public void CombinatorialTest_PDF_Practicable( [Values(Signing.SigningEnabled, Signing.SigningDisabled)] Signing signing, [Values(Background.BackgroundEnabled, Background.BackgroundDisabled)] Background background, [Values(Encryption.EncryptionEnabled, Encryption.EncryptionDisabled)] Encryption encryption, [Values(EncryptionLevel.Rc40Bit, EncryptionLevel.Aes128Bit, EncryptionLevel.Aes128Bit, EncryptionLevel.Aes256Bit)] EncryptionLevel encryptionLevel, [Values(BasicPermissions.AllowBasicPermissions, BasicPermissions.DenyBasicPermissions)] BasicPermissions basicPermissions, [Values(ExtendedPermissions.AllowExtededPermissions, ExtendedPermissions.DenyExtededPermissions)] ExtendedPermissions extendedPermissions ) { _th.Profile.PdfSettings.Signature.Enabled = signing == Signing.SigningEnabled; _th.Profile.BackgroundPage.Enabled = background == Background.BackgroundEnabled; _th.Profile.PdfSettings.Security.Enabled = encryption == Encryption.EncryptionEnabled; _th.Profile.PdfSettings.Security.EncryptionLevel = encryptionLevel; _th.Profile.PdfSettings.Security.AllowToCopyContent = basicPermissions == BasicPermissions.AllowBasicPermissions; _th.Profile.PdfSettings.Security.AllowToEditTheDocument = basicPermissions == BasicPermissions.AllowBasicPermissions; _th.Profile.PdfSettings.Security.AllowPrinting = basicPermissions == BasicPermissions.AllowBasicPermissions; _th.Profile.PdfSettings.Security.AllowToEditComments = basicPermissions == BasicPermissions.AllowBasicPermissions; _th.Profile.PdfSettings.Security.RestrictPrintingToLowQuality = extendedPermissions == ExtendedPermissions.AllowExtededPermissions; _th.Profile.PdfSettings.Security.AllowToFillForms = extendedPermissions == ExtendedPermissions.AllowExtededPermissions; _th.Profile.PdfSettings.Security.AllowScreenReader = extendedPermissions == ExtendedPermissions.AllowExtededPermissions; _th.Profile.PdfSettings.Security.AllowToEditAssembly = extendedPermissions == ExtendedPermissions.AllowExtededPermissions; _th.GenerateGsJob(PSfiles.ThreePDFCreatorTestpages, OutputFormat.Pdf); _th.Job.Passwords.PdfSignaturePassword = TestCertPw; _th.RunGsJob(); DoAllTests(); }
} // for test public EncryptionManager(EncryptionLevel level, TrustStrategy strategy, TrustManager trustManager, IDriverLogger logger) { _encryptionLevel = level; if (_encryptionLevel == EncryptionLevel.Encrypted) { if (trustManager == null) { switch (strategy) { case V1.TrustStrategy.TrustAllCertificates: trustManager = TrustManager.CreateInsecure(false); break; case V1.TrustStrategy.TrustSystemCaSignedCertificates: trustManager = TrustManager.CreateChainTrust(true); break; default: throw new InvalidOperationException($"Unknown trust strategy: {strategy}"); } } trustManager.Logger = logger; TrustManager = trustManager; } }
private async Task VerifySuccess(Uri target, TrustManager trustManager, EncryptionLevel encryptionLevel = EncryptionLevel.Encrypted) { var ex = await Record.ExceptionAsync(() => TestConnectivity(target, Config.Builder.WithTrustManager(trustManager).WithEncryptionLevel(encryptionLevel).Build() )); ex.Should().BeNull(); }
public void ShouldErrorIfEncryptionLevelNotNull(string scheme, EncryptionLevel level) { var uri = new Uri($"{scheme}://localhost/?"); var ex = Record.Exception(() => EncryptionManager.Create(uri, level, null, null)); ex.Should().BeOfType <ArgumentException>(); ex.Message.Should().Contain("cannot both be set via uri scheme and driver configuration"); }
/// <summary> /// Forward the SetSecureLockIcon event /// </summary> /// <param name="sender">sender</param> /// <param name="e">event args</param> private void AxWebBrowser_SetSecureLockIcon( object sender, DWebBrowserEvents2_SetSecureLockIconEvent e) { // set value m_encryptionLevel = (EncryptionLevel)e.secureLockIcon; // fire event OnEncryptionLevelChanged(EventArgs.Empty); }
public static void SetUserIdToCookie(UserInfo ui, bool persist) { HttpContext cntx = HttpContext.Current; EncryptionLevel level = ui.IsAdmin || ui.IsManager ? EncryptionLevel.Double : Config.Main.EncryptionLevel; string hash = GetCookieHash(level, ui.UserId); SetResponseCookie( cntx, persist, false, EncryptData(((int)level).ToString() + cookieValueSeparator + ui.UserId.ToString() + cookieValueSeparator + hash)); }
public string PdfVersion_WithEncryptionEnabled_ReturnsExpectedValue(EncryptionLevel encryptionLevel) { var profile = new ConversionProfile(); profile.PdfSettings.Security.Enabled = true; profile.PdfSettings.Security.EncryptionLevel = encryptionLevel; var pdfTabViewModel = BuildViewModel(); pdfTabViewModel.CurrentProfile = profile; return(pdfTabViewModel.PdfVersion); }
} // for test public EncryptionManager(EncryptionLevel level, TrustManager trustManager, ILogger logger) { _encryptionLevel = level; if (_encryptionLevel == EncryptionLevel.Encrypted) { if (trustManager == null) { trustManager = TrustManager.CreateChainTrust(); } trustManager.Logger = logger; TrustManager = trustManager; } }
public string GetEncryptionName(EncryptionLevel encryptionLevel) { switch (encryptionLevel) { case EncryptionLevel.Aes128Bit: return(Aes128BitEncryptionText); case EncryptionLevel.Aes256Bit: return(Aes256BitEncryptionText); case EncryptionLevel.Rc128Bit: return(Rc128BitEncryptionText); default: throw new Exception($"The encryption level {encryptionLevel} is unknown here"); } }
public void StoreValues(Data data, string path) { data.SetValue(@"" + path + @"AllowPrinting", AllowPrinting.ToString()); data.SetValue(@"" + path + @"AllowScreenReader", AllowScreenReader.ToString()); data.SetValue(@"" + path + @"AllowToCopyContent", AllowToCopyContent.ToString()); data.SetValue(@"" + path + @"AllowToEditAssembly", AllowToEditAssembly.ToString()); data.SetValue(@"" + path + @"AllowToEditComments", AllowToEditComments.ToString()); data.SetValue(@"" + path + @"AllowToEditTheDocument", AllowToEditTheDocument.ToString()); data.SetValue(@"" + path + @"AllowToFillForms", AllowToFillForms.ToString()); data.SetValue(@"" + path + @"Enabled", Enabled.ToString()); data.SetValue(@"" + path + @"EncryptionLevel", EncryptionLevel.ToString()); data.SetValue(@"" + path + @"OwnerPassword", _ownerPassword); data.SetValue(@"" + path + @"RequireUserPassword", RequireUserPassword.ToString()); data.SetValue(@"" + path + @"RestrictPrintingToLowQuality", RestrictPrintingToLowQuality.ToString()); data.SetValue(@"" + path + @"UserPassword", _userPassword); }
