315 lines
10 KiB
C#
315 lines
10 KiB
C#
/***********************************************************************
|
|
*
|
|
* Copyright (C) 2005-2006 Novell, Inc. All Rights Reserved.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; version 2.1
|
|
* of the License.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Library Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, Novell, Inc.
|
|
*
|
|
* To contact Novell about this file by physical or electronic mail,
|
|
* you may find current contact information at www.novell.com.
|
|
*
|
|
***********************************************************************/
|
|
|
|
using System;
|
|
using System.Collections;
|
|
using System.Text;
|
|
using System.Threading;
|
|
using sscs.verbs;
|
|
using sscs.common;
|
|
using sscs.cache;
|
|
using sscs.constants;
|
|
|
|
using Novell.CASA.MiCasa.Common;
|
|
|
|
namespace sscs.verbs
|
|
{
|
|
|
|
/*
|
|
* This class is implementation of WriteKey call.
|
|
* There will be one instance existing for every call made by the client.
|
|
*/
|
|
|
|
class WriteKey : SSVerb
|
|
{
|
|
private ushort msgId = 0;
|
|
private uint inMsgLen = 0;
|
|
private uint outMsgLen = 0;
|
|
private uint keyChainIdLen = 0;
|
|
private uint secretIdLen = 0;
|
|
private uint secretValLen = 0;
|
|
private int retCode = 0;
|
|
private string keyChainId;
|
|
private string secretId;
|
|
|
|
private uint keyLen;
|
|
private string key;
|
|
private uint valLen;
|
|
private byte[] val;
|
|
private string valStr;
|
|
|
|
private byte[] inBuf;
|
|
private byte[] outBuf;
|
|
|
|
// extension operations
|
|
private uint extId = 0;
|
|
#if W32
|
|
private int luidLow = 0;
|
|
private int luidHigh = 0;
|
|
#endif
|
|
|
|
/*
|
|
* This method sets the class member with the byte array received.
|
|
*/
|
|
|
|
public void SetMessageContent(byte[] ipcBytes)
|
|
{
|
|
CSSSLogger.ExecutionTrace(this);
|
|
inBuf = ipcBytes;
|
|
}
|
|
|
|
/*
|
|
* This method does the actual implementation of WriteKey
|
|
*
|
|
*/
|
|
|
|
public byte[] ProcessRequest(UserIdentifier userId)
|
|
{
|
|
CSSSLogger.ExecutionTrace(this);
|
|
UserIdentifier tempUserId = userId;
|
|
// Message Format decipher - Start
|
|
msgId = BitConverter.ToUInt16(inBuf,0);
|
|
inMsgLen = BitConverter.ToUInt32(inBuf,2);
|
|
|
|
if( inMsgLen != inBuf.Length )
|
|
throw new FormatException(" MsgLen sent does not match the length of the message received.");
|
|
|
|
keyChainIdLen = BitConverter.ToUInt32(inBuf,6);
|
|
|
|
byte[] keyChainIdArr = new byte[keyChainIdLen];
|
|
Array.Copy(inBuf,10,keyChainIdArr,0,keyChainIdLen);
|
|
keyChainId = Encoding.UTF8.GetString(keyChainIdArr);
|
|
|
|
secretIdLen = BitConverter.ToUInt32(inBuf,
|
|
(10 + (int)keyChainIdLen ));
|
|
|
|
byte[] secretIdArr = new byte[secretIdLen];
|
|
Array.Copy(inBuf,(10+keyChainIdLen+4),secretIdArr,0,secretIdLen);
|
|
secretId = Encoding.UTF8.GetString(secretIdArr);
|
|
|
|
