private static string RefineDigestChallenge(string challenge, int index)
{
string str = null;
int num4;
if ((challenge == null) || (index >= challenge.Length))
{
throw new ArgumentOutOfRangeException("challenge", challenge);
}
int startIndex = index + SignatureSize;
if ((challenge.Length > startIndex) && (challenge[startIndex] != ','))
{
startIndex++;
}
else
{
index = -1;
}
if ((index < 0) || (challenge.Length <= startIndex))
{
throw new ArgumentOutOfRangeException("challenge", challenge);
}
str = challenge.Substring(startIndex);
int num3 = 0;
bool flag = true;
HttpDigestChallenge challenge2 = new HttpDigestChallenge();
Label_0070:
num4 = num3;
index = AuthenticationManager.SplitNoQuotes(str, ref num4);
if (num4 >= 0)
{
string str3;
string name = str.Substring(num3, num4 - num3);
if (index < 0)
{
str3 = HttpDigest.unquote(str.Substring(num4 + 1));
}
else
{
str3 = HttpDigest.unquote(str.Substring(num4 + 1, (index - num4) - 1));
}
flag = challenge2.defineAttribute(name, str3);
if ((index >= 0) && flag)
{
num3 = ++index;
goto Label_0070;
}
}
if ((!flag || (num4 < 0)) && (num3 < str.Length))
{
str = (num3 > 0) ? str.Substring(0, num3 - 1) : "";
}
return(str);
}
private static string RefineDigestChallenge(string challenge, int index)
{
string str = null;
int num4;
if ((challenge == null) || (index >= challenge.Length))
{
throw new ArgumentOutOfRangeException("challenge", challenge);
}
int startIndex = index + SignatureSize;
if ((challenge.Length > startIndex) && (challenge[startIndex] != ','))
{
startIndex++;
}
else
{
index = -1;
}
if ((index < 0) || (challenge.Length <= startIndex))
{
throw new ArgumentOutOfRangeException("challenge", challenge);
}
str = challenge.Substring(startIndex);
int num3 = 0;
bool flag = true;
HttpDigestChallenge challenge2 = new HttpDigestChallenge();
Label_0070:
num4 = num3;
index = AuthenticationManager.SplitNoQuotes(str, ref num4);
if (num4 >= 0)
{
string str3;
string name = str.Substring(num3, num4 - num3);
if (index < 0)
{
str3 = HttpDigest.unquote(str.Substring(num4 + 1));
}
else
{
str3 = HttpDigest.unquote(str.Substring(num4 + 1, (index - num4) - 1));
}
flag = challenge2.defineAttribute(name, str3);
if ((index >= 0) && flag)
{
num3 = ++index;
goto Label_0070;
}
}
if ((!flag || (num4 < 0)) && (num3 < str.Length))
{
str = (num3 > 0) ? str.Substring(0, num3 - 1) : "";
}
return str;
}
//
// this method parses the challenge and breaks it into the
// fundamental pieces that Digest defines and understands
//
internal static HttpDigestChallenge Interpret(string challenge, int startingPoint, HttpWebRequest httpWebRequest) {
HttpDigestChallenge digestChallenge = new HttpDigestChallenge();
digestChallenge.SetFromRequest(httpWebRequest);
//
// define the part of the challenge we really care about
//
startingPoint = startingPoint==-1 ? 0 : startingPoint + DigestClient.SignatureSize;
bool valid;
int start, offset, index;
string name, value;
// forst time parse looking for a charset="utf-8" directive
// not too bad, IIS 6.0, by default, sends this as the first directive.
// if the server does not send this we'll end up parsing twice.
