コード例 #1
0
        public NTTransactCreateRequest(byte[] parameters, byte[] data, bool isUnicode)
        {
            int parametersOffset = 0;

            Flags             = (NTCreateFlags)LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);
            RootDirectoryFID  = LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);
            DesiredAccess     = (AccessMask)LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);
            AllocationSize    = LittleEndianReader.ReadInt64(parameters, ref parametersOffset);
            ExtFileAttributes = (ExtendedFileAttributes)LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);
            ShareAccess       = (ShareAccess)LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);
            CreateDisposition = (CreateDisposition)LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);
            CreateOptions     = (CreateOptions)LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);
            uint securityDescriptiorLength = LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);

            _ = LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);
            uint nameLength = LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);

            ImpersonationLevel = (ImpersonationLevel)LittleEndianReader.ReadUInt32(parameters, ref parametersOffset);
            SecurityFlags      = (SecurityFlags)ByteReader.ReadByte(parameters, ref parametersOffset);

            if (isUnicode)
            {
                parametersOffset++;
            }
            Name = SMB1Helper.ReadFixedLengthString(parameters, ref parametersOffset, isUnicode, (int)nameLength);
            if (securityDescriptiorLength > 0)
            {
                SecurityDescriptor = new SecurityDescriptor(data, 0);
            }
            ExtendedAttributes = FileFullEAInformation.ReadList(data, (int)securityDescriptiorLength);
        }
コード例 #2
0
ファイル: Fingerprint.cs プロジェクト: Dentrax/EasySSA
 public Fingerprint(string identityID, byte identityFlag, SecurityFlags securityFlag, string sha)
 {
     this.IdentityID   = identityID;
     this.IdentityFlag = identityFlag;
     this.SecurityFlag = securityFlag;
     this.SHA          = sha;
 }
コード例 #3
0
        public NTCreateAndXRequest(byte[] buffer, int offset, bool isUnicode) : base(buffer, offset, isUnicode)
        {
            Reserved           = ByteReader.ReadByte(this.SMBParameters, 4);
            NameLength         = LittleEndianConverter.ToUInt16(this.SMBParameters, 5);
            Flags              = (NTCreateFlags)LittleEndianConverter.ToUInt32(this.SMBParameters, 7);
            RootDirectoryFID   = LittleEndianConverter.ToUInt32(this.SMBParameters, 11);
            DesiredAccess      = (FileAccessMask)LittleEndianConverter.ToUInt32(this.SMBParameters, 15);
            AllocationSize     = LittleEndianConverter.ToInt64(this.SMBParameters, 19);
            ExtFileAttributes  = (ExtendedFileAttributes)LittleEndianConverter.ToUInt32(this.SMBParameters, 27);
            ShareAccess        = (ShareAccess)LittleEndianConverter.ToUInt32(this.SMBParameters, 31);
            CreateDisposition  = (CreateDisposition)LittleEndianConverter.ToUInt32(this.SMBParameters, 35);
            CreateOptions      = (CreateOptions)LittleEndianConverter.ToUInt32(this.SMBParameters, 39);
            ImpersonationLevel = (ImpersonationLevel)LittleEndianConverter.ToUInt32(this.SMBParameters, 43);
            SecurityFlags      = (SecurityFlags)ByteReader.ReadByte(this.SMBParameters, 47);

            int dataOffset = 0;

