/// <summary>
/// 2.2.1.13.2
/// </summary>
/// <param name="confirmActivePdu"></param>
public void VerifyPdu(Client_Confirm_Active_Pdu confirmActivePdu)
{
if (this.serverConfig.encryptionLevel != EncryptionLevel.ENCRYPTION_LEVEL_NONE || this.serverConfig.encryptionMethod != EncryptionMethods.ENCRYPTION_METHOD_NONE)
{
bool isR701Satisfied = confirmActivePdu.commonHeader.securityHeader.GetType() == typeof(TS_SECURITY_HEADER1) ||
confirmActivePdu.commonHeader.securityHeader.GetType() == typeof(TS_SECURITY_HEADER2);
site.CaptureRequirementIfIsTrue(isR701Satisfied, 701,
@"In Client Confirm Active PDU, if the Encryption Level selected by the server is greater"
+ @" than ENCRYPTION_LEVEL_NONE (0) and the Encryption Method selected by the server is "
+ @"greater than ENCRYPTION_METHOD_NONE (0) then this field MUST contain one of the "
+ @"following headers:");
}
if (this.serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_40BIT ||
this.serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_56BIT ||
this.serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_128BIT)
{
site.CaptureRequirementIfIsInstanceOfType(confirmActivePdu.commonHeader.securityHeader, typeof(TS_SECURITY_HEADER1),702,
@"[In Client Confirm Active PDU]securityHeader (variable): The securityHeader in Server"
+ @" Demand Active PDU is a Non-FIPS Security Header (section 2.2.8.1.1.2.2) if the "
+ @"Encryption LevelMethod selected by the server (see sections 5.3.2 and 2.2.1.4.3) is "
+ @"ENCRYPTION_LEVEL_CLIENT_COMPATIBLE (2)METHOD_40BIT (0x00000001), ENCRYPTION_METHOD_56BIT"
+ @" (0x00000008), or ENCRYPTION_LEVEL_HIGH (3METHOD_128BIT (0x00000002).");
}
else if (this.serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_FIPS)
{
site.CaptureRequirementIfIsInstanceOfType(confirmActivePdu.commonHeader.securityHeader, typeof(TS_SECURITY_HEADER2), 703,
@"[In Client Confirm Active PDU]securityHeader (variable):The securityHeader in Server "
+ @"Demand Active PDU is a FIPS Security Header,if the Encryption LevelMethod selected "
+ @"by the server is ENCRYPTION_METHOD_FIPS (0x00000010).");
}
//verify all the capability set:
foreach (ITsCapsSet cap in confirmActivePdu.confirmActivePduData.capabilitySets)
{
switch (cap.GetCapabilityType())
{
case capabilitySetType_Values.CAPSTYPE_BITMAP:
VerifyStructure((TS_BITMAP_CAPABILITYSET)cap);
break;
case capabilitySetType_Values.CAPSTYPE_ORDER:
VerifyStructure((TS_ORDER_CAPABILITYSET)cap);
break;
case capabilitySetType_Values.CAPSTYPE_BITMAPCACHE:
VerifyStructure((TS_BITMAPCACHE_CAPABILITYSET)cap);
break;
case capabilitySetType_Values.CAPSTYPE_BITMAPCACHE_REV2:
VerifyStructure((TS_BITMAPCACHE_CAPABILITYSET_REV2)cap);
break;
case capabilitySetType_Values.CAPSTYPE_POINTER:
VerifyStructure((TS_POINTER_CAPABILITYSET)cap);
break;
case capabilitySetType_Values.CAPSTYPE_INPUT:
VerifyStructure((TS_INPUT_CAPABILITYSET)cap);
break;
case capabilitySetType_Values.CAPSTYPE_BRUSH:
VerifyStructure((TS_BRUSH_CAPABILITYSET)cap);
break;
case capabilitySetType_Values.CAPSTYPE_GLYPHCACHE:
VerifyStructure((TS_GLYPHCACHE_CAPABILITYSET)cap);
break;
case capabilitySetType_Values.CAPSTYPE_OFFSCREENCACHE:
VerifyStructure((TS_OFFSCREEN_CAPABILITYSET)cap);
break;
case capabilitySetType_Values.CAPSTYPE_VIRTUALCHANNEL:
VerifyStructure((TS_VIRTUALCHANNEL_CAPABILITYSET)cap);
break;
case capabilitySetType_Values.CAPSTYPE_SOUND:
VerifyStructure((TS_SOUND_CAPABILITYSET)cap);
break;
}
}
}
/// <summary>
/// Create an instance of the class that is identical to the current PDU.
/// </summary>
/// <returns>The new instance.</returns>
public override StackPacket Clone()
{
Client_Confirm_Active_Pdu cloneConfirmActivePdu = new Client_Confirm_Active_Pdu(context);
cloneConfirmActivePdu.commonHeader = commonHeader.Clone();
if (confirmActivePduData != null)
{
cloneConfirmActivePdu.confirmActivePduData = confirmActivePduData.Clone();
}
return cloneConfirmActivePdu;
}
/// <summary>
/// Decode Confirm Active PDU
/// </summary>
/// <param name="data">data to be parsed</param>
/// <param name="decryptedUserData">decrypted user data to be parsed</param>
/// <param name="type">security header type</param>
/// <returns>decoded Confirm Active PDU</returns>
public StackPacket DecodeConfirmActivePDU(
byte[] data,
byte[] decryptedUserData,
SecurityHeaderType type)
{
Client_Confirm_Active_Pdu pdu = new Client_Confirm_Active_Pdu();
// data index
int dataIndex = 0;
// DemandActivePDU: commonHeader
pdu.commonHeader = ParseMcsCommonHeader(data, ref dataIndex, type);
// user data index
int userDataIndex = 0;
// DemandActivePDU: demandActivePduData
pdu.confirmActivePduData = ParseTsConfirmActivePdu(decryptedUserData, ref userDataIndex);
// ETW Provider Dump Message
if (pdu.commonHeader.securityHeader != null)
{
// RDP Standard Security
string messageName = "RDPBCGR:" + pdu.GetType().Name;
ExtendedLogger.DumpMessage(messageName, RdpbcgrUtility.DumpLevel_Layer3, pdu.GetType().Name, decryptedUserData);
}
// Check if data length exceeded expectation
VerifyDataLength(decryptedUserData.Length, userDataIndex, ConstValue.ERROR_MESSAGE_DATA_LENGTH_EXCEEDED);
return pdu;
}
//Get capability information from Client_Confirm_Active_Pdu,
//will be added to ConfirmActiveRequest event
private void testClassBase_getConfirmActivePduInfo(Client_Confirm_Active_Pdu confirmActivePdu)
{
foreach (ITsCapsSet cap in confirmActivePdu.confirmActivePduData.capabilitySets)
{
if (cap.GetCapabilityType() == capabilitySetType_Values.CAPSTYPE_BITMAPCACHE_REV2)
{
TS_BITMAPCACHE_CAPABILITYSET_REV2 bitmapCacheV2 = (TS_BITMAPCACHE_CAPABILITYSET_REV2)cap;
if ((bitmapCacheV2.CacheFlags & CacheFlags_Values.PERSISTENT_KEYS_EXPECTED_FLAG) != 0)
{
isclientSupportPersistentBitmapCache = true;
}
}
}
}
