/// <summary> /// Set Qop type /// </summary> /// <param name="dpspResponse">DpspResponse instance</param> /// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param> /// <returns>DIGEST_VALIDATION_REQ structure</returns> private static DIGEST_VALIDATION_REQ SetQopType( DpspResponse dpspResponse, DIGEST_VALIDATION_REQ digestValidationReq) { if (dpspResponse.MessageQop == null || dpspResponse.MessageQop.Length == 0) { digestValidationReq.QopType = QopType_Values.None; } else { switch (dpspResponse.MessageQop.ToLower()) { case QOP_AUTHENTICATION_NAME: digestValidationReq.QopType = QopType_Values.Authenticate; break; case QOP_AUTHENTICATION_AND_INTEGRITY_NAME: digestValidationReq.QopType = QopType_Values.AuthenticateAndIntegrity; break; case QOP_AUTHENTICATION_WITH_INTEGRITY_AND_ENCRYPTION_NAME: digestValidationReq.QopType = QopType_Values.AuthenticateWithIntegrityProtectionAndEncryption; break; default: throw new ArgumentException("invalid QopType value in digestResponse parameter"); } } return(digestValidationReq); }
/// <summary> /// Set alg type /// </summary> /// <param name="digestChallengeAlgorithm">digest challenge algorithm</param> /// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param> /// <returns>DIGEST_VALIDATION_REQ structure</returns> private static DIGEST_VALIDATION_REQ SetAlgType( string digestChallengeAlgorithm, DIGEST_VALIDATION_REQ digestValidationReq) { if (digestChallengeAlgorithm == null || digestChallengeAlgorithm.Length == 0) { digestValidationReq.AlgType = AlgType_Values.NotPresentAndMD5Assumed; } else { switch (digestChallengeAlgorithm.ToLower()) { case MD5_ALGORITHM_NAME: digestValidationReq.AlgType = AlgType_Values.MD5DigestAndChecksum; break; case MD5_SESS_ALGORITHM_NAME: digestValidationReq.AlgType = AlgType_Values.MD5SessDigestAndChecksum; break; default: throw new ArgumentException("invalid digestChallengeAlgorithm parameter"); } } return(digestValidationReq); }
/// <summary> /// Update the DIGEST_VALIDATION_REQ structure info after modification. /// For negative testing, user might need to modify the field of the structure. /// For example, if user change the domain name value, the message size need to /// recaculate after the modification. /// </summary> /// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param> public static DIGEST_VALIDATION_REQ UpdatePacketInfo( DIGEST_VALIDATION_REQ digestValidationReq) { if (digestValidationReq.Payload == null) { throw new ArgumentException( "The payload field should not be null", "digestValidationReq"); } DIGEST_VALIDATION_REQ_Payload payload = DIGEST_VALIDATION_REQ_Payload.Parse(digestValidationReq.Payload); digestValidationReq.AccountNameLength = (ushort)ConvertStringToByteArray(payload.AccountName, Encoding.Unicode).Length; digestValidationReq.DomainLength = (ushort)ConvertStringToByteArray(payload.Domain, Encoding.Unicode).Length; digestValidationReq.ServerNameLength = (ushort)ConvertStringToByteArray(payload.ServerName, Encoding.Unicode).Length; // cacluate the size of payload // CharValuesLength specify the number of bytes in the Payload field of the // DIGEST_VALIDATION_REQ message, and MUST NOT exceed the total size in MsgSize digestValidationReq.CharValuesLength = (ushort)digestValidationReq.Payload.Length; // 16-bit unsigned integer that MUST specify // the total number of bytes in the DIGEST_VALIDATION_REQ message byte[] msgData = TypeMarshal.ToBytes <DIGEST_VALIDATION_REQ>(digestValidationReq); digestValidationReq.MsgSize = (ushort)msgData.Length; return(digestValidationReq); }
