geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Disallow * in SecretId names

Browse Source
This commit is contained in:
Jim Norman
2005-10-26 14:31:58 +00:00
parent a9e5a67876
commit b6039e1f9e
3 changed files with 190 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
c_micasad/verbs/ObjectSerialization.cs
View File

@@ -184,10 +184,6 @@ namespace sscs.verbs
{ {
return DoGetKeyList(ssStore, wo); return DoGetKeyList(ssStore, wo);
} }
default: default:
{ {
wo.SetError(constants.RetCodes.FAILURE, "Verb Not Supported"); wo.SetError(constants.RetCodes.FAILURE, "Verb Not Supported");
@@ -333,22 +329,28 @@ namespace sscs.verbs
string secretID = wo.GetSecretID(); string secretID = wo.GetSecretID();
string keyID = wo.GetKeyID(); string keyID = wo.GetKeyID();
string sValue = (String)wo.GetObject(); string sValue = (String)wo.GetObject();
KeyChain keyChain = ssStore.GetKeyChain(keychainID); if (secretID.IndexOf("*") < 0)
Secret secret;
if( keyChain.CheckIfSecretExists(secretID) == false)
{ {
secret = new Secret(secretID);
keyChain.AddSecret(secret); KeyChain keyChain = ssStore.GetKeyChain(keychainID);
Secret secret;
if( keyChain.CheckIfSecretExists(secretID) == false)
{
secret = new Secret(secretID);
keyChain.AddSecret(secret);
}
else
{
secret = keyChain.GetSecret(secretID);
}
secret.SetKeyValue(keyID, sValue);
ChangeLinkedKeys(keyChain, secret, keyID, sValue);
wo.SetError(constants.RetCodes.SUCCESS, null);
} }
else else
{ wo.SetError(constants.RetCodes.FAILURE, null);
secret = keyChain.GetSecret(secretID);
}
secret.SetKeyValue(keyID, sValue);
ChangeLinkedKeys(keyChain, secret, keyID, sValue);
wo.SetError(constants.RetCodes.SUCCESS, null);
} }
catch (Exception e) catch (Exception e)
{ {
@@ -784,5 +786,6 @@ namespace sscs.verbs
CSSSLogger.ExecutionTrace(this); CSSSLogger.ExecutionTrace(this);
return this.ToString(); return this.ToString();
} }
} }
} }

