Пример #1
0
        //build a provisioning request message
        public void buildProvisioningRequest(out ProvisionRequestMessage pReq, out string oPvReqstr)
        {
            //A Provisioning Request is a request message header with a zero filled nonce field
            string request = Constants.Request;
            var    provReq = new ProvisionRequestMessage(request);

            provReq.reqHeader.nonce = MsgInitValues.DS_ZERO_BA16;

            //copy each reference to its output parameter
            pReq      = provReq;
            oPvReqstr = provReq.GetMsgString();
            return;
        }
Пример #2
0
        /// <summary>
        /// Retrieves the Client ID from the request
        /// </summary>
        /// <param name="request">Provisioning request</param>
        /// <returns>String ID of the requesting client</returns>
        public static string GetClientID(HttpRequestMessage request, string requestType)
        {
            log.DebugFormat("GetClientID({0}) started.", requestType);

            // Note: requestType==null case is handled in code farther down.

            if (request == null)
            {
                HttpResponseException e = new HttpResponseException(System.Net.HttpStatusCode.BadRequest);
                options.LogThrownException(e);
                throw e;
            }

            // Need to get Client state (id) information
            var    result         = request.Content.ReadAsStringAsync();
            string jsonMsgRequest = result.Result;
            string ID             = null;

            try
            {
                switch (requestType)
                {
                case "Provision":
                    ProvisionRequestMessage pReceived = JsonConvert.DeserializeObject <ProvisionRequestMessage>(jsonMsgRequest);
                    ID = BitConverter.ToString(pReceived.reqHeader.nonce);
                    break;

                case "Msg0":
                    M0RequestMessage m0Received = JsonConvert.DeserializeObject <M0RequestMessage>(jsonMsgRequest);
                    ID = BitConverter.ToString(m0Received.reqHeader.nonce);
                    break;

                case "Msg1":
                    M1RequestMessage m1Received = JsonConvert.DeserializeObject <M1RequestMessage>(jsonMsgRequest);
                    ID = BitConverter.ToString(m1Received.reqHeader.nonce);
                    break;

                case "Msg3":
                    M3RequestMessage m3Received = JsonConvert.DeserializeObject <M3RequestMessage>(jsonMsgRequest);
                    ID = BitConverter.ToString(m3Received.reqHeader.nonce);
                    break;

                default:
                {
                    HttpResponseException e = new HttpResponseException(System.Net.HttpStatusCode.InternalServerError);
                    options.LogThrownException(e);
                    throw e;
                }
                }
            }
            catch (Exception msgError)
            {
                options.LogCaughtErrorException(msgError);
                log.DebugFormat("******* Message JSON Content Error: {0}\n", msgError);
                HttpResponseException newException = new HttpResponseException(System.Net.HttpStatusCode.InternalServerError);
                options.LogThrownException(newException);
                throw newException;
            }

            if (ID != null)
            {
                ID = ID.Replace("-", "").Trim();
            }
            else
            {
                HttpResponseException e = new HttpResponseException(System.Net.HttpStatusCode.InternalServerError);
                options.LogThrownException(e);
                throw e;
            }

            log.DebugFormat("GetClientID({0}) returning.", requestType);

            return(ID);
        }
Пример #3
0
        public ChallengeResponse ProcessProvisionRequest(HttpRequestMessage Request, ClientTransaction client)
        {
            if (Request == null)
            {
                HttpResponseException e = new HttpResponseException(System.Net.HttpStatusCode.InternalServerError);
                options.LogThrownException(e);
                throw e;
            }

            // Update client state
            if (client == null || !client.sigmaSequenceCheck.UpdateState(Constants.SequenceState.Provision))
            {
                throw new HttpResponseException(System.Net.HttpStatusCode.PreconditionFailed);
            }

            // For a non-local server scenario, a timing
            // method that dumps the pseudo session and reinitializes the
            // sigmaSequenceCheck object after some time has elapsed should be implemented.
            // Look at the incoming request content and verify the request.
            var    result          = Request.Content.ReadAsStringAsync();
            string jsonProvRequest = result.Result;

