geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Disallow * in SecretId names

Browse Source
This commit is contained in:
Jim Norman
2005-10-26 14:31:58 +00:00
parent a9e5a67876
commit b6039e1f9e
3 changed files with 190 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
c_micasad/verbs/ObjectSerialization.cs
View File

@@ -184,10 +184,6 @@ namespace sscs.verbs
{
return DoGetKeyList(ssStore, wo);
}
default:
{
wo.SetError(constants.RetCodes.FAILURE, "Verb Not Supported");
@@ -333,22 +329,28 @@ namespace sscs.verbs
string secretID = wo.GetSecretID();
string keyID = wo.GetKeyID();
string sValue = (String)wo.GetObject();
KeyChain keyChain = ssStore.GetKeyChain(keychainID);
Secret secret;
if( keyChain.CheckIfSecretExists(secretID) == false)
if (secretID.IndexOf("*") < 0)
{
secret = new Secret(secretID);
keyChain.AddSecret(secret);
KeyChain keyChain = ssStore.GetKeyChain(keychainID);
Secret secret;
if( keyChain.CheckIfSecretExists(secretID) == false)
{
secret = new Secret(secretID);
keyChain.AddSecret(secret);
}
else
{
secret = keyChain.GetSecret(secretID);
}
secret.SetKeyValue(keyID, sValue);
ChangeLinkedKeys(keyChain, secret, keyID, sValue);
wo.SetError(constants.RetCodes.SUCCESS, null);
}
else
{
secret = keyChain.GetSecret(secretID);
}
secret.SetKeyValue(keyID, sValue);
ChangeLinkedKeys(keyChain, secret, keyID, sValue);
wo.SetError(constants.RetCodes.SUCCESS, null);
wo.SetError(constants.RetCodes.FAILURE, null);
}
catch (Exception e)
{
@@ -784,5 +786,6 @@ namespace sscs.verbs
CSSSLogger.ExecutionTrace(this);
return this.ToString();
}
}
}

