public override async ValueTask AttachAsync(DatabaseParameterBufferBase dpb, string database, byte[] cryptKey, CancellationToken cancellationToken = default) { try { await SendAttachToBufferAsync(dpb, database, cancellationToken).ConfigureAwait(false); await Xdr.FlushAsync(cancellationToken).ConfigureAwait(false); var response = await ReadResponseAsync(cancellationToken).ConfigureAwait(false); if (response is ContAuthResponse) { while (response is ContAuthResponse contAuthResponse) { AuthBlock.Start(contAuthResponse.ServerData, contAuthResponse.AcceptPluginName, contAuthResponse.IsAuthenticated, contAuthResponse.ServerKeys); await AuthBlock.SendContAuthToBufferAsync(Xdr, cancellationToken).ConfigureAwait(false); await Xdr.FlushAsync(cancellationToken).ConfigureAwait(false); response = await AuthBlock.ProcessContAuthResponseAsync(Xdr, cancellationToken).ConfigureAwait(false); response = await ProcessCryptCallbackResponseIfNeededAsync(response, cryptKey, cancellationToken).ConfigureAwait(false); } var genericResponse = (GenericResponse)response; await ProcessAttachResponseAsync(genericResponse, cancellationToken).ConfigureAwait(false); if (genericResponse.Data.Any()) { await AuthBlock.SendWireCryptToBufferAsync(Xdr, cancellationToken).ConfigureAwait(false); await Xdr.FlushAsync(cancellationToken).ConfigureAwait(false); await AuthBlock.ProcessWireCryptResponseAsync(Xdr, _connection, cancellationToken).ConfigureAwait(false); } } else { response = await ProcessCryptCallbackResponseIfNeededAsync(response, cryptKey, cancellationToken).ConfigureAwait(false); await ProcessAttachResponseAsync((GenericResponse)response, cancellationToken).ConfigureAwait(false); AuthBlock.Complete(); } AuthBlock.WireCryptValidate(IscCodes.PROTOCOL_VERSION13); } catch (IscException) { await SafelyDetachAsync(cancellationToken).ConfigureAwait(false); throw; } catch (IOException ex) { await SafelyDetachAsync(cancellationToken).ConfigureAwait(false); throw IscException.ForIOException(ex); } await AfterAttachActionsAsync(cancellationToken).ConfigureAwait(false); }
public void Auth(string username, string password) { var rb = new AuthBlock(username, password); bh.Send(rb); RecieveOneBlock(); }
public override void Attach(DatabaseParameterBufferBase dpb, string database, byte[] cryptKey) { try { SendAttachToBuffer(dpb, database); Xdr.Flush(); var response = ReadResponse(); if (response is ContAuthResponse) { while (response is ContAuthResponse contAuthResponse) { AuthBlock.Start(contAuthResponse.ServerData, contAuthResponse.AcceptPluginName, contAuthResponse.IsAuthenticated, contAuthResponse.ServerKeys); AuthBlock.SendContAuthToBuffer(Xdr); Xdr.Flush(); response = AuthBlock.ProcessContAuthResponse(Xdr); response = ProcessCryptCallbackResponseIfNeeded(response, cryptKey); } var genericResponse = (GenericResponse)response; ProcessAttachResponse(genericResponse); if (genericResponse.Data.Any()) { AuthBlock.SendWireCryptToBuffer(Xdr); Xdr.Flush(); AuthBlock.ProcessWireCryptResponse(Xdr, _connection); } } else { response = ProcessCryptCallbackResponseIfNeeded(response, cryptKey); ProcessAttachResponse((GenericResponse)response); AuthBlock.Complete(); } AuthBlock.WireCryptValidate(IscCodes.PROTOCOL_VERSION13); } catch (IscException) { SafelyDetach(); throw; } catch (IOException ex) { SafelyDetach(); throw IscException.ForIOException(ex); } AfterAttachActions(); }
public override void CreateDatabase(DatabaseParameterBufferBase dpb, string database, byte[] cryptKey) { try { SendCreateToBuffer(dpb, database); Xdr.Flush(); var response = ReadResponse(); if (response is ContAuthResponse) { while (response is ContAuthResponse contAuthResponse) { AuthBlock.Start(contAuthResponse.ServerData, contAuthResponse.AcceptPluginName, contAuthResponse.IsAuthenticated, contAuthResponse.ServerKeys); AuthBlock.SendContAuthToBuffer(); Xdr.Flush(); response = AuthBlock.ProcessContAuthResponse(); response = ProcessCryptCallbackResponseIfNeeded(response, cryptKey); } var genericResponse = (GenericResponse)response; ProcessCreateResponse(genericResponse); if (genericResponse.Data.Any()) { AuthBlock.SendWireCryptToBuffer(); Xdr.Flush(); AuthBlock.ProcessWireCryptResponse(); } } else { response = ProcessCryptCallbackResponseIfNeeded(response, cryptKey); ProcessCreateResponse((GenericResponse)response); AuthBlock.Complete(); } } catch (IOException ex) { throw IscException.ForIOException(ex); } }
