/// <summary> /// 2.2.1.13.2 /// </summary> /// <param name="confirmActivePdu"></param> public void VerifyPdu(Client_Confirm_Active_Pdu confirmActivePdu) { if (this.serverConfig.encryptionLevel != EncryptionLevel.ENCRYPTION_LEVEL_NONE || this.serverConfig.encryptionMethod != EncryptionMethods.ENCRYPTION_METHOD_NONE) { bool isR701Satisfied = confirmActivePdu.commonHeader.securityHeader.GetType() == typeof(TS_SECURITY_HEADER1) || confirmActivePdu.commonHeader.securityHeader.GetType() == typeof(TS_SECURITY_HEADER2); site.CaptureRequirementIfIsTrue(isR701Satisfied, 701, @"In Client Confirm Active PDU, if the Encryption Level selected by the server is greater" + @" than ENCRYPTION_LEVEL_NONE (0) and the Encryption Method selected by the server is " + @"greater than ENCRYPTION_METHOD_NONE (0) then this field MUST contain one of the " + @"following headers:"); } if (this.serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_40BIT || this.serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_56BIT || this.serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_128BIT) { site.CaptureRequirementIfIsInstanceOfType(confirmActivePdu.commonHeader.securityHeader, typeof(TS_SECURITY_HEADER1),702, @"[In Client Confirm Active PDU]securityHeader (variable): The securityHeader in Server" + @" Demand Active PDU is a Non-FIPS Security Header (section 2.2.8.1.1.2.2) if the " + @"Encryption LevelMethod selected by the server (see sections 5.3.2 and 2.2.1.4.3) is " + @"ENCRYPTION_LEVEL_CLIENT_COMPATIBLE (2)METHOD_40BIT (0x00000001), ENCRYPTION_METHOD_56BIT" + @" (0x00000008), or ENCRYPTION_LEVEL_HIGH (3METHOD_128BIT (0x00000002)."); } else if (this.serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_FIPS) { site.CaptureRequirementIfIsInstanceOfType(confirmActivePdu.commonHeader.securityHeader, typeof(TS_SECURITY_HEADER2), 703, @"[In Client Confirm Active PDU]securityHeader (variable):The securityHeader in Server " + @"Demand Active PDU is a FIPS Security Header,if the Encryption LevelMethod selected " + @"by the server is ENCRYPTION_METHOD_FIPS (0x00000010)."); } //verify all the capability set: foreach (ITsCapsSet cap in confirmActivePdu.confirmActivePduData.capabilitySets) { switch (cap.GetCapabilityType()) { case capabilitySetType_Values.CAPSTYPE_BITMAP: VerifyStructure((TS_BITMAP_CAPABILITYSET)cap); break; case capabilitySetType_Values.CAPSTYPE_ORDER: VerifyStructure((TS_ORDER_CAPABILITYSET)cap); break; case capabilitySetType_Values.CAPSTYPE_BITMAPCACHE: VerifyStructure((TS_BITMAPCACHE_CAPABILITYSET)cap); break; case capabilitySetType_Values.CAPSTYPE_BITMAPCACHE_REV2: VerifyStructure((TS_BITMAPCACHE_CAPABILITYSET_REV2)cap); break; case capabilitySetType_Values.CAPSTYPE_POINTER: VerifyStructure((TS_POINTER_CAPABILITYSET)cap); break; case capabilitySetType_Values.CAPSTYPE_INPUT: VerifyStructure((TS_INPUT_CAPABILITYSET)cap); break; case capabilitySetType_Values.CAPSTYPE_BRUSH: VerifyStructure((TS_BRUSH_CAPABILITYSET)cap); break; case capabilitySetType_Values.CAPSTYPE_GLYPHCACHE: VerifyStructure((TS_GLYPHCACHE_CAPABILITYSET)cap); break; case capabilitySetType_Values.CAPSTYPE_OFFSCREENCACHE: VerifyStructure((TS_OFFSCREEN_CAPABILITYSET)cap); break; case capabilitySetType_Values.CAPSTYPE_VIRTUALCHANNEL: VerifyStructure((TS_VIRTUALCHANNEL_CAPABILITYSET)cap); break; case capabilitySetType_Values.CAPSTYPE_SOUND: VerifyStructure((TS_SOUND_CAPABILITYSET)cap); break; } } }
/// <summary> /// Create an instance of the class that is identical to the current PDU. /// </summary> /// <returns>The new instance.</returns> public override StackPacket Clone() { Client_Confirm_Active_Pdu cloneConfirmActivePdu = new Client_Confirm_Active_Pdu(context); cloneConfirmActivePdu.commonHeader = commonHeader.Clone(); if (confirmActivePduData != null) { cloneConfirmActivePdu.confirmActivePduData = confirmActivePduData.Clone(); } return cloneConfirmActivePdu; }
/// <summary> /// Decode Confirm Active PDU /// </summary> /// <param name="data">data to be parsed</param> /// <param name="decryptedUserData">decrypted user data to be parsed</param> /// <param name="type">security header type</param> /// <returns>decoded Confirm Active PDU</returns> public StackPacket DecodeConfirmActivePDU( byte[] data, byte[] decryptedUserData, SecurityHeaderType type) { Client_Confirm_Active_Pdu pdu = new Client_Confirm_Active_Pdu(); // data index int dataIndex = 0; // DemandActivePDU: commonHeader pdu.commonHeader = ParseMcsCommonHeader(data, ref dataIndex, type); // user data index int userDataIndex = 0; // DemandActivePDU: demandActivePduData pdu.confirmActivePduData = ParseTsConfirmActivePdu(decryptedUserData, ref userDataIndex); // ETW Provider Dump Message if (pdu.commonHeader.securityHeader != null) { // RDP Standard Security string messageName = "RDPBCGR:" + pdu.GetType().Name; ExtendedLogger.DumpMessage(messageName, RdpbcgrUtility.DumpLevel_Layer3, pdu.GetType().Name, decryptedUserData); } // Check if data length exceeded expectation VerifyDataLength(decryptedUserData.Length, userDataIndex, ConstValue.ERROR_MESSAGE_DATA_LENGTH_EXCEEDED); return pdu; }
//Get capability information from Client_Confirm_Active_Pdu, //will be added to ConfirmActiveRequest event private void testClassBase_getConfirmActivePduInfo(Client_Confirm_Active_Pdu confirmActivePdu) { foreach (ITsCapsSet cap in confirmActivePdu.confirmActivePduData.capabilitySets) { if (cap.GetCapabilityType() == capabilitySetType_Values.CAPSTYPE_BITMAPCACHE_REV2) { TS_BITMAPCACHE_CAPABILITYSET_REV2 bitmapCacheV2 = (TS_BITMAPCACHE_CAPABILITYSET_REV2)cap; if ((bitmapCacheV2.CacheFlags & CacheFlags_Values.PERSISTENT_KEYS_EXPECTED_FLAG) != 0) { isclientSupportPersistentBitmapCache = true; } } } }