diff options
Diffstat (limited to 'Emby.Common.Implementations/IO/SharpCifs/Smb/SigningDigest.cs')
| -rw-r--r-- | Emby.Common.Implementations/IO/SharpCifs/Smb/SigningDigest.cs | 437 |
1 files changed, 226 insertions, 211 deletions
diff --git a/Emby.Common.Implementations/IO/SharpCifs/Smb/SigningDigest.cs b/Emby.Common.Implementations/IO/SharpCifs/Smb/SigningDigest.cs index 9f57e887b..796c2debd 100644 --- a/Emby.Common.Implementations/IO/SharpCifs/Smb/SigningDigest.cs +++ b/Emby.Common.Implementations/IO/SharpCifs/Smb/SigningDigest.cs @@ -20,238 +20,253 @@ using SharpCifs.Util.Sharpen; namespace SharpCifs.Smb { - /// <summary>To filter 0 len updates and for debugging</summary> - public class SigningDigest - { - internal static LogStream Log = LogStream.GetInstance(); + /// <summary>To filter 0 len updates and for debugging</summary> + public class SigningDigest + { + internal static LogStream Log = LogStream.GetInstance(); - private MessageDigest _digest; + private MessageDigest _digest; - private byte[] _macSigningKey; + private byte[] _macSigningKey; - private bool _bypass; + private bool _bypass; - private int _updates; + private int _updates; - private int _signSequence; + private int _signSequence; - /// <exception cref="SharpCifs.Smb.SmbException"></exception> - public SigningDigest(byte[] macSigningKey, bool bypass) - { - try - { - _digest = MessageDigest.GetInstance("MD5"); - } - catch (NoSuchAlgorithmException ex) - { - if (Log.Level > 0) - { - Runtime.PrintStackTrace(ex, Log); - } - throw new SmbException("MD5", ex); - } - this._macSigningKey = macSigningKey; - this._bypass = bypass; - _updates = 0; - _signSequence = 0; - if (Log.Level >= 5) - { - Log.WriteLine("macSigningKey:"); - Hexdump.ToHexdump(Log, macSigningKey, 0, macSigningKey.Length); - } - } + /// <exception cref="SharpCifs.Smb.SmbException"></exception> + public SigningDigest(byte[] macSigningKey, bool bypass) + { + try + { + _digest = MessageDigest.GetInstance("MD5"); + } + catch (NoSuchAlgorithmException ex) + { + if (Log.Level > 0) + { + Runtime.PrintStackTrace(ex, Log); + } + throw new SmbException("MD5", ex); + } + this._macSigningKey = macSigningKey; + this._bypass = bypass; + _updates = 0; + _signSequence = 0; + if (Log.Level >= 5) + { + Log.WriteLine("macSigningKey:"); + Hexdump.ToHexdump(Log, macSigningKey, 0, macSigningKey.Length); + } + } - /// <exception cref="SharpCifs.Smb.SmbException"></exception> - public SigningDigest(SmbTransport transport, NtlmPasswordAuthentication auth) - { - try - { - _digest = MessageDigest.GetInstance("MD5"); - } - catch (NoSuchAlgorithmException ex) - { - if (Log.Level > 0) - { - Runtime.PrintStackTrace(ex, Log); - } - throw new SmbException("MD5", ex); - } - try - { + /// <exception cref="SharpCifs.Smb.SmbException"></exception> + public SigningDigest(SmbTransport transport, NtlmPasswordAuthentication auth) + { + try + { + _digest = MessageDigest.GetInstance("MD5"); + } + catch (NoSuchAlgorithmException ex) + { + if (Log.Level > 0) + { + Runtime.PrintStackTrace(ex, Log); + } + throw new SmbException("MD5", ex); + } + try + { switch (SmbConstants.LmCompatibility) - { - case 0: - case 1: - case 2: - { - _macSigningKey = new byte[40]; - auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0); - Array.Copy(auth.GetUnicodeHash(transport.Server.EncryptionKey), 0, _macSigningKey - , 16, 24); - break; - } + { + case 0: + case 1: + case 2: + { + _macSigningKey = new byte[40]; + auth.GetUserSessionKey(transport.Server.EncryptionKey, + _macSigningKey, + 0); + Array.Copy(auth.GetUnicodeHash(transport.Server.EncryptionKey), + 0, + _macSigningKey, + 16, + 24); + break; + } - case 3: - case 4: - case 5: - { - _macSigningKey = new byte[16]; - auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0); - break; - } + case 3: + case 4: + case 5: + { + _macSigningKey = new byte[16]; + auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0); + break; + } - default: - { - _macSigningKey = new