internal override string RecordDataToString()
{
return(TSigAlgorithmHelper.GetDomainName(Algorithm)
+ " " + (int)(Inception - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds
+ " " + (int)(Expiration - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds
+ " " + (ushort)Mode
+ " " + (ushort)Error
+ " " + BaseEncodingHelper.ToBase64String(Key)
+ " " + BaseEncodingHelper.ToBase64String(OtherData));
}
private void EncodeRecordData(Span <byte> messageData, int offset, ref int currentPosition, byte[] mac)
{
DnsMessageBase.EncodeDomainName(messageData, offset, ref currentPosition, TSigAlgorithmHelper.GetDomainName(Algorithm), null, false);
EncodeDateTime(messageData, ref currentPosition, TimeSigned);
DnsMessageBase.EncodeUShort(messageData, ref currentPosition, (ushort)Fudge.TotalSeconds);
DnsMessageBase.EncodeUShort(messageData, ref currentPosition, (ushort)mac.Length);
DnsMessageBase.EncodeByteArray(messageData, ref currentPosition, mac);
DnsMessageBase.EncodeUShort(messageData, ref currentPosition, OriginalID);
DnsMessageBase.EncodeUShort(messageData, ref currentPosition, (ushort)Error);
DnsMessageBase.EncodeUShort(messageData, ref currentPosition, (ushort)OtherData.Length);
DnsMessageBase.EncodeByteArray(messageData, ref currentPosition, OtherData);
}
internal override string RecordDataToString()
{
return(TSigAlgorithmHelper.GetDomainName(Algorithm)
+ " " + (int)(TimeSigned - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds
+ " " + (ushort)Fudge.TotalSeconds
+ " " + Mac.Length
+ " " + Mac.ToBase64String()
+ " " + OriginalID
+ " " + (ushort)Error
+ " " + OtherData.Length
+ " " + OtherData.ToBase64String());
}
internal override void ParseRecordData(byte[] resultData, int startPosition, int length)
{
Algorithm = TSigAlgorithmHelper.GetAlgorithmByName(DnsMessageBase.ParseDomainName(resultData, ref startPosition));
Inception = ParseDateTime(resultData, ref startPosition);
Expiration = ParseDateTime(resultData, ref startPosition);
Mode = (TKeyMode)DnsMessageBase.ParseUShort(resultData, ref startPosition);
Error = (ReturnCode)DnsMessageBase.ParseUShort(resultData, ref startPosition);
int keyLength = DnsMessageBase.ParseUShort(resultData, ref startPosition);
Key = DnsMessageBase.ParseByteData(resultData, ref startPosition, keyLength);
int otherDataLength = DnsMessageBase.ParseUShort(resultData, ref startPosition);
OtherData = DnsMessageBase.ParseByteData(resultData, ref startPosition, otherDataLength);
}
internal override void ParseRecordData(ReadOnlySpan <byte> resultData, int startPosition, int length)
{
Algorithm = TSigAlgorithmHelper.GetAlgorithmByName(DnsMessageBase.ParseDomainName(resultData, ref startPosition));
TimeSigned = ParseDateTime(resultData, ref startPosition);
Fudge = TimeSpan.FromSeconds(DnsMessageBase.ParseUShort(resultData, ref startPosition));
int macSize = DnsMessageBase.ParseUShort(resultData, ref startPosition);
Mac = DnsMessageBase.ParseByteData(resultData, ref startPosition, macSize);
OriginalID = DnsMessageBase.ParseUShort(resultData, ref startPosition);
Error = (ReturnCode)DnsMessageBase.ParseUShort(resultData, ref startPosition);
int otherDataSize = DnsMessageBase.ParseUShort(resultData, ref startPosition);
OtherData = DnsMessageBase.ParseByteData(resultData, ref startPosition, otherDataSize);
}
internal int Encode(bool addLengthPrefix, byte[] originalTsigMac, bool isSubSequentResponse, out byte[] messageData, out byte[] newTSigMac)
{
PrepareEncoding();
int offset = 0;
int messageOffset = offset;
int maxLength = addLengthPrefix ? 2 : 0;
originalTsigMac = originalTsigMac ?? new byte[] { };
if (TSigOptions != null)
{
if (!IsQuery)
{
offset += 2 + originalTsigMac.Length;
maxLength += 2 + originalTsigMac.Length;
}
maxLength += TSigOptions.MaximumLength;
}
#region Get Message Length
