コード例 #1
0
        private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
        {
            if (cs.Version != 1)
            {
                return(false);
            }
            string a   = null;
            ASN1   asn = null;
            int    i   = 0;

            while (i < cs.AuthenticatedAttributes.Count)
            {
                ASN1   asn2  = (ASN1)cs.AuthenticatedAttributes[i];
                string text  = ASN1Convert.ToOid(asn2[0]);
                string text2 = text;
                switch (text2)
                {
                case "1.2.840.113549.1.9.3":
                    a = ASN1Convert.ToOid(asn2[1][0]);
                    break;

                case "1.2.840.113549.1.9.4":
                    asn = asn2[1][0];
                    break;

                case "1.2.840.113549.1.9.5":
                    this.timestamp = ASN1Convert.ToDateTime(asn2[1][0]);
                    break;
                }
IL_FC:
                i++;
                continue;
                goto IL_FC;
            }
            if (a != "1.2.840.113549.1.7.1")
            {
                return(false);
            }
            if (asn == null)
            {
                return(false);
            }
            string hashName = null;
            int    length   = asn.Length;

            if (length != 16)
            {
                if (length == 20)
                {
                    hashName = "SHA1";
                }
            }
            else
            {
                hashName = "MD5";
            }
            HashAlgorithm hashAlgorithm = HashAlgorithm.Create(hashName);

            if (!asn.CompareValue(hashAlgorithm.ComputeHash(signature)))
            {
                return(false);
            }
            byte[] signature2 = cs.Signature;
            ASN1   asn3       = new ASN1(49);

            foreach (object obj in cs.AuthenticatedAttributes)
            {
                ASN1 asn4 = (ASN1)obj;
                asn3.Add(asn4);
            }
            byte[] hashValue  = hashAlgorithm.ComputeHash(asn3.GetBytes());
            string issuerName = cs.IssuerName;

            byte[] serialNumber = cs.SerialNumber;
            foreach (X509Certificate x509Certificate in this.coll)
            {
                if (this.CompareIssuerSerial(issuerName, serialNumber, x509Certificate) && x509Certificate.PublicKey.Length > signature2.Length)
                {
                    RSACryptoServiceProvider rsacryptoServiceProvider = (RSACryptoServiceProvider)x509Certificate.RSA;
                    RSAManaged rsamanaged = new RSAManaged();
                    rsamanaged.ImportParameters(rsacryptoServiceProvider.ExportParameters(false));
                    if (PKCS1.Verify_v15(rsamanaged, hashAlgorithm, hashValue, signature2, true))
                    {
                        this.timestampChain.LoadCertificates(this.coll);
                        return(this.timestampChain.Build(x509Certificate));
                    }
                }
            }
            return(false);
        }
コード例 #2
0
        private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
        {
            // SEQUENCE {
            //   INTEGER 1
            if (cs.Version > 1)
            {
                return(false);
            }
            //   SEQUENCE {
            //      SEQUENCE {

            string contentType   = null;
            ASN1   messageDigest = null;

            for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++)
            {
                // SEQUENCE {
                //   OBJECT IDENTIFIER
                ASN1   attr = (ASN1)cs.AuthenticatedAttributes [i];
                string oid  = ASN1Convert.ToOid(attr[0]);
                switch (oid)
                {
                case "1.2.840.113549.1.9.3":
                    // contentType
                    contentType = ASN1Convert.ToOid(attr[1][0]);
                    break;

                case "1.2.840.113549.1.9.4":
                    // messageDigest
                    messageDigest = attr[1][0];
                    break;

                case "1.2.840.113549.1.9.5":
                    // SEQUENCE {
                    //   OBJECT IDENTIFIER
                    //     signingTime (1 2 840 113549 1 9 5)
                    //   SET {
                    //     UTCTime '030124013651Z'
                    //   }
                    // }
                    timestamp = ASN1Convert.ToDateTime(attr[1][0]);
                    break;

                default:
                    break;
                }
            }

            if (contentType != PKCS7.Oid.data)
            {
                return(false);
            }

