public void GenerateHashAndSalt_ThenCheckingOtherPassword_ReturnsFalse()
{
// Arrange
var iterationCount = 10_000;
var saltLength = 16;
var keyLength = 64;
var parameters = new KeyDerivationParameters(KeyDerivationPrf.HMACSHA512,
IterationCount.From(iterationCount), SaltLength.From(saltLength), KeyLength.From(keyLength));
var rng = Substitute.For <ICryptoRng>();
rng.GetRandomBytes(Arg.Any <int>()).Returns(args => new byte[args.Arg <int>()]);
var service = new PasswordService(parameters, rng);
var password = PlaintextPassword.From("somePass");
var otherPass = PlaintextPassword.From("otherPass");
// Act
var hash = service.GeneratePasswordHashAndSalt(password);
var checkResult = service.CheckIfPasswordMatchesHash(otherPass, hash);
// Assert
Assert.IsFalse(checkResult);
}
public GifInstance(Image target, Stream stream, IterationCount iterationCount, bool autoStart = true)
{
_targerImage = target;
_stream = stream;
_iterationCount = iterationCount;
_autoStart = autoStart;
}
public KeyDerivationParameters(KeyDerivationPrf derivationFunction, IterationCount iterationCount,
SaltLength saltLength, KeyLength keyLength)
{
DerivationFunction = derivationFunction;
IterationCount = iterationCount;
SaltLength = saltLength;
KeyLength = keyLength;
}
public void GenerateHashAndSalt_ReturnsHash_WithNumberOfBytesEqualToKeyLengthParameter()
{
// Arrange
var iterationCount = 10_000;
var saltLength = 16;
var keyLength = 64;
var parameters = new KeyDerivationParameters(KeyDerivationPrf.HMACSHA512,
IterationCount.From(iterationCount), SaltLength.From(saltLength), KeyLength.From(keyLength));
var rng = Substitute.For <ICryptoRng>();
rng.GetRandomBytes(Arg.Any <int>()).Returns(args => new byte[args.Arg <int>()]);
var service = new PasswordService(parameters, rng);
// Act
var hash = service.GeneratePasswordHashAndSalt(PlaintextPassword.From("somePassword"));
// Assert
Assert.AreEqual(keyLength, Convert.FromBase64String(hash.Base64PasswordHash.Value).Length);
}
public async Task RunAsync(CancellationToken cancel)
{
await VerifyTshark(cancel);
try
{
_log.Info($"Will publish analysis results on http://server:{PublishPort}/metrics");
_metricServer = new MetricServer(PublishPort);
_metricServer.Start();
}
catch (Exception ex)
{
_log.Error($"Could not publish metrics on port {PublishPort}: {ex.Message}. Verify that the current user has the required permissions to accept connections on this port.");
throw;
}
_log.Info("Starting TZSP packet stream processing.");
// TShark will exit after N packets have been processed, to enable us to cleanup temp files.
// We just run it in a loop until cancelled or until TShark fails.
// This stopwatch measures duration of data lost between iterations.
var lostTime = new Stopwatch();
while (!cancel.IsCancellationRequested)
{
IterationCount.Inc();
// Sometimes (not always) TShark cleans up on its own.
// Better safe than sorry, though!
DeleteTemporaryFiles();
// We cancel processing if TShark exits or we get our own higher level CT signaled.
using var cancelProcessingCts = CancellationTokenSource.CreateLinkedTokenSource(cancel);
var stdoutFinished = new SemaphoreSlim(0, 1);
var stderrFinished = new SemaphoreSlim(0, 1);
void ConsumeStandardOutput(Stream stdout)
{
// Text mode output, each line consisting of:
// 1. Hex string of packet bytes (starting with either outer UDP header or inner TZSP header)
// 2. A space character.
// 3. Type of the data ("eth:ethertype:ip:data" - UDP header, "eth:ethertype:ip:udp:data" - TZSP header)
// 4. A space character.
// 5. The destination UDP port of the TZSP protocol ("udp.dstport") but ONLY if type of data is TZSP header.
// If type of data is UDP header, we need to parse the port ourselves.
try
{
var reader = new StreamReader(stdout, Encoding.UTF8, leaveOpen: true);
while (true)
{
var line = reader.ReadLineAsync()
.WithAbandonment(cancelProcessingCts.Token)
.WaitAndUnwrapExceptions();
if (line == null)
{
break; // End of stream.
}
string packetBytesHex;
string packetType;
var parts = line.Split(' ');
if (parts.Length != 3)
{
throw new NotSupportedException("Output line did not have expected number of components.");
}
// On some systems there are colons. On others there are not!
// Language/version differences? Whatever, get rid of them.
packetBytesHex = parts[0].Replace(":", "");
packetType = parts[1];
var packetBytes = Helpers.Convert.HexStringToByteArray(packetBytesHex);
try
{
if (packetType == "eth:ethertype:ip:data")
{
ProcessTzspPacketWithUdpHeader(packetBytes);
}
else if (packetType == "eth:ethertype:ip:udp:data")
{
var listenPort = ushort.Parse(parts[2]);
ProcessTzspPacket(packetBytes, listenPort);
}
else
{
throw new NotSupportedException("Unexpected packet type: " + packetType);
}
}
catch (Exception ex)
{
_log.Error("Ignoring unsupported packet: " + Helpers.Debug.GetAllExceptionMessages(ex));
}
}
}
catch (OperationCanceledException)
{
// It's OK, we were cancelled because processing is finished.