private static string GetCookieHash(EncryptionLevel level, int userID) { HttpContext cntx = HttpContext.Current; string add = ""; switch (level) { case EncryptionLevel.Browser: add = SecurityManager.EncryptPassword(cntx.Request.UserAgent); break; case EncryptionLevel.Double: add = SecurityManager.EncryptPassword(cntx.Request.UserAgent + cntx.Request.UserHostAddress); break; } return(SecurityManager.EncryptPassword(((int)level).ToString() + userID.ToString() + add)); }
public override string ToString() { StringBuilder sb = new StringBuilder(); sb.AppendLine("AllowPrinting=" + AllowPrinting.ToString()); sb.AppendLine("AllowScreenReader=" + AllowScreenReader.ToString()); sb.AppendLine("AllowToCopyContent=" + AllowToCopyContent.ToString()); sb.AppendLine("AllowToEditAssembly=" + AllowToEditAssembly.ToString()); sb.AppendLine("AllowToEditComments=" + AllowToEditComments.ToString()); sb.AppendLine("AllowToEditTheDocument=" + AllowToEditTheDocument.ToString()); sb.AppendLine("AllowToFillForms=" + AllowToFillForms.ToString()); sb.AppendLine("Enabled=" + Enabled.ToString()); sb.AppendLine("EncryptionLevel=" + EncryptionLevel.ToString()); sb.AppendLine("OwnerPassword="******"RequireUserPassword="******"RestrictPrintingToLowQuality=" + RestrictPrintingToLowQuality.ToString()); sb.AppendLine("UserPassword=" + UserPassword.ToString()); return(sb.ToString()); }
public static int DecryptUserIdToken(string token) { string v = DecryptData(token).Trim(); int i1 = v.IndexOf(cookieValueSeparator); int i2 = v.IndexOf(cookieValueSeparator, i1 + 1); EncryptionLevel level = (EncryptionLevel)int.Parse(v.Substring(0, i1)); int userID = int.Parse(v.Substring(i1 + 1, i2 - i1 - 1)); string hash = v.Substring(i2 + 1).Trim(); string hash1 = GetCookieHash(level, userID); if (string.Compare(hash, hash1, false, CultureInfo.InvariantCulture) == 0) { return(userID); } return(-1); }
public EncryptionManager(EncryptionLevel level, TrustStrategy strategy, ILogger logger) { _encryptionLevel = level; if (_encryptionLevel != EncryptionLevel.None) { switch (strategy.ServerTrustStrategy()) { case V1.TrustStrategy.Strategy.TrustOnFirstUse: TrustStrategy = new TrustOnFirstUse(logger, strategy.FileName()); break; case V1.TrustStrategy.Strategy.TrustSystemCaSignedCertificates: TrustStrategy = new TrustSystemCaSignedCertificates(logger); break; default: throw new InvalidOperationException($"Unknown trust strategy: {strategy}"); } } }
} // for test public EncryptionManager(EncryptionLevel level, TrustStrategy strategy, ILogger logger) { _encryptionLevel = level; if (_encryptionLevel == EncryptionLevel.Encrypted) { switch (strategy) { case V1.TrustStrategy.TrustAllCertificates: TrustStrategy = new TrustAllCertificates(logger); break; case V1.TrustStrategy.TrustSystemCaSignedCertificates: TrustStrategy = new TrustSystemCaSignedCertificates(logger); break; default: throw new InvalidOperationException($"Unknown trust strategy: {strategy}"); } } }
/// <summary> /// Expect a client initiated RDP connection sequence. /// </summary> /// <param name="serverSelectedProtocol">The server selected security protocol.</param> /// <param name="enMethod">The server selected security method.</param> /// <param name="enLevel">The server selected security level.</param> /// <param name="isExtendedClientDataSupported">Indicates if server supports Extended Client Data Blocks.</param> /// <param name="expectAutoReconnect">Indicates if expect an Auto-Connect sequence.</param> /// <param name="rdpServerVersion">The RDP Sever version</param> /// <param name="isMultitransportSupported">Whether support multitransport</param> /// <param name="supportRDPEGFX">Whether support RDPEGFX</param> /// <param name="supportRestrictedAdminMode">Whether support restricted admin mode</param> public void EstablishRDPConnection( selectedProtocols_Values serverSelectedProtocol, EncryptionMethods enMethod, EncryptionLevel enLevel, bool isExtendedClientDataSupported, bool expectAutoReconnect, TS_UD_SC_CORE_version_Values rdpServerVersion, bool isMultitransportSupported = false, bool supportRDPEGFX = false, bool supportRestrictedAdminMode = false) { #region Logging this.site.Log.Add(LogEntryKind.Comment, @"EstablishRDPConnection( Selected Protocol = {0}, Encyrption Method = {1}, Encyrption Level = {2}, Extended Client Data Supported = {3}, Auto-Reconnection Expected = {4}, RDP Version Code= {5}).", serverSelectedProtocol.ToString(), enMethod.ToString(), enLevel.ToString(), isExtendedClientDataSupported, expectAutoReconnect, rdpServerVersion.ToString()); #endregion //Update server config context. serverConfig.selectedProtocol = serverSelectedProtocol; serverConfig.encryptionMethod = enMethod; serverConfig.encryptionLevel = enLevel; serverConfig.isExtendedClientDataSupported = isExtendedClientDataSupported; #region Connection Initiation //5.4.2.1 Negotiation-Based Approach //Once the External Security Protocol (section 5.4.5) handshake has successfully run to completion, //the RDP messages resume, continuing with the MCS Connect Initial PDU (section 2.2.1.3). //if (serverConfig.encryptedProtocol != EncryptedProtocol.NegotiationCredSsp) //{ ExpectPacket <Client_X_224_Connection_Request_Pdu>(sessionContext, pduWaitTimeSpan); RDP_NEG_RSP_flags_Values RDP_NEG_RSP_flags = RDP_NEG_RSP_flags_Values.None; if (serverConfig.isExtendedClientDataSupported) { RDP_NEG_RSP_flags |= RDP_NEG_RSP_flags_Values.EXTENDED_CLIENT_DATA_SUPPORTED; } if (supportRDPEGFX) { RDP_NEG_RSP_flags |= RDP_NEG_RSP_flags_Values.DYNVC_GFX_PROTOCOL_SUPPORTED; } if (supportRestrictedAdminMode) { RDP_NEG_RSP_flags |= RDP_NEG_RSP_flags_Values.RESTRICTED_ADMIN_MODE_SUPPORTED; } Server_X_224_Connection_Confirm(serverConfig.selectedProtocol, RDP_NEG_RSP_flags); //} #endregion #region Basic Setting Exchange ExpectPacket <Client_MCS_Connect_Initial_Pdu_with_GCC_Conference_Create_Request>(sessionContext, pduWaitTimeSpan); Server_MCS_Connect_Response(enMethod, enLevel, rdpServerVersion, NegativeType.None, isMultitransportSupported); #endregion #region Channel Connection ExpectPacket <Client_MCS_Erect_Domain_Request>(sessionContext, pduWaitTimeSpan); ExpectPacket <Client_MCS_Attach_User_Request>(sessionContext, pduWaitTimeSpan); MCSAttachUserConfirm(NegativeType.None); //Join Channel int channelNum = 2; if (sessionContext.VirtualChannelIdStore != null) { channelNum += sessionContext.VirtualChannelIdStore.Length; } if (sessionContext.IsServerMessageChannelDataSend) { channelNum++; } for (int i = 0; i < channelNum; i++) { ExpectPacket <Client_MCS_Channel_Join_Request>(sessionContext, pduWaitTimeSpan); MCSChannelJoinConfirm(lastRequestJoinChannelId, NegativeType.None); } #endregion #region RDP Security Commencement if (serverConfig.encryptedProtocol == EncryptedProtocol.Rdp) { ExpectPacket <Client_Security_Exchange_Pdu>(sessionContext, pduWaitTimeSpan); } #endregion #region Secure Setting Exchange ExpectPacket <Client_Info_Pdu>(sessionContext, pduWaitTimeSpan); if (expectAutoReconnect) { site.Assert.IsNotNull(tsInfoPacket.extraInfo, "TS_EXTENDED_INFO_PACKET should be provided in Auto-Reconnect sequence."); site.Assert.AreNotEqual <ushort>(0, tsInfoPacket.extraInfo.cbAutoReconnectLen, "The autoReconnectCookie should be provided in Auto-Reconnect sequence."); } #endregion #region Licensing Server_License_Error_Pdu_Valid_Client(NegativeType.None); #endregion #region Capabilities Exchange Server_Demand_Active(NegativeType.None); //Once the Confirm Active PDU has been sent, the client can start sending input PDUs (see section 2.2.8) to the server. ExpectPacket <Client_Confirm_Active_Pdu>(sessionContext, pduWaitTimeSpan); #endregion #region Connection Finalization WaitForPacket <Client_Synchronize_Pdu>(sessionContext, pduWaitTimeSpan); ServerSynchronize(); ServerControlCooperate(); WaitForPacket <Client_Control_Pdu_Cooperate>(sessionContext, pduWaitTimeSpan); WaitForPacket <Client_Control_Pdu_Request_Control>(sessionContext, pduWaitTimeSpan); ServerControlGrantedControl(); if (serverConfig.CapabilitySetting.BitmapCacheHostSupportCapabilitySet) { ITsCapsSet cap = this.clientCapSet.FindCapSet(capabilitySetType_Values.CAPSTYPE_BITMAPCACHE_REV2); if (cap != null) { TS_BITMAPCACHE_CAPABILITYSET_REV2 bitmapCacheV2 = (TS_BITMAPCACHE_CAPABILITYSET_REV2)cap; if ((bitmapCacheV2.CacheFlags & CacheFlags_Values.PERSISTENT_KEYS_EXPECTED_FLAG) != 0) { WaitForPacket <Client_Persistent_Key_List_Pdu>(sessionContext, pduWaitTimeSpan); } } } WaitForPacket <Client_Font_List_Pdu>(sessionContext, pduWaitTimeSpan); ServerFontMap(); #endregion }
protected void LoadConfig() { #region Read and convert properties from PTFCONFIG file #region Security Approach and Protocol string strRDPSecurityProtocol; bool isNegotiationBased = true; if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RdpSecurityNegotiation, out isNegotiationBased)) { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityNegotiation); } selectedProtocol = selectedProtocols_Values.PROTOCOL_RDP_FLAG; if (!PtfPropUtility.GetStringPtfProperty(TestSite, RdpPtfPropNames.RdpSecurityProtocol, out strRDPSecurityProtocol)) { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityProtocol); } else {//TLS, CredSSP, or RDP if (strRDPSecurityProtocol.Equals("TLS", StringComparison.CurrentCultureIgnoreCase)) { selectedProtocol = selectedProtocols_Values.PROTOCOL_SSL_FLAG; if (isNegotiationBased) { transportProtocol = EncryptedProtocol.NegotiationTls; } else { transportProtocol = EncryptedProtocol.DirectTls; } } else if (strRDPSecurityProtocol.Equals("CredSSP", StringComparison.CurrentCultureIgnoreCase)) { selectedProtocol = selectedProtocols_Values.PROTOCOL_HYBRID_FLAG; if (isNegotiationBased) { transportProtocol = EncryptedProtocol.NegotiationCredSsp; } else { transportProtocol = EncryptedProtocol.DirectCredSsp; } } else if (strRDPSecurityProtocol.Equals("RDP", StringComparison.CurrentCultureIgnoreCase)) { selectedProtocol = selectedProtocols_Values.PROTOCOL_RDP_FLAG; if (!isNegotiationBased) { this.TestSite.Log.Add(LogEntryKind.Warning, "The property \"RDP.Security.Protocol\" is not valid and will be ingored. (When use RDP as security protocol, the negotiation-based approch MUST be used."); } } else { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityProtocol); } } #endregion #region Encryption Level string strRDPSecurityEncryptionLevel; enLevel = EncryptionLevel.ENCRYPTION_LEVEL_LOW; if (!PtfPropUtility.GetStringPtfProperty(TestSite, RdpPtfPropNames.RdpSecurityEncryptionLevel, out strRDPSecurityEncryptionLevel)) { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityEncryptionLevel); } else {//None, Low, Client, High, FIPS if (strRDPSecurityEncryptionLevel.Equals("None", StringComparison.CurrentCultureIgnoreCase)) { enLevel = EncryptionLevel.ENCRYPTION_LEVEL_NONE; } else if (strRDPSecurityEncryptionLevel.Equals("Low", StringComparison.CurrentCultureIgnoreCase)) { enLevel = EncryptionLevel.ENCRYPTION_LEVEL_LOW; } else if (strRDPSecurityEncryptionLevel.Equals("Client", StringComparison.CurrentCultureIgnoreCase)) { enLevel = EncryptionLevel.ENCRYPTION_LEVEL_CLIENT_COMPATIBLE; } else if (strRDPSecurityEncryptionLevel.Equals("High", StringComparison.CurrentCultureIgnoreCase)) { enLevel = EncryptionLevel.ENCRYPTION_LEVEL_HIGH; } else if (strRDPSecurityEncryptionLevel.Equals("FIPS", StringComparison.CurrentCultureIgnoreCase)) { enLevel = EncryptionLevel.ENCRYPTION_LEVEL_FIPS; } else { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityEncryptionLevel); } } if (transportProtocol == EncryptedProtocol.Rdp && enLevel == EncryptionLevel.ENCRYPTION_LEVEL_NONE) { this.TestSite.Assert.Fail("When use Standard RDP Security, the encryption level must be greater than None."); } if (transportProtocol != EncryptedProtocol.Rdp && enLevel != EncryptionLevel.ENCRYPTION_LEVEL_NONE) { this.TestSite.Assert.Fail("When use enhanced security protocls (TLS or CredSSP), the encryption level MUST be None."); } #endregion #region Encryption Method string strRDPSecurityEncryptionMethod; enMethod = EncryptionMethods.ENCRYPTION_METHOD_128BIT; if (!PtfPropUtility.GetStringPtfProperty(TestSite, RdpPtfPropNames.RdpSecurityEncryptionMethod, out strRDPSecurityEncryptionMethod)) { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityEncryptionMethod); } else {//None, 40bit, 56bit, 128bit, FIPS if (strRDPSecurityEncryptionMethod.Equals("None", StringComparison.CurrentCultureIgnoreCase)) { enMethod = EncryptionMethods.ENCRYPTION_METHOD_NONE; } else if (strRDPSecurityEncryptionMethod.Equals("40bit", StringComparison.CurrentCultureIgnoreCase)) { enMethod = EncryptionMethods.ENCRYPTION_METHOD_40BIT; } else if (strRDPSecurityEncryptionMethod.Equals("56bit", StringComparison.CurrentCultureIgnoreCase)) { enMethod = EncryptionMethods.ENCRYPTION_METHOD_56BIT; } else if (strRDPSecurityEncryptionMethod.Equals("128bit", StringComparison.CurrentCultureIgnoreCase)) { enMethod = EncryptionMethods.ENCRYPTION_METHOD_128BIT; } else if (strRDPSecurityEncryptionMethod.Equals("FIPS", StringComparison.CurrentCultureIgnoreCase)) { enMethod = EncryptionMethods.ENCRYPTION_METHOD_FIPS; } else { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityEncryptionMethod); } } if (enLevel == EncryptionLevel.ENCRYPTION_LEVEL_NONE && enMethod != EncryptionMethods.ENCRYPTION_METHOD_NONE) { this.TestSite.Assume.Fail("When Encryption Level is set to None, the Encryption Method should also set to None."); } if (enLevel == EncryptionLevel.ENCRYPTION_LEVEL_FIPS && enMethod != EncryptionMethods.ENCRYPTION_METHOD_FIPS) { this.TestSite.Assume.Fail("When Encryption Level is set to FIPS, the Encryption Method should also set to FIPS."); } #endregion #region RDP Version rdpServerVersion = TS_UD_SC_CORE_version_Values.V2; #endregion #region WaitTime int waitSeconds; if (!PtfPropUtility.GetIntPtfProperty(TestSite, RdpPtfPropNames.Timeout, out waitSeconds)) { assumeFailForInvalidPtfProp(RdpPtfPropNames.Timeout); } else { waitTime = new TimeSpan(0, 0, waitSeconds); } #endregion #region SUT Display Verification if (!PtfPropUtility.GetBoolPtfProperty(TestSite, "VerifySUTDisplay.Enable", out verifySUTDisplay)) { verifySUTDisplay = false; } int shiftX, shiftY; if (!PtfPropUtility.GetIntPtfProperty(TestSite, "VerifySUTDisplay.Shift.X", out shiftX)) { shiftX = 0; } if (!PtfPropUtility.GetIntPtfProperty(TestSite, "VerifySUTDisplay.Shift.Y", out shiftY)) { shiftY = 0; } sutDisplayShift = new Point(shiftX, shiftY); if (!PtfPropUtility.GetStringPtfProperty(TestSite, "VerifySUTDisplay.BitmapSavePath", out bitmapSavePath)) { bitmapSavePath = @".\"; } // If the bitmap save path is not existed, create it. if (!Directory.Exists(bitmapSavePath)) { Directory.CreateDirectory(bitmapSavePath); } #endregion SUT Display Verification #region Other configrations if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportFastPathInput, out isClientSupportFastPathInput)) { isClientSupportFastPathInput = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportAutoReconnect, out isClientSuportAutoReconnect)) { isClientSuportAutoReconnect = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportRDPEFS, out isClientSupportRDPEFS)) { isClientSupportRDPEFS = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportServerRedirection, out isClientSupportServerRedirection)) { isClientSupportServerRedirection = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportSoftSync, out isClientSupportSoftSync)) { isClientSupportSoftSync = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportTunnelingStaticVCTraffic, out isClientSupportTunnelingStaticVCTraffic)) { isClientSupportTunnelingStaticVCTraffic = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportRdpNegDataEmpty, out isClientSupportEmptyRdpNegData)) { isClientSupportEmptyRdpNegData = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, "IsWindowsImplementation", out isWindowsImplementation)) { isWindowsImplementation = true; //if property not found, set to true as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, "VerifyRdpbcgrMessage", out bVerifyRdpbcgrMessage)) { bVerifyRdpbcgrMessage = true; //if property not found, set to true as default value } String rdprfxImageFile; if (!PtfPropUtility.GetStringPtfProperty(TestSite, "RDPRFX.Image", out rdprfxImageFile)) { rdprfxImageFile = ""; //if property not found, set to true as default value } String rdprfxVideoModeImageFile; if (!PtfPropUtility.GetStringPtfProperty(TestSite, "RDPRFXVideoMode.Image", out rdprfxVideoModeImageFile)) { rdprfxVideoModeImageFile = ""; //if property not found, set to true as default value } try { //Get image from file image_64X64 = Image.FromFile(rdprfxImageFile); imageForVideoMode = Image.FromFile(rdprfxVideoModeImageFile); } catch (System.IO.FileNotFoundException) { //capture screen if failed to get image from file //Capture 64*64 bitmap for Image Mode image_64X64 = captureScreenImage(0, 0, TileSize, TileSize); //Capture screen bitmap for Vedio Mode imageForVideoMode = captureScreenImage(0, 0, TileSize * VideoMode_TileRowNum, TileSize * VideoMode_TileColNum); } #endregion #endregion #region Logging this.TestSite.Log.Add(LogEntryKind.Debug, @"isClientSupportFastPathInput = {0}; isClientSuportAutoReconnect = {1}; isClientSupportRDPEFS = {2}; isClientSupportServerRedirection = {3}; isClientSupportEmptyRdpNegData = {4}; isClientSupportSoftSync = {5} isClientSupportTunnelingStaticVCTraffic = {6}", isClientSupportFastPathInput, isClientSuportAutoReconnect, isClientSupportRDPEFS, isClientSupportServerRedirection, isClientSupportEmptyRdpNegData, isClientSupportSoftSync, isClientSupportTunnelingStaticVCTraffic); #endregion }