            if (isUnicode)
            {
                // A Unicode string MUST be aligned to a 16-bit boundary with respect to the beginning of the SMB Header.
                // Note: SMBData starts at an odd offset.
                dataOffset = 1;
            }
            FileName = SMB1Helper.ReadSMBString(this.SMBData, dataOffset, isUnicode);
        }
コード例 #4
0
ファイル: SecurityOptions.cs プロジェクト: QardenEden/Suru
		/// <summary>
		/// Initializes a new instance of the SecurityOptions class.
		/// </summary>
		/// <param name="protocol">One of the <see cref="SecureProtocol"/> values.</param>
		/// <param name="cert">A <see cref="Certificate"/> instance.</param>
		/// <param name="entity">One of the <see cref="ConnectionEnd"/> values.</param>
		/// <param name="verifyType">One of the <see cref="CredentialVerification"/> values.</param>
		/// <param name="verifier">The <see cref="CertVerifyEventHandler"/> delegate.</param>
		/// <param name="commonName">The common name of the remote computer. This is usually a domain name.</param>
		/// <param name="flags">A bitwise combination of the <see cref="SecurityFlags"/> values.</param>
		/// <param name="allowed">A bitwise combination of the <see cref="SslAlgorithms"/> values.</param>
		/// <param name="requestHandler">The <see cref="CertRequestEventHandler"/> delegate.</param>
		public SecurityOptions(SecureProtocol protocol, Certificate cert, ConnectionEnd entity, CredentialVerification verifyType, CertVerifyEventHandler verifier, string commonName, SecurityFlags flags, SslAlgorithms allowed, CertRequestEventHandler requestHandler) {
			this.Protocol = protocol;
			this.Certificate = cert;
			this.Entity = entity;
			this.VerificationType = verifyType;
			this.Verifier = verifier;
			this.CommonName = commonName;
			this.Flags = flags;
			this.AllowedAlgorithms = allowed;
			this.RequestHandler = requestHandler;
		}
コード例 #5
0
        // Default constructor
        public Security()
        {
            m_value_x = 0;
            m_value_g = 0;
            m_value_p = 0;
            m_value_A = 0;
            m_value_B = 0;
            m_value_K = 0;
            m_seed_count = 0;
            m_crc_seed = 0;
            m_initial_blowfish_key = 0;
            m_handshake_blowfish_key = 0;
            m_count_byte_seeds = new byte[3];
            m_count_byte_seeds[0] = 0;
            m_count_byte_seeds[1] = 0;
            m_count_byte_seeds[2] = 0;
            m_client_key = 0;
            m_challenge_key = 0;

            m_client_security = false;
            m_security_flag = 0;
            m_security_flags = new SecurityFlags();
            m_accepted_handshake = false;
            m_started_handshake = false;
            m_identity_flag = 0;
            m_identity_name = "SR_Client";

            m_outgoing_packets = new List<Packet>();
            m_incoming_packets = new List<Packet>();

            m_enc_opcodes = new List<ushort>();
            m_enc_opcodes.Add(0x2001);
            m_enc_opcodes.Add(0x6100);
            m_enc_opcodes.Add(0x6101);
            m_enc_opcodes.Add(0x6102);
            m_enc_opcodes.Add(0x6103);
            m_enc_opcodes.Add(0x6107);

            m_blowfish = new Blowfish();

            m_recv_buffer = new TransferBuffer(8192); // must be at minimal 2 bytes!
            m_current_buffer = null;

            /* Chernobyl: Fix massive msg fragmentation
            m_massive_count = 0;
            m_massive_packet = null;
            */

            m_class_lock = new object();
        }
コード例 #6
0
ファイル: SSLPlugin.cs プロジェクト: divyang4481/IIOPNet
        internal SslConnectionListener(SecurityAssociationOptions requiredOptions,
                                       SecurityAssociationOptions supportedOptions,
                                       IServerSideAuthentication serverAuth,
                                       omg.org.IOP.Codec codec)
        {
            m_codec = codec;

            if (((requiredOptions & SecurityAssociationOptions.NoProtection) > 0) &&
                (((supportedOptions & SecurityAssociationOptions.EstablishTrustInTarget) > 0) ||
                 ((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0)))
            {
                throw new ArgumentException("unsupported options combination: required no protection and supported EstablishTrustInTarget/Client");
            }

            SecureProtocol protocol       = SecureProtocol.None;
            SslAlgorithms  allowedCiphers = SslAlgorithms.ALL;

            if (((supportedOptions & SecurityAssociationOptions.EstablishTrustInTarget) > 0) ||
                ((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0))
            {
                protocol       = SecureProtocol.Tls1 | SecureProtocol.Ssl3;
                allowedCiphers = SslAlgorithms.SECURE_CIPHERS;
                m_isSecured    = true;
            }

