private static bool ParseCanary(string canaryString, out byte[] userContextIdBinary, out byte[] timeStampBinary, out byte[] hashBinary)
{
userContextIdBinary = null;
timeStampBinary = null;
hashBinary = null;
if (string.IsNullOrEmpty(canaryString) || canaryString.Length != 76)
{
return(false);
}
byte[] array;
try
{
array = Canary.Decode(canaryString);
}
catch (FormatException)
{
return(false);
}
if (array.Length != 56)
{
return(false);
}
userContextIdBinary = new byte[16];
timeStampBinary = new byte[8];
hashBinary = new byte[32];
Array.Copy(array, 0, userContextIdBinary, 0, 16);
Array.Copy(array, 16, timeStampBinary, 0, 8);
Array.Copy(array, 24, hashBinary, 0, 32);
return(true);
}
public static void SendCanary(this HttpContext context, ref CanaryStatus canaryStatus, ref bool shouldAddLog)
{
if (context.Request.IsAuthenticated && !context.IsLogoffRequest())
{
bool flag = false;
string cachedUserUniqueKey = context.GetCachedUserUniqueKey();
string canaryName = context.GetCanaryName();
HttpCookie httpCookie = context.Request.Cookies[canaryName];
if (httpCookie != null && Canary.RestoreCanary(httpCookie.Value, cachedUserUniqueKey) != null)
{
flag = true;
}
if (!flag)
{
if (httpCookie != null)
{
EcpEventLogConstants.Tuple_ResetCanaryInCookie.LogEvent(new object[]
{
EcpEventLogExtensions.GetUserNameToLog(),
cachedUserUniqueKey,
canaryName,
context.GetRequestUrlForLog(),
(httpCookie != null) ? httpCookie.Value : string.Empty
});
}
Canary canary = new Canary(Guid.NewGuid(), cachedUserUniqueKey);
HttpCookie httpCookie2 = new HttpCookie(canaryName, canary.ToString());
httpCookie2.HttpOnly = false;
httpCookie2.Path = EcpUrl.GetEcpVDirForCanary();
context.Response.Cookies.Add(httpCookie2);
canaryStatus |= CanaryStatus.IsCanaryRenewed;
}
}
shouldAddLog = true;
}
private static bool HasValidCanary(this HttpContext context, string canaryInHeader, string canaryInForm, string canaryInUrl, out string canaryVersion, ref CanaryStatus canaryStatus)
{
bool flag = context.User is InboundProxySession;
bool flag2 = !flag || !string.IsNullOrEmpty(context.Request.Headers["msExchEcpOutboundProxyVersion"]);
canaryVersion = (flag2 ? "14.2" : "14.1");
string canaryName = context.GetCanaryName();
HttpCookie httpCookie = context.Request.Cookies[canaryName];
string text = (httpCookie == null) ? string.Empty : httpCookie.Value;
string cachedUserUniqueKey = context.GetCachedUserUniqueKey();
Canary canary = Canary.RestoreCanary(text, cachedUserUniqueKey);
bool flag3 = !flag2 || canary != null;
bool flag4 = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInForm);
bool flag5 = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInHeader);
bool flag6 = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInUrl);
bool flag7 = false;
if (httpCookie != null && !string.IsNullOrEmpty(httpCookie.Value) && flag3)
{
flag7 = (flag5 || flag4 || flag6);
}
if (flag7)
{
if (flag4)
{
canaryStatus |= (CanaryStatus)3;
}
if (flag5)
{
canaryStatus |= (CanaryStatus)1;
}
if (flag6)
{
canaryStatus |= (CanaryStatus)2;
}
}
else if (!flag3)
{
EcpEventLogConstants.Tuple_InvalidCanaryInCookieDetected.LogPeriodicEvent(EcpEventLogExtensions.GetPeriodicKeyPerUser(), new object[]
{
EcpEventLogExtensions.GetUserNameToLog(),
cachedUserUniqueKey,
canaryName,
context.GetRequestUrlForLog(),
text
});
}
else
{
EcpEventLogConstants.Tuple_InvalidCanaryDetected.LogPeriodicEvent(EcpEventLogExtensions.GetPeriodicKeyPerUser(), new object[]
{
EcpEventLogExtensions.GetUserNameToLog(),
context.GetRequestUrlForLog(),
text,
string.Format("{0} in header, {1} in form, in URL {2}", canaryInHeader, canaryInForm, canaryInUrl)
});
}
return(flag7);
}
private Canary(byte[] userContextIdBinary, byte[] timeStampBinary, string logonUniqueKey)
{
byte[] array = Canary.ComputeHash(userContextIdBinary, timeStampBinary, logonUniqueKey);
byte[] array2 = new byte[userContextIdBinary.Length + timeStampBinary.Length + array.Length];
userContextIdBinary.CopyTo(array2, 0);
timeStampBinary.CopyTo(array2, userContextIdBinary.Length);
array.CopyTo(array2, userContextIdBinary.Length + timeStampBinary.Length);
this.UserContextId = new Guid(userContextIdBinary).ToString("N");
this.LogonUniqueKey = logonUniqueKey;
this.canaryString = Canary.Encode(array2);
}
public bool ValidateCanary(string canaryString)
{
byte[] userContextIdBinary;
byte[] timeStampBinary;
byte[] a;
if (!Canary.ParseCanary(canaryString, out userContextIdBinary, out timeStampBinary, out a))
{
return(false);
}
if (Canary.IsExpired(timeStampBinary))
{
return(false);
}
byte[] b = Canary.ComputeHash(userContextIdBinary, timeStampBinary, this.LogonUniqueKey);
return(Canary.AreEqual(a, b));
}
public static Canary RestoreCanary(string canaryString, string logonUniqueKey)
{
byte[] userContextIdBinary;
byte[] timeStampBinary;
byte[] b;
if (Canary.ParseCanary(canaryString, out userContextIdBinary, out timeStampBinary, out b))
{
if (Canary.IsExpired(timeStampBinary))
{
return(null);
}
byte[] a = Canary.ComputeHash(userContextIdBinary, timeStampBinary, logonUniqueKey);
if (Canary.AreEqual(a, b))
{
return(new Canary(userContextIdBinary, timeStampBinary, logonUniqueKey));
}
}
return(null);
}
