALIDATION_REQ_Reserved3_Values.Default;
digestValidationReq.Reserved4 = Reserved4_Values.Default;
digestValidationReq.Pad1 = DIGEST_VALIDATION_REQ_Pad1_Values.Default;
// Each of the strings MUST be included. If the string value is empty,
// then a terminating null character MUST be used for the value.
payload.Username = dpspResponse.GetAttributeValue(DpspUtility.USER_NAME_DIRECTIVE);
payload.Realm = dpspResponse.GetAttributeValue(DpspUtility.REALM_DIRECTIVE);
payload.Nonce = dpspResponse.GetAttributeValue(DpspUtility.NONCE_DIRECTIVE);
payload.CNonce = dpspResponse.GetAttributeValue(DpspUtility.CNONCE_DIRECTIVE);
payload.NonceCount = dpspResponse.GetAttributeValue(DpspUtility.NONCE_COUNT_DIRECTIVE);
payload.QOP = dpspResponse.GetAttributeValue(DpspUtility.MESSAGE_QOP_DIRECTIVE);
payload.Response = dpspResponse.GetAttributeValue(DpspUtility.RESPONSE_DIRECTIVE);
payload.AccountName = accountName; ;
payload.ServerName = serverName;
payload.Domain = domainName;
}
/// <summary>
/// Update the DIGEST_VALIDATION_REQ structure info after modification.
/// For negative testing, user might need to modify the field of the structure.
/// For example, if user change the domain name value, the message size need to
/// recaculate after the modification.
/// </summary>
/// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param>
public static DIGEST_VALIDATION_REQ UpdatePacketInfo(
DIGEST_VALIDATION_REQ digestValidationReq)
{
if (digestValidationReq.Payload == null)
{
throw new ArgumentException(
"The payload field should not be null",
"digestValidationReq");
}
DIGEST_VALIDATION_REQ_Payload payload =
DIGEST_VALIDATION_REQ_Payload.Parse(digestValidationReq.Payload);
digestValidationReq.AccountNameLength =
(ushort)ConvertStringToByteArray(payload.AccountName, Encoding.Unicode).Length;
digestValidationReq.DomainLength =
(ushort)ConvertStringToByteArray(payload.Domain, Encoding.Unicode).Length;
digestValidationReq.ServerNameLength =
(ushort)ConvertStringToByteArray(payload.ServerName, Encoding.Unicode).Length;
// cacluate the size of payload
// CharValuesLength specify the number of bytes in the Payload field of the
// DIGEST_VALIDATION_REQ message, and MUST NOT exceed the total size in MsgSize
digestValidationReq.CharValuesLength = (ushort)digestValidationReq.Payload.Length;
// 16-bit unsigned integer that MUST specify
// the total number of bytes in the DIGEST_VALIDATION_REQ message
byte[] msgData = TypeMarshal.ToBytes<DIGEST_VALIDATION_REQ>(digestValidationReq);
digestValidationReq.MsgSize = (ushort)msgData.Length;
return digestValidationReq;
}
/// <summary>
/// Create DPSP logon information structure
/// </summary>
/// <param name="parameterControl">
/// A set of bit flags that contain information pertaining to the logon validation processing.
/// </param>
/// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param>
/// <returns>Dpsp netlogon information structure</returns>
public static _NETLOGON_LEVEL CreateDpspLogonInfo(
NrpcParameterControlFlags parameterControl,
DIGEST_VALIDATION_REQ digestValidationReq)
{
if (digestValidationReq.Payload == null)
{
throw new ArgumentException(
"invalid digestValidationReq parameter: the payload field is null",
"digestValidationReq");
}
_NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();
DIGEST_VALIDATION_REQ_Payload payload =
DIGEST_VALIDATION_REQ_Payload.Parse(digestValidationReq.Payload);
byte[] logonData = TypeMarshal.ToBytes<DIGEST_VALIDATION_REQ>(digestValidationReq);
//Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
//that contains information about the logon identity.
_NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
parameterControl,
payload.Domain,
payload.Username,
payload.ServerName);
netLogonLevel.LogonGeneric = new _NETLOGON_GENERIC_INFO[1];
netLogonLevel.LogonGeneric[0].Identity = identityInfo;
netLogonLevel.LogonGeneric[0].PackageName = DtypUtility.ToRpcUnicodeString(DIGEST_PACKAGENAME);
netLogonLevel.LogonGeneric[0].LogonData = logonData;
netLogonLevel.LogonGeneric[0].DataLength = (uint)logonData.Length;
return netLogonLevel;
}
/// <summary>
/// Construct DIGEST_VALIDATION_REQ structure
/// </summary>
/// <param name="serverName">server name</param>
/// <param name="domainName">domain name</param>
/// <param name="accountName">account name</param>
/// <param name="httpMethod">http method</param>
/// <param name="digestType">digest type</param>
/// <param name="digestChallengeAlgorithm">digest challenge algorithm</param>
/// <param name="dpspResponse">dpspResponse class instance</param>
/// <returns>DIGEST_VALIDATION_REQ structure</returns>
/// <exception cref="ArgumentNullException">
/// Thrown when dpspResponse or httpMethod is null
/// </exception>
/// <exception cref="ArgumentException">
/// Thrown when httpMethod or digestType input is invalid
/// </exception>
public static DIGEST_VALIDATION_REQ CreateDigestValidationRequestPacket(
string serverName,
string domainName,
string accountName,
string httpMethod,
DigestType_Values digestType,
string digestChallengeAlgorithm,
DpspResponse dpspResponse)
{
if (dpspResponse == null)
{
throw new ArgumentNullException("dpspResponse");
}
if (httpMethod == null)
{
throw new ArgumentNullException("httpMethod");
}
DIGEST_VALIDATION_REQ_Payload payload = new DIGEST_VALIDATION_REQ_Payload();
DIGEST_VALIDATION_REQ digestValidationReq = new DIGEST_VALIDATION_REQ();
if (digestType == DigestType_Values.Basic)
{
EncodeCommonPartOfDigestValidationRequest(
serverName,
domainName,
accountName,
digestType,
digestChallengeAlgorithm,
dpspResponse,
ref payload,
ref digestValidationReq);
payload.Algorithm = dpspResponse.GetAttributeValue(DpspUtility.ALGORITHM_DIRECTIVE);
payload.URI = dpspResponse.GetAttributeValue(DpspUtility.BASIC_DIGEST_URI_DIRECTIVE);
if (httpMethod.ToUpper().Equals(HTTP_GET) || httpMethod.ToLower().Equals(HTTP_PUT))
{
payload.Method = httpMethod;
}
else
{
throw new ArgumentException("invalid http method", "httpMethod");
}
}
else if (digestType == DigestType_Values.SASL)
{
EncodeCommonPartOfDigestValidationRequest(
serverName,
domainName,
accountName,
digestType,
digestChallengeAlgorithm,
dpspResponse,
ref payload,
ref digestValidationReq);
payload.Method = SASL_AUTHENTICATE;
payload.URI = dpspResponse.GetAttributeValue(DpspUtility.SASL_DIGEST_URI_DIRECTIVE);
payload.Authzid = dpspResponse.GetAttributeValue(DpspUtility.AUTHZID_DIRECTIVE);
payload.Hentity = dpspResponse.GetAttributeValue(DpspUtility.HENTITY_DIRECTIVE);
}
else
{
throw new ArgumentException(
"invalid digestType value",
"digestType");
}
digestValidationReq.Payload = payload.GetBytes();
digestValidationReq = UpdatePacketInfo(digestValidationReq);
return digestValidationReq;
}
/// <summary>
/// Construct DIGEST_VALIDATION_REQ structure
/// </summary>
/// <param name="serverName">server name</param>
/// <param name="domainName">domain name</param>
/// <param name="accountName">account name</param>
/// <param name="httpMethod">http method</param>
/// <param name="digestType">digest type</param>
/// <param name="digestChallengeAlgorithm">digest challenge algorithm</param>
/// <param name="dpspResponse">dpspResponse class instance</param>
/// <returns>DIGEST_VALIDATION_REQ structure</returns>
/// <exception cref="ArgumentNullException">
/// Thrown when dpspResponse or httpMethod is null
/// </exception>
/// <exception cref="ArgumentException">
/// Thrown when httpMethod or digestType input is invalid
/// </exception>
public static DIGEST_VALIDATION_REQ CreateDigestValidationRequestPacket(
string serverName,
string domainName,
string accountName,
string httpMethod,
DigestType_Values digestType,
string digestChallengeAlgorithm,
DpspResponse dpspResponse)
{
if (dpspResponse == null)
{
throw new ArgumentNullException("dpspResponse");
}
if (httpMethod == null)
{
throw new ArgumentNullException("httpMethod");
}
DIGEST_VALIDATION_REQ_Payload payload = new DIGEST_VALIDATION_REQ_Payload();
DIGEST_VALIDATION_REQ digestValidationReq = new DIGEST_VALIDATION_REQ();
if (digestType == DigestType_Values.Basic)
{
EncodeCommonPartOfDigestValidationRequest(
serverName,
domainName,
accountName,
digestType,
digestChallengeAlgorithm,
dpspResponse,
ref payload,
ref digestValidationReq);
payload.Algorithm = dpspResponse.GetAttributeValue(DpspUtility.ALGORITHM_DIRECTIVE);
payload.URI = dpspResponse.GetAttributeValue(DpspUtility.BASIC_DIGEST_URI_DIRECTIVE);
if (httpMethod.ToUpper().Equals(HTTP_GET) || httpMethod.ToLower().Equals(HTTP_PUT))
{
payload.Method = httpMethod;
}
else
{
throw new ArgumentException("invalid http method", "httpMethod");
}
}
else if (digestType == DigestType_Values.SASL)
{
EncodeCommonPartOfDigestValidationRequest(
serverName,
domainName,
accountName,
digestType,
digestChallengeAlgorithm,
dpspResponse,
ref payload,
ref digestValidationReq);
payload.Method = SASL_AUTHENTICATE;
payload.URI = dpspResponse.GetAttributeValue(DpspUtility.SASL_DIGEST_URI_DIRECTIVE);
payload.Authzid = dpspResponse.GetAttributeValue(DpspUtility.AUTHZID_DIRECTIVE);
payload.Hentity = dpspResponse.GetAttributeValue(DpspUtility.HENTITY_DIRECTIVE);
}
else
{
throw new ArgumentException(
"invalid digestType value",
"digestType");
}
digestValidationReq.Payload = payload.GetBytes();
digestValidationReq = UpdatePacketInfo(digestValidationReq);
return(digestValidationReq);
}