            CredentialVerification clientVerification = CredentialVerification.None;
            CertVerifyEventHandler verifyClient       = null;
            SecurityFlags          authFlags          = SecurityFlags.Default;

            if (((supportedOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0) ||
                ((requiredOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0))
            {
                clientVerification = CredentialVerification.Manual;
                verifyClient       = new CertVerifyEventHandler(this.CheckClientCertAtServer);
            }
            if ((requiredOptions & SecurityAssociationOptions.EstablishTrustInClient) > 0)
            {
                authFlags = SecurityFlags.MutualAuthentication;
            }

            m_sslOpts = new SecurityOptions(protocol, serverAuth.GetServerCertificate(), ConnectionEnd.Server,
                                            clientVerification, verifyClient,
                                            null, authFlags, allowedCiphers, null);
            m_serverAuth       = serverAuth;
            m_supportedOptions = supportedOptions;
            m_requiredOptions  = requiredOptions;
        }
コード例 #7
0
 public TCPServer(string ip, int port, SecurityFlags flags)
 {
     m_blConnectionAllowed = false;
     m_SecurityFlags       = flags;
     m_Socket            = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
     m_SocketContextPool = new ObjectPool <SocketContext>(() => new SocketContext(), () => m_SocketContextPool.Count > 200);
     try
     {
         IPEndPoint endPoint = new IPEndPoint(IPAddress.Parse(ip), port);
         m_Socket.Bind(endPoint);
         m_Socket.Listen(1000);
     }
     catch (SocketException)
     {
         Console.WriteLine("Cannot listen socket ({0}:{1})", ip, port);
     }
 }
コード例 #8
0
 public SecurityOptions(SecureProtocol protocol, ExtensionType[] extensions, Certificate cert,
                        ConnectionEnd entity, IEnumerable <string> knownProtocols,
                        CredentialVerification verifyType, CertVerifyEventHandler verifier,
                        string commonName, SecurityFlags flags, SslAlgorithms allowed,
                        CertRequestEventHandler requestHandler)
 {
     this.Protocol          = protocol;
     this.Certificate       = cert;
     this.Entity            = entity;
     this.VerificationType  = verifyType;
     this.Verifier          = verifier;
     this.CommonName        = commonName;
     this.Flags             = flags;
     this.AllowedAlgorithms = allowed;
     this.RequestHandler    = requestHandler;
     this.KnownProtocols    = knownProtocols;
     this.Extensions        = extensions;
     this.ExtensionList     = FormExtsList(extensions);
 }
コード例 #9
0
        public NTCreateAndXRequest(byte[] buffer, int offset, bool isUnicode) : base(buffer, offset, isUnicode)
        {
            Reserved = ByteReader.ReadByte(this.SMBParameters, 4);
            ushort nameLength = LittleEndianConverter.ToUInt16(this.SMBParameters, 5);

            Flags              = (NTCreateFlags)LittleEndianConverter.ToUInt32(this.SMBParameters, 7);
            RootDirectoryFID   = LittleEndianConverter.ToUInt32(this.SMBParameters, 11);
            DesiredAccess      = (DesiredAccess)LittleEndianConverter.ToUInt32(this.SMBParameters, 15);
            AllocationSize     = LittleEndianConverter.ToUInt64(this.SMBParameters, 19);
            ExtFileAttributes  = (ExtendedFileAttributes)LittleEndianConverter.ToUInt32(this.SMBParameters, 27);
            ShareAccess        = (ShareAccess)LittleEndianConverter.ToUInt32(this.SMBParameters, 31);
            CreateDisposition  = (CreateDisposition)LittleEndianConverter.ToUInt32(this.SMBParameters, 35);
            CreateOptions      = (CreateOptions)LittleEndianConverter.ToUInt32(this.SMBParameters, 39);
            ImpersonationLevel = (ImpersonationLevel)LittleEndianConverter.ToUInt32(this.SMBParameters, 43);
            SecurityFlags      = (SecurityFlags)ByteReader.ReadByte(this.SMBParameters, 47);

            int dataOffset = 0;

