public void AuthServiceMsgs_Msg_AuthMsgAndAck() { EnhancedStream es = new EnhancedMemoryStream(); AuthMsg authMsgIn, authMsgOut; AuthAck authAckIn, authAckOut; string rsaKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); SymmetricKey saClient, saServer; string r, a, p; AuthenticationResult authResult; authMsgOut = new AuthMsg(AuthMsg.EncryptCredentials(rsaKey, "realm", "account", "password", out saClient)); Msg.Save(es, authMsgOut); es.Position = 0; authMsgIn = (AuthMsg)Msg.Load(es); AuthMsg.DecryptCredentials(rsaKey, authMsgIn.EncryptedCredentials, out r, out a, out p, out saServer); Assert.AreEqual("realm", r); Assert.AreEqual("account", a); Assert.AreEqual("password", p); authAckOut = new AuthAck(AuthAck.EncryptResult(saServer, new AuthenticationResult(AuthenticationStatus.Authenticated, "Test", TimeSpan.FromMinutes(25)))); es.SetLength(0); Msg.Save(es, authAckOut); es.Position = 0; authAckIn = (AuthAck)Msg.Load(es); authResult = AuthAck.DecryptResult(saClient, authAckIn.EncryptedResult); }
private void VerifySplitList(String s, String[] expected) { String[] split = AuthMsg.SplitList(s); Assert.AreEqual(split.Length, expected.Length); for (int i = 0; i < split.Length; i++) { Assert.AreEqual(split[i], expected[i]); } AuthMsg[] msgs = AuthMsg.ListFromStr(s); Assert.AreEqual(msgs.Length, expected.Length); }
public void BadFromStrTest() { AuthMsg.FromStr("hmac salt=a=b hash=sha-1"); AuthMsg.FromStr("hmac salt=abc hash=sha-1 bad/key=val"); AuthMsg.FromStr("(bad)"); AuthMsg.FromStr("ok key=val not good"); AuthMsg.FromStr("ok key not good=val"); AuthMsg.FromStr("ok key not good=val"); AuthMsg.FromStr("hmac foo"); AuthMsg.FromStr("hmac foo=bar xxx"); }
public void EncodeTest() { //basic identity Assert.AreEqual(AuthMsg.FromStr("foo"), AuthMsg.FromStr("foo")); Assert.AreEqual(AuthMsg.FromStr("a x=y"), AuthMsg.FromStr("a x=y")); Assert.AreEqual(AuthMsg.FromStr("a i=j, x=y"), AuthMsg.FromStr("a i = j, x = y")); Assert.AreEqual(AuthMsg.FromStr("a i=j, x=y"), AuthMsg.FromStr("a i=j, x=y")); Assert.AreNotEqual(AuthMsg.FromStr("foo"), AuthMsg.FromStr("bar")); Assert.AreNotEqual(AuthMsg.FromStr("foo"), AuthMsg.FromStr("foo k=v")); //basics on fromStr AuthMsg q = AuthMsg.FromStr("foo alpha=beta, gamma=delta"); Assert.AreEqual(q.scheme, "foo"); Assert.AreEqual(q.Param("alpha"), "beta"); Assert.AreEqual(q.Param("Alpha"), "beta"); Assert.AreEqual(q.Param("ALPHA"), "beta"); Assert.AreEqual(q.Param("Gamma"), "delta"); //fromStr parsing SortedDictionary <string, string> parameters = new SortedDictionary <string, string>(); parameters.Add("alpha", "beta"); Assert.AreEqual(AuthMsg.FromStr("foo alpha \t = \t beta"), new AuthMsg("foo", parameters)); parameters.Clear(); parameters.Add("A", "b"); parameters.Add("C", "d"); parameters.Add("E", "f"); parameters.Add("G", "h"); Assert.AreEqual(AuthMsg.FromStr("foo a=b, c = d, e=f, g=h"), new AuthMsg("foo", parameters)); parameters.Clear(); parameters.Add("G", "h"); parameters.Add("E", "f"); parameters.Add("C", "d"); parameters.Add("A", "b"); Assert.AreEqual(AuthMsg.FromStr("foo a=b, c = d, e=f, g=h"), new AuthMsg("foo", parameters)); parameters.Clear(); parameters.Add("G", "h"); parameters.Add("E", "f"); parameters.Add("C", "d"); parameters.Add("A", "b"); Assert.AreEqual(AuthMsg.FromStr("foo g=h, c = d, e=f, a = b").ToString(), "foo a=b, c=d, e=f, g=h"); }
public override void Update() { base.Update(); if (_obj is AuthMsg) { // authentication AuthMsg authMsg = (AuthMsg)_obj; if (authMsg.psw == Server._password) { MsgStream.Send(new AckMsg(true), Server._commSocket); Server.SetAuthenticated(); } else { MsgStream.Send(new AckMsg(false), Server._commSocket); Server.State = new WaitingState(); } } }