}
catch (Exception ex)
{
// If we get here, something is fatally wrong with parsing logic or TShark output.
_log.Error(Helpers.Debug.GetAllExceptionMessages(ex));
// This should not happen, so stop everything. Gracefully, so we flush logs.
Environment.ExitCode = -1;
Program.MasterCancellation.Cancel();
}
finally
{
stdoutFinished.Release();
}
};
void ConsumeStandardError(Stream stderr)
{
// Only errors should show up here. We will simply log them for now
// - only if tshark exits do we consider it a fatal error.
try
{
var reader = new StreamReader(stderr, Encoding.UTF8, leaveOpen: true);
while (true)
{
var line = reader.ReadLineAsync()
.WithAbandonment(cancelProcessingCts.Token)
.WaitAndUnwrapExceptions();
if (line == null)
{
break; // End of stream.
}
if (line == "resetting session.")
{
continue; // This is normal, just ignore.
}
_log.Error(line);
}
}
catch (OperationCanceledException)
{
// It's OK, we were cancelled because processing is finished.
}
finally
{
stderrFinished.Release();
}
};
var tsharkCommand = new ExternalTool
{
ExecutablePath = Constants.TsharkExecutableName,
ResultHeuristics = ExternalToolResultHeuristics.Linux,
// -M will reset the session periodically and release some RAM, reducing memory pressure
// Otherwise, TShark will buffer everything in RAM until the iteration is finished.
Arguments = @$ "-i " "{ListenInterface}" " -f " "{MakeTsharkFilterString()}" " -p -T fields -e data.data -e frame.protocols -e udp.dstport -Eseparator=/s -Q -c {Constants.PacketsPerIteration} -M 100",
StandardOutputConsumer = ConsumeStandardOutput,
StandardErrorConsumer = ConsumeStandardError
};
var tshark = tsharkCommand.Start();
lostTime.Stop();
SecondsLost.Inc(lostTime.Elapsed.TotalSeconds);
var result = await tshark.GetResultAsync(cancel);
lostTime.Restart();
cancelProcessingCts.Cancel();
if (cancel.IsCancellationRequested || !result.Succeeded)
{
// Either of these means we are exiting, so we want to ensure logs are more or less complete.
// If we are not exiting, we do not need to wait for old process logs to flush before starting
// a new process, because we want to optimize for fast iterations.
_log.Debug("Waiting for data processing threads to clean up and flush logs.");
await stderrFinished.WaitAsync();
await stdoutFinished.WaitAsync();
}
if (!cancel.IsCancellationRequested && !result.Succeeded)
{
// We are exiting either way but we only consider it an error if not cancelled.
_log.Error("TShark exited with an error result. Review logs above to understand the details of the failure.");
Environment.ExitCode = -1;
break;
}
}
await _metricServer.StopAsync();
}
/// <summary>
/// Builds the complete arguments for invoking newman
/// </summary>
/// <param name="args">The argument builder.</param>
public void Build(ProcessArgumentBuilder args)
{
if (EnvironmentFile != null)
{
args.AppendSwitchQuoted(ArgumentNames.Environment, EnvironmentFile.FullPath);
}
if (DataFile != null)
{
args.AppendSwitchQuoted(ArgumentNames.Data, DataFile.FullPath);
}
if (GlobalVariablesFile != null)
{
args.AppendSwitchQuoted(ArgumentNames.Globals, GlobalVariablesFile.FullPath);
}
if (!string.IsNullOrWhiteSpace(Folder))
{
args.AppendSwitchQuoted(ArgumentNames.Folder, Folder);
}
if (ExportEnvironmentPath != null)
{
args.AppendSwitchQuoted(ArgumentNames.ExportEnvironment, ExportEnvironmentPath.FullPath);
}
if (ExportGlobalsPath != null)
{
args.AppendSwitchQuoted(ArgumentNames.ExportGlobals, ExportGlobalsPath.FullPath);
}
if (ExportCollectionPath != null)
{
args.AppendSwitchQuoted(ArgumentNames.ExportCollection, ExportCollectionPath.FullPath);
}
if (RequestTimeout != default(int))
{
args.AppendSwitch(ArgumentNames.RequestTimeout, RequestTimeout.ToString());
}
if (ScriptTimeout != default(int))
{
args.AppendSwitch(ArgumentNames.ScriptTimeout, ScriptTimeout.ToString());
}
if (DisableStrictSSL)
{
args.Append(ArgumentNames.Insecure);
}
if (IgnoreRedirects)
{
args.Append(ArgumentNames.IgnoreRedirects);
}
if (RequestDelay != default(int))
{
args.AppendSwitch(ArgumentNames.RequestDelay, RequestDelay.ToString());
}
if (IterationCount != default(int))
{
args.AppendSwitch(ArgumentNames.IterationCount, IterationCount.ToString());
}
if (ExitOnFirstFailure)
{
args.Append(ArgumentNames.Bail);
}
if (Reporters.Any())
{
args.AppendSwitch(ArgumentNames.Reporters,
string.Join(",", Reporters.Keys.Select(k => k.Trim())));
foreach (var reporter in Reporters)
{
reporter.Value?.RenderOptions(args);
}
}
}
public static void SetIterationCount(Image target, IterationCount value)
{
target.SetValue(IterationCountProperty, value);
}
public string GetRowKey()
{
return(IterationCount.ToString() + "_" + StepCount.ToString());
}