maxLength += 12;
maxLength += Questions.Sum(question => question.MaximumLength);
maxLength += AnswerRecords.Sum(record => record.MaximumLength);
maxLength += AuthorityRecords.Sum(record => record.MaximumLength);
maxLength += _additionalRecords.Sum(record => record.MaximumLength);
#endregion
messageData = new byte[maxLength];
int currentPosition = offset;
Dictionary <string, ushort> domainNames = new Dictionary <string, ushort>();
EncodeUShort(messageData, ref currentPosition, TransactionID);
EncodeUShort(messageData, ref currentPosition, Flags);
EncodeUShort(messageData, ref currentPosition, (ushort)Questions.Count);
EncodeUShort(messageData, ref currentPosition, (ushort)AnswerRecords.Count);
EncodeUShort(messageData, ref currentPosition, (ushort)AuthorityRecords.Count);
EncodeUShort(messageData, ref currentPosition, (ushort)_additionalRecords.Count);
foreach (DnsQuestion question in Questions)
{
question.Encode(messageData, offset, ref currentPosition, domainNames);
}
foreach (DnsRecordBase record in AnswerRecords)
{
record.Encode(messageData, offset, ref currentPosition, domainNames);
}
foreach (DnsRecordBase record in AuthorityRecords)
{
record.Encode(messageData, offset, ref currentPosition, domainNames);
}
foreach (DnsRecordBase record in _additionalRecords)
{
record.Encode(messageData, offset, ref currentPosition, domainNames);
}
if (TSigOptions == null)
{
newTSigMac = null;
}
else
{
if (!IsQuery)
{
EncodeUShort(messageData, messageOffset, (ushort)originalTsigMac.Length);
Buffer.BlockCopy(originalTsigMac, 0, messageData, messageOffset + 2, originalTsigMac.Length);
}
EncodeUShort(messageData, offset, TSigOptions.OriginalID);
int tsigVariablesPosition = currentPosition;
if (isSubSequentResponse)
{
TSigRecord.EncodeDateTime(messageData, ref tsigVariablesPosition, TSigOptions.TimeSigned);
EncodeUShort(messageData, ref tsigVariablesPosition, (ushort)TSigOptions.Fudge.TotalSeconds);
}
else
{
EncodeDomainName(messageData, offset, ref tsigVariablesPosition, TSigOptions.Name, false, null);
EncodeUShort(messageData, ref tsigVariablesPosition, (ushort)TSigOptions.RecordClass);
EncodeInt(messageData, ref tsigVariablesPosition, (ushort)TSigOptions.TimeToLive);
EncodeDomainName(messageData, offset, ref tsigVariablesPosition, TSigAlgorithmHelper.GetDomainName(TSigOptions.Algorithm), false, null);
TSigRecord.EncodeDateTime(messageData, ref tsigVariablesPosition, TSigOptions.TimeSigned);
EncodeUShort(messageData, ref tsigVariablesPosition, (ushort)TSigOptions.Fudge.TotalSeconds);
EncodeUShort(messageData, ref tsigVariablesPosition, (ushort)TSigOptions.Error);
EncodeUShort(messageData, ref tsigVariablesPosition, (ushort)TSigOptions.OtherData.Length);
EncodeByteArray(messageData, ref tsigVariablesPosition, TSigOptions.OtherData);
}
KeyedHashAlgorithm hashAlgorithm = TSigAlgorithmHelper.GetHashAlgorithm(TSigOptions.Algorithm);
//byte[] mac;
if ((hashAlgorithm != null) && (TSigOptions.KeyData != null) && (TSigOptions.KeyData.Length > 0))
{
hashAlgorithm.Key = TSigOptions.KeyData;
newTSigMac = hashAlgorithm.ComputeHash(messageData, messageOffset, tsigVariablesPosition);
}
else
{
newTSigMac = new byte[] { };
}
EncodeUShort(messageData, offset, TransactionID);
EncodeUShort(messageData, offset + 10, (ushort)(_additionalRecords.Count + 1));
TSigOptions.Encode(messageData, offset, ref currentPosition, domainNames, newTSigMac);
if (!IsQuery)
{
Buffer.BlockCopy(messageData, offset, messageData, messageOffset, (currentPosition - offset));
currentPosition -= (2 + originalTsigMac.Length);
}
}
if (addLengthPrefix)
{
Buffer.BlockCopy(messageData, 0, messageData, 2, currentPosition);
EncodeUShort(messageData, 0, (ushort)(currentPosition));
currentPosition += 2;
}
return(currentPosition);
}