            ProvisionRequestMessage provReqRecieved = new ProvisionRequestMessage();

            try
            {
                provReqRecieved = JsonConvert.DeserializeObject <ProvisionRequestMessage>(jsonProvRequest);
            }
            catch (Exception provReqError)
            {
                log.DebugFormat("******* Provisioning Request JSON Content Error: {0}", provReqError);
                throw new HttpResponseException(System.Net.HttpStatusCode.InternalServerError);
            }

            string recievedPstring = provReqRecieved.GetMsgString();

            log.DebugFormat("Received Provisioning Request: {0}{1}", Request.Headers, jsonProvRequest);
            log.DebugFormat("Prov Base16 Encoded String: {0}", recievedPstring);

            // Validate the recieved provisioning request
            // If the server received a valid request, create the response.
            // Since the provisioning request is fixed and known in advance,
            // build a reference base16 representation and compare
            // with a similar base16 representation of the recieved message.
            ProvisionRequestMessage referenceP = new ProvisionRequestMessage();
            string refPstring = null;

            bMessage.buildProvisioningRequest(out referenceP, out refPstring);

            // Compare base16 encoded message strings and if equal, start
            // the sequence by returning a challenge response.
            // Since this was a valid provisioning request, create the challenge response.
            ChallengeResponse challengeResponseMessage = new RaSpRef.ChallengeResponse();

            // Build a populated challenge response object
            bMessage.buildChallengeResponse(out challengeResponseMessage);
            challengeResponseMessage.respHeader.sessionNonce = client.sigmaSequenceCheck.currentNonce;

            // capture the nonce as the "current nonce"
            //client.sigmaSequenceCheck.currentNonce = challengeResponseMessage.respHeader.sessionNonce;

            // Since this is the start of a new sequence, set the provisioningInProgress flag
            client.sigmaSequenceCheck.provisioningInProgress = true;

            log.Info("*********** Provisioning Request Valid - Sending Challenge Response");
            string challengeMsgJsonString = JsonConvert.SerializeObject(challengeResponseMessage);

            log.DebugFormat("\nChallenge Message JSON String: {0}\n\n", challengeMsgJsonString);

            return(challengeResponseMessage);
        }
Пример #4
0
        /// <summary>
        /// Create a new Provision/Remote Attestation request
        /// Processes provision request and creates a Challenge response to send to a client
        /// </summary>
        /// <param name="data">Thread Data, input parameter (HttpRequestMessage) from the client</param>
        public void CreateNewRequest(object data)
        {
            challengeResponse = null;

            log.Debug("CreateNewRequest(.) started.");

            try
            {
                if (data == null)
                {
                    HttpResponseException e = new HttpResponseException(System.Net.HttpStatusCode.InternalServerError);
                    options.LogThrownException(e);
                    throw e;
                }

                HttpRequestMessage request = (HttpRequestMessage)data;

                var    result                     = request.Content.ReadAsStringAsync();
                string jsonMsgRequest             = result.Result;
                ProvisionRequestMessage pReceived = JsonConvert.DeserializeObject <ProvisionRequestMessage>(jsonMsgRequest);


                // Get client ID so we can track it
                string clientID = ClientDatabase.GetClientID(request, Constants.ProvisionStr);
                mClient = new ClientTransaction(clientID);
                mClient.sigmaSequenceCheck.currentNonce = pReceived.reqHeader.nonce;


                ProvisionRequest  provRequest        = new ProvisionRequest();
                ChallengeResponse tChallengeResponse = provRequest.ProcessProvisionRequest(request, mClient);

                // Add new client to request database only if successful
                if (!ClientDatabase.AddClient(mClient))
                {
                    HttpResponseException e = new HttpResponseException(System.Net.HttpStatusCode.Conflict);
                    options.LogThrownException(e);
                    throw e;
                }

                log.Info("\n ***** State: Starting Provision request for client: " + mClient.ID + "\n");

                // Update client state
                if (!mClient.sigmaSequenceCheck.UpdateState(Constants.SequenceState.Challenge))
                {
                    HttpResponseException e = new HttpResponseException(System.Net.HttpStatusCode.PreconditionFailed);
                    options.LogThrownException(e);
                    throw e;
                }

                // Set Client State
                challengeResponse = tChallengeResponse;
            }
            catch (HttpResponseException re)
            {
                options.LogCaughtException(re);
                httpRE = re;
            }
            catch (Exception ex)
            {
                options.LogCaughtException(ex);
                threadException = ex;
            }
            finally
            {
                log.Debug("CreateNewRequest(.) returning.");
            }
        }