205
c_micasad/verbs/WriteKey.cs
View File

@@ -84,130 +84,135 @@ namespace sscs.verbs
Array.Copy(inBuf,(10+keyChainIdLen+4),secretIdArr,0,secretIdLen); Array.Copy(inBuf,(10+keyChainIdLen+4),secretIdArr,0,secretIdLen);
secretId = Encoding.UTF8.GetString(secretIdArr); secretId = Encoding.UTF8.GetString(secretIdArr);
if (secretId.IndexOf("*") < 0)
{
keyLen = BitConverter.ToUInt32(inBuf,(14+(int)keyChainIdLen+(int)secretIdLen)); keyLen = BitConverter.ToUInt32(inBuf,(14+(int)keyChainIdLen+(int)secretIdLen));
byte[] keyArr = new byte[keyLen]; byte[] keyArr = new byte[keyLen];
Array.Copy(inBuf,(18+keyChainIdLen+secretIdLen),keyArr,0,keyLen); Array.Copy(inBuf,(18+keyChainIdLen+secretIdLen),keyArr,0,keyLen);
key = Encoding.UTF8.GetString(keyArr); key = Encoding.UTF8.GetString(keyArr);
valLen = BitConverter.ToUInt32(inBuf,(18+(int)keyChainIdLen+(int)secretIdLen+(int)keyLen)); valLen = BitConverter.ToUInt32(inBuf,(18+(int)keyChainIdLen+(int)secretIdLen+(int)keyLen));
val = new byte[valLen]; val = new byte[valLen];
Array.Copy(inBuf,(22+keyChainIdLen+secretIdLen+keyLen),val,0,valLen); Array.Copy(inBuf,(22+keyChainIdLen+secretIdLen+keyLen),val,0,valLen);
valStr = Encoding.UTF8.GetString(val); valStr = Encoding.UTF8.GetString(val);
try try
{ {
// get extension ID // get extension ID
int extLocation = 26 + ((int)keyChainIdLen) + ((int)secretIdLen) + ((int)keyLen) + ((int)valLen); int extLocation = 26 + ((int)keyChainIdLen) + ((int)secretIdLen) + ((int)keyLen) + ((int)valLen);
extId = BitConverter.ToUInt32(inBuf, extLocation); extId = BitConverter.ToUInt32(inBuf, extLocation);
} }
catch (Exception) catch (Exception)
{ {
//CSSSLogger.ExpLog(e.ToString()); //CSSSLogger.ExpLog(e.ToString());
} }
if (extId == 1) if (extId == 1)
{ {
#if W32 #if W32
// WINDOWS LUID // WINDOWS LUID
// This is how the Login Capture module on windows, running as System, sets the Desktop Credential. // This is how the Login Capture module on windows, running as System, sets the Desktop Credential.
// we might be able to change this if/when we abstract the session. // we might be able to change this if/when we abstract the session.
// [4 byte extID][4 byte length][4 byte luidLow][4 byte luidHigh] // [4 byte extID][4 byte length][4 byte luidLow][4 byte luidHigh]
luidLow = BitConverter.ToInt32(inBuf, 26 + ((int)keyChainIdLen)+((int)secretIdLen) +((int)keyLen) + (int)valLen + 8); luidLow = BitConverter.ToInt32(inBuf, 26 + ((int)keyChainIdLen)+((int)secretIdLen) +((int)keyLen) + (int)valLen + 8);
luidHigh = BitConverter.ToInt32(inBuf, 26 + ((int)keyChainIdLen)+((int)secretIdLen) +((int)keyLen) + (int)valLen + 12); luidHigh = BitConverter.ToInt32(inBuf, 26 + ((int)keyChainIdLen)+((int)secretIdLen) +((int)keyLen) + (int)valLen + 12);
tempUserId = new WinUserIdentifier(luidLow, luidHigh); tempUserId = new WinUserIdentifier(luidLow, luidHigh);
SecretStore ss = SessionManager.CreateUserSession(tempUserId); SecretStore ss = SessionManager.CreateUserSession(tempUserId);
try try
{ {
ss.AddKeyChain(new KeyChain("SSCS_SESSION_KEY_CHAIN_ID\0")); ss.AddKeyChain(new KeyChain("SSCS_SESSION_KEY_CHAIN_ID\0"));
} }
catch (Exception) catch (Exception)
{
}
#endif
}
try
{
KeyChain keyChain = null;
SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId);
if (!ssStore.IsStoreLocked())
{
if( ssStore.CheckIfKeyChainExists(keyChainId) )
{ {
keyChain = ssStore.GetKeyChain(keyChainId);
Secret secret = null;
// add this secret if it doesn't already exist }
if( keyChain.CheckIfSecretExists(secretId) == false) #endif
{ }
secret = new Secret(secretId);
keyChain.AddSecret(secret);
}
else
{
secret = keyChain.GetSecret(secretId);
}
string oldPasswd = null;
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)
)
{
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
if( null != kv )
oldPasswd = kv.GetValue();
}
secret.SetKeyValue(key,valStr);
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)
)
{
string passwd = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue();
if( ( oldPasswd != null ) && ( passwd != null ) ) try
{
KeyChain keyChain = null;
SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId);
if (!ssStore.IsStoreLocked())
{
if( ssStore.CheckIfKeyChainExists(keyChainId) )
{
keyChain = ssStore.GetKeyChain(keyChainId);
Secret secret = null;
// add this secret if it doesn't already exist
if( keyChain.CheckIfSecretExists(secretId) == false)
{ {
if( oldPasswd != passwd ) secret = new Secret(secretId);
keyChain.AddSecret(secret);
}
else
{
secret = keyChain.GetSecret(secretId);
}
string oldPasswd = null;
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)
)
{
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
if( null != kv )
oldPasswd = kv.GetValue();
}
secret.SetKeyValue(key,valStr);
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)
)
{
string passwd = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue();
if( ( oldPasswd != null ) && ( passwd != null ) )
{ {
byte[] baPasscode = ssStore.GetPasscodeFromOldDesktopPasswd(oldPasswd); if( oldPasswd != passwd )
if( null != baPasscode )
{ {
ssStore.RewriteDesktopPasswdFile(baPasscode, passwd); byte[] baPasscode = ssStore.GetPasscodeFromOldDesktopPasswd(oldPasswd);
if( null != baPasscode )
{
ssStore.RewriteDesktopPasswdFile(baPasscode, passwd);
}
} }
} }
ssStore.StartPersistenceByDesktopPasswd(passwd);
} }
ssStore.StartPersistenceByDesktopPasswd(passwd);
}
// Now change all values for linked keys // Now change all values for linked keys
ChangeLinkedKeys(keyChain, secret, key, valStr); ChangeLinkedKeys(keyChain, secret, key, valStr);
}
else
{
retCode = IPCRetCodes.SSCS_E_KEYCHAIN_DOES_NOT_EXIST;
}
} }
else else
{ {
retCode = IPCRetCodes.SSCS_E_KEYCHAIN_DOES_NOT_EXIST; // do nothing
} }
}
else
{
// do nothing
}
} }
catch(UserNotInSessionException) catch(UserNotInSessionException)
{ {
CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" ); CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" );
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR; retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
} }
catch(Exception e ) catch(Exception e )
{ {
CSSSLogger.ExpLog(e.ToString()); CSSSLogger.ExpLog(e.ToString());
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR; retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
} }
}
else
retCode = IPCRetCodes.SSCS_E_INVALID_SECRETID;
try try
{ {

