1 files changed, 0 insertions, 137 deletions
diff --git a/Common/OpenSim.Framework/Remoting.cs b/Common/OpenSim.Framework/Remoting.cs
deleted file mode 100644
index 660cdde..0000000
--- a/Common/OpenSim.Framework/Remoting.cs
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
-* Copyright (c) Contributors, http://www.openmetaverse.org/
-* See CONTRIBUTORS.TXT for a full list of copyright holders.
-*
-* Redistribution and use in source and binary forms, with or without
-* modification, are permitted provided that the following conditions are met:
-*     * Redistributions of source code must retain the above copyright
-*       notice, this list of conditions and the following disclaimer.
-*     * Redistributions in binary form must reproduce the above copyright
-*       notice, this list of conditions and the following disclaimer in the
-*       documentation and/or other materials provided with the distribution.
-*     * Neither the name of the OpenSim Project nor the
-*       names of its contributors may be used to endorse or promote products
-*       derived from this software without specific prior written permission.
-*
-* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS AND ANY
-* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
-* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-* 
-*/
-using System;
-using System.Collections.Generic;
-using System.Text;
-using System.Security.Cryptography;
-namespace OpenSim.Framework
-{
-    /// <summary>
-    /// NEEDS AUDIT.
-    /// </summary>
-    /// <remarks>
-    /// Suggested implementation
-    /// <para>Store two digests for each foreign host. A local copy of the local hash using the local challenge (when issued), and a local copy of the remote hash using the remote challenge.</para>
-    /// <para>When sending data to the foreign host - run 'Sign' on the data and affix the returned byte[] to the message.</para>
-    /// <para>When recieving data from the foreign host - run 'Authenticate' against the data and the attached byte[].</para>
-    /// <para>Both hosts should be performing these operations for this to be effective.</para>
-    /// </remarks>
-    class RemoteDigest
-    {
-        private byte[] currentHash;
-        private byte[] secret;
-        private SHA512Managed SHA512;
-        /// <summary>
-        /// Initialises a new RemoteDigest authentication mechanism
-        /// </summary>
-        /// <remarks>Needs an audit by a cryptographic professional - was not "roll your own"'d by choice but rather a serious lack of decent authentication mechanisms in .NET remoting</remarks>
-        /// <param name="sharedSecret">The shared secret between systems (for inter-sim, this is provided in encrypted form during connection, for grid this is input manually in setup)</param>
-        /// <param name="salt">Binary salt - some common value - to be decided what</param>
-        /// <param name="challenge">The challenge key provided by the third party</param>
-        public RemoteDigest(string sharedSecret, byte[] salt, string challenge)
-        {
-            SHA512 = new SHA512Managed();
-            Rfc2898DeriveBytes RFC2898 = new Rfc2898DeriveBytes(sharedSecret,salt);
-            secret = RFC2898.GetBytes(512);
-            ASCIIEncoding ASCII = new ASCIIEncoding();
-            currentHash = SHA512.ComputeHash(AppendArrays(secret, ASCII.GetBytes(challenge)));
-        }
-        /// <summary>
-        /// Authenticates a piece of incoming data against the local digest. Upon successful authentication, digest string is incremented.
-        /// </summary>
-        /// <param name="data">The incoming data</param>
-        /// <param name="digest">The remote digest</param>
-        /// <returns></returns>
-        public bool Authenticate(byte[] data, byte[] digest)
-        {
-            byte[] newHash = SHA512.ComputeHash(AppendArrays(AppendArrays(currentHash, secret), data));
-            if (digest == newHash)
-            {
-                currentHash = newHash;
-                return true;
-            }
-            else
-            {
-                throw new Exception("Hash comparison failed. Key resync required.");
-            }
-        }
-        /// <summary>
-        /// Signs a new bit of data with the current hash. Returns a byte array which should be affixed to the message.
