Exemple #1
0
        public static bool ValidateCanary15(string canaryString, string logonUniqueKey)
        {
            byte[] userContextIdBinary;
            byte[] array;
            byte[] array2;
            if (!Canary15.ParseCanary15(canaryString, out userContextIdBinary, out array, out array2))
            {
                ExTraceGlobals.CoreTracer.TraceDebug <string>(10L, "ValidateCanary failed, canaryString={0}", canaryString);
                return(false);
            }
            if (Canary15.IsExpired(array))
            {
                ExTraceGlobals.CoreTracer.TraceDebug <string>(10L, "Canary is expired, timeStampBinary={0}", Canary15.GetHexString(array));
                return(false);
            }
            long num;
            int  num2;

            byte[] array3 = Canary15DataManager.ComputeHash(userContextIdBinary, array, logonUniqueKey, out num, out num2);
            if (Canary15.AreEqual(array2, array3))
            {
                return(true);
            }
            ExTraceGlobals.CoreTracer.TraceDebug <string, string>(10L, "testHashBinary={0}!=hashBinary={1}", Canary15.GetHexString(array3), Canary15.GetHexString(array2));
            return(false);
        }
 private static Canary15Cookie Create(Canary15 canary, Canary15Profile profile)
 {
     if (canary == null)
     {
         ExTraceGlobals.CoreTracer.TraceDebug(20L, "Canary == null");
         return(null);
     }
     return(new Canary15Cookie(canary, profile));
 }
Exemple #3
0
        public Canary15(string logonUniqueKey)
        {
            byte[] userContextIdBinary = Guid.NewGuid().ToByteArray();
            byte[] bytes = BitConverter.GetBytes(DateTime.UtcNow.Ticks);
            long   keyIndex;
            int    segmentIndex;

            byte[] hashBinary = Canary15DataManager.ComputeHash(userContextIdBinary, bytes, logonUniqueKey, out keyIndex, out segmentIndex);
            this.Init(userContextIdBinary, bytes, logonUniqueKey, hashBinary, Canary15.FormatLogData(keyIndex, segmentIndex));
            this.IsRenewed       = true;
            this.IsAboutToExpire = false;
        }
 private Canary15Cookie(Canary15 canary, Canary15Profile profile)
 {
     this.profile             = profile;
     this.Canary              = canary;
     this.domain              = string.Empty;
     this.HttpCookie          = new HttpCookie(this.profile.Name, this.Value);
     this.HttpCookie.Domain   = this.Domain;
     this.HttpCookie.Path     = this.profile.Path;
     this.NetCookie           = new Cookie(this.profile.Name, this.Value, this.profile.Path, this.Domain);
     this.HttpCookie.Secure   = true;
     this.NetCookie.Secure    = true;
     this.HttpCookie.HttpOnly = false;
     this.NetCookie.HttpOnly  = false;
 }
Exemple #5
0
        private void Init(byte[] userContextIdBinary, byte[] timeStampBinary, string logonUniqueKey, byte[] hashBinary, string logData)
        {
            byte[] array = new byte[userContextIdBinary.Length + timeStampBinary.Length + hashBinary.Length];
            userContextIdBinary.CopyTo(array, 0);
            timeStampBinary.CopyTo(array, userContextIdBinary.Length);
            hashBinary.CopyTo(array, userContextIdBinary.Length + timeStampBinary.Length);
            this.UserContextId  = new Guid(userContextIdBinary).ToString("N");
            this.LogonUniqueKey = logonUniqueKey;
            this.canaryString   = Canary15.Encode(array);
            long ticks = BitConverter.ToInt64(timeStampBinary, 0);

            this.CreationTime    = new DateTime(ticks, DateTimeKind.Utc);
            this.LogData         = logData;
            this.IsRenewed       = false;
            this.IsAboutToExpire = Canary15.IsNearExpiration(timeStampBinary);
        }
        private static Canary15Cookie TryCreateFromHttpCookie(HttpCookie cookie, string logonUniqueKey, Canary15Profile profile)
        {
            string   text   = null;
            Canary15 canary = null;