/// <summary> /// Create DPSP logon information structure /// </summary> /// <param name="parameterControl"> /// A set of bit flags that contain information pertaining to the logon validation processing. /// </param> /// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param> /// <returns>Dpsp netlogon information structure</returns> public static _NETLOGON_LEVEL CreateDpspLogonInfo( NrpcParameterControlFlags parameterControl, DIGEST_VALIDATION_REQ digestValidationReq) { if (digestValidationReq.Payload == null) { throw new ArgumentException( "invalid digestValidationReq parameter: the payload field is null", "digestValidationReq"); } _NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL(); DIGEST_VALIDATION_REQ_Payload payload = DIGEST_VALIDATION_REQ_Payload.Parse(digestValidationReq.Payload); byte[] logonData = TypeMarshal.ToBytes <DIGEST_VALIDATION_REQ>(digestValidationReq); //Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15, //that contains information about the logon identity. _NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo( parameterControl, payload.Domain, payload.Username, payload.ServerName); netLogonLevel.LogonGeneric = new _NETLOGON_GENERIC_INFO[1]; netLogonLevel.LogonGeneric[0].Identity = identityInfo; netLogonLevel.LogonGeneric[0].PackageName = DtypUtility.ToRpcUnicodeString(DIGEST_PACKAGENAME); netLogonLevel.LogonGeneric[0].LogonData = logonData; netLogonLevel.LogonGeneric[0].DataLength = (uint)logonData.Length; return(netLogonLevel); }
/// <summary> /// Encode common part of DigestValidationRequest /// </summary> /// <param name="serverName">server name</param> /// <param name="domainName">domain name</param> /// <param name="accountName">account name</param> /// <param name="digestType">digest type</param> /// <param name="digestChallengeAlgorithm">digest challenge algorithm</param> /// <param name="dpspResponse">dpspResponse</param> /// <param name="payload">DIGEST_VALIDATION_REQ_Payload structure</param> /// <param name="digestValidationReq">digestValidationReq</param> private static void EncodeCommonPartOfDigestValidationRequest( string serverName, string domainName, string accountName, DigestType_Values digestType, string digestChallengeAlgorithm, DpspResponse dpspResponse, ref DIGEST_VALIDATION_REQ_Payload payload, ref DIGEST_VALIDATION_REQ digestValidationReq ) { digestValidationReq.MessageType = DIGEST_VALIDATION_REQ_MessageType_Values.Default; digestValidationReq.Version = DIGEST_VALIDATION_REQ_Version_Values.Default; digestValidationReq.DigestType = digestType; digestValidationReq = SetQopType(dpspResponse, digestValidationReq); digestValidationReq = SetAlgType(digestChallengeAlgorithm, digestValidationReq); digestValidationReq.CharsetType = CharsetType_Values.UTF8; digestValidationReq.NameFormat = NameFormat_Values.None; digestValidationReq.Flags = DIGEST_VALIDATION_FLAGS.FormatOfUserNameAndRealmIsDeterminedByDC | DIGEST_VALIDATION_FLAGS.RequestIsSentFromServer; digestValidationReq.Reserved3 = DIGEST_VALIDATION_REQ_Reserved3_Values.Default; digestValidationReq.Reserved4 = Reserved4_Values.Default; digestValidationReq.Pad1 = DIGEST_VALIDATION_REQ_Pad1_Values.Default; // Each of the strings MUST be included. If the string value is empty, // then a terminating null character MUST be used for the value. payload.Username = dpspResponse.GetAttributeValue(DpspUtility.USER_NAME_DIRECTIVE); payload.Realm = dpspResponse.GetAttributeValue(DpspUtility.REALM_DIRECTIVE); payload.Nonce = dpspResponse.GetAttributeValue(DpspUtility.NONCE_DIRECTIVE); payload.CNonce = dpspResponse.GetAttributeValue(DpspUtility.CNONCE_DIRECTIVE); payload.NonceCount = dpspResponse.GetAttributeValue(DpspUtility.NONCE_COUNT_DIRECTIVE); payload.QOP = dpspResponse.GetAttributeValue(DpspUtility.MESSAGE_QOP_DIRECTIVE); payload.Response = dpspResponse.GetAttributeValue(DpspUtility.RESPONSE_DIRECTIVE); payload.AccountName = accountName;; payload.ServerName = serverName; payload.Domain = domainName; }
/// <summary> /// Set Qop type /// </summary> /// <param name="dpspResponse">DpspResponse instance</param> /// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param> /// <returns>DIGEST_VALIDATION_REQ structure</returns> private static DIGEST_VALIDATION_REQ SetQopType( DpspResponse dpspResponse, DIGEST_VALIDATION_REQ digestValidationReq) { if (dpspResponse.MessageQop == null || dpspResponse.MessageQop.Length == 0) { digestValidationReq.QopType = QopType_Values.None; } else { switch (dpspResponse.MessageQop.ToLower()) { case QOP_AUTHENTICATION_NAME: digestValidationReq.QopType = QopType_Values.Authenticate; break; case QOP_AUTHENTICATION_AND_INTEGRITY_NAME: digestValidationReq.QopType = QopType_Values.AuthenticateAndIntegrity; break; case QOP_AUTHENTICATION_WITH_INTEGRITY_AND_ENCRYPTION_NAME: digestValidationReq.QopType = QopType_Values.AuthenticateWithIntegrityProtectionAndEncryption; break; default: throw new ArgumentException("invalid QopType value in digestResponse parameter"); } } return digestValidationReq; }
