geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Patches sent by India based on Security review.

Browse Source
This commit is contained in:
Jim Norman
2006-04-06 20:09:26 +00:00
parent 861619e231
commit b2b5903126
7 changed files with 816 additions and 686 deletions
Download Patch File Download Diff File Expand all files Collapse all files

117
c_micasad/lss/CASACrypto.cs
View File

@@ -24,6 +24,9 @@ using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
#if LINUX
using Mono.Unix;
#endif
using sscs.common;
using sscs.constants;
@@ -69,9 +72,7 @@ namespace sscs.crypto
//Encrypt the data to a file
fsEncrypt = new FileStream(fileName, FileMode.Create);
#if LINUX
Mono.Unix.Native.Syscall.chmod(fileName,Mono.Unix.Native.FilePermissions.S_IRUSR | Mono.Unix.Native.FilePermissions.S_IWUSR);
#endif
// make hidden
File.SetAttributes(fileName, FileAttributes.Hidden);
@@ -93,8 +94,8 @@ namespace sscs.crypto
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Unable to store the generated key");
bRet = false;
}
if (csEncrypt != null)
}
if (csEncrypt != null)
csEncrypt.Close();
if( fsEncrypt != null )
fsEncrypt.Close();
@@ -107,9 +108,15 @@ namespace sscs.crypto
byte[] baSavedKey = null;
FileStream fsDecrypt = null;
CryptoStream csDecrypt = null;
try
{
#if LINUX
UnixFileInfo fsTest = new UnixFileInfo (fileName);
if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
#else
if(!File.Exists(fileName))
#endif
{
return null;
}
@@ -138,7 +145,7 @@ namespace sscs.crypto
{
if(storedHash[i] != newHash[i])
{
CSSSLogger.DbgLog("Hash doesnot match");
CSSSLogger.DbgLog("Hash doesnot match");
csDecrypt.Close();
fsDecrypt.Close();
return null;
@@ -150,10 +157,10 @@ namespace sscs.crypto
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Unable to get the stored key");
baSavedKey = null;
}
if (csDecrypt != null)
}
if (csDecrypt != null)
csDecrypt.Close();
if ( fsDecrypt != null )
@@ -180,9 +187,7 @@ namespace sscs.crypto
//Encrypt the data to a file
fsEncrypt = new FileStream(fileName, FileMode.Create);
#if LINUX
Mono.Unix.Native.Syscall.chmod(fileName,Mono.Unix.Native.FilePermissions.S_IRUSR | Mono.Unix.Native.FilePermissions.S_IWUSR);
#endif
// make hidden
File.SetAttributes(fileName, FileAttributes.Hidden);
@@ -203,8 +208,8 @@ namespace sscs.crypto
{
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Encrypting and storing to file failed.");
}
if (csEncrypt != null)
}
if (csEncrypt != null)
csEncrypt.Close();
if( fsEncrypt != null )
fsEncrypt.Close();
@@ -224,8 +229,13 @@ namespace sscs.crypto
//Get a decryptor that uses the same key and IV as the encryptor.
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform decryptor = myRijndael.CreateDecryptor(key, IV);
if(!File.Exists(fileName))
{
#if LINUX
UnixFileInfo fsTest = new UnixFileInfo (fileName);
if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
#else
if(!File.Exists(fileName))
#endif
{
return null;
}
@@ -235,14 +245,15 @@ namespace sscs.crypto
fsDecrypt.Read(storedHash,0,storedHash.Length);
csDecrypt = new CryptoStream(fsDecrypt, decryptor, CryptoStreamMode.Read);
if(fsDecrypt.Length < HASH_SIZE )
{
csDecrypt.Close();
fsDecrypt.Close();
return null;
}
ulong fileLen = (ulong)(fsDecrypt.Length - HASH_SIZE);
byte[] fromEncrypt = new byte[fileLen];
if(fsDecrypt.Length < HASH_SIZE )
{
csDecrypt.Close();
fsDecrypt.Close();
return null;
}
ulong fileLen = (ulong)(fsDecrypt.Length - HASH_SIZE);
byte[] fromEncrypt = new byte[fileLen];
//Read the data out of the crypto stream.
int bytesRead = csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
@@ -257,13 +268,13 @@ namespace sscs.crypto
{
if(storedHash[i] != newHash[i])
{
CSSSLogger.DbgLog("Hash doesnot match");
CSSSLogger.DbgLog("Hash doesnot match");
csDecrypt.Close();
fsDecrypt.Close();
return null;
}
}
}
csDecrypt.Close();
fsDecrypt.Close();
return tmpEncrypt;
@@ -271,10 +282,10 @@ namespace sscs.crypto
catch(Exception e)
{
Console.WriteLine(e.ToString());
}
if (csDecrypt != null)
{
csDecrypt.Close();
}
if (csDecrypt != null)
{
csDecrypt.Close();
}
if( fsDecrypt != null )
{
@@ -393,9 +404,7 @@ namespace sscs.crypto
//Encrypt the data to a file
fsEncrypt = new FileStream(fileName,FileMode.Create);
#if LINUX
Mono.Unix.Native.Syscall.chmod(fileName,Mono.Unix.Native.FilePermissions.S_IRUSR | Mono.Unix.Native.FilePermissions.S_IWUSR);
#endif
// make hidden
File.SetAttributes(fileName, FileAttributes.Hidden);
@@ -405,17 +414,17 @@ namespace sscs.crypto
//Write all data to the crypto stream and flush it.
csEncrypt.Write(baMasterPasscode, 0, baMasterPasscode.Length);
csEncrypt.FlushFinalBlock();
csEncrypt.FlushFinalBlock();
csEncrypt.Close();
fsEncrypt.Close();
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
}
if (csEncrypt != null)
{
csEncrypt.Close();
}
if (csEncrypt != null)
{
csEncrypt.Close();
}
if( fsEncrypt != null )
{
@@ -437,10 +446,20 @@ namespace sscs.crypto
/* Get a decryptor that uses the same key and
* IV as the encryptor.
*/
RijndaelManaged myRijndael = new RijndaelManaged();
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform decryptor = myRijndael.CreateDecryptor(baKey,
baKey);
//Now decrypt
#if LINUX
UnixFileInfo fsTest = new UnixFileInfo (fileName);
if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
#else
if(!File.Exists(fileName))
#endif
{
return null;
}
fsDecrypt = new FileStream(fileName, FileMode.Open);
csDecrypt = new CryptoStream(fsDecrypt, decryptor,
CryptoStreamMode.Read);
@@ -584,11 +603,11 @@ namespace sscs.crypto
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Validation of passcode failed.");
}
return false;
}
}
}
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Validation of passcode failed.");
}
return false;
}
}
}