public void SetEncryptionLevel(EncryptionLevel encryptionLevel) { this.EncryptionLevel = encryptionLevel; }
/// <summary> /// Sets the <see cref="Config"/> to use TLS if <paramref name="level"/> is <c>true</c>. /// </summary> /// <param name="level"><see cref="EncryptionLevel.Encrypted"/> enables TLS for the connection, <see cref="EncryptionLevel.None"/> otherwise. See <see cref="EncryptionLevel"/> for more info</param>. /// <returns>An <see cref="ConfigBuilder"/> instance for further configuration options.</returns> public ConfigBuilder WithEncryptionLevel(EncryptionLevel level) { _config.NullableEncryptionLevel = level; return(this); }
/// <summary> /// Expect a client initiated RDP connection sequence. /// </summary> /// <param name="serverSelectedProtocol">The server selected security protocol.</param> /// <param name="enMethod">The server selected security method.</param> /// <param name="enLevel">The server selected security level.</param> /// <param name="isExtendedClientDataSupported">Indicates if server supports Extended Client Data Blocks.</param> /// <param name="expectAutoReconnect">Indicates if expect an Auto-Connect sequence.</param> /// <param name="rdpServerVersion">The RDP Sever version</param> /// <param name="multiTransportTypeFlags">Flags of Multitransport Channel Data</param> /// <param name="supportRDPEGFX">Whether support RDPEGFX</param> /// <param name="supportRestrictedAdminMode">Whether support restricted admin mode</param> public void EstablishRDPConnection( selectedProtocols_Values serverSelectedProtocol, EncryptionMethods enMethod, EncryptionLevel enLevel , bool isExtendedClientDataSupported, bool expectAutoReconnect, TS_UD_SC_CORE_version_Values rdpServerVersion, MULTITRANSPORT_TYPE_FLAGS multiTransportTypeFlags = MULTITRANSPORT_TYPE_FLAGS.None, bool supportRDPEGFX = false, bool supportRestrictedAdminMode = false) { #region Logging this.site.Log.Add(LogEntryKind.Comment, @"EstablishRDPConnection( Selected Protocol = {0}, Encyrption Method = {1}, Encyrption Level = {2}, Extended Client Data Supported = {3}, Auto-Reconnection Expected = {4}, RDP Version Code= {5}).", serverSelectedProtocol.ToString(), enMethod.ToString(), enLevel.ToString(), isExtendedClientDataSupported, expectAutoReconnect, rdpServerVersion.ToString()); #endregion //Update server config context. serverConfig.selectedProtocol = serverSelectedProtocol; serverConfig.encryptionMethod = enMethod; serverConfig.encryptionLevel = enLevel; serverConfig.isExtendedClientDataSupported = isExtendedClientDataSupported; #region Connection Initiation //5.4.2.1 Negotiation-Based Approach //Once the External Security Protocol (section 5.4.5) handshake has successfully run to completion, //the RDP messages resume, continuing with the MCS Connect Initial PDU (section 2.2.1.3). //if (serverConfig.encryptedProtocol != EncryptedProtocol.NegotiationCredSsp) //{ ExpectPacket<Client_X_224_Connection_Request_Pdu>(sessionContext, pduWaitTimeSpan); RDP_NEG_RSP_flags_Values RDP_NEG_RSP_flags = RDP_NEG_RSP_flags_Values.None; if (serverConfig.isExtendedClientDataSupported) { RDP_NEG_RSP_flags |= RDP_NEG_RSP_flags_Values.EXTENDED_CLIENT_DATA_SUPPORTED; } if (supportRDPEGFX) { RDP_NEG_RSP_flags |= RDP_NEG_RSP_flags_Values.DYNVC_GFX_PROTOCOL_SUPPORTED; } if (supportRestrictedAdminMode) { RDP_NEG_RSP_flags |= RDP_NEG_RSP_flags_Values.RESTRICTED_ADMIN_MODE_SUPPORTED; } Server_X_224_Connection_Confirm(serverConfig.selectedProtocol, RDP_NEG_RSP_flags); //} #endregion #region Basic Setting Exchange ExpectPacket<Client_MCS_Connect_Initial_Pdu_with_GCC_Conference_Create_Request>(sessionContext, pduWaitTimeSpan); Server_MCS_Connect_Response( enMethod, enLevel, rdpServerVersion, NegativeType.None, multiTransportTypeFlags, false, SC_earlyCapabilityFlags_Values.RNS_UD_SC_EDGE_ACTIONS_SUPPORTED, ConstValue.IO_CHANNEL_ID, ConstValue.MCS_MESSAGE_CHANNEL_ID); #endregion #region Channel Connection ExpectPacket<Client_MCS_Erect_Domain_Request>(sessionContext, pduWaitTimeSpan); ExpectPacket<Client_MCS_Attach_User_Request>(sessionContext, pduWaitTimeSpan); MCSAttachUserConfirm(NegativeType.None); //Join Channel int channelNum = 2; if (sessionContext.VirtualChannelIdStore != null) { channelNum += sessionContext.VirtualChannelIdStore.Length; } if (sessionContext.IsServerMessageChannelDataSend) channelNum++; for (int i = 0; i < channelNum; i++) { ExpectPacket<Client_MCS_Channel_Join_Request>(sessionContext, pduWaitTimeSpan); MCSChannelJoinConfirm(lastRequestJoinChannelId, NegativeType.None); } #endregion #region RDP Security Commencement if (serverConfig.encryptedProtocol == EncryptedProtocol.Rdp) { ExpectPacket<Client_Security_Exchange_Pdu>(sessionContext, pduWaitTimeSpan); } #endregion #region Secure Setting Exchange ExpectPacket<Client_Info_Pdu>(sessionContext, pduWaitTimeSpan); if (expectAutoReconnect) { site.Assert.IsNotNull(tsInfoPacket.extraInfo, "TS_EXTENDED_INFO_PACKET should be provided in Auto-Reconnect sequence."); site.Assert.AreNotEqual<ushort>(0, tsInfoPacket.extraInfo.cbAutoReconnectLen, "The autoReconnectCookie should be provided in Auto-Reconnect sequence."); } #endregion #region Licensing Server_License_Error_Pdu_Valid_Client(NegativeType.None); #endregion #region Capabilities Exchange Server_Demand_Active(NegativeType.None); //Once the Confirm Active PDU has been sent, the client can start sending input PDUs (see section 2.2.8) to the server. ExpectPacket<Client_Confirm_Active_Pdu>(sessionContext, pduWaitTimeSpan); #endregion #region Connection Finalization WaitForPacket<Client_Synchronize_Pdu>(sessionContext, pduWaitTimeSpan); ServerSynchronize(); ServerControlCooperate(); WaitForPacket<Client_Control_Pdu_Cooperate>(sessionContext, pduWaitTimeSpan); WaitForPacket<Client_Control_Pdu_Request_Control>(sessionContext, pduWaitTimeSpan); ServerControlGrantedControl(); if (serverConfig.CapabilitySetting.BitmapCacheHostSupportCapabilitySet) { ITsCapsSet cap = this.clientCapSet.FindCapSet(capabilitySetType_Values.CAPSTYPE_BITMAPCACHE_REV2); if (cap != null) { TS_BITMAPCACHE_CAPABILITYSET_REV2 bitmapCacheV2 = (TS_BITMAPCACHE_CAPABILITYSET_REV2)cap; if ((bitmapCacheV2.CacheFlags & CacheFlags_Values.PERSISTENT_KEYS_EXPECTED_FLAG) != 0) { WaitForPacket<Client_Persistent_Key_List_Pdu>(sessionContext, pduWaitTimeSpan); } } } WaitForPacket<Client_Font_List_Pdu>(sessionContext, pduWaitTimeSpan); ServerFontMap(); #endregion }