private ReturnCode ValidateTSig(byte[] resultData, DnsServer.SelectTsigKey tsigKeySelector, byte[] originalMac)
{
byte[] keyData;
if ((TSigOptions.Algorithm == TSigAlgorithm.Unknown) || (tsigKeySelector == null) || ((keyData = tsigKeySelector(TSigOptions.Algorithm, TSigOptions.Name)) == null))
{
return(ReturnCode.BadKey);
}
else if (((TSigOptions.TimeSigned - TSigOptions.Fudge) > DateTime.Now) || ((TSigOptions.TimeSigned + TSigOptions.Fudge) < DateTime.Now))
{
return(ReturnCode.BadTime);
}
else if ((TSigOptions.Mac == null) || (TSigOptions.Mac.Length == 0))
{
return(ReturnCode.BadSig);
}
else
{
TSigOptions.KeyData = keyData;
// maxLength for the buffer to validate: Original (unsigned) dns message and encoded TSigOptions
// because of compression of keyname, the size of the signed message can not be used
int maxLength = TSigOptions.StartPosition + TSigOptions.MaximumLength;
if (originalMac != null)
{
// add length of mac on responses. MacSize not neccessary, this field is allready included in the size of the tsig options
maxLength += originalMac.Length;
}
byte[] validationBuffer = new byte[maxLength];
int currentPosition = 0;
// original mac if neccessary
if ((originalMac != null) && (originalMac.Length > 0))
{
EncodeUShort(validationBuffer, ref currentPosition, (ushort)originalMac.Length);
EncodeByteArray(validationBuffer, ref currentPosition, originalMac);
}
// original unsiged buffer
Buffer.BlockCopy(resultData, 0, validationBuffer, currentPosition, TSigOptions.StartPosition);
// update original transaction id and ar count in message
EncodeUShort(validationBuffer, currentPosition, TSigOptions.OriginalID);
EncodeUShort(validationBuffer, currentPosition + 10, (ushort)_additionalRecords.Count);
currentPosition += TSigOptions.StartPosition;
// TSig Variables
EncodeDomainName(validationBuffer, 0, ref currentPosition, TSigOptions.Name, false, null);
EncodeUShort(validationBuffer, ref currentPosition, (ushort)TSigOptions.RecordClass);
EncodeInt(validationBuffer, ref currentPosition, (ushort)TSigOptions.TimeToLive);
EncodeDomainName(validationBuffer, 0, ref currentPosition, TSigAlgorithmHelper.GetDomainName(TSigOptions.Algorithm), false, null);
TSigRecord.EncodeDateTime(validationBuffer, ref currentPosition, TSigOptions.TimeSigned);
EncodeUShort(validationBuffer, ref currentPosition, (ushort)TSigOptions.Fudge.TotalSeconds);
EncodeUShort(validationBuffer, ref currentPosition, (ushort)TSigOptions.Error);
EncodeUShort(validationBuffer, ref currentPosition, (ushort)TSigOptions.OtherData.Length);
EncodeByteArray(validationBuffer, ref currentPosition, TSigOptions.OtherData);
// Validate MAC
KeyedHashAlgorithm hashAlgorithm = TSigAlgorithmHelper.GetHashAlgorithm(TSigOptions.Algorithm);
hashAlgorithm.Key = keyData;
return((hashAlgorithm.ComputeHash(validationBuffer, 0, currentPosition).SequenceEqual(TSigOptions.Mac)) ? ReturnCode.NoError : ReturnCode.BadSig);
}
}
protected internal override void EncodeRecordData(byte[] messageData, int offset, ref int currentPosition, Dictionary <string, ushort> domainNames)
{
DnsMessageBase.EncodeDomainName(messageData, offset, ref currentPosition, TSigAlgorithmHelper.GetDomainName(Algorithm), false, domainNames);
EncodeDateTime(messageData, ref currentPosition, Inception);
EncodeDateTime(messageData, ref currentPosition, Expiration);
DnsMessageBase.EncodeUShort(messageData, ref currentPosition, (ushort)Mode);
DnsMessageBase.EncodeUShort(messageData, ref currentPosition, (ushort)Error);
DnsMessageBase.EncodeUShort(messageData, ref currentPosition, (ushort)Key.Length);
DnsMessageBase.EncodeByteArray(messageData, ref currentPosition, Key);
DnsMessageBase.EncodeUShort(messageData, ref currentPosition, (ushort)OtherData.Length);
DnsMessageBase.EncodeByteArray(messageData, ref currentPosition, OtherData);
}