/// <summary> /// Handles the async reception of the public key from the authentication service. /// </summary> /// <param name="ar">The async result instance.</param> private void OnGetKey(IAsyncResult ar) { AuthAsyncResult arAuth = (AuthAsyncResult)ar.AsyncState; GetPublicKeyAck ack; AuthMsg authMsg; using (TimedLock.Lock(this)) { try { if (!isOpen) { throw new AuthenticationException(NotOpenMsg); } ack = (GetPublicKeyAck)router.EndQuery(ar); publicKey = ack.PublicKey; // Now that we have the public key, we're going to broadcast // it to the authentication service instances so that they can // perform a man-in-the-middle security check. router.BroadcastTo(AbstractAuthServerEP, new AuthServerIDMsg(ack.PublicKey, ack.MachineName, ack.Address)); // Now initiate the authentication query. arAuth.OpState = AuthOpState.AuthPending; authMsg = new AuthMsg(AuthMsg.EncryptCredentials(publicKey, arAuth.Realm, arAuth.Account, arAuth.Password, out arAuth.SymmetricKey)); router.BeginQuery(AbstractAuthServerEP, authMsg, onAuth, arAuth); } catch (System.TimeoutException) { arAuth.Notify(new AuthenticationException("No authentication service instances responded.")); } catch (Exception e) { arAuth.Notify(e); } } }
private MainMessage HandleAuthMsg(MainMessage msg) { _log.Debug("Received authorization message."); AuthMsg authMsg = msg.UserMngMsg.AuthMsg; string username = authMsg.Username; string password = authMsg.Password; User user = User.Get(username); if (user == null) { _log.Debug("Could not find user with this username."); return(ISystemService.CreateErrorMessage(0, 0, 0, "Could not find user with this username.")); } if (!user.CheckPassword(password)) { _log.Debug("Invalid password."); return(ISystemService.CreateErrorMessage(0, 0, 0, "Invalid password.")); } MainMessage response = new MainMessage(); response.UserMngMsg = new UserMngMsg(); response.UserMngMsg.UserMsg = new UserMsg(); response.UserMngMsg.UserMsg.UserDetailMsg = user.ToMessage(); response.UserMngMsg.UserMsg.UserDetailMsg.Password = ""; // clientId == 0 --> unsassigned ID if (msg.ClientId != 0 && msg.ClientId < (ulong)_clientMachines.Count) { _clientMachines[(int)msg.ClientId] = user; response.ClientId = msg.ClientId; } else { response.ClientId = (uint)_clientMachines.Count; _clientMachines.Add(user); } return(response); }
/// <summary> /// Initiates an asynchronous account credential authentication. /// </summary> /// <param name="realm">The authentication realm.</param> /// <param name="account">The account.</param> /// <param name="password">The password.</param> /// <param name="callback">The delegate to be called when the operation completes (or <c>null</c>).</param> /// <param name="state">Application defined state (or <c>null</c>).</param> /// <returns>An <see cref="IAsyncResult" /> instance to be used to track the operation.</returns> /// <remarks> /// <note> /// Successful calls to this method must eventually be followed by a call /// to <see cref="EndAuthenticate" />. /// </note> /// </remarks> /// <exception cref="AuthenticationException">Thrown if the authenticator is not open.</exception> public IAsyncResult BeginAuthenticate(string realm, string account, string password, AsyncCallback callback, object state) { string cacheKey = GetCacheKey(realm, account, password); AuthAsyncResult arAuth; AuthenticationResult result; using (TimedLock.Lock(this)) { if (!isOpen) { throw new AuthenticationException(NotOpenMsg); } arAuth = new AuthAsyncResult(this, callback, state); arAuth.Realm = realm; arAuth.Account = account; arAuth.Password = password; arAuth.Started(); // First check to see if the answer is already cached if (cache != null && cache.TryGetValue(cacheKey, out result)) { arAuth.Result = result; arAuth.Notify(); if (result.Status != AuthenticationStatus.Authenticated && result.Status != AuthenticationStatus.AccountLocked) { // If the authentication failed and the account is not locked // then broadcast message to the authentication services so that // they can increment their fail counts. router.BroadcastTo(AbstractAuthServerEP, new AuthControlMsg("auth-failed", string.Format("realm={0};account={1};status={2}", realm, account, result.Status))); } return(arAuth); } // If we don't have the authentication service's public key yet then // initiate an async query to get it. if (publicKey == null) { arAuth.OpState = AuthOpState.GetPublicKey; router.BeginQuery(AbstractAuthServerEP, new GetPublicKeyMsg(), onGetKey, arAuth); return(arAuth); } // Initiate an async authentication query, encrypting the credentials // using the authentication service's public key. AuthMsg authMsg; arAuth.OpState = AuthOpState.AuthPending; authMsg = new AuthMsg(AuthMsg.EncryptCredentials(publicKey, realm, account, password, out arAuth.SymmetricKey)); router.BeginQuery(AbstractAuthServerEP, authMsg, onAuth, arAuth); return(arAuth); } }