            if (cookie == null)
            {
                ExTraceGlobals.CoreTracer.TraceDebug <string>(21L, "Http cookie is null, Name={0}", profile.Name);
            }
            else if (string.IsNullOrEmpty(cookie.Value))
            {
                ExTraceGlobals.CoreTracer.TraceDebug <string, string, string>(21L, "Http cookie value is null, Name={0}, Domain={1}, Path={2}", cookie.Name, cookie.Domain, cookie.Path);
            }
            else if (!Canary15Cookie.TryGetCookieValue(cookie.Value, out text))
            {
                ExTraceGlobals.CoreTracer.TraceDebug(21L, "TryParseCookeValue failed, Name={0}, Domain={1}, Path={2}, Value={3}", new object[]
                {
                    cookie.Name,
                    cookie.Domain,
                    cookie.Path,
                    cookie.Value
                });
            }
            else
            {
                canary = Canary15.RestoreCanary15(text, logonUniqueKey);
            }
            if (canary == null)
            {
                if (cookie != null)
                {
                    ExTraceGlobals.CoreTracer.TraceDebug(21L, "restoredCanary==null, Name={0}, Domain={1}, Path={2}, Value={3}, canaryString={4}, logonUniqueKey={5}", new object[]
                    {
                        cookie.Name,
                        cookie.Domain,
                        cookie.Path,
                        cookie.Value,
                        text,
                        logonUniqueKey
                    });
                }
                canary = new Canary15(logonUniqueKey);
                ExTraceGlobals.CoreTracer.TraceDebug <string, string, string>(21L, "Canary is recreated, userContextId={0}, logonUniqueKey={1}, canaryString={2}", canary.UserContextId, canary.LogonUniqueKey, canary.ToString());
            }
            return(Canary15Cookie.Create(canary, profile));
        }
Exemple #7
0
 private static bool ParseCanary15(string canaryString, out byte[] userContextIdBinary, out byte[] timeStampBinary, out byte[] hashBinary)
 {
     userContextIdBinary = null;
     timeStampBinary     = null;
     hashBinary          = null;
     if (canaryString == null)
     {
         ExTraceGlobals.CoreTracer.TraceDebug(4L, "Canary string is null");
         return(false);
     }
     if (canaryString.Length != 76)
     {
         ExTraceGlobals.CoreTracer.TraceDebug <int>(4L, "canaryString.length={0}", canaryString.Length);
         return(false);
     }
     byte[] array;
     try
     {
         array = Canary15.Decode(canaryString);
     }
     catch (FormatException ex)
     {
         if (ExTraceGlobals.CoreTracer.IsTraceEnabled(TraceType.DebugTrace))
         {
             ExTraceGlobals.CoreTracer.TraceDebug <string>(4L, "Format Exception {0}", ex.ToString());
         }
         return(false);
     }
     if (array.Length != 56)
     {
         ExTraceGlobals.CoreTracer.TraceDebug <int, int>(4L, "canaryBinary.Length={0}!=CanaryBinaryLength={1}", array.Length, 56);
         return(false);
     }
     userContextIdBinary = new byte[16];
     timeStampBinary     = new byte[8];
     hashBinary          = new byte[32];
     Array.Copy(array, 0, userContextIdBinary, 0, 16);
     Array.Copy(array, 16, timeStampBinary, 0, 8);
     Array.Copy(array, 24, hashBinary, 0, 32);
     return(true);
 }
Exemple #8
0
 public static Canary15 RestoreCanary15(string canaryString, string logonUniqueKey)
 {
     byte[] userContextIdBinary;
     byte[] array;
     byte[] array2;
     if (Canary15.ParseCanary15(canaryString, out userContextIdBinary, out array, out array2))
     {
         if (Canary15.IsExpired(array))
         {
             ExTraceGlobals.CoreTracer.TraceDebug <string>(5L, "Canary is expired, timeStampBinary={0}", Canary15.GetHexString(array));
             return(null);
         }
         long   keyIndex;
         int    segmentIndex;
         byte[] array3 = Canary15DataManager.ComputeHash(userContextIdBinary, array, logonUniqueKey, out keyIndex, out segmentIndex);
         if (Canary15.AreEqual(array3, array2))
         {
             return(new Canary15(userContextIdBinary, array, logonUniqueKey, array2, Canary15.FormatLogData(keyIndex, segmentIndex)));
         }
         ExTraceGlobals.CoreTracer.TraceDebug <string, string>(5L, "testHashBinary={0}!=hashBinary={1}", Canary15.GetHexString(array3), Canary15.GetHexString(array2));
     }
     ExTraceGlobals.CoreTracer.TraceDebug <string, string>(5L, "RestoreCanary failed, logonUniqueKey={0}, canaryString={1}", logonUniqueKey, canaryString);
     return(null);
 }
        public static bool ValidateCanaryInHeaders(HttpContext httpContext, string userSid, Canary15Profile profile, out Canary15Cookie.CanaryValidationResult result)
        {
            string text = httpContext.Request.Headers[profile.Name];
            bool   flag = true;

            if (Canary15.RestoreCanary15(text, userSid) != null)
            {
                result = Canary15Cookie.CanaryValidationResult.HeaderMatch;
            }
            else
            {
                string text2;
                try
                {
                    string components = httpContext.Request.Url.GetComponents(UriComponents.Query, UriFormat.Unescaped);
                    string query      = HttpUtility.HtmlDecode(components);
                    NameValueCollection nameValueCollection = HttpUtility.ParseQueryString(query);
                    text2 = nameValueCollection[profile.Name];
                }
                catch
                {
                    text2 = null;
                }
                if (Canary15.RestoreCanary15(text2, userSid) != null)
                {
                    result = Canary15Cookie.CanaryValidationResult.UrlParameterMatch;
                }
                else
                {
                    string text3 = httpContext.Request.Form[profile.Name];
                    if (Canary15.RestoreCanary15(text3, userSid) != null)
                    {
                        result = Canary15Cookie.CanaryValidationResult.FormParameterMatch;
                    }
                    else
                    {
                        flag   = false;
                        result = Canary15Cookie.CanaryValidationResult.NotFound;
                        if (ExTraceGlobals.CoreCallTracer.IsTraceEnabled(TraceType.DebugTrace))
                        {
                            StringBuilder stringBuilder = new StringBuilder();
                            for (int i = 0; i < httpContext.Request.Cookies.Count; i++)
                            {
                                HttpCookie httpCookie = httpContext.Request.Cookies.Get(i);
                                if (string.Equals(httpCookie.Name, profile.Name, StringComparison.OrdinalIgnoreCase))
                                {
                                    stringBuilder.AppendFormat("[{0}]", httpCookie.Value);
                                }
                            }
                            ExTraceGlobals.CoreTracer.TraceDebug(11L, "Canary15Cookie='{0}',HttpHeader.Canary='{1}', UrlParam.Canary='{2}', Form.Canary='{3}', success={4}, result={5}", new object[]
                            {
                                stringBuilder.ToString(),
                                text,
                                text2,
                                text3,
                                flag,
                                result.ToString()
                            });
                        }
                    }
                }
            }
            return(flag);
        }