private void S8_ServerRedirection_PositiveTest_WithRoutingToken_VerifyClientInfoPdu(Client_Info_Pdu clientInfoPdu) { this.TestSite.Assert.AreEqual<string>(RdpbcgrTestData.Test_UserName.ToUpper(), clientInfoPdu.infoPacket.UserName.ToUpper(), "Verify if UserName in Client Info PDU equals that sent in Server Redirection PDU."); this.TestSite.Assert.AreEqual<string>(RdpbcgrTestData.Test_Domain.ToUpper(), clientInfoPdu.infoPacket.Domain.ToUpper(), "Verify if Domain in Client Info PDU equals that sent in Server Redirection PDU."); this.TestSite.Assert.AreEqual<string>(RdpbcgrTestData.Test_Password, clientInfoPdu.infoPacket.Password, "Verify if Password in Client Info PDU equals that sent in Server Redirection PDU."); }
/// <summary> /// Decode Client Info PDU /// </summary> /// <param name="data">data to be parsed</param> /// <param name="decryptedUserData">decrypted user data</param> /// <param name="type">the security header type</param> /// <returns>Decoded Client Info PDU</returns> public StackPacket DecodeClientInfoPdu( byte[] data, byte[] decryptedUserData, SecurityHeaderType type) { int currentIndex = 0; Client_Info_Pdu pdu = new Client_Info_Pdu(); pdu.commonHeader = ParseMcsCommonHeader(data, ref currentIndex, type); int userDataIndex = 0; pdu.infoPacket = ParseClientInfo(decryptedUserData, ref userDataIndex); // ETW Provider Dump Message if (type != SecurityHeaderType.Basic) { // RDP Standard Security string messageName = "RDPBCGR:" + pdu.GetType().Name; ExtendedLogger.DumpMessage(messageName, RdpbcgrUtility.DumpLevel_Layer3, pdu.GetType().Name, decryptedUserData); } // Check if data length exceeded expectation VerifyDataLength(decryptedUserData.Length, userDataIndex, ConstValue.ERROR_MESSAGE_DATA_LENGTH_EXCEEDED); return pdu; }
/// <summary> /// 2.2.1.11 /// </summary> /// <param name="clientInfo"></param> public void VerifyPdu(Client_Info_Pdu clientInfo) { site.CaptureRequirementIfIsTrue(clientInfo.commonHeader.securityHeader is TS_SECURITY_HEADER || clientInfo.commonHeader.securityHeader is TS_SECURITY_HEADER1 || clientInfo.commonHeader.securityHeader is TS_SECURITY_HEADER2, 422, @"[In Client Info PDU Data (CLIENT_INFO_PDU)]securityHeader (variable): This field MUST contain one" + @" of the following headers:[Basic Security Header,Non-FIPS Security Header, FIPS Security Header ]."); if (serverConfig.encryptionLevel == EncryptionLevel.ENCRYPTION_LEVEL_NONE) { bool isR423Satisfied = (clientInfo.commonHeader.securityHeader is TS_SECURITY_HEADER) && (!(clientInfo.commonHeader.securityHeader is TS_SECURITY_HEADER1)) && (!(clientInfo.commonHeader.securityHeader is TS_SECURITY_HEADER2)); site.CaptureRequirementIfIsTrue(isR423Satisfied, 423, @"[In Client Info PDU Data (CLIENT_INFO_PDU)]securityHeader (variable):The securityHeader in " + @"CLIENT_INFO_PDU structure is a Basic Security Header if the Encryption Level selected by" + @" the server is ENCRYPTION_LEVEL_NONE (0)."); } else if (serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_40BIT || serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_56BIT || serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_128BIT) { //site.CaptureRequirementIfIsInstanceOfType(clientInfo.commonHeader.securityHeader, typeof(TS_SECURITY_HEADER1), 424, // @"[In Client Info PDU Data (CLIENT_INFO_PDU)]securityHeader (variable):The securityHeader in CLIENT_INFO_PDU structure is a Non-FIPS Security Header (section 2.2.8.1.1.2.2) if the Encryption LevelMethod selected by the server (see sections 5.3.2 and 2.2.1.4.3) is ENCRYPTION_LEVEL_LOW (1METHOD_40BIT (0x00000001), ENCRYPTION_LEVEL_CLIENT_COMPATIBLE (2METHOD_56BIT (0x00000008), or ENCRYPTION_LEVEL_HIGH (3METHOD_128BIT (0x00000002)."); } else if (serverConfig.encryptionMethod == EncryptionMethods.ENCRYPTION_METHOD_FIPS) { site.CaptureRequirementIfIsInstanceOfType(clientInfo.commonHeader.securityHeader, typeof(TS_SECURITY_HEADER2), 425, @"[In Client Info PDU Data (CLIENT_INFO_PDU)]securityHeader (variable):The securityHeader in " + @"CLIENT_INFO_PDU structure is a FIPS Security Header (section 2.2.8.1.1.2.3) if the Encryption" + @" Level Method selected by the server is ENCRYPTION_LEVELMethod _FIPS ( 4 0x00000010)."); } if (serverConfig.encryptedProtocol == EncryptedProtocol.Rdp) { //SDK