byte[40]; - auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0); - Array.Copy(auth.GetUnicodeHash(transport.Server.EncryptionKey), 0, _macSigningKey - , 16, 24); - break; - } - } - } - catch (Exception ex) - { - throw new SmbException(string.Empty, ex); - } - if (Log.Level >= 5) - { + default: + { + _macSigningKey = new byte[40]; + auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0); + Array.Copy(auth.GetUnicodeHash(transport.Server.EncryptionKey), + 0, + _macSigningKey, + 16, + 24); + break; + } + } + } + catch (Exception ex) + { + throw new SmbException(string.Empty, ex); + } + if (Log.Level >= 5) + { Log.WriteLine("LM_COMPATIBILITY=" + SmbConstants.LmCompatibility); - Hexdump.ToHexdump(Log, _macSigningKey, 0, _macSigningKey.Length); - } - } + Hexdump.ToHexdump(Log, _macSigningKey, 0, _macSigningKey.Length); + } + } - public virtual void Update(byte[] input, int offset, int len) - { - if (Log.Level >= 5) - { - Log.WriteLine("update: " + _updates + " " + offset + ":" + len); - Hexdump.ToHexdump(Log, input, offset, Math.Min(len, 256)); - Log.Flush(); - } - if (len == 0) - { - return; - } - _digest.Update(input, offset, len); - _updates++; - } + public virtual void Update(byte[] input, int offset, int len) + { + if (Log.Level >= 5) + { + Log.WriteLine("update: " + _updates + " " + offset + ":" + len); + Hexdump.ToHexdump(Log, input, offset, Math.Min(len, 256)); + Log.Flush(); + } + if (len == 0) + { + return; + } + _digest.Update(input, offset, len); + _updates++; + } - public virtual byte[] Digest() - { - byte[] b; - b = _digest.Digest(); - if (Log.Level >= 5) - { - Log.WriteLine("digest: "); - Hexdump.ToHexdump(Log, b, 0, b.Length); - Log.Flush(); - } - _updates = 0; - return b; - } + public virtual byte[] Digest() + { + byte[] b; + b = _digest.Digest(); + if (Log.Level >= 5) + { + Log.WriteLine("digest: "); + Hexdump.ToHexdump(Log, b, 0, b.Length); + Log.Flush(); + } + _updates = 0; + return b; + } - /// <summary>Performs MAC signing of the SMB.</summary> - /// <remarks> - /// Performs MAC signing of the SMB. This is done as follows. - /// The signature field of the SMB is overwritted with the sequence number; - /// The MD5 digest of the MAC signing key + the entire SMB is taken; - /// The first 8 bytes of this are placed in the signature field. - /// </remarks> - /// <param name="data">The data.</param> - /// <param name="offset">The starting offset at which the SMB header begins.</param> - /// <param name="length">The length of the SMB data starting at offset.</param> - internal virtual void Sign(byte[] data, int offset, int length, ServerMessageBlock - request, ServerMessageBlock response) - { - request.SignSeq = _signSequence; - if (response != null) - { - response.SignSeq = _signSequence + 1; - response.VerifyFailed = false; - } - try - { - Update(_macSigningKey, 0, _macSigningKey.Length); + /// <summary>Performs MAC signing of the SMB.</summary> + /// <remarks> + /// Performs MAC signing of the SMB. This is done as follows. + /// The signature field of the SMB is overwritted with the sequence number; + /// The MD5 digest of the MAC signing key + the entire SMB is taken; + /// The first 8 bytes of this are placed in the signature field. + /// </remarks> + /// <param name="data">The data.</param> + /// <param name="offset">The starting offset at which the SMB header begins.</param> + /// <param name="length">The length of the SMB data starting at offset.</param> + internal virtual void Sign(byte[] data, + int offset, + int length, + ServerMessageBlock request, + ServerMessageBlock response) + { + request.SignSeq = _signSequence; + if (response != null) + { + response.SignSeq = _signSequence + 1; + response.VerifyFailed = false; + } + try + { + Update(_macSigningKey, 0, _macSigningKey.Length); int index = offset + SmbConstants.SignatureOffset; - for (int i = 0; i < 8; i++) - { - data[index + i] = 0; - } - ServerMessageBlock.WriteInt4(_signSequence, data, index); - Update(data, offset, length); - Array.Copy(Digest(), 0, data, index, 8); - if (_bypass) - { - _bypass = false; - Array.Copy(Runtime.GetBytesForString("BSRSPYL "), 0, data, index, - 8); - } - } - catch (Exception ex) - { - if (Log.Level > 0) - { - Runtime.PrintStackTrace(ex, Log); - } - } - finally - { - _signSequence += 2; - } - } + for (int i = 0; i < 8; i++) + { + data[index + i] = 0; + } + ServerMessageBlock.WriteInt4(_signSequence, data, index); + Update(data, offset, length); + Array.Copy(Digest(), 0, data, index, 8); + if (_bypass) + { + _bypass = false; + Array.Copy(Runtime.GetBytesForString("BSRSPYL "), + 0, + data, + index, + 8); + } + } + catch (Exception ex) + { + if (Log.Level > 0) + { + Runtime.PrintStackTrace(ex, Log); + } + } + finally + { + _signSequence += 2; + } + } - /// <summary>Performs MAC signature verification.</summary> - /// <remarks> - /// Performs MAC signature verification. This calculates the signature - /// of the SMB and compares it to the signature field on the SMB itself. - /// </remarks> - /// <param name="data">The data.</param> - /// <param name="offset">The starting offset at which the SMB header begins.</param> - /// <param name="length">The length of the SMB data starting at offset.</param> - internal virtual bool Verify(byte[] data, int offset, ServerMessageBlock response - ) - { - Update(_macSigningKey, 0, _macSigningKey.Length); - int index = offset; + /// <summary>Performs MAC signature verification.</summary> + /// <remarks> + /// Performs MAC signature verification. This calculates the signature + /// of the SMB and compares it to the signature field on the SMB itself. + /// </remarks> + /// <param name="data">The data.</param> + /// <param name="offset">The starting offset at which the SMB header begins.</param> + /// <param name="length">The length of the SMB data starting at offset.</param> + internal virtual bool Verify(byte[] data, int offset, ServerMessageBlock response) + { + Update(_macSigningKey, 0, _macSigningKey.Length); + int index = offset; Update(data, index, SmbConstants.SignatureOffset); index += SmbConstants.SignatureOffset; - byte[] sequence = new byte[8]; - ServerMessageBlock.WriteInt4(response.SignSeq, sequence, 0); - Update(sequence, 0, sequence.Length); - index += 8; - if (response.Command == ServerMessageBlock.SmbComReadAndx) - { - SmbComReadAndXResponse raxr = (SmbComReadAndXResponse)response; - int length = response.Length - raxr.DataLength; + byte[] sequence = new byte[8]; + ServerMessageBlock.WriteInt4(response.SignSeq, sequence, 0); + Update(sequence, 0, sequence.Length); + index += 8; + if (response.Command == ServerMessageBlock.SmbComReadAndx) + { + SmbComReadAndXResponse raxr = (SmbComReadAndXResponse)response; + int length = response.Length - raxr.DataLength; Update(data, index, length - SmbConstants.SignatureOffset - 8); - Update(raxr.B, raxr.Off, raxr.DataLength); - } - else - { + Update(raxr.B, raxr.Off, raxr.DataLength); + } + else + { Update(data, index, response.Length - SmbConstants.SignatureOffset - 8); - } - byte[] signature = Digest(); - for (int i = 0; i < 8; i++) - { + } + byte[] signature = Digest(); + for (int i = 0; i < 8; i++) + { if (signature[i] != data[offset + SmbConstants.SignatureOffset + i]) - { - if (Log.Level >= 2) - { - Log.WriteLine("signature verification failure"); - Hexdump.ToHexdump(Log, signature, 0, 8); + { + if (Log.Level >= 2) + { + Log.WriteLine("signature verification failure"); + Hexdump.ToHexdump(Log, signature, 0, 8); Hexdump.ToHexdump(Log, data, offset + SmbConstants.SignatureOffset, 8); - } - return response.VerifyFailed = true; - } - } - return response.VerifyFailed = false; - } + } + return response.VerifyFailed = true; + } + } + return response.VerifyFailed = false; + } - public override string ToString() - { - return "LM_COMPATIBILITY=" + SmbConstants.LmCompatibility + " MacSigningKey=" + Hexdump.ToHexString - (_macSigningKey, 0, _macSigningKey.Length); - } - } + public override string ToString() + { + return "LM_COMPATIBILITY=" + SmbConstants.LmCompatibility + + " MacSigningKey=" + Hexdump.ToHexString(_macSigningKey, + 0, + _macSigningKey.Length); + } + } } |