205
c_micasad/verbs/WriteKey.cs
View File

@@ -84,130 +84,135 @@ namespace sscs.verbs
Array.Copy(inBuf,(10+keyChainIdLen+4),secretIdArr,0,secretIdLen);
secretId = Encoding.UTF8.GetString(secretIdArr);
if (secretId.IndexOf("*") < 0)
{
keyLen = BitConverter.ToUInt32(inBuf,(14+(int)keyChainIdLen+(int)secretIdLen));
byte[] keyArr = new byte[keyLen];
Array.Copy(inBuf,(18+keyChainIdLen+secretIdLen),keyArr,0,keyLen);
key = Encoding.UTF8.GetString(keyArr);
keyLen = BitConverter.ToUInt32(inBuf,(14+(int)keyChainIdLen+(int)secretIdLen));
byte[] keyArr = new byte[keyLen];
Array.Copy(inBuf,(18+keyChainIdLen+secretIdLen),keyArr,0,keyLen);
key = Encoding.UTF8.GetString(keyArr);
valLen = BitConverter.ToUInt32(inBuf,(18+(int)keyChainIdLen+(int)secretIdLen+(int)keyLen));
val = new byte[valLen];
Array.Copy(inBuf,(22+keyChainIdLen+secretIdLen+keyLen),val,0,valLen);
valStr = Encoding.UTF8.GetString(val);
valLen = BitConverter.ToUInt32(inBuf,(18+(int)keyChainIdLen+(int)secretIdLen+(int)keyLen));
val = new byte[valLen];
Array.Copy(inBuf,(22+keyChainIdLen+secretIdLen+keyLen),val,0,valLen);
valStr = Encoding.UTF8.GetString(val);
try
{
// get extension ID
int extLocation = 26 + ((int)keyChainIdLen) + ((int)secretIdLen) + ((int)keyLen) + ((int)valLen);
extId = BitConverter.ToUInt32(inBuf, extLocation);
}
catch (Exception)
{
//CSSSLogger.ExpLog(e.ToString());
}
try
{
// get extension ID
int extLocation = 26 + ((int)keyChainIdLen) + ((int)secretIdLen) + ((int)keyLen) + ((int)valLen);
extId = BitConverter.ToUInt32(inBuf, extLocation);
}
catch (Exception)
{
//CSSSLogger.ExpLog(e.ToString());
}
if (extId == 1)
{
if (extId == 1)
{
#if W32
// WINDOWS LUID
// This is how the Login Capture module on windows, running as System, sets the Desktop Credential.
// we might be able to change this if/when we abstract the session.
// [4 byte extID][4 byte length][4 byte luidLow][4 byte luidHigh]
luidLow = BitConverter.ToInt32(inBuf, 26 + ((int)keyChainIdLen)+((int)secretIdLen) +((int)keyLen) + (int)valLen + 8);
luidHigh = BitConverter.ToInt32(inBuf, 26 + ((int)keyChainIdLen)+((int)secretIdLen) +((int)keyLen) + (int)valLen + 12);
tempUserId = new WinUserIdentifier(luidLow, luidHigh);
SecretStore ss = SessionManager.CreateUserSession(tempUserId);
try
{
ss.AddKeyChain(new KeyChain("SSCS_SESSION_KEY_CHAIN_ID\0"));
}
catch (Exception)
{
}
#endif
}
try
{
KeyChain keyChain = null;
SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId);
if (!ssStore.IsStoreLocked())
{
if( ssStore.CheckIfKeyChainExists(keyChainId) )
// WINDOWS LUID
// This is how the Login Capture module on windows, running as System, sets the Desktop Credential.
// we might be able to change this if/when we abstract the session.
// [4 byte extID][4 byte length][4 byte luidLow][4 byte luidHigh]
luidLow = BitConverter.ToInt32(inBuf, 26 + ((int)keyChainIdLen)+((int)secretIdLen) +((int)keyLen) + (int)valLen + 8);
luidHigh = BitConverter.ToInt32(inBuf, 26 + ((int)keyChainIdLen)+((int)secretIdLen) +((int)keyLen) + (int)valLen + 12);
tempUserId = new WinUserIdentifier(luidLow, luidHigh);
SecretStore ss = SessionManager.CreateUserSession(tempUserId);
try
{
ss.AddKeyChain(new KeyChain("SSCS_SESSION_KEY_CHAIN_ID\0"));
}
catch (Exception)
{
keyChain = ssStore.GetKeyChain(keyChainId);
Secret secret = null;
// add this secret if it doesn't already exist
if( keyChain.CheckIfSecretExists(secretId) == false)
{
secret = new Secret(secretId);
keyChain.AddSecret(secret);
}
else
{
secret = keyChain.GetSecret(secretId);
}
string oldPasswd = null;
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)
)
{
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
if( null != kv )
oldPasswd = kv.GetValue();
}
secret.SetKeyValue(key,valStr);
}
#endif
}
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)
)
{
string passwd = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue();
if( ( oldPasswd != null ) && ( passwd != null ) )
try
{
KeyChain keyChain = null;
SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId);
if (!ssStore.IsStoreLocked())
{
if( ssStore.CheckIfKeyChainExists(keyChainId) )
{
keyChain = ssStore.GetKeyChain(keyChainId);
Secret secret = null;
// add this secret if it doesn't already exist
if( keyChain.CheckIfSecretExists(secretId) == false)
{
if( oldPasswd != passwd )
secret = new Secret(secretId);
keyChain.AddSecret(secret);
}
else
{
secret = keyChain.GetSecret(secretId);
}
string oldPasswd = null;
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)
)
{
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
if( null != kv )
oldPasswd = kv.GetValue();
}
secret.SetKeyValue(key,valStr);
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)
)
{
string passwd = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue();
if( ( oldPasswd != null ) && ( passwd != null ) )
{
byte[] baPasscode = ssStore.GetPasscodeFromOldDesktopPasswd(oldPasswd);
if( null != baPasscode )
if( oldPasswd != passwd )
{
ssStore.RewriteDesktopPasswdFile(baPasscode, passwd);
byte[] baPasscode = ssStore.GetPasscodeFromOldDesktopPasswd(oldPasswd);
if( null != baPasscode )
{
ssStore.RewriteDesktopPasswdFile(baPasscode, passwd);
}
}
}
ssStore.StartPersistenceByDesktopPasswd(passwd);
}
ssStore.StartPersistenceByDesktopPasswd(passwd);
}
// Now change all values for linked keys
ChangeLinkedKeys(keyChain, secret, key, valStr);
// Now change all values for linked keys
ChangeLinkedKeys(keyChain, secret, key, valStr);
}
else
{
retCode = IPCRetCodes.SSCS_E_KEYCHAIN_DOES_NOT_EXIST;
}
}
else
{
retCode = IPCRetCodes.SSCS_E_KEYCHAIN_DOES_NOT_EXIST;
// do nothing
}
}
else
{
// do nothing
}
}
catch(UserNotInSessionException)
{
CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" );
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
catch(Exception e )
{
CSSSLogger.ExpLog(e.ToString());
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
}
catch(UserNotInSessionException)
{
CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" );
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
catch(Exception e )
{
CSSSLogger.ExpLog(e.ToString());
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
}
else
retCode = IPCRetCodes.SSCS_E_INVALID_SECRETID;
try
{