            if (isUnicode)
            {
                dataOffset = 1; // 1 byte padding for 2 byte alignment
            }
            FileName = SMBHelper.ReadSMBString(this.SMBData, dataOffset, isUnicode);
        }
コード例 #10
0
 /// <summary>
 /// Initializes a new instance of the SecurityOptions class.
 /// </summary>
 /// <param name="protocol">One of the <see cref="SecureProtocol"/> values.</param>
 /// <param name="cert">A <see cref="Certificate"/> instance.</param>
 /// <param name="entity">One of the <see cref="ConnectionEnd"/> values.</param>
 /// <param name="verifyType">One of the <see cref="CredentialVerification"/> values.</param>
 /// <param name="verifier">The <see cref="CertVerifyEventHandler"/> delegate.</param>
 /// <param name="commonName">The common name of the remote computer. This is usually a domain name.</param>
 /// <param name="flags">A bitwise combination of the <see cref="SecurityFlags"/> values.</param>
 /// <param name="allowed">A bitwise combination of the <see cref="SslAlgorithms"/> values.</param>
 /// <param name="requestHandler">The <see cref="CertRequestEventHandler"/> delegate.</param>
 public SecurityOptions(SecureProtocol protocol, Certificate cert, ConnectionEnd entity, CredentialVerification verifyType, CertVerifyEventHandler verifier, string commonName, SecurityFlags flags, SslAlgorithms allowed, CertRequestEventHandler requestHandler)
 {
     this.Protocol          = protocol;
     this.Certificate       = cert;
     this.Entity            = entity;
     this.VerificationType  = verifyType;
     this.Verifier          = verifier;
     this.CommonName        = commonName;
     this.Flags             = flags;
     this.AllowedAlgorithms = allowed;
     this.RequestHandler    = requestHandler;
 }
コード例 #11
0
ファイル: Security.cs プロジェクト: dawnoble/blackcatproject
 // Returns a SecurityFlags object from a byte.
 static SecurityFlags ToSecurityFlags(byte value)
 {
     SecurityFlags flags = new SecurityFlags();
     flags.none = (byte)(value & 1);
     value >>= 1;
     flags.blowfish = (byte)(value & 1);
     value >>= 1;
     flags.security_bytes = (byte)(value & 1);
     value >>= 1;
     flags.handshake = (byte)(value & 1);
     value >>= 1;
     flags.handshake_response = (byte)(value & 1);
     value >>= 1;
     flags._6 = (byte)(value & 1);
     value >>= 1;
     flags._7 = (byte)(value & 1);
     value >>= 1;
     flags._8 = (byte)(value & 1);
     value >>= 1;
     return flags;
 }
コード例 #12
0
ファイル: Security.cs プロジェクト: dawnoble/blackcatproject
        void GenerateSecurity(SecurityFlags flags)
        {
            m_security_flag = FromSecurityFlags(flags);
            m_security_flags = flags;
            m_client_security = true;

            //don't need about solving problem CA2000
            Packet response = new Packet(0x5000);

            response.WriteUInt8(m_security_flag);

            if (m_security_flags.blowfish == 1)
            {
                m_initial_blowfish_key = NextUInt64();

                m_blowfish.Initialize(BitConverter.GetBytes(m_initial_blowfish_key));

                response.WriteUInt64(m_initial_blowfish_key);
            }
            if (m_security_flags.security_bytes == 1)
            {
                m_seed_count = NextUInt8();
                SetupCountByte(m_seed_count);
                m_crc_seed = NextUInt8();

                response.WriteUInt32(m_seed_count);
                response.WriteUInt32(m_crc_seed);
            }
            if (m_security_flags.handshake == 1)
            {
                m_handshake_blowfish_key = NextUInt64();
                m_value_x = NextUInt32() & 0x7FFFFFFF;
                m_value_g = NextUInt32() & 0x7FFFFFFF;
                m_value_p = NextUInt32() & 0x7FFFFFFF;
                m_value_A = G_pow_X_mod_P(m_value_p, m_value_x, m_value_g);

                response.WriteUInt64(m_handshake_blowfish_key);
                response.WriteUInt32(m_value_g);
                response.WriteUInt32(m_value_p);
                response.WriteUInt32(m_value_A);
            }