123
c_micasad/verbs/WriteSecret.cs
View File

@@ -76,14 +76,18 @@ namespace sscs.verbs
Array.Copy(inBuf,(10+keyChainIdLen+4),secretIdArr,0,secretIdLen); Array.Copy(inBuf,(10+keyChainIdLen+4),secretIdArr,0,secretIdLen);
secretId = Encoding.UTF8.GetString(secretIdArr); secretId = Encoding.UTF8.GetString(secretIdArr);
secretValLen = BitConverter.ToUInt32(inBuf, if (secretId.IndexOf("*") < 0)
(14 + ((int)keyChainIdLen)+((int)secretIdLen))); {
//secretVal = new byte[secretValLen];
string secretValStr = Encoding.UTF8.GetString(inBuf,
(18 + ((int)keyChainIdLen)+((int)secretIdLen)), secretValLen = BitConverter.ToUInt32(inBuf,
(int)secretValLen (14 + ((int)keyChainIdLen)+((int)secretIdLen)));
); //secretVal = new byte[secretValLen];
secretVal = Encoding.UTF8.GetBytes(secretValStr); string secretValStr = Encoding.UTF8.GetString(inBuf,
(18 + ((int)keyChainIdLen)+((int)secretIdLen)),
(int)secretValLen
);
secretVal = Encoding.UTF8.GetBytes(secretValStr);
try try
{ {
@@ -118,78 +122,81 @@ namespace sscs.verbs
#endif #endif
} }
try try
{
string passwd = null;
KeyChain keyChain = null;
SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId);
if (!ssStore.IsStoreLocked())
{ {
if( ssStore.CheckIfKeyChainExists(keyChainId) ) string passwd = null;
KeyChain keyChain = null;
SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId);
if (!ssStore.IsStoreLocked())
{ {
keyChain = ssStore.GetKeyChain(keyChainId); if( ssStore.CheckIfKeyChainExists(keyChainId) )
Secret secret = new Secret(secretId,secretVal);
if( keyChain.CheckIfSecretExists(secretId) == false)
{ {
keyChain.AddSecret(secret); keyChain = ssStore.GetKeyChain(keyChainId);
if(ConstStrings.MICASA_DESKTOP_PASSWD == secretId) Secret secret = new Secret(secretId,secretVal);
if( keyChain.CheckIfSecretExists(secretId) == false)
{ {
// Secret sec = keyChain.GetSecret(secretId); keyChain.AddSecret(secret);
if(ConstStrings.MICASA_DESKTOP_PASSWD == secretId)
{
// Secret sec = keyChain.GetSecret(secretId);
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
if( null != kv )
passwd = kv.GetValue();
if( null != passwd )
{
ssStore.StartPersistenceByDesktopPasswd(passwd);
}
}
}
else
{
Secret masterSecret = keyChain.GetSecret(secretId);
string oldPasswd = masterSecret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue();
masterSecret.MergeSecret(secret);
//keyChain.RemoveSecret(secretId);
keyChain.AddSecret(secret);
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME); KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
if( null != kv ) if( null != kv )
passwd = kv.GetValue(); passwd = kv.GetValue();
if( null != passwd ) if( ( oldPasswd != null ) && ( passwd != null ) )
{ {
ssStore.StartPersistenceByDesktopPasswd(passwd); if( oldPasswd != passwd )
{
byte[] baPasscode = ssStore.GetPasscodeFromOldDesktopPasswd( oldPasswd );
if( null != baPasscode )
{
ssStore.RewriteDesktopPasswdFile(baPasscode, passwd);
}
}
} }
ssStore.StartPersistenceByDesktopPasswd(passwd);
} }
} }
else else
{ {
Secret masterSecret = keyChain.GetSecret(secretId); retCode = IPCRetCodes.SSCS_E_KEYCHAIN_DOES_NOT_EXIST;
string oldPasswd = masterSecret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue();
masterSecret.MergeSecret(secret);
//keyChain.RemoveSecret(secretId);
keyChain.AddSecret(secret);
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
if( null != kv )
passwd = kv.GetValue();
if( ( oldPasswd != null ) && ( passwd != null ) )
{
if( oldPasswd != passwd )
{
byte[] baPasscode = ssStore.GetPasscodeFromOldDesktopPasswd( oldPasswd );
if( null != baPasscode )
{
ssStore.RewriteDesktopPasswdFile(baPasscode, passwd);
}
}
}
ssStore.StartPersistenceByDesktopPasswd(passwd);
} }
} }
else else
{ {
retCode = IPCRetCodes.SSCS_E_KEYCHAIN_DOES_NOT_EXIST; // do nothing
} }
} }
else catch(UserNotInSessionException)
{
CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" );
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
catch(Exception e )
{ {
// do nothing CSSSLogger.ExpLog(e.ToString());
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
} }
} }
catch(UserNotInSessionException) else
{ retCode = IPCRetCodes.SSCS_E_INVALID_SECRETID;
CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" );
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
catch(Exception e )
{
CSSSLogger.ExpLog(e.ToString());
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
try try
{ {