134
c_micasad/lss/LocalStorage.cs
View File

@@ -27,6 +27,9 @@ using System.Collections;
using System.Threading;
using System.Security.Cryptography;
using System.Xml;
#if LINUX
using Mono.Unix.Native;
#endif
using sscs.cache;
using sscs.crypto;
using sscs.common;
@@ -60,7 +63,12 @@ namespace sscs.lss
private SecretStore userStore = null;
private int persistThreadSleepTime = 1000 * 60 * 5; //1000 * 30;
private Thread persistThread = null;
private Thread persistThread = null;
#if LINUX
Mono.Unix.UnixFileSystemInfo sockFileInfo;
Mono.Unix.UnixUserInfo sockFileOwner;
#endif
private static string LINUXID = "Unix";
@@ -120,23 +128,59 @@ namespace sscs.lss
}
return true;
}
public bool IsOwnedByRoot(string fileName)
{
#if LINUX
sockFileInfo = new Mono.Unix.UnixFileInfo(fileName);
sockFileOwner = sockFileInfo.OwnerUser;
if(0==sockFileOwner.UserId)
return true;
else
return false;
#else
return true;
#endif
}
private string GetDecryptedXml()
{
try
{
string fileName = userStore.GetPersistenceFilePath();
if(!File.Exists(fileName))
{
// check for tmp file
if (File.Exists(fileName+".tmp"))
File.Move(fileName+".tmp", fileName);
else
return null;
string fileName = userStore.GetPersistenceFilePath();
string tempFile = fileName;
int count = 0;
if(!File.Exists(fileName))
{
while(true)
{
// check for tmp file
if (File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
{
File.Move(tempFile+".tmp", fileName);
break;
}
else
{
count++;
tempFile = fileName + count.ToString();
}
}
else
return null;
}
// delete tmp file if there
if (File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
File.Delete(tempFile+".tmp");
}
}
// delete tmp file if there
if (File.Exists(fileName+".tmp"))
File.Delete(fileName+".tmp");
byte[] baPasscode = null;
if (null != m_baGeneratedKey)
@@ -235,7 +279,7 @@ namespace sscs.lss
{
attrColl = keyNode.Attributes;
string key;
try
try
{
key = (attrColl[XmlConsts.idAttr]).Value;
}
@@ -427,28 +471,46 @@ namespace sscs.lss
byte[] key = CASACrypto.GetKeySetFromFile(m_baGeneratedKey, userStore.GetKeyFilePath());
string fileName = userStore.GetPersistenceFilePath();
// rename existing file
if(File.Exists(fileName))
{
if (File.Exists(fileName+".tmp"))
File.Delete(fileName+".tmp");
File.Move(fileName, fileName+".tmp");
}
CASACrypto.EncryptDataAndWriteToFile(ms1.ToArray(),key,fileName);
//remove temp
if(File.Exists(fileName+".tmp"))
{
File.Delete(fileName+".tmp");
}
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
}
string tempFile = fileName;
int count=0;
// rename existing file
if(File.Exists(fileName))
{
while(true)
{
if (File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
{
File.Delete(tempFile+".tmp");
break;
}
else
{
count++;
tempFile = fileName + count.ToString();
}
}
else
break;
}
File.Move(fileName, tempFile+".tmp");
}
CASACrypto.EncryptDataAndWriteToFile(ms1.ToArray(),key,fileName);
//remove temp
if(File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
File.Delete(tempFile+".tmp");
}
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
}
}
}
}