/// <summary> /// Set alg type /// </summary> /// <param name="digestChallengeAlgorithm">digest challenge algorithm</param> /// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param> /// <returns>DIGEST_VALIDATION_REQ structure</returns> private static DIGEST_VALIDATION_REQ SetAlgType( string digestChallengeAlgorithm, DIGEST_VALIDATION_REQ digestValidationReq) { if (digestChallengeAlgorithm == null || digestChallengeAlgorithm.Length == 0) { digestValidationReq.AlgType = AlgType_Values.NotPresentAndMD5Assumed; } else { switch (digestChallengeAlgorithm.ToLower()) { case MD5_ALGORITHM_NAME: digestValidationReq.AlgType = AlgType_Values.MD5DigestAndChecksum; break; case MD5_SESS_ALGORITHM_NAME: digestValidationReq.AlgType = AlgType_Values.MD5SessDigestAndChecksum; break; default: throw new ArgumentException("invalid digestChallengeAlgorithm parameter"); } } return digestValidationReq; }
/// <summary> /// Encode common part of DigestValidationRequest /// </summary> /// <param name="serverName">server name</param> /// <param name="domainName">domain name</param> /// <param name="accountName">account name</param> /// <param name="digestType">digest type</param> /// <param name="digestChallengeAlgorithm">digest challenge algorithm</param> /// <param name="dpspResponse">dpspResponse</param> /// <param name="payload">DIGEST_VALIDATION_REQ_Payload structure</param> /// <param name="digestValidationReq">digestValidationReq</param> private static void EncodeCommonPartOfDigestValidationRequest( string serverName, string domainName, string accountName, DigestType_Values digestType, string digestChallengeAlgorithm, DpspResponse dpspResponse, ref DIGEST_VALIDATION_REQ_Payload payload, ref DIGEST_VALIDATION_REQ digestValidationReq ) { digestValidationReq.MessageType = DIGEST_VALIDATION_REQ_MessageType_Values.Default; digestValidationReq.Version = DIGEST_VALIDATION_REQ_Version_Values.Default; digestValidationReq.DigestType = digestType; digestValidationReq = SetQopType(dpspResponse, digestValidationReq); digestValidationReq = SetAlgType(digestChallengeAlgorithm, digestValidationReq); digestValidationReq.CharsetType = CharsetType_Values.UTF8; digestValidationReq.NameFormat = NameFormat_Values.None; digestValidationReq.Flags = DIGEST_VALIDATION_FLAGS.FormatOfUserNameAndRealmIsDeterminedByDC | DIGEST_VALIDATION_FLAGS.RequestIsSentFromServer; digestValidationReq.Reserved3 = DIGEST_VALIDATION_REQ_Reserved3_Values.Default; digestValidationReq.Reserved4 = Reserved4_Values.Default; digestValidationReq.Pad1 = DIGEST_VALIDATION_REQ_Pad1_Values.Default; // Each of the strings MUST be included. If the string value is empty, // then a terminating null character MUST be used for the value. payload.Username = dpspResponse.GetAttributeValue(DpspUtility.USER_NAME_DIRECTIVE); payload.Realm = dpspResponse.GetAttributeValue(DpspUtility.REALM_DIRECTIVE); payload.Nonce = dpspResponse.GetAttributeValue(DpspUtility.NONCE_DIRECTIVE); payload.CNonce = dpspResponse.GetAttributeValue(DpspUtility.CNONCE_DIRECTIVE); payload.NonceCount = dpspResponse.GetAttributeValue(DpspUtility.NONCE_COUNT_DIRECTIVE); payload.QOP = dpspResponse.GetAttributeValue(DpspUtility.MESSAGE_QOP_DIRECTIVE); payload.Response = dpspResponse.GetAttributeValue(DpspUtility.RESPONSE_DIRECTIVE); payload.AccountName = accountName; ; payload.ServerName = serverName; payload.Domain = domainName; }