123
c_micasad/verbs/WriteSecret.cs
View File

@@ -76,14 +76,18 @@ namespace sscs.verbs
Array.Copy(inBuf,(10+keyChainIdLen+4),secretIdArr,0,secretIdLen);
secretId = Encoding.UTF8.GetString(secretIdArr);
secretValLen = BitConverter.ToUInt32(inBuf,
(14 + ((int)keyChainIdLen)+((int)secretIdLen)));
//secretVal = new byte[secretValLen];
string secretValStr = Encoding.UTF8.GetString(inBuf,
(18 + ((int)keyChainIdLen)+((int)secretIdLen)),
(int)secretValLen
);
secretVal = Encoding.UTF8.GetBytes(secretValStr);
if (secretId.IndexOf("*") < 0)
{
secretValLen = BitConverter.ToUInt32(inBuf,
(14 + ((int)keyChainIdLen)+((int)secretIdLen)));
//secretVal = new byte[secretValLen];
string secretValStr = Encoding.UTF8.GetString(inBuf,
(18 + ((int)keyChainIdLen)+((int)secretIdLen)),
(int)secretValLen
);
secretVal = Encoding.UTF8.GetBytes(secretValStr);
try
{
@@ -118,78 +122,81 @@ namespace sscs.verbs
#endif
}
try
{
string passwd = null;
KeyChain keyChain = null;
SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId);
if (!ssStore.IsStoreLocked())
try
{
if( ssStore.CheckIfKeyChainExists(keyChainId) )
string passwd = null;
KeyChain keyChain = null;
SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId);
if (!ssStore.IsStoreLocked())
{
keyChain = ssStore.GetKeyChain(keyChainId);
Secret secret = new Secret(secretId,secretVal);
if( keyChain.CheckIfSecretExists(secretId) == false)
if( ssStore.CheckIfKeyChainExists(keyChainId) )
{
keyChain.AddSecret(secret);
if(ConstStrings.MICASA_DESKTOP_PASSWD == secretId)
keyChain = ssStore.GetKeyChain(keyChainId);
Secret secret = new Secret(secretId,secretVal);
if( keyChain.CheckIfSecretExists(secretId) == false)
{
// Secret sec = keyChain.GetSecret(secretId);
keyChain.AddSecret(secret);
if(ConstStrings.MICASA_DESKTOP_PASSWD == secretId)
{
// Secret sec = keyChain.GetSecret(secretId);
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
if( null != kv )
passwd = kv.GetValue();
if( null != passwd )
{
ssStore.StartPersistenceByDesktopPasswd(passwd);
}
}
}
else
{
Secret masterSecret = keyChain.GetSecret(secretId);
string oldPasswd = masterSecret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue();
masterSecret.MergeSecret(secret);
//keyChain.RemoveSecret(secretId);
keyChain.AddSecret(secret);
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
if( null != kv )
passwd = kv.GetValue();
if( null != passwd )
if( ( oldPasswd != null ) && ( passwd != null ) )
{
ssStore.StartPersistenceByDesktopPasswd(passwd);
if( oldPasswd != passwd )
{
byte[] baPasscode = ssStore.GetPasscodeFromOldDesktopPasswd( oldPasswd );
if( null != baPasscode )
{
ssStore.RewriteDesktopPasswdFile(baPasscode, passwd);
}
}
}
ssStore.StartPersistenceByDesktopPasswd(passwd);
}
}
else
{
Secret masterSecret = keyChain.GetSecret(secretId);
string oldPasswd = masterSecret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue();
masterSecret.MergeSecret(secret);
//keyChain.RemoveSecret(secretId);
keyChain.AddSecret(secret);
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
if( null != kv )
passwd = kv.GetValue();
if( ( oldPasswd != null ) && ( passwd != null ) )
{
if( oldPasswd != passwd )
{
byte[] baPasscode = ssStore.GetPasscodeFromOldDesktopPasswd( oldPasswd );
if( null != baPasscode )
{
ssStore.RewriteDesktopPasswdFile(baPasscode, passwd);
}
}
}
ssStore.StartPersistenceByDesktopPasswd(passwd);
retCode = IPCRetCodes.SSCS_E_KEYCHAIN_DOES_NOT_EXIST;
}
}
else
{
retCode = IPCRetCodes.SSCS_E_KEYCHAIN_DOES_NOT_EXIST;
// do nothing
}
}
else
catch(UserNotInSessionException)
{
CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" );
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
catch(Exception e )
{
// do nothing
CSSSLogger.ExpLog(e.ToString());
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
}
catch(UserNotInSessionException)
{
CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" );
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
catch(Exception e )
{
CSSSLogger.ExpLog(e.ToString());
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
}
}
else
retCode = IPCRetCodes.SSCS_E_INVALID_SECRETID;
try
{