if (secretId.IndexOf("*") < 0)
|
|
{
|
|
|
|
keyLen = BitConverter.ToUInt32(inBuf,(14+(int)keyChainIdLen+(int)secretIdLen));
|
|
byte[] keyArr = new byte[keyLen];
|
|
Array.Copy(inBuf,(18+keyChainIdLen+secretIdLen),keyArr,0,keyLen);
|
|
key = Encoding.UTF8.GetString(keyArr);
|
|
|
|
|
|
valLen = BitConverter.ToUInt32(inBuf,(18+(int)keyChainIdLen+(int)secretIdLen+(int)keyLen));
|
|
val = new byte[valLen];
|
|
Array.Copy(inBuf,(22+keyChainIdLen+secretIdLen+keyLen),val,0,valLen);
|
|
valStr = Encoding.UTF8.GetString(val);
|
|
|
|
try
|
|
{
|
|
// get extension ID
|
|
int extLocation = 26 + ((int)keyChainIdLen) + ((int)secretIdLen) + ((int)keyLen) + ((int)valLen);
|
|
extId = BitConverter.ToUInt32(inBuf, extLocation);
|
|
}
|
|
catch (Exception)
|
|
{
|
|
//CSSSLogger.ExpLog(e.ToString());
|
|
}
|
|
|
|
if (extId == 1)
|
|
{
|
|
#if W32
|
|
|
|
// WINDOWS LUID
|
|
// This is how the Login Capture module on windows, running as System, sets the Desktop Credential.
|
|
// we might be able to change this if/when we abstract the session.
|
|
// [4 byte extID][4 byte length][4 byte luidLow][4 byte luidHigh]
|
|
luidLow = BitConverter.ToInt32(inBuf, 26 + ((int)keyChainIdLen)+((int)secretIdLen) +((int)keyLen) + (int)valLen + 8);
|
|
luidHigh = BitConverter.ToInt32(inBuf, 26 + ((int)keyChainIdLen)+((int)secretIdLen) +((int)keyLen) + (int)valLen + 12);
|
|
tempUserId = new WinUserIdentifier(luidLow, luidHigh);
|
|
SecretStore ss = SessionManager.CreateUserSession(tempUserId);
|
|
try
|
|
{
|
|
ss.AddKeyChain(new KeyChain("SSCS_SESSION_KEY_CHAIN_ID\0"));
|
|
}
|
|
catch (Exception)
|
|
{
|
|
|
|
}
|
|
#endif
|
|
}
|
|
|
|
|
|
try
|
|
{
|
|
KeyChain keyChain = null;
|
|
SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId);
|
|
if (!ssStore.IsStoreLocked())
|
|
{
|
|
if( ssStore.CheckIfKeyChainExists(keyChainId) )
|
|
{
|
|
keyChain = ssStore.GetKeyChain(keyChainId);
|
|
Secret secret = null;
|
|
|
|
// add this secret if it doesn't already exist
|
|
if( keyChain.CheckIfSecretExists(secretId) == false)
|
|
{
|
|
secret = new Secret(secretId);
|
|
keyChain.AddSecret(secret);
|
|
}
|
|
else
|
|
{
|
|
secret = keyChain.GetSecret(secretId);
|
|
}
|
|
string oldPasswd = null;
|
|
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
|
|
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)
|
|
)
|
|
{
|
|
KeyValue kv = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME);
|
|
if( null != kv )
|
|
oldPasswd = kv.GetValue();
|
|
}
|
|
secret.SetKeyValue(key,valStr);
|
|
|
|
if((ConstStrings.MICASA_DESKTOP_PASSWD == secretId) &&
|
|
(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME == key)
|
|
)
|
|
{
|
|
string passwd = secret.GetKeyValue(ConstStrings.MICASA_DESKTOP_PASSWD_KEYNAME).GetValue();
|
|
|
|
if( ( oldPasswd != null ) && ( passwd != null ) )
|
|
{
|
|
if( oldPasswd != passwd )
|
|
{
|
|
byte[] baPasscode = ssStore.GetPasscodeFromOldDesktopPasswd(oldPasswd);