            // verify message digest
            if (messageDigest == null)
            {
                return(false);
            }
            // TODO: must be read from the ASN.1 structure
            string hashName = null;

            switch (messageDigest.Length)
            {
            case 16:
                hashName = "MD5";
                break;

            case 20:
                hashName = "SHA1";
                break;
            }
            HashAlgorithm ha = HashAlgorithm.Create(hashName);

            if (!messageDigest.CompareValue(ha.ComputeHash(signature)))
            {
                return(false);
            }

            // verify signature
            byte[] counterSignature = cs.Signature;

            // change to SET OF (not [0]) as per PKCS #7 1.5
            ASN1 aa = new ASN1(0x31);

            foreach (ASN1 a in cs.AuthenticatedAttributes)
            {
                aa.Add(a);
            }
            byte[] p7hash = ha.ComputeHash(aa.GetBytes());

            // we need to try all certificates
            string issuer = cs.IssuerName;

            byte[] serial = cs.SerialNumber;
            foreach (X509Certificate x509 in coll)
            {
                if (CompareIssuerSerial(issuer, serial, x509))
                {
                    if (x509.PublicKey.Length > counterSignature.Length)
                    {
                        RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.RSA;
                        // we need to HACK around bad (PKCS#1 1.5) signatures made by Verisign Timestamp Service
                        // and this means copying stuff into our own RSAManaged to get the required flexibility
                        RSAManaged rsam = new RSAManaged();
                        rsam.ImportParameters(rsa.ExportParameters(false));
                        if (PKCS1.Verify_v15(rsam, ha, p7hash, counterSignature, true))
                        {
                            timestampChain.LoadCertificates(coll);
                            return(timestampChain.Build(x509));
                        }
                    }
                }
            }
            // no certificate can verify this signature!
            return(false);
        }
コード例 #3
0
        private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
        {
            if (cs.Version == 1)
            {
                string str = null;
                ASN1   asn = null;
                for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++)
                {
                    ASN1   asn2 = (ASN1)cs.AuthenticatedAttributes[i];
                    string key  = ASN1Convert.ToOid(asn2[0]);
                    if (key != null)
                    {
                        if (__f__switch_map3 == null)
                        {
                            Dictionary <string, int> dictionary = new Dictionary <string, int>(3)
                            {
                                {
                                    "1.2.840.113549.1.9.3",
                                    0
                                },
                                {
                                    "1.2.840.113549.1.9.4",
                                    1
                                },
                                {
                                    "1.2.840.113549.1.9.5",
                                    2
                                }
                            };
                            __f__switch_map3 = dictionary;
                        }
                        if (__f__switch_map3.TryGetValue(key, out int num2))
                        {
                            switch (num2)
                            {
                            case 0:
                                str = ASN1Convert.ToOid(asn2[1][0]);
                                break;

                            case 1:
                                asn = asn2[1][0];
                                break;

                            case 2:
                                this.timestamp = ASN1Convert.ToDateTime(asn2[1][0]);
                                break;
                            }
                        }
                    }
                }

                if (str != "1.2.840.113549.1.7.1")
                {
                    return(false);
                }

                if (asn == null)
                {
                    return(false);
                }

                string hashName = null;
                switch (asn.Length)
                {
                case 0x10:
                    hashName = "MD5";
                    break;

                case 20:
                    hashName = "SHA1";
                    break;
                }

                HashAlgorithm hash = HashAlgorithm.Create(hashName);
                if (asn.CompareValue(hash.ComputeHash(signature)))
                {
                    byte[]      buffer     = cs.Signature;
                    ASN1        asn3       = new ASN1(0x31);
                    IEnumerator enumerator = cs.AuthenticatedAttributes.GetEnumerator();
                    try
                    {
                        while (enumerator.MoveNext())
                        {
                            ASN1 current = (ASN1)enumerator.Current;
                            asn3.Add(current);
                        }
                    }
                    finally
                    {
                        if (enumerator is IDisposable disposable)
                        {
                            disposable.Dispose();
                        }
                    }

