aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/Common/OpenSim.Framework/Remoting.cs
diff options
context:
space:
mode:
authorAdam Frisby2007-07-11 08:02:47 +0000
committerAdam Frisby2007-07-11 08:02:47 +0000
commit5c7ffdde0b9642a42e8f5987e06eb01220ff7776 (patch)
tree4b825dc642cb6eb9a060e54bf8d69288fbee4904 /Common/OpenSim.Framework/Remoting.cs
parentWho would have known that the only way of specifying utf-8 without preamble, ... (diff)
downloadopensim-SC-5c7ffdde0b9642a42e8f5987e06eb01220ff7776.zip
opensim-SC-5c7ffdde0b9642a42e8f5987e06eb01220ff7776.tar.gz
opensim-SC-5c7ffdde0b9642a42e8f5987e06eb01220ff7776.tar.bz2
opensim-SC-5c7ffdde0b9642a42e8f5987e06eb01220ff7776.tar.xz
* Wiping trunk in prep for Sugilite
Diffstat (limited to 'Common/OpenSim.Framework/Remoting.cs')
-rw-r--r--Common/OpenSim.Framework/Remoting.cs137
1 files changed, 0 insertions, 137 deletions
diff --git a/Common/OpenSim.Framework/Remoting.cs b/Common/OpenSim.Framework/Remoting.cs
deleted file mode 100644
index 660cdde..0000000
--- a/Common/OpenSim.Framework/Remoting.cs
+++ /dev/null
@@ -1,137 +0,0 @@
1/*
2* Copyright (c) Contributors, http://www.openmetaverse.org/
3* See CONTRIBUTORS.TXT for a full list of copyright holders.
4*
5* Redistribution and use in source and binary forms, with or without
6* modification, are permitted provided that the following conditions are met:
7* * Redistributions of source code must retain the above copyright
8* notice, this list of conditions and the following disclaimer.
9* * Redistributions in binary form must reproduce the above copyright
10* notice, this list of conditions and the following disclaimer in the
11* documentation and/or other materials provided with the distribution.
12* * Neither the name of the OpenSim Project nor the
13* names of its contributors may be used to endorse or promote products
14* derived from this software without specific prior written permission.
15*
16* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS AND ANY
17* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26*
27*/
28
29using System;
30using System.Collections.Generic;
31using System.Text;
32using System.Security.Cryptography;
33
34namespace OpenSim.Framework
35{
36 /// <summary>
37 /// NEEDS AUDIT.
38 /// </summary>
39 /// <remarks>
40 /// Suggested implementation
41 /// <para>Store two digests for each foreign host. A local copy of the local hash using the local challenge (when issued), and a local copy of the remote hash using the remote challenge.</para>
42 /// <para>When sending data to the foreign host - run 'Sign' on the data and affix the returned byte[] to the message.</para>
43 /// <para>When recieving data from the foreign host - run 'Authenticate' against the data and the attached byte[].</para>
44 /// <para>Both hosts should be performing these operations for this to be effective.</para>
45 /// </remarks>
46 class RemoteDigest
47 {
48 private byte[] currentHash;
49 private byte[] secret;
50
51 private SHA512Managed SHA512;
52
53 /// <summary>
54 /// Initialises a new RemoteDigest authentication mechanism
55 /// </summary>
56 /// <remarks>Needs an audit by a cryptographic professional - was not "roll your own"'d by choice but rather a serious lack of decent authentication mechanisms in .NET remoting</remarks>
57 /// <param name="sharedSecret">The shared secret between systems (for inter-sim, this is provided in encrypted form during connection, for grid this is input manually in setup)</param>
58 /// <param name="salt">Binary salt - some common value - to be decided what</param>
59 /// <param name="challenge">The challenge key provided by the third party</param>
60 public RemoteDigest(string sharedSecret, byte[] salt, string challenge)
61 {
62 SHA512 = new SHA512Managed();
63 Rfc2898DeriveBytes RFC2898 = new Rfc2898DeriveBytes(sharedSecret,salt);
64 secret = RFC2898.GetBytes(512);
65 ASCIIEncoding ASCII = new ASCIIEncoding();
66
67 currentHash = SHA512.ComputeHash(AppendArrays(secret, ASCII.GetBytes(challenge)));
68 }
69
70 /// <summary>
71 /// Authenticates a piece of incoming data against the local digest. Upon successful authentication, digest string is incremented.
72 /// </summary>
73 /// <param name="data">The incoming data</param>
74 /// <param name="digest">The remote digest</param>
75 /// <returns></returns>
76 public bool Authenticate(byte[] data, byte[] digest)
77 {
78 byte[] newHash = SHA512.ComputeHash(AppendArrays(AppendArrays(currentHash, secret), data));
79 if (digest == newHash)
80 {
81 currentHash = newHash;
82 return true;
83 }
84 else
85 {
86 throw new Exception("Hash comparison failed. Key resync required.");
87 }
88 }
89
90 /// <summary>
91 /// Signs a new bit of data with the current hash. Returns a byte array which should be affixed to the message.
92 /// Signing a piece of data will automatically increment the hash - if you sign data and do not send it, the
93 /// hashes will get out of sync and throw an exception when validation is attempted.
94 /// </summary>
95 /// <param name="data">The outgoing data</param>
96 /// <returns>The local digest</returns>
97 public byte[] Sign(byte[] data)
98 {
99 currentHash = SHA512.ComputeHash(AppendArrays(AppendArrays(currentHash, secret), data));
100 return currentHash;
101 }
102
103 /// <summary>
104 /// Generates a new challenge string to be issued to a foreign host. Challenges are 1024-bit (effective strength of less than 512-bits) messages generated using the Crytographic Random Number Generator.
105 /// </summary>
106 /// <returns>A 128-character hexadecimal string containing the challenge.</returns>
107 public static string GenerateChallenge()
108 {
109 RNGCryptoServiceProvider RNG = new RNGCryptoServiceProvider();
110 byte[] bytes = new byte[64];
111 RNG.GetBytes(bytes);
112
113 StringBuilder sb = new StringBuilder(bytes.Length * 2);
114 foreach (byte b in bytes)
115 {
116 sb.AppendFormat("{0:x2}", b);
117 }
118 return sb.ToString();
119 }
120
121 /// <summary>
122 /// Helper function, merges two byte arrays
123 /// </summary>
124 /// <remarks>Sourced from MSDN Forum</remarks>
125 /// <param name="a">A</param>
126 /// <param name="b">B</param>
127 /// <returns>C</returns>
128 private byte[] AppendArrays(byte[] a, byte[] b)
129 {
130 byte[] c = new byte[a.Length + b.Length];
131 Buffer.BlockCopy(a, 0, c, 0, a.Length);
132 Buffer.BlockCopy(b, 0, c, a.Length, b.Length);
133 return c;
134 }
135
136 }
137}