/// <summary> /// Update the DIGEST_VALIDATION_REQ structure info after modification. /// For negative testing, user might need to modify the field of the structure. /// For example, if user change the domain name value, the message size need to /// recaculate after the modification. /// </summary> /// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param> public static DIGEST_VALIDATION_REQ UpdatePacketInfo( DIGEST_VALIDATION_REQ digestValidationReq) { if (digestValidationReq.Payload == null) { throw new ArgumentException( "The payload field should not be null", "digestValidationReq"); } DIGEST_VALIDATION_REQ_Payload payload = DIGEST_VALIDATION_REQ_Payload.Parse(digestValidationReq.Payload); digestValidationReq.AccountNameLength = (ushort)ConvertStringToByteArray(payload.AccountName, Encoding.Unicode).Length; digestValidationReq.DomainLength = (ushort)ConvertStringToByteArray(payload.Domain, Encoding.Unicode).Length; digestValidationReq.ServerNameLength = (ushort)ConvertStringToByteArray(payload.ServerName, Encoding.Unicode).Length; // cacluate the size of payload // CharValuesLength specify the number of bytes in the Payload field of the // DIGEST_VALIDATION_REQ message, and MUST NOT exceed the total size in MsgSize digestValidationReq.CharValuesLength = (ushort)digestValidationReq.Payload.Length; // 16-bit unsigned integer that MUST specify // the total number of bytes in the DIGEST_VALIDATION_REQ message byte[] msgData = TypeMarshal.ToBytes<DIGEST_VALIDATION_REQ>(digestValidationReq); digestValidationReq.MsgSize = (ushort)msgData.Length; return digestValidationReq; }
/// <summary> /// Create DPSP logon information structure /// </summary> /// <param name="parameterControl"> /// A set of bit flags that contain information pertaining to the logon validation processing. /// </param> /// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param> /// <returns>Dpsp netlogon information structure</returns> public static _NETLOGON_LEVEL CreateDpspLogonInfo( NrpcParameterControlFlags parameterControl, DIGEST_VALIDATION_REQ digestValidationReq) { if (digestValidationReq.Payload == null) { throw new ArgumentException( "invalid digestValidationReq parameter: the payload field is null", "digestValidationReq"); } _NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL(); DIGEST_VALIDATION_REQ_Payload payload = DIGEST_VALIDATION_REQ_Payload.Parse(digestValidationReq.Payload); byte[] logonData = TypeMarshal.ToBytes<DIGEST_VALIDATION_REQ>(digestValidationReq); //Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15, //that contains information about the logon identity. _NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo( parameterControl, payload.Domain, payload.Username, payload.ServerName); netLogonLevel.LogonGeneric = new _NETLOGON_GENERIC_INFO[1]; netLogonLevel.LogonGeneric[0].Identity = identityInfo; netLogonLevel.LogonGeneric[0].PackageName = DtypUtility.ToRpcUnicodeString(DIGEST_PACKAGENAME); netLogonLevel.LogonGeneric[0].LogonData = logonData; netLogonLevel.LogonGeneric[0].DataLength = (uint)logonData.Length; return netLogonLevel; }
/// <summary> /// Construct DIGEST_VALIDATION_REQ structure /// </summary> /// <param name="serverName">server name</param> /// <param name="domainName">domain name</param> /// <param name="accountName">account name</param> /// <param name="httpMethod">http method</param> /// <param name="digestType">digest type</param> /// <param name="digestChallengeAlgorithm">digest challenge algorithm</param> /// <param name="dpspResponse">dpspResponse class instance</param> /// <returns>DIGEST_VALIDATION_REQ structure</returns> /// <exception cref="ArgumentNullException"> /// Thrown when dpspResponse or httpMethod is null /// </exception> /// <exception cref="ArgumentException"> /// Thrown when httpMethod or digestType input is invalid /// </exception> public static DIGEST_VALIDATION_REQ CreateDigestValidationRequestPacket( string serverName, string domainName, string accountName, string httpMethod, DigestType_Values digestType, string digestChallengeAlgorithm, DpspResponse dpspResponse) { if (dpspResponse == null) { throw new ArgumentNullException("dpspResponse"); } if (httpMethod == null) { throw new ArgumentNullException("httpMethod"); } DIGEST_VALIDATION_REQ_Payload