                    byte[] hashValue    = hash.ComputeHash(asn3.GetBytes());
                    string issuerName   = cs.IssuerName;
                    byte[] serialNumber = cs.SerialNumber;
                    X509CertificateCollection.X509CertificateEnumerator enumerator2 = this.coll.GetEnumerator();
                    try
                    {
                        while (enumerator2.MoveNext())
                        {
                            X509Certificate current = enumerator2.Current;
                            if (this.CompareIssuerSerial(issuerName, serialNumber, current) &&
                                (current.PublicKey.Length > buffer.Length))
                            {
                                RSACryptoServiceProvider rSA = (RSACryptoServiceProvider)current.RSA;
                                RSAManaged rsa = new RSAManaged();
                                rsa.ImportParameters(rSA.ExportParameters(false));
                                if (PKCS1.Verify_v15(rsa, hash, hashValue, buffer, true))
                                {
                                    this.timestampChain.LoadCertificates(this.coll);
                                    return(this.timestampChain.Build(current));
                                }
                            }
                        }
                    }
                    finally
                    {
                        if (enumerator2 is IDisposable disposable2)
                        {
                            disposable2.Dispose();
                        }
                    }
                }
            }

            return(false);
        }
コード例 #4
0
ファイル: UserConnection.cs プロジェクト: orzMaster/L2.Net
        /// <summary>
        /// Handles incoming packet.
        /// </summary>
        /// <param name="packet">Incoming packet.</param>
        protected override void Handle(Packet packet)
        {
            Logger.WriteLine(Source.OuterNetwork, "Received: {0}", packet.ToString());

            if (!CacheServiceConnection.Active)   // validate if login service is active
            {
                Send(LoginFailed.ToPacket(UserAuthenticationResponseType.ServerMaintenance));
                UserConnectionsListener.CloseActiveConnection(this);
                return;
            }

            if (QueuedRequestsPool.HasRequest(this, true))   // validate if user is awaiting response from cache service
            {
                return;
            }

            switch (packet.FirstOpcode)
            {
            case 0x07:
            {
                Send(ResponseAuthGameGuard.Static);
                return;
            }

            case 0x00:
            {
                m_RSADecryptor = new RSAManaged();
                m_RSADecryptor.ImportParameters(UserConnectionsListener.PrivateKey);

                // get login and password
                unsafe
                {
                    byte[] bytes = new byte[0x80];

                    fixed(byte *buf = bytes, src = packet.GetBuffer())
                    L2Buffer.Copy(src, 0x01, buf, 0x00, 0x80);

                    fixed(byte *buf = m_RSADecryptor.DecryptValue(bytes))
                    {
                        L2Buffer.GetTrimmedString(buf, 0x03, ref Login, 0x0e);
                        L2Buffer.GetTrimmedString(buf, 0x11, ref Password, 0x10);
                    }
                }

                // validate user login
                if (!Utils.IsValidUserLogin(Login))
                {
                    Send(LoginFailed.ToPacket(UserAuthenticationResponseType.UserOrPasswordWrong));
                    return;
                }

                //Password = Utils.HashPassword(Password);

                Session.AccountName = Login;

                Logger.WriteLine(Session.ToString());

                long requestId = long.MinValue;

                // request cache to auth user
                if (QueuedRequestsPool.Enqueue(this, ref requestId))
                {
                    CacheServiceConnection.Send(new UserAuthenticationRequest(requestId, Login, Password, Session.ID).ToPacket());
                }
                else
                {
                    Logger.WriteLine(Source.InnerNetwork, "Failed to send UserAuthenticationRequest to cache service, request was not enqueued by QueuedRequestsPool ?...");
                    Send(LoginFailed.ToPacket(UserAuthenticationResponseType.SystemError));
                    UserConnectionsListener.CloseActiveConnection(this);
                }

                return;
            }

            case 0x05:
            {
                int login1 = packet.ReadInt();
                int login2 = packet.ReadInt();

                if (login1 != Session.Login1 || login2 != Session.Login2)
                {
                    Logger.WriteLine(Source.OuterNetwork, "Invalid UserSession data: {0}. BAN!", Session.ToString());
                    CacheServiceConnection.Send(new UnCacheUser(Session.ID).ToPacket());
                    UserConnectionsListener.CloseActiveConnection(this);
                }
                else
                {
                    long requestID = long.MinValue;