            m_outgoing_packets.Add(response);
        }
コード例 #13
0
ファイル: Security.cs プロジェクト: dawnoble/blackcatproject
 static SecurityFlags CopySecurityFlags(SecurityFlags flags)
 {
     SecurityFlags copy = new SecurityFlags();
     copy.none = flags.none;
     copy.blowfish = flags.blowfish;
     copy.security_bytes = flags.security_bytes;
     copy.handshake = flags.handshake;
     copy.handshake_response = flags.handshake_response;
     copy._6 = flags._6;
     copy._7 = flags._7;
     copy._8 = flags._8;
     return copy;
 }
コード例 #14
0
ファイル: Security.cs プロジェクト: dawnoble/blackcatproject
 // Returns a byte from a SecurityFlags object.
 static byte FromSecurityFlags(SecurityFlags flags)
 {
     return (byte)(flags.none | flags.blowfish << 1 | flags.security_bytes << 2 | flags.handshake << 3 | flags.handshake_response << 4 | flags._6 << 5 | flags._7 << 6 | flags._8 << 7);
 }
コード例 #15
0
ファイル: Security.cs プロジェクト: dawnoble/blackcatproject
 // Generates the security settings. This should only be called if the security object
 // is being used to process an incoming connection's data (server).
 public void GenerateSecurity(bool blowfish, bool security_bytes, bool handshake)
 {
     lock (m_class_lock)
     {
         SecurityFlags flags = new SecurityFlags();
         if (blowfish)
         {
             flags.none = 0;
             flags.blowfish = 1;
         }
         if (security_bytes)
         {
             flags.none = 0;
             flags.security_bytes = 1;
         }
         if (handshake)
         {
             flags.none = 0;
             flags.handshake = 1;
         }
         if (!blowfish && !security_bytes && !handshake)
         {
             flags.none = 1;
         }
         GenerateSecurity(flags);
     }
 }
コード例 #16
0
ファイル: Security.cs プロジェクト: dawnoble/blackcatproject
        void Handshake(ushort packet_opcode, PacketReader packet_data, bool packet_encrypted)
        {
            if (packet_encrypted)
            {
                throw (new Exception("[SecurityAPI::Handshake] Received an illogical (encrypted) handshake packet."));
            }
            if (m_client_security)
            {
                // If this object does not need a handshake
                if (m_security_flags.handshake == 0)
                {
                    // Client should only accept it then
                    if (packet_opcode == 0x9000)
                    {
                        if (m_accepted_handshake)
                        {
                            throw (new Exception("[SecurityAPI::Handshake] Received an illogical handshake packet (duplicate 0x9000)."));
                        }
                        m_accepted_handshake = true; // Otherwise, all good here
                        return;
                    }
                    // Client should not send any 0x5000s!
                    else if (packet_opcode == 0x5000)
                    {
                        throw (new Exception("[SecurityAPI::Handshake] Received an illogical handshake packet (0x5000 with no handshake)."));
                    }
                    // Programmer made a mistake in calling this function
                    else
                    {
                        throw (new Exception("[SecurityAPI::Handshake] Received an illogical handshake packet (programmer error)."));
                    }
                }
                else
                {
                    // Client accepts the handshake
                    if (packet_opcode == 0x9000)
                    {
                        // Can't accept it before it's started!
                        if (!m_started_handshake)
                        {
                            throw (new Exception("[SecurityAPI::Handshake] Received an illogical handshake packet (out of order 0x9000)."));
                        }
                        if (m_accepted_handshake) // Client error
                        {
                            throw (new Exception("[SecurityAPI::Handshake] Received an illogical handshake packet (duplicate 0x9000)."));
                        }
                        // Otherwise, all good here
                        m_accepted_handshake = true;
                        return;
                    }
                    // Client sends a handshake response
                    else if (packet_opcode == 0x5000)
                    {
                        if (m_started_handshake) // Client error
                        {
                            throw (new Exception("[SecurityAPI::Handshake] Received an illogical handshake packet (duplicate 0x5000)."));
                        }
                        m_started_handshake = true;
                    }
                    // Programmer made a mistake in calling this function
                    else
                    {
                        throw (new Exception("[SecurityAPI::Handshake] Received an illogical handshake packet (programmer error)."));
                    }
                }

                ulong key_array = 0;
                byte[] tmp_bytes;

                m_value_B = packet_data.ReadUInt32();
                m_client_key = packet_data.ReadUInt64();