protected void LoadConfig() { #region Read and convert properties from PTFCONFIG file #region Security Approach and Protocol string strRDPSecurityProtocol; bool isNegotiationBased = true; if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RdpSecurityNegotiation, out isNegotiationBased)) { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityNegotiation); } selectedProtocol = selectedProtocols_Values.PROTOCOL_RDP_FLAG; if (!PtfPropUtility.GetStringPtfProperty(TestSite, RdpPtfPropNames.RdpSecurityProtocol, out strRDPSecurityProtocol)) { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityProtocol); } // Check the combination of RdpSecurityNegotiation and RdpSecurityProtocol if (strRDPSecurityProtocol.Equals("TLS", StringComparison.CurrentCultureIgnoreCase)) { selectedProtocol = selectedProtocols_Values.PROTOCOL_SSL_FLAG; this.TestSite.Assume.IsTrue( isNegotiationBased, "When TLS is used as the security protocol, {0} is set to 'TLS', {1} must be true.", RdpPtfPropNames.RdpSecurityProtocol, RdpPtfPropNames.RdpSecurityNegotiation); transportProtocol = EncryptedProtocol.NegotiationTls; } else if (strRDPSecurityProtocol.Equals("CredSSP", StringComparison.CurrentCultureIgnoreCase)) { selectedProtocol = selectedProtocols_Values.PROTOCOL_HYBRID_FLAG; if (isNegotiationBased) { transportProtocol = EncryptedProtocol.NegotiationCredSsp; } else { transportProtocol = EncryptedProtocol.DirectCredSsp; } } else if (strRDPSecurityProtocol.Equals("RDP", StringComparison.CurrentCultureIgnoreCase)) { selectedProtocol = selectedProtocols_Values.PROTOCOL_RDP_FLAG; transportProtocol = EncryptedProtocol.Rdp; } else { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityProtocol); } #endregion #region Encryption Level string strRDPSecurityEncryptionLevel; enLevel = EncryptionLevel.ENCRYPTION_LEVEL_LOW; if (!PtfPropUtility.GetStringPtfProperty(TestSite, RdpPtfPropNames.RdpSecurityEncryptionLevel, out strRDPSecurityEncryptionLevel)) { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityEncryptionLevel); } else {//None, Low, Client, High, FIPS if (strRDPSecurityEncryptionLevel.Equals("None", StringComparison.CurrentCultureIgnoreCase)) { enLevel = EncryptionLevel.ENCRYPTION_LEVEL_NONE; } else if (strRDPSecurityEncryptionLevel.Equals("Low", StringComparison.CurrentCultureIgnoreCase)) { enLevel = EncryptionLevel.ENCRYPTION_LEVEL_LOW; } else if (strRDPSecurityEncryptionLevel.Equals("Client", StringComparison.CurrentCultureIgnoreCase)) { enLevel = EncryptionLevel.ENCRYPTION_LEVEL_CLIENT_COMPATIBLE; } else if (strRDPSecurityEncryptionLevel.Equals("High", StringComparison.CurrentCultureIgnoreCase)) { enLevel = EncryptionLevel.ENCRYPTION_LEVEL_HIGH; } else if (strRDPSecurityEncryptionLevel.Equals("FIPS", StringComparison.CurrentCultureIgnoreCase)) { enLevel = EncryptionLevel.ENCRYPTION_LEVEL_FIPS; } else { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityEncryptionLevel); } } if (transportProtocol == EncryptedProtocol.Rdp && enLevel == EncryptionLevel.ENCRYPTION_LEVEL_NONE) { this.TestSite.Assert.Fail("When use Standard RDP Security, the encryption level must be greater than None."); } if (transportProtocol != EncryptedProtocol.Rdp && enLevel != EncryptionLevel.ENCRYPTION_LEVEL_NONE) { this.TestSite.Assert.Fail("When use enhanced security protocls (TLS or CredSSP), the encryption level MUST be None."); } #endregion #region Encryption Method string strRDPSecurityEncryptionMethod; enMethod = EncryptionMethods.ENCRYPTION_METHOD_128BIT; if (!PtfPropUtility.GetStringPtfProperty(TestSite, RdpPtfPropNames.RdpSecurityEncryptionMethod, out strRDPSecurityEncryptionMethod)) { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityEncryptionMethod); } else {//None, 40bit, 56bit, 128bit, FIPS if (strRDPSecurityEncryptionMethod.Equals("None", StringComparison.CurrentCultureIgnoreCase)) { enMethod = EncryptionMethods.ENCRYPTION_METHOD_NONE; } else if (strRDPSecurityEncryptionMethod.Equals("40bit", StringComparison.CurrentCultureIgnoreCase)) { enMethod = EncryptionMethods.ENCRYPTION_METHOD_40BIT; } else if (strRDPSecurityEncryptionMethod.Equals("56bit", StringComparison.CurrentCultureIgnoreCase)) { enMethod = EncryptionMethods.ENCRYPTION_METHOD_56BIT; } else if (strRDPSecurityEncryptionMethod.Equals("128bit", StringComparison.CurrentCultureIgnoreCase)) { enMethod = EncryptionMethods.ENCRYPTION_METHOD_128BIT; } else if (strRDPSecurityEncryptionMethod.Equals("FIPS", StringComparison.CurrentCultureIgnoreCase)) { enMethod = EncryptionMethods.ENCRYPTION_METHOD_FIPS; } else { assumeFailForInvalidPtfProp(RdpPtfPropNames.RdpSecurityEncryptionMethod); } } if (enLevel == EncryptionLevel.ENCRYPTION_LEVEL_NONE && enMethod != EncryptionMethods.ENCRYPTION_METHOD_NONE) { this.TestSite.Assume.Fail("When Encryption Level is set to None, the Encryption Method should also set to None."); } if (enLevel == EncryptionLevel.ENCRYPTION_LEVEL_FIPS && enMethod != EncryptionMethods.ENCRYPTION_METHOD_FIPS) { this.TestSite.Assume.Fail("When Encryption Level is set to FIPS, the Encryption Method should also set to FIPS."); } #endregion #region RDP Version rdpServerVersion = TS_UD_SC_CORE_version_Values.V2; #endregion #region WaitTime int waitSeconds; if (!PtfPropUtility.GetIntPtfProperty(TestSite, RdpPtfPropNames.Timeout, out waitSeconds)) { assumeFailForInvalidPtfProp(RdpPtfPropNames.Timeout); } else { waitTime = new TimeSpan(0, 0, waitSeconds); } #endregion #region SUT Display Verification if (!PtfPropUtility.GetBoolPtfProperty(TestSite, "VerifySUTDisplay.Enable", out verifySUTDisplay)) { verifySUTDisplay = false; } int shiftX, shiftY; if (!PtfPropUtility.GetIntPtfProperty(TestSite, "VerifySUTDisplay.Shift.X", out shiftX)) { shiftX = 0; } if (!PtfPropUtility.GetIntPtfProperty(TestSite, "VerifySUTDisplay.Shift.Y", out shiftY)) { shiftY = 0; } sutDisplayShift = new Point(shiftX, shiftY); if (!PtfPropUtility.GetStringPtfProperty(TestSite, "VerifySUTDisplay.BitmapSavePath", out bitmapSavePath)) { bitmapSavePath = @".