                    if (QueuedRequestsPool.Enqueue(this, ref requestID))
                    {
                        CacheServiceConnection.Send(new WorldsListRequest(requestID).ToPacket());
                    }
                    else
                    {
                        Logger.WriteLine(Source.InnerNetwork, "Failed to send WorldsListRequest to cache service, request was not enqueued by QueuedRequestsPool ?...");
                        UserConnectionsListener.CloseActiveConnection(this);
                    }
                }

                return;
            }

            case 0x02:
            {
                // skip not needed data
                packet.MoveOffset(8);

                long requestID = long.MinValue;

                if (QueuedRequestsPool.Enqueue(this, ref requestID))
                {
                    CacheServiceConnection.Send(new JoinWorldRequest(requestID, Session.ID, packet.ReadByte()).ToPacket());
                }
                else
                {
                    Logger.WriteLine(Source.InnerNetwork, "Failed to send JionWorldRequest to cache service, request was not enqueued by QueuedRequestsPool ?...");
                    UserConnectionsListener.CloseActiveConnection(this);
                }

                return;
            }
            }

            Logger.WriteLine(Source.OuterNetwork, "Unknown packet received: {0}", packet.ToString());
            UserConnectionsListener.CloseActiveConnection(this);
        }
コード例 #5
0
 public override void ImportParameters(RSAParameters parameters)
 {
     rsa.ImportParameters(parameters);
 }
コード例 #6
0
        private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
        {
            if (cs.Version != 1)
            {
                return(false);
            }
            string a   = null;
            ASN1   aSN = null;

            for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++)
            {
                ASN1 aSN2 = (ASN1)cs.AuthenticatedAttributes[i];
                switch (ASN1Convert.ToOid(aSN2[0]))
                {
                case "1.2.840.113549.1.9.3":
                    a = ASN1Convert.ToOid(aSN2[1][0]);
                    break;

                case "1.2.840.113549.1.9.4":
                    aSN = aSN2[1][0];
                    break;

                case "1.2.840.113549.1.9.5":
                    timestamp = ASN1Convert.ToDateTime(aSN2[1][0]);
                    break;
                }
            }
            if (a != "1.2.840.113549.1.7.1")
            {
                return(false);
            }
            if (aSN == null)
            {
                return(false);
            }
            string hashName = null;

            switch (aSN.Length)
            {
            case 16:
                hashName = "MD5";
                break;

            case 20:
                hashName = "SHA1";
                break;
            }
            HashAlgorithm hashAlgorithm = HashAlgorithm.Create(hashName);

            if (!aSN.CompareValue(hashAlgorithm.ComputeHash(signature)))
            {
                return(false);
            }
            byte[] signature2 = cs.Signature;
            ASN1   aSN3       = new ASN1(49);

            foreach (ASN1 authenticatedAttribute in cs.AuthenticatedAttributes)
            {
                aSN3.Add(authenticatedAttribute);
            }
            byte[] hashValue  = hashAlgorithm.ComputeHash(aSN3.GetBytes());
            string issuerName = cs.IssuerName;

            byte[] serialNumber = cs.SerialNumber;
            foreach (X509Certificate item in coll)
            {
                if (CompareIssuerSerial(issuerName, serialNumber, item) && item.PublicKey.Length > signature2.Length)
                {
                    RSACryptoServiceProvider rSACryptoServiceProvider = (RSACryptoServiceProvider)item.RSA;
                    RSAManaged rSAManaged = new RSAManaged();
                    rSAManaged.ImportParameters(rSACryptoServiceProvider.ExportParameters(includePrivateParameters: false));
                    if (PKCS1.Verify_v15(rSAManaged, hashAlgorithm, hashValue, signature2, tryNonStandardEncoding: true))
                    {
                        timestampChain.LoadCertificates(coll);
                        return(timestampChain.Build(item));
                    }
                }
            }
            return(false);
        }