                m_value_K = G_pow_X_mod_P(m_value_p, m_value_x, m_value_B);

                key_array = MAKELONGLONG_(m_value_A, m_value_B);
                KeyTransformValue(ref key_array, m_value_K, (byte)(LOBYTE_(LOWORD_(m_value_K)) & 0x03));
                m_blowfish.Initialize(BitConverter.GetBytes(key_array));

                tmp_bytes = m_blowfish.Decode(BitConverter.GetBytes(m_client_key));
                m_client_key = BitConverter.ToUInt64(tmp_bytes, 0);

                key_array = MAKELONGLONG_(m_value_B, m_value_A);
                KeyTransformValue(ref key_array, m_value_K, (byte)(LOBYTE_(LOWORD_(m_value_B)) & 0x07));
                if (m_client_key != key_array)
                {
                    throw (new Exception("[SecurityAPI::Handshake] Client signature error."));
                }

                key_array = MAKELONGLONG_(m_value_A, m_value_B);
                KeyTransformValue(ref key_array, m_value_K, (byte)(LOBYTE_(LOWORD_(m_value_K)) & 0x03));
                m_blowfish.Initialize(BitConverter.GetBytes(key_array));

                m_challenge_key = MAKELONGLONG_(m_value_A, m_value_B);
                KeyTransformValue(ref m_challenge_key, m_value_K, (byte)(LOBYTE_(LOWORD_(m_value_A)) & 0x07));
                tmp_bytes = m_blowfish.Encode(BitConverter.GetBytes(m_challenge_key));
                m_challenge_key = BitConverter.ToUInt64(tmp_bytes, 0);

                KeyTransformValue(ref m_handshake_blowfish_key, m_value_K, 0x3);
                m_blowfish.Initialize(BitConverter.GetBytes(m_handshake_blowfish_key));

                SecurityFlags tmp_flags = new SecurityFlags();
                tmp_flags.handshake_response = 1;
                byte tmp_flag = FromSecurityFlags(tmp_flags);

                //CA2000 dont care
                Packet response = new Packet(0x5000);
                response.WriteUInt8(tmp_flag);
                response.WriteUInt64(m_challenge_key);
                m_outgoing_packets.Add(response);
            }
            else
            {
                if (packet_opcode != 0x5000)
                {
                    throw (new Exception("[SecurityAPI::Handshake] Received an illogical handshake packet (programmer error)."));
                }

                byte flag = packet_data.ReadByte();

                SecurityFlags flags = ToSecurityFlags(flag);

                if (m_security_flag == 0)
                {
                    m_security_flag = flag;
                    m_security_flags = flags;
                }

                if (flags.blowfish == 1)
                {
                    m_initial_blowfish_key = packet_data.ReadUInt64();
                    m_blowfish.Initialize(BitConverter.GetBytes(m_initial_blowfish_key));
                }

                if (flags.security_bytes == 1)
                {
                    m_seed_count = packet_data.ReadUInt32();
                    m_crc_seed = packet_data.ReadUInt32();
                    SetupCountByte(m_seed_count);
                }

                if (flags.handshake == 1)
                {
                    m_handshake_blowfish_key = packet_data.ReadUInt64();
                    m_value_g = packet_data.ReadUInt32();
                    m_value_p = packet_data.ReadUInt32();
                    m_value_A = packet_data.ReadUInt32();

                    m_value_x = NextUInt32() & 0x7FFFFFFF;

                    m_value_B = G_pow_X_mod_P(m_value_p, m_value_x, m_value_g);
                    m_value_K = G_pow_X_mod_P(m_value_p, m_value_x, m_value_A);

                    ulong key_array = MAKELONGLONG_(m_value_A, m_value_B);
                    KeyTransformValue(ref key_array, m_value_K, (byte)(LOBYTE_(LOWORD_(m_value_K)) & 0x03));
                    m_blowfish.Initialize(BitConverter.GetBytes(key_array));

                    m_client_key = MAKELONGLONG_(m_value_B, m_value_A);
                    KeyTransformValue(ref m_client_key, m_value_K, (byte)(LOBYTE_(LOWORD_(m_value_B)) & 0x07));
                    byte[] tmp_bytes = m_blowfish.Encode(BitConverter.GetBytes(m_client_key));
                    m_client_key = BitConverter.ToUInt64(tmp_bytes, 0);
                }

