private static bool ParseCanary(string canaryString, out byte[] userContextIdBinary, out byte[] timeStampBinary, out byte[] hashBinary) { userContextIdBinary = null; timeStampBinary = null; hashBinary = null; if (string.IsNullOrEmpty(canaryString) || canaryString.Length != 76) { return(false); } byte[] array; try { array = Canary.Decode(canaryString); } catch (FormatException) { return(false); } if (array.Length != 56) { return(false); } userContextIdBinary = new byte[16]; timeStampBinary = new byte[8]; hashBinary = new byte[32]; Array.Copy(array, 0, userContextIdBinary, 0, 16); Array.Copy(array, 16, timeStampBinary, 0, 8); Array.Copy(array, 24, hashBinary, 0, 32); return(true); }
public static void SendCanary(this HttpContext context, ref CanaryStatus canaryStatus, ref bool shouldAddLog) { if (context.Request.IsAuthenticated && !context.IsLogoffRequest()) { bool flag = false; string cachedUserUniqueKey = context.GetCachedUserUniqueKey(); string canaryName = context.GetCanaryName(); HttpCookie httpCookie = context.Request.Cookies[canaryName]; if (httpCookie != null && Canary.RestoreCanary(httpCookie.Value, cachedUserUniqueKey) != null) { flag = true; } if (!flag) { if (httpCookie != null) { EcpEventLogConstants.Tuple_ResetCanaryInCookie.LogEvent(new object[] { EcpEventLogExtensions.GetUserNameToLog(), cachedUserUniqueKey, canaryName, context.GetRequestUrlForLog(), (httpCookie != null) ? httpCookie.Value : string.Empty }); } Canary canary = new Canary(Guid.NewGuid(), cachedUserUniqueKey); HttpCookie httpCookie2 = new HttpCookie(canaryName, canary.ToString()); httpCookie2.HttpOnly = false; httpCookie2.Path = EcpUrl.GetEcpVDirForCanary(); context.Response.Cookies.Add(httpCookie2); canaryStatus |= CanaryStatus.IsCanaryRenewed; } } shouldAddLog = true; }
private static bool HasValidCanary(this HttpContext context, string canaryInHeader, string canaryInForm, string canaryInUrl, out string canaryVersion, ref CanaryStatus canaryStatus) { bool flag = context.User is InboundProxySession; bool flag2 = !flag || !string.IsNullOrEmpty(context.Request.Headers["msExchEcpOutboundProxyVersion"]); canaryVersion = (flag2 ? "14.2" : "14.1"); string canaryName = context.GetCanaryName(); HttpCookie httpCookie = context.Request.Cookies[canaryName]; string text = (httpCookie == null) ? string.Empty : httpCookie.Value; string cachedUserUniqueKey = context.GetCachedUserUniqueKey(); Canary canary = Canary.RestoreCanary(text, cachedUserUniqueKey); bool flag3 = !flag2 || canary != null; bool flag4 = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInForm); bool flag5 = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInHeader); bool flag6 = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInUrl); bool flag7 = false; if (httpCookie != null && !string.IsNullOrEmpty(httpCookie.Value) && flag3) { flag7 = (flag5 || flag4 || flag6); } if (flag7) { if (flag4) { canaryStatus |= (CanaryStatus)3; } if (flag5) { canaryStatus |= (CanaryStatus)1; } if (flag6) { canaryStatus |= (CanaryStatus)2; } } else if (!flag3) { EcpEventLogConstants.Tuple_InvalidCanaryInCookieDetected.LogPeriodicEvent(EcpEventLogExtensions.GetPeriodicKeyPerUser(), new object[] { EcpEventLogExtensions.GetUserNameToLog(), cachedUserUniqueKey, canaryName, context.GetRequestUrlForLog(), text }); } else { EcpEventLogConstants.Tuple_InvalidCanaryDetected.LogPeriodicEvent(EcpEventLogExtensions.GetPeriodicKeyPerUser(), new object[] { EcpEventLogExtensions.GetUserNameToLog(), context.GetRequestUrlForLog(), text, string.Format("{0} in header, {1} in form, in URL {2}", canaryInHeader, canaryInForm, canaryInUrl) }); } return(flag7); }
private Canary(byte[] userContextIdBinary, byte[] timeStampBinary, string logonUniqueKey) { byte[] array = Canary.ComputeHash(userContextIdBinary, timeStampBinary, logonUniqueKey); byte[] array2 = new byte[userContextIdBinary.Length + timeStampBinary.Length + array.Length]; userContextIdBinary.CopyTo(array2, 0); timeStampBinary.CopyTo(array2, userContextIdBinary.Length); array.CopyTo(array2, userContextIdBinary.Length + timeStampBinary.Length); this.UserContextId = new Guid(userContextIdBinary).ToString("N"); this.LogonUniqueKey = logonUniqueKey; this.canaryString = Canary.Encode(array2); }
public bool ValidateCanary(string canaryString) { byte[] userContextIdBinary; byte[] timeStampBinary; byte[] a; if (!Canary.ParseCanary(canaryString, out userContextIdBinary, out timeStampBinary, out a)) { return(false); } if (Canary.IsExpired(timeStampBinary)) { return(false); } byte[] b = Canary.ComputeHash(userContextIdBinary, timeStampBinary, this.LogonUniqueKey); return(Canary.AreEqual(a, b)); }
public static Canary RestoreCanary(string canaryString, string logonUniqueKey) { byte[] userContextIdBinary; byte[] timeStampBinary; byte[] b; if (Canary.ParseCanary(canaryString, out userContextIdBinary, out timeStampBinary, out b)) { if (Canary.IsExpired(timeStampBinary)) { return(null); } byte[] a = Canary.ComputeHash(userContextIdBinary, timeStampBinary, logonUniqueKey); if (Canary.AreEqual(a, b)) { return(new Canary(userContextIdBinary, timeStampBinary, logonUniqueKey)); } } return(null); }