static async Task DoWork() { var kdcClient = new KdcClient(); Log.Logger = new LoggerConfiguration() .MinimumLevel.Debug() .Enrich.FromLogContext() .WriteTo.Console(restrictedToMinimumLevel: LogEventLevel.Debug) .CreateLogger(); Log.Information("Sending a registration request with login '{Login}' and password '{Password}'", Login, Password); await kdcClient.Register(Login, Password); var mainKey = KeyManager.GenerateSessionKey(Password); Log.Information("Generated a [Client <-> AuthServer] key based on password. Key: {Key}", Encoding.UTF8.GetString(mainKey)); Log.Information("Step #1. Send an authentication request with login '{Login}'", Login); var authEncrypted = await kdcClient.Authenticate(Login); Log.Information("Step #2.1. Bytes received from Authentication Server: {Bytes}", Encoding.UTF8.GetString(authEncrypted)); var authResponse = Des.Decrypt <AuthResponse>(mainKey, authEncrypted); Log.Information("Step #2.2. Decrypting incoming bytes using [Client <-> AuthServer] key. Authentication Response: {@AuthResponse}", authResponse); var tgsKey = authResponse.Key; Log.Information("Step #2.3. Got a key that will be used for [Clien <-> TGS] conversation. Key: {Key}", Encoding.UTF8.GetString(tgsKey)); var authBlock = new AuthBlock { Login = Login, Timestamp = new DateTimeOffset(DateTime.UtcNow).ToUnixTimeSeconds() }; var encryptedAuthBlock = Des.Encrypt(tgsKey, authBlock); var ticketRequest = new AuthRequest { EncryptedTicket = authResponse.EncryptedTicket, EncryptedAuthBlock = encryptedAuthBlock, Recepient = ServerName }; Log.Information("Step #3.1. Making up a Ticket Request message to send to the Ticket Granting Server. Decrypted Auth Block: {@AuthBlock}", authBlock); Log.Information("Step #3.2. Ticket Request: {@TicketRequest}", ticketRequest); authEncrypted = await kdcClient.RequestTicket(ticketRequest); Log.Information("Step #4.1. Bytes received from Ticket Granting Server: {Bytes}", Encoding.UTF8.GetString(authEncrypted)); authResponse = Des.Decrypt <AuthResponse>(tgsKey, authEncrypted); Log.Information("Step #4.2. Decrypting incoming bytes using [Client <-> TGS] key. TGS Response: {@AuthResponse}", authResponse); var serverKey = authResponse.Key; Log.Information("Received a session key for [server <-> client] conversation"); authBlock.Timestamp = new DateTimeOffset(DateTime.UtcNow).ToUnixTimeSeconds(); encryptedAuthBlock = Des.Encrypt(serverKey, authBlock); Log.Information("Step #5.1. Using the [server <-> client] session key to encrypt the renewed auth block: {@AuthBlock}", authBlock); var authRequest = new AuthRequest { EncryptedTicket = authResponse.EncryptedTicket, EncryptedAuthBlock = encryptedAuthBlock, Recepient = ServerName }; Log.Information("Step #5.2. Building the auth request for the server: {@AuthRequest}", authRequest); Log.Information("Step #5.3. Sending the request to the server"); var serverResponse = await kdcClient.AuthOnServer(authRequest); Log.Information("Step #6.1. Received {Length} bytes from the server, trying to decrypt", serverResponse.Length); var timestamp = Des.Decrypt <TimestampWrapper>(serverKey, serverResponse).Timestamp; Log.Information("Step #6.2. Decrypted the timestamp using the [server <-> client] session key: {Timestamp}", timestamp); if (timestamp - 1 != authBlock.Timestamp) { Log.Error("Server's timestamp didn't pass the verification. Client's: {T1}, Server's: {T2}", authBlock.Timestamp, timestamp); return; } Log.Information("Step #6.3. Server's identity verified. Client's: {T1}, Server's: {T2}", authBlock.Timestamp, timestamp); Log.Information("==== \n\nSuccess! Safe connection has been established. Now [client <-> server] conversation can be continued using the session key: {Key}", Encoding.UTF8.GetString(serverKey)); return; }
public string NormalizeLoginTest(string login) { return(AuthBlock.NormalizeLogin(login)); }