payload = new DIGEST_VALIDATION_REQ_Payload(); DIGEST_VALIDATION_REQ digestValidationReq = new DIGEST_VALIDATION_REQ(); if (digestType == DigestType_Values.Basic) { EncodeCommonPartOfDigestValidationRequest( serverName, domainName, accountName, digestType, digestChallengeAlgorithm, dpspResponse, ref payload, ref digestValidationReq); payload.Algorithm = dpspResponse.GetAttributeValue(DpspUtility.ALGORITHM_DIRECTIVE); payload.URI = dpspResponse.GetAttributeValue(DpspUtility.BASIC_DIGEST_URI_DIRECTIVE); if (httpMethod.ToUpper().Equals(HTTP_GET) || httpMethod.ToLower().Equals(HTTP_PUT)) { payload.Method = httpMethod; } else { throw new ArgumentException("invalid http method", "httpMethod"); } } else if (digestType == DigestType_Values.SASL) { EncodeCommonPartOfDigestValidationRequest( serverName, domainName, accountName, digestType, digestChallengeAlgorithm, dpspResponse, ref payload, ref digestValidationReq); payload.Method = SASL_AUTHENTICATE; payload.URI = dpspResponse.GetAttributeValue(DpspUtility.SASL_DIGEST_URI_DIRECTIVE); payload.Authzid = dpspResponse.GetAttributeValue(DpspUtility.AUTHZID_DIRECTIVE); payload.Hentity = dpspResponse.GetAttributeValue(DpspUtility.HENTITY_DIRECTIVE); } else { throw new ArgumentException( "invalid digestType value", "digestType"); } digestValidationReq.Payload = payload.GetBytes(); digestValidationReq = UpdatePacketInfo(digestValidationReq); return digestValidationReq; }
/// <summary> /// Construct DIGEST_VALIDATION_REQ structure /// </summary> /// <param name="serverName">server name</param> /// <param name="domainName">domain name</param> /// <param name="accountName">account name</param> /// <param name="httpMethod">http method</param> /// <param name="digestType">digest type</param> /// <param name="digestChallengeAlgorithm">digest challenge algorithm</param> /// <param name="dpspResponse">dpspResponse class instance</param> /// <returns>DIGEST_VALIDATION_REQ structure</returns> /// <exception cref="ArgumentNullException"> /// Thrown when dpspResponse or httpMethod is null /// </exception> /// <exception cref="ArgumentException"> /// Thrown when httpMethod or digestType input is invalid /// </exception> public static DIGEST_VALIDATION_REQ CreateDigestValidationRequestPacket( string serverName, string domainName, string accountName, string httpMethod, DigestType_Values digestType, string digestChallengeAlgorithm, DpspResponse dpspResponse) { if (dpspResponse == null) { throw new ArgumentNullException("dpspResponse"); } if (httpMethod == null) { throw new ArgumentNullException("httpMethod"); } DIGEST_VALIDATION_REQ_Payload payload = new DIGEST_VALIDATION_REQ_Payload(); DIGEST_VALIDATION_REQ digestValidationReq = new DIGEST_VALIDATION_REQ(); if (digestType == DigestType_Values.Basic) { EncodeCommonPartOfDigestValidationRequest( serverName, domainName, accountName, digestType, digestChallengeAlgorithm, dpspResponse, ref payload, ref digestValidationReq); payload.Algorithm = dpspResponse.GetAttributeValue(DpspUtility.ALGORITHM_DIRECTIVE); payload.URI = dpspResponse.GetAttributeValue(DpspUtility.BASIC_DIGEST_URI_DIRECTIVE); if (httpMethod.ToUpper().Equals(HTTP_GET) || httpMethod.ToLower().Equals(HTTP_PUT)) { payload.Method = httpMethod; } else { throw new ArgumentException("invalid http method", "httpMethod"); } } else if (digestType == DigestType_Values.SASL) { EncodeCommonPartOfDigestValidationRequest( serverName, domainName, accountName, digestType, digestChallengeAlgorithm, dpspResponse, ref payload, ref digestValidationReq); payload.Method = SASL_AUTHENTICATE; payload.URI = dpspResponse.GetAttributeValue(DpspUtility.SASL_DIGEST_URI_DIRECTIVE); payload.Authzid = dpspResponse.GetAttributeValue(DpspUtility.AUTHZID_DIRECTIVE); payload.Hentity = dpspResponse.GetAttributeValue(DpspUtility.HENTITY_DIRECTIVE); } else { throw new ArgumentException( "invalid digestType value", "digestType"); } digestValidationReq.Payload = payload.GetBytes(); digestValidationReq = UpdatePacketInfo(digestValidationReq); return(digestValidationReq); }