Bug, SecurityHeader.Flag is parsed incorrectly for Client Info PDU //site.CaptureRequirementIfAreEqual<TS_SECURITY_HEADER_flags_Values>( TS_SECURITY_HEADER_flags_Values.SEC_INFO_PKT, (clientInfo.commonHeader.securityHeader.flags & TS_SECURITY_HEADER_flags_Values.SEC_INFO_PKT), 426, // @"[In Client Info PDU Data (CLIENT_INFO_PDU)]In CLIENT_INFO_PDU structure, the flags field of " // + @"the security header MUST contain the SEC_INFO_PKT flag (section 2.2.8.1.1.2.1)."); site.CaptureRequirementIfIsNotNull(clientInfo.infoPacket, 430, @"[In Info Packet (TS_INFO_PACKET)]The Info Packet SHOULD be encrypted (see sections 5.3 and" + @" 5.4 for an overview of RDP security mechanisms)."); } VerifyStructure(clientInfo.infoPacket); }
/// <summary> /// Create an instance of the class that is identical to the current PDU. /// </summary> /// <returns>The new instance.</returns> public override StackPacket Clone() { Client_Info_Pdu cloneClientInfoPdu = new Client_Info_Pdu(context); cloneClientInfoPdu.commonHeader = commonHeader.Clone(); if (infoPacket != null) { cloneClientInfoPdu.infoPacket = new TS_INFO_PACKET(); cloneClientInfoPdu.infoPacket.AlternateShell = infoPacket.AlternateShell; cloneClientInfoPdu.infoPacket.cbAlternateShell = infoPacket.cbAlternateShell; cloneClientInfoPdu.infoPacket.cbDomain = infoPacket.cbDomain; cloneClientInfoPdu.infoPacket.cbPassword = infoPacket.cbPassword; cloneClientInfoPdu.infoPacket.cbUserName = infoPacket.cbUserName; cloneClientInfoPdu.infoPacket.cbWorkingDir = infoPacket.cbWorkingDir; cloneClientInfoPdu.infoPacket.CodePage = infoPacket.CodePage; cloneClientInfoPdu.infoPacket.Domain = infoPacket.Domain; cloneClientInfoPdu.infoPacket.Password = infoPacket.Password; cloneClientInfoPdu.infoPacket.UserName = infoPacket.UserName; cloneClientInfoPdu.infoPacket.WorkingDir = infoPacket.WorkingDir; cloneClientInfoPdu.infoPacket.flags = infoPacket.flags; if (infoPacket.extraInfo != null) { cloneClientInfoPdu.infoPacket.extraInfo = new TS_EXTENDED_INFO_PACKET(); if (infoPacket.extraInfo.autoReconnectCookie != null) { cloneClientInfoPdu.infoPacket.extraInfo.autoReconnectCookie = new ARC_CS_PRIVATE_PACKET(); cloneClientInfoPdu.infoPacket.extraInfo.autoReconnectCookie.cbLen = infoPacket.extraInfo.autoReconnectCookie.cbLen; cloneClientInfoPdu.infoPacket.extraInfo.autoReconnectCookie.LogonId = infoPacket.extraInfo.autoReconnectCookie.LogonId; cloneClientInfoPdu.infoPacket.extraInfo.autoReconnectCookie.SecurityVerifier = RdpbcgrUtility.CloneByteArray(infoPacket.extraInfo.autoReconnectCookie.SecurityVerifier); cloneClientInfoPdu.infoPacket.extraInfo.autoReconnectCookie.Version = infoPacket.extraInfo.autoReconnectCookie.Version; } cloneClientInfoPdu.infoPacket.extraInfo.cbAutoReconnectLen = infoPacket.extraInfo.cbAutoReconnectLen; cloneClientInfoPdu.infoPacket.extraInfo.cbClientAddress = infoPacket.extraInfo.cbClientAddress; cloneClientInfoPdu.infoPacket.extraInfo.cbClientDir = infoPacket.extraInfo.cbClientDir; cloneClientInfoPdu.infoPacket.extraInfo.clientAddress = infoPacket.extraInfo.clientAddress; cloneClientInfoPdu.infoPacket.extraInfo.clientAddressFamily = infoPacket.extraInfo.clientAddressFamily; cloneClientInfoPdu.infoPacket.extraInfo.clientDir = infoPacket.extraInfo.clientDir; cloneClientInfoPdu.infoPacket.extraInfo.clientSessionId = infoPacket.extraInfo.clientSessionId; cloneClientInfoPdu.infoPacket.extraInfo.clientTimeZone = infoPacket.extraInfo.clientTimeZone; cloneClientInfoPdu.infoPacket.extraInfo.performanceFlags = infoPacket.extraInfo.performanceFlags; cloneClientInfoPdu.infoPacket.extraInfo.reserved1 = infoPacket.extraInfo.reserved1; cloneClientInfoPdu.infoPacket.extraInfo.reserved2 = infoPacket.extraInfo.reserved2; cloneClientInfoPdu.infoPacket.extraInfo.cbDynamicDSTTimeZoneKeyName = infoPacket.extraInfo.cbDynamicDSTTimeZoneKeyName; if (infoPacket.extraInfo.cbDynamicDSTTimeZoneKeyName != null && infoPacket.extraInfo.cbDynamicDSTTimeZoneKeyName.actualData > 0) { cloneClientInfoPdu.infoPacket.extraInfo.dynamicDSTTimeZoneKeyName = (string)infoPacket.extraInfo.dynamicDSTTimeZoneKeyName.Clone(); } cloneClientInfoPdu.infoPacket.extraInfo.dynamicDaylightTimeDisabled = infoPacket.extraInfo.dynamicDaylightTimeDisabled; } } return cloneClientInfoPdu; }