public static StatusCode SecureSymmetric( MemoryBuffer respBuf, int messageEncodedBlockStart, SLChannel.Keyset localKeyset, SLChannel.Keyset remoteKeyset, SecurityPolicy policy, MessageSecurityMode securityMode) { if (securityMode == MessageSecurityMode.None) { return(StatusCode.Good); } int num1 = UASecurity.SignatureSizeForSecurityPolicy(policy); if (securityMode >= MessageSecurityMode.SignAndEncrypt) { int symmetricPaddingSize = UASecurity.CalculateSymmetricPaddingSize(localKeyset.SymEncKey.Length, num1 + respBuf.Position - messageEncodedBlockStart); byte num2 = (byte)(symmetricPaddingSize - 1 & byte.MaxValue); byte[] Add = new byte[symmetricPaddingSize]; for (int index = 0; index < symmetricPaddingSize; ++index) { Add[index] = num2; } respBuf.Append(Add); } int num3 = respBuf.Position + num1; if (securityMode >= MessageSecurityMode.SignAndEncrypt) { num3 = messageEncodedBlockStart + UASecurity.CalculateSymmetricEncryptedSize(localKeyset.SymEncKey.Length, num3 - messageEncodedBlockStart); } if (num3 >= respBuf.Capacity) { return(StatusCode.BadEncodingLimitsExceeded); } UASecurity.MarkUAMessageSize(respBuf, (uint)num3); byte[] Add1 = UASecurity.SymmetricSign(localKeyset.SymSignKey, new ArraySegment <byte>(respBuf.Buffer, 0, respBuf.Position), policy); respBuf.Append(Add1); if (num3 != respBuf.Position) { throw new Exception(); } if (securityMode >= MessageSecurityMode.SignAndEncrypt) { UASecurity.RijndaelEncryptInplace(new ArraySegment <byte>(respBuf.Buffer, messageEncodedBlockStart, num3 - messageEncodedBlockStart), localKeyset.SymEncKey, localKeyset.SymIV); } return(StatusCode.Good); }
public static byte[] PSHA(byte[] secret, byte[] seed, int length, SecurityPolicy policy) { HMAC hmac = UASecurity.HMACForSecurityPolicy(secret, policy); int val1 = UASecurity.SignatureSizeForSecurityPolicy(policy); byte[] hash1 = hmac.ComputeHash(seed); byte[] buffer = new byte[val1 + seed.Length]; Array.Copy(hash1, buffer, hash1.Length); Array.Copy(seed, 0, buffer, hash1.Length, seed.Length); byte[] numArray = new byte[length]; int destinationIndex = 0; while (destinationIndex < length) { byte[] hash2 = hmac.ComputeHash(buffer); int length1 = Math.Min(val1, length - destinationIndex); Array.Copy(hash2, 0, numArray, destinationIndex, length1); destinationIndex += length1; hash1 = hmac.ComputeHash(hash1); Array.Copy(hash1, buffer, hash1.Length); } return(numArray); }
public static StatusCode UnsecureSymmetric( MemoryBuffer recvBuf, uint tokenID, uint?prevTokenID, int messageEncodedBlockStart, SLChannel.Keyset localKeyset, SLChannel.Keyset[] remoteKeysets, SecurityPolicy policy, MessageSecurityMode securityMode, out int decrSize) { decrSize = -1; int position = recvBuf.Position; if (!recvBuf.Decode(out byte v1) || !recvBuf.Decode(out uint v2) || (!recvBuf.Decode(out uint _) || !recvBuf.Decode(out uint v3))) { return(StatusCode.BadDecodingError); } int index1; if ((int)tokenID == (int)v3) { index1 = 0; } else { if (!prevTokenID.HasValue || (int)prevTokenID.Value != (int)v3) { return(StatusCode.BadSecureChannelTokenUnknown); } index1 = 1; } if (securityMode == MessageSecurityMode.SignAndEncrypt) { try { decrSize = UASecurity.RijndaelDecryptInplace(new ArraySegment <byte>(recvBuf.Buffer, messageEncodedBlockStart, (int)v2 - messageEncodedBlockStart), remoteKeysets[index1].SymEncKey, remoteKeysets[index1].SymIV) + messageEncodedBlockStart; } catch { return(StatusCode.BadSecurityChecksFailed); } } else { decrSize = (int)v2; } if (securityMode >= MessageSecurityMode.Sign) { try { int count = UASecurity.SignatureSizeForSecurityPolicy(policy); ArraySegment <byte> data = new ArraySegment <byte>(recvBuf.Buffer, 0, (int)v2 - count); byte[] array = new ArraySegment <byte>(recvBuf.Buffer, (int)v2 - count, count).ToArray(); byte[] numArray = UASecurity.SymmetricSign(remoteKeysets[index1].SymSignKey, data, policy); if (array.Length != numArray.Length) { return(StatusCode.BadSecurityChecksFailed); } for (int index2 = 0; index2 < array.Length; ++index2) { if (array[index2] != numArray[index2]) { return(StatusCode.BadSecurityChecksFailed); } } byte num = securityMode == MessageSecurityMode.SignAndEncrypt ? (byte)(recvBuf.Buffer[v2 - count - 1L] + 1U) : (byte)0; if (decrSize > 0) { decrSize -= count; decrSize -= num; if (decrSize <= 0) { return(StatusCode.BadSecurityChecksFailed); } } } catch { return(StatusCode.BadSecurityChecksFailed); } } if (!recvBuf.Decode(out uint _) || !recvBuf.Decode(out uint _)) { return(StatusCode.BadDecodingError); } recvBuf.Position = position; return(StatusCode.Good); }