start = startingPoint;
for (;;) {
offset = start;
index = AuthenticationManager.SplitNoQuotes(challenge, ref offset);
if (offset<0) {
break;
}
name = challenge.Substring(start, offset-start);
if (string.Compare(name, DA_charset, StringComparison.OrdinalIgnoreCase)==0) {
if (index<0) {
value = unquote(challenge.Substring(offset+1));
}
else {
value = unquote(challenge.Substring(offset+1, index-offset-1));
}
GlobalLog.Print("HttpDigest::Interpret() server provided a hint to use [" + value + "] encoding");
if (string.Compare(value, "utf-8", StringComparison.OrdinalIgnoreCase)==0) {
digestChallenge.UTF8Charset = true;
break;
}
}
if (index<0) {
break;
}
start = ++index;
}
// this time go through the directives, parse them and call defineAttribute()
start = startingPoint;
for (;;) {
offset = start;
index = AuthenticationManager.SplitNoQuotes(challenge, ref offset);
GlobalLog.Print("HttpDigest::Interpret() SplitNoQuotes() returning index:" + index.ToString() + " offset:" + offset.ToString());
if (offset<0) {
break;
}
name = challenge.Substring(start, offset-start);
if (index<0) {
value = unquote(challenge.Substring(offset+1));
}
else {
value = unquote(challenge.Substring(offset+1, index-offset-1));
}
if (digestChallenge.UTF8Charset) {
bool isAscii = true;
for (int i=0; i<value.Length; i++) {
if (value[i]>(char)0x7F) {
isAscii = false;
break;
}
}
if (!isAscii) {
GlobalLog.Print("HttpDigest::Interpret() UTF8 decoding required value:[" + value + "]");
byte[] bytes = new byte[value.Length];
for (int i=0; i<value.Length; i++) {
bytes[i] = (byte)value[i];
}
value = Encoding.UTF8.GetString(bytes);
GlobalLog.Print("HttpDigest::Interpret() UTF8 decoded value:[" + value + "]");
}
else {
GlobalLog.Print("HttpDigest::Interpret() no need for special encoding");
}
}
valid = digestChallenge.defineAttribute(name, value);
GlobalLog.Print("HttpDigest::Interpret() defineAttribute(" + name + ", " + value + ") returns " + valid.ToString());
if (index<0 || !valid) {
break;
}
start = ++index;
}
// We must absolutely have a nonce for Digest to work.
if (digestChallenge.Nonce == null) {
if (Logging.On)
Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_digest_requires_nonce));
return null;
}
return digestChallenge;
}
//
// Extract digest relevant part from a raw server blob
//
private static string RefineDigestChallenge(string challenge, int index)
{
string incoming = null;
Debug.Assert(challenge != null);
Debug.Assert(index >= 0 && index < challenge.Length);
int blobBegin = index + SignatureSize;
//
// there may be multiple challenges. If the next character after the
// package name is not a comma then it is challenge data
//
if (challenge.Length > blobBegin && challenge[blobBegin] != ',') {
++blobBegin;
}
else {
index = -1;
}
if (index >= 0 && challenge.Length > blobBegin) {
incoming = challenge.Substring(blobBegin);
}
else
{
Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_auth_invalid_challenge, DigestClient.AuthType));
return String.Empty; // Error, no valid digest challenge, no further processing required
}
// now make sure there's nothing at the end of the challenge that is not part of the digest challenge
// this would happen if I have a Digest challenge followed by another challenge like ",NTLM,Negotiate"
// use this DCR when avaialble to do this without parsing:
// 762116 2 WDigest should ignore directives that do not have a value
int startingPoint = 0;
int start = startingPoint;
int offset;
bool valid = true;
string name, value;
HttpDigestChallenge digestChallenge = new HttpDigestChallenge();
for (;;) {
offset = start;
index = AuthenticationManager.SplitNoQuotes(incoming, ref offset);
GlobalLog.Print("DigestClient::XPDoAuthenticate() SplitNoQuotes() returning index:" + index + " offset:" + offset);
if (offset<0) {
break;
}
name = incoming.Substring(start, offset-start);
if (index<0) {
value = HttpDigest.unquote(incoming.Substring(offset+1));
}
else {
value = HttpDigest.unquote(incoming.Substring(offset+1, index-offset-1));
}
valid = digestChallenge.defineAttribute(name, value);
GlobalLog.Print("DigestClient::XPDoAuthenticate() defineAttribute(" + name + ", " + value + ") returns " + valid);
if (index<0 || !valid) {
break;
}
start = ++index;
}
GlobalLog.Print("DigestClient::XPDoAuthenticate() start:" + start + " offset:" + offset + " index:" + index + " valid:" + valid + " incoming.Length:" + incoming.Length + " incoming:" + incoming);
if ((!valid || offset<0) && start<incoming.Length) {
incoming = start > 0 ? incoming.Substring(0, start-1) : ""; // First parameter might have been invalid, leaving start at 0
}
return incoming;
}
//
// this method parses the challenge and breaks it into the
// fundamental pieces that Digest defines and understands
//
public static HttpDigestChallenge Interpret(string challenge, int startingPoint, HttpWebRequest httpWebRequest)
{
HttpDigestChallenge hdc = new HttpDigestChallenge();
hdc.HostName = httpWebRequest.ChallengedUri.Host;
hdc.Method = httpWebRequest.CurrentMethod;
hdc.Uri = httpWebRequest.Address.AbsolutePath;
hdc.ChallengedUri = httpWebRequest.ChallengedUri;
//
// define the part of the challenge we really care about
//
startingPoint += DigestClient.SignatureSize;
bool valid;
int start, offset, index;
string name, value;
// forst time parse looking for a charset="utf-8" directive
// not too bad, IIS 6.0, by default, sends this as the first directive.