|
|
if( null != baPasscode )
|
|
{
|
|
ssStore.RewriteDesktopPasswdFile(baPasscode, passwd);
|
|
}
|
|
}
|
|
}
|
|
ssStore.StartPersistenceByDesktopPasswd(passwd);
|
|
}
|
|
|
|
// Now change all values for linked keys
|
|
ChangeLinkedKeys(keyChain, secret, key, valStr);
|
|
ssStore.UpdatePersistentStore();
|
|
|
|
}
|
|
else
|
|
{
|
|
retCode = IPCRetCodes.SSCS_E_KEYCHAIN_DOES_NOT_EXIST;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
// do nothing
|
|
}
|
|
|
|
}
|
|
catch(UserNotInSessionException)
|
|
{
|
|
CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" );
|
|
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
|
|
}
|
|
catch(Exception e )
|
|
{
|
|
CSSSLogger.ExpLog(e.ToString());
|
|
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
|
|
}
|
|
}
|
|
else
|
|
retCode = IPCRetCodes.SSCS_E_INVALID_SECRETID;
|
|
|
|
try
|
|
{
|
|
msgId = 9;
|
|
outMsgLen = 10;
|
|
outBuf = new byte[10];
|
|
byte[] t = new byte[10];
|
|
|
|
t = BitConverter.GetBytes((ushort)msgId);
|
|
Array.Copy(t,0,outBuf,0,2);
|
|
|
|
t = BitConverter.GetBytes((uint)outMsgLen);
|
|
Array.Copy(t,0,outBuf,2,4);
|
|
|
|
t = BitConverter.GetBytes(retCode);
|
|
Array.Copy(t,0,outBuf,6,4);
|
|
}
|
|
catch(Exception e)
|
|
{
|
|
CSSSLogger.ExpLog(e.ToString());
|
|
throw new FormatException("Unable to form the response " + e.ToString());
|
|
}
|
|
|
|
return outBuf;
|
|
}
|
|
|
|
|
|
private void ChangeLinkedKeys(KeyChain keyChain, Secret secret, string key, string valStr)
|
|
{
|
|
Hashtable htLinkedkeys = secret.GetLinkedKeys(key);
|
|
if (htLinkedkeys != null)
|
|
{
|
|
// enumerate the hashtable, getting each secret/key and change it's value
|
|
ICollection coll = htLinkedkeys.Values;
|
|
IDictionaryEnumerator ienum = (IDictionaryEnumerator)coll.GetEnumerator();
|
|
|
|
LinkedKeyInfo linkedInfo; // = (LinkedKeyInfo)ienum.Current;
|
|
|
|
while (ienum.MoveNext())
|
|
{
|
|
linkedInfo = (LinkedKeyInfo)ienum.Value;
|
|
|
|
// Get the target Secret
|
|
Secret targetSecret = keyChain.GetSecret(linkedInfo.GetLinkedSecretID());
|
|
if (targetSecret != null)
|
|
{
|
|
// get target key value
|
|
string targetKey = linkedInfo.GetLinkedKeyID();
|
|
string targetkv = targetSecret.GetKeyValue(targetKey).GetValue();
|
|
|
|
// if a change is required in the target, then call this method recursively using the TargetSecret
|
|
if (!targetkv.Equals(valStr))
|
|
{
|
|
// NOTE: ORDER IS IMPORTANT
|
|
// first change this one
|
|
targetSecret.SetKeyValue(linkedInfo.GetLinkedKeyID(), valStr);
|
|
|
|
// now call the traget to change it's linked ones
|
|
ChangeLinkedKeys(keyChain, targetSecret, targetKey, valStr);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Gives the name of operation performed. Will be used in case
|
|
* of error.
|
|
*/
|
|
public string GetVerbName()
|
|
{
|
|
CSSSLogger.ExecutionTrace(this);
|
|
return this.ToString();
|
|
}
|
|
}
|
|
}
|