                if (flags.handshake_response == 1)
                {
                    m_challenge_key = packet_data.ReadUInt64();

                    ulong expected_challenge_key = MAKELONGLONG_(m_value_A, m_value_B);
                    KeyTransformValue(ref expected_challenge_key, m_value_K, (byte)(LOBYTE_(LOWORD_(m_value_A)) & 0x07));
                    byte[] tmp_bytes = m_blowfish.Encode(BitConverter.GetBytes(expected_challenge_key));
                    expected_challenge_key = BitConverter.ToUInt64(tmp_bytes, 0);

                    if (m_challenge_key != expected_challenge_key)
                    {
                        throw (new Exception("[SecurityAPI::Handshake] Server signature error."));
                    }

                    KeyTransformValue(ref m_handshake_blowfish_key, m_value_K, 0x3);
                    m_blowfish.Initialize(BitConverter.GetBytes(m_handshake_blowfish_key));
                }

                // Generate the outgoing packet now
                if (flags.handshake == 1 && flags.handshake_response == 0)
                {
                    // Check to see if we already started a handshake
                    if (m_started_handshake || m_accepted_handshake)
                    {
                        throw (new Exception("[SecurityAPI::Handshake] Received an illogical handshake packet (duplicate 0x5000)."));
                    }

                    // Handshake challenge
                    //CA2000 dont care
                    Packet response = new Packet(0x5000);
                    response.WriteUInt32(m_value_B);
                    response.WriteUInt64(m_client_key);
                    m_outgoing_packets.Insert(0, response);

                    // The handshake has started
                    m_started_handshake = true;
                }
                else
                {
                    // Check to see if we already accepted a handshake
                    if (m_accepted_handshake)
                    {
                        throw (new Exception("[SecurityAPI::Handshake] Received an illogical handshake packet (duplicate 0x5000)."));
                    }

                    // Handshake accepted
                    //CA2000 dont care
                    Packet response1 = new Packet(0x9000);

                    // Identify
                    //CA2000 dont care
                    Packet response2 = new Packet(0x2001, true, false);
                    response2.WriteAscii(m_identity_name);
                    response2.WriteUInt8(m_identity_flag);

                    // Insert at the front, we want 0x9000 first, then 0x2001
                    m_outgoing_packets.Insert(0, response2);
                    m_outgoing_packets.Insert(0, response1);

                    // Mark the handshake as accepted now
                    m_started_handshake = true;
                    m_accepted_handshake = true;
                }
            }
        }
コード例 #17
0
 /// <summary>
 /// Sets the security
 /// </summary>
 /// <param name="flags"></param>
 public void SetSecurity(SecurityFlags flags)
 {
     m_Security = new Security();
     m_Security.GenerateSecurity(flags.HasFlag(SecurityFlags.Blowfish), flags.HasFlag(SecurityFlags.SecurityBytes), flags.HasFlag(SecurityFlags.Handshake));
     m_Security.ChangeIdentity("GatewayServer", 0);
 }
コード例 #18
0
 public SocketContext(Socket client, SecurityFlags flags)
     : this()
 {
     SetSocket(client);
     SetSecurity(flags);
 }
コード例 #19
0
 public SecurityOptions(SecureProtocol protocol, ExtensionType[] extensions, Certificate cert,
                        ConnectionEnd entity, IEnumerable<string> knownProtocols,
                        CredentialVerification verifyType, CertVerifyEventHandler verifier,
                        string commonName, SecurityFlags flags, SslAlgorithms allowed,
                        CertRequestEventHandler requestHandler)
 {
     this.Protocol = protocol;
     this.Certificate = cert;
     this.Entity = entity;
     this.VerificationType = verifyType;
     this.Verifier = verifier;
     this.CommonName = commonName;
     this.Flags = flags;
     this.AllowedAlgorithms = allowed;
     this.RequestHandler = requestHandler;
     this.KnownProtocols = knownProtocols;
     this.Extensions = extensions;
     this.ExtensionList = FormExtsList(extensions);
 }