\"; } // If the bitmap save path is not existed, create it. if (!Directory.Exists(bitmapSavePath)) { Directory.CreateDirectory(bitmapSavePath); } #endregion SUT Display Verification #region Other configrations if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportFastPathInput, out isClientSupportFastPathInput)) { isClientSupportFastPathInput = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportAutoReconnect, out isClientSuportAutoReconnect)) { isClientSuportAutoReconnect = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportRDPEFS, out isClientSupportRDPEFS)) { isClientSupportRDPEFS = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportServerRedirection, out isClientSupportServerRedirection)) { isClientSupportServerRedirection = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportSoftSync, out isClientSupportSoftSync)) { isClientSupportSoftSync = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportTunnelingStaticVCTraffic, out isClientSupportTunnelingStaticVCTraffic)) { isClientSupportTunnelingStaticVCTraffic = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.RDPClientSupportRdpNegDataEmpty, out isClientSupportEmptyRdpNegData)) { isClientSupportEmptyRdpNegData = false; //if property not found, set to false as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.IsWindowsImplementation, out isWindowsImplementation)) { isWindowsImplementation = true; //if property not found, set to true as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, RdpPtfPropNames.DropConnectionForInvalidRequest, out DropConnectionForInvalidRequest)) { DropConnectionForInvalidRequest = true; //if property not found, set to true as default value } if (!PtfPropUtility.GetBoolPtfProperty(TestSite, "VerifyRdpbcgrMessage", out bVerifyRdpbcgrMessage)) { bVerifyRdpbcgrMessage = true; //if property not found, set to true as default value } String rdprfxImageFile; if (!PtfPropUtility.GetStringPtfProperty(TestSite, "RDPRFX.Image", out rdprfxImageFile)) { rdprfxImageFile = ""; //if property not found, set to true as default value } String rdprfxVideoModeImageFile; if (!PtfPropUtility.GetStringPtfProperty(TestSite, "RDPRFXVideoMode.Image", out rdprfxVideoModeImageFile)) { rdprfxVideoModeImageFile = ""; //if property not found, set to true as default value } try { //Get image from file image_64X64 = Image.FromFile(rdprfxImageFile); imageForVideoMode = Image.FromFile(rdprfxVideoModeImageFile); } catch (System.IO.FileNotFoundException) { //capture screen if failed to get image from file //Capture 64*64 bitmap for Image Mode image_64X64 = captureScreenImage(0, 0, TileSize, TileSize); //Capture screen bitmap for Vedio Mode imageForVideoMode = captureScreenImage(0, 0, TileSize * VideoMode_TileRowNum, TileSize * VideoMode_TileColNum); } #endregion #endregion #region Logging this.TestSite.Log.Add(LogEntryKind.Debug, @"isClientSupportFastPathInput = {0}; isClientSuportAutoReconnect = {1}; isClientSupportRDPEFS = {2}; isClientSupportServerRedirection = {3}; isClientSupportEmptyRdpNegData = {4}; isClientSupportSoftSync = {5} isClientSupportTunnelingStaticVCTraffic = {6}", isClientSupportFastPathInput, isClientSuportAutoReconnect, isClientSupportRDPEFS, isClientSupportServerRedirection, isClientSupportEmptyRdpNegData, isClientSupportSoftSync, isClientSupportTunnelingStaticVCTraffic); #endregion }
public override bool Equals(object o) { if (!(o is Security)) { return(false); } Security v = o as Security; if (!AllowPrinting.Equals(v.AllowPrinting)) { return(false); } if (!AllowScreenReader.Equals(v.AllowScreenReader)) { return(false); } if (!AllowToCopyContent.Equals(v.AllowToCopyContent)) { return(false); } if (!AllowToEditAssembly.Equals(v.AllowToEditAssembly)) { return(false); } if (!AllowToEditComments.Equals(v.AllowToEditComments)) { return(false); } if (!AllowToEditTheDocument.Equals(v.AllowToEditTheDocument)) { return(false); } if (!AllowToFillForms.Equals(v.AllowToFillForms)) { return(false); } if (!Enabled.Equals(v.Enabled)) { return(false); } if (!EncryptionLevel.Equals(v.EncryptionLevel)) { return(false); } if (!OwnerPassword.Equals(v.OwnerPassword)) { return(false); } if (!RequireUserPassword.Equals(v.RequireUserPassword)) { return(false); } if (!RestrictPrintingToLowQuality.Equals(v.RestrictPrintingToLowQuality)) { return(false); } if (!UserPassword.Equals(v.UserPassword)) { return(false); } return(true); }
public IConfigBuilder WithEncryptionLevel(EncryptionLevel level) { _config.EncryptionLevel = level; return(this); }
