/*********************************************************************** * * Copyright (C) 2005-2006 Novell, Inc. All Rights Reserved. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; version 2.1 * of the License. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Library Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, Novell, Inc. * * To contact Novell about this file by physical or electronic mail, * you may find current contact information at www.novell.com. * ***********************************************************************/ using System; using System.Collections; using System.Text; using System.Threading; using sscs.verbs; using sscs.common; using sscs.cache; using sscs.constants; namespace sscs.verbs { /* * This class is implementation of WriteSecret call. * There will be one instance existing for every call made by the client. */ class WriteSecret : SSVerb { private ushort msgId = 0; private uint inMsgLen = 0; private uint outMsgLen = 0; private uint keyChainIdLen = 0; private uint secretIdLen = 0; private uint secretValLen = 0; private int retCode = 0; private string keyChainId; private string secretId; private byte[] secretVal; private byte[] inBuf; private byte[] outBuf; // extension operations private uint extId = 0; #if W32 private int luidLow = 0; private int luidHigh = 0; #endif /* * This method sets the class member with the byte array received. */ public void SetMessageContent(byte[] ipcBytes) { CSSSLogger.ExecutionTrace(this); inBuf = ipcBytes; } /* * This method does the actual implementation of WriteSecret * */ public byte[] ProcessRequest(UserIdentifier userId) { UserIdentifier tempUserId = userId; CSSSLogger.ExecutionTrace(this); // Message Format decipher - Start msgId = BitConverter.ToUInt16(inBuf,0); inMsgLen = BitConverter.ToUInt32(inBuf,2); if( inMsgLen != inBuf.Length ) throw new FormatException(" MsgLen sent does not match the length of the message received."); keyChainIdLen = BitConverter.ToUInt32(inBuf,6); byte[] keyChainIdArr = new byte[keyChainIdLen]; Array.Copy(inBuf,10,keyChainIdArr,0,keyChainIdLen); keyChainId = Encoding.UTF8.GetString(keyChainIdArr); secretIdLen = BitConverter.ToUInt32(inBuf, (10 + (int)keyChainIdLen )); byte[] secretIdArr = new byte[secretIdLen]; Array.Copy(inBuf,(10+keyChainIdLen+4),secretIdArr,0,secretIdLen); secretId = Encoding.UTF8.GetString(secretIdArr); if (secretId.IndexOf("*") < 0) { secretValLen = BitConverter.ToUInt32(inBuf, (14 + ((int)keyChainIdLen)+((int)secretIdLen))); //secretVal = new byte[secretValLen]; string secretValStr = Encoding.UTF8.GetString(inBuf, (18 + ((int)keyChainIdLen)+((int)secretIdLen)), (int)secretValLen ); secretVal = Encoding.UTF8.GetBytes(secretValStr); try { // get extension ID int extLocation = 22 + ((int)keyChainIdLen) + ((int)secretIdLen) + ((int)secretValLen); extId = BitConverter.ToUInt32(inBuf, extLocation); } catch (Exception e) { //CSSSLogger.ExpLog(e.ToString()); } if (extId == 1) { #if W32 // WINDOWS LUID // This is how the Login Capture module on windows, running as System, sets the Desktop Credential. // we might be able to change this if/when we abstract the session. // [4 byte extID][4 byte length][4 byte luidLow][4 byte luidHigh] luidLow = BitConverter.ToInt32(inBuf, 22 + ((int)keyChainIdLen)+((int)secretIdLen) +(int)secretValLen + 8); luidHigh = BitConverter.ToInt32(inBuf, 22 + ((int)keyChainIdLen)+((int)secretIdLen) +(int)secretValLen + 12); tempUserId = new WinUserIdentifier(luidLow, luidHigh); SecretStore ss = SessionManager.CreateUserSession(tempUserId); try { ss.AddKeyChain(new KeyChain("SSCS_SESSION_KEY_CHAIN_ID\0")); } catch (Exception) { } #endif } try { string passwd = null; KeyChain keyChain = null; SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId); if (!ssStore.IsStoreLocked()) { if( ssStore.CheckIfKeyChainExists(keyChainId) ) { keyChain = ssStore.GetKeyChain(keyChainId); Secret secret = new Secret(secretId,secretVal); if( keyChain.CheckIfSecretExists(secretId) == false) { keyChain.AddSecret(secret); if(ConstStrings.MICASA_DESKTOP_PASSWD == secretId) { // Secret sec = keyChain.GetSecret(secretId); KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME); if( null != kv ) passwd = kv.GetValue(); if( null != passwd ) { ssStore.StartPersistenceByDesktopPasswd(passwd); } } } else { Secret masterSecret = keyChain.GetSecret(secretId); string oldPasswd = masterSecret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue(); masterSecret.MergeSecret(ssStore, secret); //keyChain.RemoveSecret(secretId); keyChain.AddSecret(secret); KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME); if( null != kv ) passwd = kv.GetValue(); if( ( oldPasswd != null ) && ( passwd != null ) ) { if( oldPasswd != passwd ) { byte[] baPasscode = ssStore.GetPasscodeFromOldDesktopPasswd( oldPasswd ); if( null != baPasscode ) { ssStore.RewriteDesktopPasswdFile(baPasscode, passwd); } } } ssStore.StartPersistenceByDesktopPasswd(passwd); ssStore.UpdatePersistentStore(); } } else { retCode = IPCRetCodes.SSCS_E_KEYCHAIN_DOES_NOT_EXIST; } } else { retCode = IPCRetCodes.SSCS_SECRET_STORE_IS_LOCKED; } } catch(UserNotInSessionException) { CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" ); retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR; } catch(Exception e ) { CSSSLogger.ExpLog(e.ToString()); retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR; } } else retCode = IPCRetCodes.SSCS_E_INVALID_SECRETID; try { msgId = 9; outMsgLen = 10; outBuf = new byte[10]; byte[] t = new byte[10]; t = BitConverter.GetBytes((ushort)msgId); Array.Copy(t,0,outBuf,0,2); t = BitConverter.GetBytes((uint)outMsgLen); Array.Copy(t,0,outBuf,2,4); t = BitConverter.GetBytes(retCode); Array.Copy(t,0,outBuf,6,4); } catch(Exception e) { CSSSLogger.ExpLog(e.ToString()); throw new FormatException("Unable to form the response " + e.ToString()); } return outBuf; } /* * Gives the name of operation performed. Will be used in case * of error. */ public string GetVerbName() { CSSSLogger.ExecutionTrace(this); return this.ToString(); } } }