public static StatusCode SecureSymmetric(
MemoryBuffer respBuf,
int messageEncodedBlockStart,
SLChannel.Keyset localKeyset,
SLChannel.Keyset remoteKeyset,
SecurityPolicy policy,
MessageSecurityMode securityMode)
{
if (securityMode == MessageSecurityMode.None)
{
return(StatusCode.Good);
}
int num1 = UASecurity.SignatureSizeForSecurityPolicy(policy);
if (securityMode >= MessageSecurityMode.SignAndEncrypt)
{
int symmetricPaddingSize = UASecurity.CalculateSymmetricPaddingSize(localKeyset.SymEncKey.Length, num1 + respBuf.Position - messageEncodedBlockStart);
byte num2 = (byte)(symmetricPaddingSize - 1 & byte.MaxValue);
byte[] Add = new byte[symmetricPaddingSize];
for (int index = 0; index < symmetricPaddingSize; ++index)
{
Add[index] = num2;
}
respBuf.Append(Add);
}
int num3 = respBuf.Position + num1;
if (securityMode >= MessageSecurityMode.SignAndEncrypt)
{
num3 = messageEncodedBlockStart + UASecurity.CalculateSymmetricEncryptedSize(localKeyset.SymEncKey.Length, num3 - messageEncodedBlockStart);
}
if (num3 >= respBuf.Capacity)
{
return(StatusCode.BadEncodingLimitsExceeded);
}
UASecurity.MarkUAMessageSize(respBuf, (uint)num3);
byte[] Add1 = UASecurity.SymmetricSign(localKeyset.SymSignKey, new ArraySegment <byte>(respBuf.Buffer, 0, respBuf.Position), policy);
respBuf.Append(Add1);
if (num3 != respBuf.Position)
{
throw new Exception();
}
if (securityMode >= MessageSecurityMode.SignAndEncrypt)
{
UASecurity.RijndaelEncryptInplace(new ArraySegment <byte>(respBuf.Buffer, messageEncodedBlockStart, num3 - messageEncodedBlockStart), localKeyset.SymEncKey, localKeyset.SymIV);
}
return(StatusCode.Good);
}
public static byte[] PSHA(byte[] secret, byte[] seed, int length, SecurityPolicy policy)
{
HMAC hmac = UASecurity.HMACForSecurityPolicy(secret, policy);
int val1 = UASecurity.SignatureSizeForSecurityPolicy(policy);
byte[] hash1 = hmac.ComputeHash(seed);
byte[] buffer = new byte[val1 + seed.Length];
Array.Copy(hash1, buffer, hash1.Length);
Array.Copy(seed, 0, buffer, hash1.Length, seed.Length);
byte[] numArray = new byte[length];
int destinationIndex = 0;
while (destinationIndex < length)
{
byte[] hash2 = hmac.ComputeHash(buffer);
int length1 = Math.Min(val1, length - destinationIndex);
Array.Copy(hash2, 0, numArray, destinationIndex, length1);
destinationIndex += length1;
hash1 = hmac.ComputeHash(hash1);
Array.Copy(hash1, buffer, hash1.Length);
}
return(numArray);
}
public static StatusCode UnsecureSymmetric(
MemoryBuffer recvBuf,
uint tokenID,
uint?prevTokenID,
int messageEncodedBlockStart,
SLChannel.Keyset localKeyset,
SLChannel.Keyset[] remoteKeysets,
SecurityPolicy policy,
MessageSecurityMode securityMode,
out int decrSize)
{
decrSize = -1;
int position = recvBuf.Position;
if (!recvBuf.Decode(out byte v1) || !recvBuf.Decode(out uint v2) || (!recvBuf.Decode(out uint _) || !recvBuf.Decode(out uint v3)))
{
return(StatusCode.BadDecodingError);
}
int index1;
if ((int)tokenID == (int)v3)
{
index1 = 0;
}
else
{
if (!prevTokenID.HasValue || (int)prevTokenID.Value != (int)v3)
{
return(StatusCode.BadSecureChannelTokenUnknown);
}
index1 = 1;
}
if (securityMode == MessageSecurityMode.SignAndEncrypt)
{
try
{
decrSize = UASecurity.RijndaelDecryptInplace(new ArraySegment <byte>(recvBuf.Buffer, messageEncodedBlockStart, (int)v2 - messageEncodedBlockStart), remoteKeysets[index1].SymEncKey, remoteKeysets[index1].SymIV) + messageEncodedBlockStart;
}
catch
{
return(StatusCode.BadSecurityChecksFailed);
}
}
else
{
decrSize = (int)v2;
}
if (securityMode >= MessageSecurityMode.Sign)
{
try
{
int count = UASecurity.SignatureSizeForSecurityPolicy(policy);
ArraySegment <byte> data = new ArraySegment <byte>(recvBuf.Buffer, 0, (int)v2 - count);
byte[] array = new ArraySegment <byte>(recvBuf.Buffer, (int)v2 - count, count).ToArray();
byte[] numArray = UASecurity.SymmetricSign(remoteKeysets[index1].SymSignKey, data, policy);
if (array.Length != numArray.Length)
{
return(StatusCode.BadSecurityChecksFailed);
}
for (int index2 = 0; index2 < array.Length; ++index2)
{
if (array[index2] != numArray[index2])
{
return(StatusCode.BadSecurityChecksFailed);
}
}
byte num = securityMode == MessageSecurityMode.SignAndEncrypt ? (byte)(recvBuf.Buffer[v2 - count - 1L] + 1U) : (byte)0;
if (decrSize > 0)
{
decrSize -= count;
decrSize -= num;
if (decrSize <= 0)
{
return(StatusCode.BadSecurityChecksFailed);
}
}
}
catch
{
return(StatusCode.BadSecurityChecksFailed);
}
}
if (!recvBuf.Decode(out uint _) || !recvBuf.Decode(out uint _))
{
return(StatusCode.BadDecodingError);
}
recvBuf.Position = position;
return(StatusCode.Good);
}