/// <summary> /// 创建或更新一个VPN连接(指定VPN名称,及IP) /// </summary> public void CreateOrUpdateVPN(string updateVPNname, string updateVPNip) { try { switch (TunnelType.ToLower()) { case "pptp": VpnStrategy = RasVpnStrategy.PptpOnly; break; case "l2tp": VpnStrategy = RasVpnStrategy.L2tpOnly; break; case "sstp": VpnStrategy = RasVpnStrategy.SstpOnly; break; case "ikev2": VpnStrategy = RasVpnStrategy.IkeV2Only; break; case "automatic": VpnStrategy = RasVpnStrategy.Default; break; default: VpnStrategy = RasVpnStrategy.PptpOnly; break; } switch (EncryptionLevel.ToLower()) { case "optional": EncryptionType = RasEncryptionType.Optional; break; case "noencryption": EncryptionType = RasEncryptionType.None; break; case "required": EncryptionType = RasEncryptionType.Require; break; case "maximum": EncryptionType = RasEncryptionType.RequireMax; break; default: EncryptionType = RasEncryptionType.None; break; } RasPhoneBook allUsersPhoneBook = new RasPhoneBook(); allUsersPhoneBook.Open(RasPhoneBook.GetPhoneBookPath(RasPhoneBookType.AllUsers)); // 如果已经该名称的VPN已经存在,则更新这个VPN服务器地址 if (allUsersPhoneBook.Entries.Contains(updateVPNname)) { allUsersPhoneBook.Entries[updateVPNname].PhoneNumber = updateVPNip; allUsersPhoneBook.Entries[updateVPNname].EncryptionType = EncryptionType; allUsersPhoneBook.Entries[updateVPNname].VpnStrategy = VpnStrategy; allUsersPhoneBook.Entries[updateVPNname].Options.RemoteDefaultGateway = SplitTunneling; allUsersPhoneBook.Entries[updateVPNname].Options.IPv6RemoteDefaultGateway = SplitTunneling; switch (AuthenticationMethod.ToLower()) { case "pap": allUsersPhoneBook.Entries[updateVPNname].Options.RequirePap = true; allUsersPhoneBook.Entries[updateVPNname].Options.RequireEap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireChap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireMSChap2 = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireEncryptedPassword = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireDataEncryption = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireMSEncryptedPassword = false; break; case "eap": allUsersPhoneBook.Entries[updateVPNname].Options.RequireEap = true; allUsersPhoneBook.Entries[updateVPNname].Options.RequireChap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequirePap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireMSChap2 = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireEncryptedPassword = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireDataEncryption = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireMSEncryptedPassword = false; break; case "chap": allUsersPhoneBook.Entries[updateVPNname].Options.RequireChap = true; allUsersPhoneBook.Entries[updateVPNname].Options.RequirePap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireEap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireMSChap2 = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireEncryptedPassword = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireDataEncryption = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireMSEncryptedPassword = false; break; case "mschapv2": allUsersPhoneBook.Entries[updateVPNname].Options.RequireMSChap2 = true; allUsersPhoneBook.Entries[updateVPNname].Options.RequirePap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireEap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireChap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireEncryptedPassword = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireDataEncryption = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireMSEncryptedPassword = false; break; default: allUsersPhoneBook.Entries[updateVPNname].Options.RequirePap = true; allUsersPhoneBook.Entries[updateVPNname].Options.RequireEap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireChap = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireMSChap2 = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireEncryptedPassword = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireDataEncryption = false; allUsersPhoneBook.Entries[updateVPNname].Options.RequireMSEncryptedPassword = false; break; } } // 创建一个新VPN else { RasEntry entry = RasEntry.CreateVpnEntry(updateVPNname, updateVPNip, VpnStrategy, RasDevice.GetDevices().First(o => o.DeviceType == RasDeviceType.Vpn)); entry.EncryptionType = EncryptionType; entry.Options.RemoteDefaultGateway = SplitTunneling; entry.Options.IPv6RemoteDefaultGateway = SplitTunneling; switch (AuthenticationMethod.ToLower()) { case "pap": entry.Options.RequirePap = true; entry.Options.RequireEap = false; entry.Options.RequireChap = false; entry.Options.RequireMSChap2 = false; entry.Options.RequireEncryptedPassword = false; entry.Options.RequireDataEncryption = false; entry.Options.RequireMSEncryptedPassword = false; break; case "eap": entry.Options.RequireEap = true; entry.Options.RequireChap = false; entry.Options.RequirePap = false; entry.Options.RequireMSChap2 = false; entry.Options.RequireEncryptedPassword = false; entry.Options.RequireDataEncryption = false; entry.Options.RequireMSEncryptedPassword = false; break; case "chap": entry.Options.RequireChap = true; entry.Options.RequirePap = false; entry.Options.RequireEap = false; entry.Options.RequireMSChap2 = false; entry.Options.RequireEncryptedPassword = false; entry.Options.RequireDataEncryption = false; entry.Options.RequireMSEncryptedPassword = false; break; case "mschapv2": entry.Options.RequireMSChap2 = true; entry.Options.RequirePap = false; entry.Options.RequireEap = false; entry.Options.RequireChap = false; entry.Options.RequireEncryptedPassword = false; entry.Options.RequireDataEncryption = false; entry.Options.RequireMSEncryptedPassword = false; break; default: entry.Options.RequirePap = true; entry.Options.RequireEap = false; entry.Options.RequireChap = false; entry.Options.RequireMSChap2 = false; entry.Options.RequireEncryptedPassword = false; entry.Options.RequireDataEncryption = false; entry.Options.RequireMSEncryptedPassword = false; break; } allUsersPhoneBook.Entries.Add(entry); } if (VpnStrategy == RasVpnStrategy.L2tpOnly) { allUsersPhoneBook.Entries[updateVPNname].Options.UsePreSharedKey = true; allUsersPhoneBook.Entries[updateVPNname].UpdateCredentials(RasPreSharedKey.Client, L2tpPsk); } // 不管当前VPN是否连接,服务器地址的更新总能成功,如果正在连接,则需要VPN重启后才能起作用 allUsersPhoneBook.Entries[updateVPNname].Update(); allUsersPhoneBook.Dispose(); } catch (Exception ex) { //LogUtil.Write("CreateOrUpdateVPN Error:" + ex); } }