/// <summary>
/// Verify the signature of a Smb2CompoundPacket
/// </summary>
/// <param name="packet">The compound packet to be verified</param>
private void TryVerifySignature(Smb2CompoundPacket packet, byte[] messageBytes)
{
try
{
ulong firstSessionId = packet.Packets[0].Header.SessionId;
uint offset = 0;
for (int i = 0; i < packet.Packets.Count; i++)
{
Smb2SinglePacket singlePacket = packet.Packets[i];
// NextCommand is the offset, in bytes, from the beginning of this SMB2 header to the start of the subsequent 8-byte aligned SMB2 header.
uint packetLen = singlePacket.Header.NextCommand != 0 ? singlePacket.Header.NextCommand : (uint)(messageBytes.Length - offset);
byte[] packetBytes = new byte[packetLen];
Array.Copy(messageBytes, offset, packetBytes, 0, packetLen);
offset += packetLen;
// For Related operations, the sessinId is in the first packet of the compound packet.
ulong sessionId = singlePacket.Header.Flags.HasFlag(Packet_Header_Flags_Values.FLAGS_RELATED_OPERATIONS) ? firstSessionId : singlePacket.Header.SessionId;
TryVerifySignature(singlePacket, sessionId, packetBytes);
}
}
catch (Exception ex)
{
throw new Exception("Error happened during signature verification of compound packet: " + packet.ToString() + ". Exception message:" + ex.Message);
}
}
/// <summary>
/// Verify the signature of a Smb2CompoundPacket
/// </summary>
/// <param name="packet">The compound packet to be verified</param>
/// <returns>True when signature verification succeeds and false when fails</returns>
private bool TryVerifySignature(Smb2CompoundPacket packet)
{
try
{
Packet_Header header = TypeMarshal.ToStruct<Packet_Header>(packet.ToBytes());
if ((header.Flags & Packet_Header_Flags_Values.FLAGS_RELATED_OPERATIONS)
== Packet_Header_Flags_Values.FLAGS_RELATED_OPERATIONS)
{
//The realSessionId is the sessionId in the first pacekt of the compoundpacket for related packets.
ulong realSessionId = packet.Packets[0].Header.SessionId;
for (int i = 0; i < packet.Packets.Count; i++)
{
Smb2SinglePacket singlePacket = packet.Packets[i];
if (!TryVerifySignature(singlePacket, realSessionId))
{
break;
}
}
}
else
{
for (int i = 0; i < packet.Packets.Count; i++)
{
Smb2SinglePacket singlePacket = packet.Packets[i];
if (!TryVerifySignature(singlePacket, singlePacket.Header.SessionId))
{
break;
}
}
}
return true;
}
catch (Exception ex)
{
throw new Exception("Error happened during signature verification of compound packet: " + packet.ToString() + ". Exception message:" + ex.Message);
}
}
/// <summary>
/// Verify the signature of a Smb2CompoundPacket
/// </summary>
/// <param name="packet">The compound packet to be verified</param>
private void TryVerifySignature(Smb2CompoundPacket packet, byte[] messageBytes)
{
try
{
ulong firstSessionId = packet.Packets[0].Header.SessionId;
uint offset = 0;
for (int i = 0; i < packet.Packets.Count; i++)
{
Smb2SinglePacket singlePacket = packet.Packets[i];
// NextCommand is the offset, in bytes, from the beginning of this SMB2 header to the start of the subsequent 8-byte aligned SMB2 header.
uint packetLen = singlePacket.Header.NextCommand != 0 ? singlePacket.Header.NextCommand : (uint)(messageBytes.Length - offset);
byte[] packetBytes = new byte[packetLen];
Array.Copy(messageBytes, offset, packetBytes, 0, packetLen);
offset += packetLen;
// For Related operations, the sessinId is in the first packet of the compound packet.
ulong sessionId = singlePacket.Header.Flags.HasFlag(Packet_Header_Flags_Values.FLAGS_RELATED_OPERATIONS) ? firstSessionId : singlePacket.Header.SessionId;
TryVerifySignature(singlePacket, sessionId, packetBytes);
}
}
catch (Exception ex)
{
throw new Exception("Error happened during signature verification of compound packet: " + packet.ToString() + ". Exception message:" + ex.Message);
}
}
/// <summary>
/// Verify the signature of a Smb2CompoundPacket
/// </summary>
/// <param name="packet">The compound packet to be verified</param>
/// <returns>True when signature verification succeeds and false when fails</returns>
private bool TryVerifySignature(Smb2CompoundPacket packet)
{
try
{
Packet_Header header = TypeMarshal.ToStruct <Packet_Header>(packet.ToBytes());
if ((header.Flags & Packet_Header_Flags_Values.FLAGS_RELATED_OPERATIONS)
== Packet_Header_Flags_Values.FLAGS_RELATED_OPERATIONS)
{
//The realSessionId is the sessionId in the first pacekt of the compoundpacket for related packets.
ulong realSessionId = packet.Packets[0].Header.SessionId;
for (int i = 0; i < packet.Packets.Count; i++)
{
Smb2SinglePacket singlePacket = packet.Packets[i];
if (!TryVerifySignature(singlePacket, realSessionId))
{
break;
}
}
}
else
{
for (int i = 0; i < packet.Packets.Count; i++)
{
Smb2SinglePacket singlePacket = packet.Packets[i];
if (!TryVerifySignature(singlePacket, singlePacket.Header.SessionId))
{
break;
}
}
}
return(true);
}
catch (Exception ex)
{
throw new Exception("Error happened during signature verification of compound packet: " + packet.ToString() + ". Exception message:" + ex.Message);
}
}