// if the server does not send this we'll end up parsing twice.
start = startingPoint;
for (;;)
{
offset = start;
index = AuthenticationManager.SplitNoQuotes(challenge, ref offset);
if (offset < 0)
{
break;
}
name = challenge.Substring(start, offset - start);
if (string.Compare(name, DA_charset, true, CultureInfo.InvariantCulture) == 0)
{
if (index < 0)
{
value = unquote(challenge.Substring(offset + 1));
}
else
{
value = unquote(challenge.Substring(offset + 1, index - offset - 1));
}
GlobalLog.Print("HttpDigest::Interpret() server provided a hint to use [" + value + "] encoding");
if (string.Compare(value, "utf-8", true, CultureInfo.InvariantCulture) == 0)
{
hdc.UTF8Charset = true;
break;
}
}
if (index < 0)
{
break;
}
start = ++index;
}
// this time go through the directives, parse them and call defineAttribute()
start = startingPoint;
for (;;)
{
offset = start;
index = AuthenticationManager.SplitNoQuotes(challenge, ref offset);
GlobalLog.Print("HttpDigest::Interpret() SplitNoQuotes() returning index:" + index.ToString() + " offset:" + offset.ToString());
if (offset < 0)
{
break;
}
name = challenge.Substring(start, offset - start);
if (index < 0)
{
value = unquote(challenge.Substring(offset + 1));
}
else
{
value = unquote(challenge.Substring(offset + 1, index - offset - 1));
}
if (hdc.UTF8Charset)
{
bool isAscii = true;
for (int i = 0; i < value.Length; i++)
{
if (value[i] > (char)0x7F)
{
isAscii = false;
break;
}
}
if (!isAscii)
{
GlobalLog.Print("HttpDigest::Interpret() UTF8 decoding required value:[" + value + "]");
byte[] bytes = new byte[value.Length];
for (int i = 0; i < value.Length; i++)
{
bytes[i] = (byte)value[i];
}
value = Encoding.UTF8.GetString(bytes);
GlobalLog.Print("HttpDigest::Interpret() UTF8 decoded value:[" + value + "]");
}
else
{
GlobalLog.Print("HttpDigest::Interpret() no need for special encoding");
}
}
valid = hdc.defineAttribute(name, value);
GlobalLog.Print("HttpDigest::Interpret() defineAttribute(" + name + ", " + value + ") returns " + valid.ToString());
if (index < 0 || !valid)
{
break;
}
start = ++index;
}
return(hdc);
}
internal static HttpDigestChallenge Interpret(string challenge, int startingPoint, HttpWebRequest httpWebRequest)
{
int num2;
string str2;
HttpDigestChallenge challenge2 = new HttpDigestChallenge();
challenge2.SetFromRequest(httpWebRequest);
startingPoint = (startingPoint == -1) ? 0 : (startingPoint + DigestClient.SignatureSize);
int startIndex = startingPoint;
Label_001F:
num2 = startIndex;
int num3 = AuthenticationManager.SplitNoQuotes(challenge, ref num2);
if (num2 >= 0)
{
if (string.Compare(challenge.Substring(startIndex, num2 - startIndex), "charset", StringComparison.OrdinalIgnoreCase) == 0)
{
if (num3 < 0)
{
str2 = unquote(challenge.Substring(num2 + 1));
}
else
{
str2 = unquote(challenge.Substring(num2 + 1, (num3 - num2) - 1));
}
if (string.Compare(str2, "utf-8", StringComparison.OrdinalIgnoreCase) == 0)
{
challenge2.UTF8Charset = true;
goto Label_009E;
}
}
if (num3 >= 0)
{
startIndex = ++num3;
goto Label_001F;
}
}
Label_009E:
startIndex = startingPoint;
Label_00A0:
num2 = startIndex;
num3 = AuthenticationManager.SplitNoQuotes(challenge, ref num2);
if (num2 >= 0)
{
string name = challenge.Substring(startIndex, num2 - startIndex);
if (num3 < 0)
{
str2 = unquote(challenge.Substring(num2 + 1));
}
else
{
str2 = unquote(challenge.Substring(num2 + 1, (num3 - num2) - 1));
}
if (challenge2.UTF8Charset)
{
bool flag2 = true;
for (int i = 0; i < str2.Length; i++)
{
if (str2[i] > '\x007f')
{
flag2 = false;
break;
}
}
if (!flag2)
{
byte[] bytes = new byte[str2.Length];
for (int j = 0; j < str2.Length; j++)
{
bytes[j] = (byte)str2[j];
}
str2 = Encoding.UTF8.GetString(bytes);
}
}
bool flag = challenge2.defineAttribute(name, str2);
if ((num3 >= 0) && flag)
{
startIndex = ++num3;
goto Label_00A0;
}
}
if (challenge2.Nonce != null)
{
return(challenge2);
}
if (Logging.On)
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_digest_requires_nonce"));
}
return(null);
}