-        /// Signing a piece of data will automatically increment the hash - if you sign data and do not send it, the 
-        /// hashes will get out of sync and throw an exception when validation is attempted.
-        /// </summary>
-        /// <param name="data">The outgoing data</param>
-        /// <returns>The local digest</returns>
-        public byte[] Sign(byte[] data)
-        {
-            currentHash = SHA512.ComputeHash(AppendArrays(AppendArrays(currentHash, secret), data));
-            return currentHash;
-        }
-        /// <summary>
-        /// Generates a new challenge string to be issued to a foreign host. Challenges are 1024-bit (effective strength of less than 512-bits) messages generated using the Crytographic Random Number Generator.
-        /// </summary>
-        /// <returns>A 128-character hexadecimal string containing the challenge.</returns>
-        public static string GenerateChallenge()
-        {
-            RNGCryptoServiceProvider RNG = new RNGCryptoServiceProvider();
-            byte[] bytes = new byte[64];
-            RNG.GetBytes(bytes);
-            StringBuilder sb = new StringBuilder(bytes.Length * 2);
-            foreach (byte b in bytes)
-            {
-                sb.AppendFormat("{0:x2}", b);
-            }
-            return sb.ToString();
-        }
-        /// <summary>
-        /// Helper function, merges two byte arrays
-        /// </summary>
-        /// <remarks>Sourced from MSDN Forum</remarks>
-        /// <param name="a">A</param>
-        /// <param name="b">B</param>
-        /// <returns>C</returns>
-        private byte[] AppendArrays(byte[] a, byte[] b)
-        {
-            byte[] c = new byte[a.Length + b.Length];
-            Buffer.BlockCopy(a, 0, c, 0, a.Length);
-            Buffer.BlockCopy(b, 0, c, a.Length, b.Length);
-            return c;
-        }
-    }
-}

diff --git a/Common/OpenSim.Framework/Remoting.cs b/Common/OpenSim.Framework/Remoting.cs deleted file mode 100644 index 660cdde..0000000 --- a/Common/OpenSim.Framework/Remoting.cs +++ /dev/null
@@ -1,137 +0,0 @@
1	/*
2	* Copyright (c) Contributors, http://www.openmetaverse.org/
3	* See CONTRIBUTORS.TXT for a full list of copyright holders.
4	*
5	* Redistribution and use in source and binary forms, with or without
6	* modification, are permitted provided that the following conditions are met:
7	* * Redistributions of source code must retain the above copyright
8	* notice, this list of conditions and the following disclaimer.
9	* * Redistributions in binary form must reproduce the above copyright
10	* notice, this list of conditions and the following disclaimer in the
11	* documentation and/or other materials provided with the distribution.
12	* * Neither the name of the OpenSim Project nor the
13	* names of its contributors may be used to endorse or promote products
14	* derived from this software without specific prior written permission.
15	*
16	* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS AND ANY
17	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19	* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26	*
27	*/
28
29	using System;
30	using System.Collections.Generic;
31	using System.Text;
32	using System.Security.Cryptography;
33
34	namespace OpenSim.Framework
35	{
36	/// <summary>
37	/// NEEDS AUDIT.
38	/// </summary>
39	/// <remarks>
40	/// Suggested implementation
41	/// <para>Store two digests for each foreign host. A local copy of the local hash using the local challenge (when issued), and a local copy of the remote hash using the remote challenge.</para>
42	/// <para>When sending data to the foreign host - run 'Sign' on the data and affix the returned byte[] to the message.</para>
43	/// <para>When recieving data from the foreign host - run 'Authenticate' against the data and the attached byte[].</para>
44	/// <para>Both hosts should be performing these operations for this to be effective.</para>
45	/// </remarks>
46	class RemoteDigest
47	{
48	private byte[] currentHash;
49	private byte[] secret;
50
51	private SHA512Managed SHA512;
52
53	/// <summary>
54	/// Initialises a new RemoteDigest authentication mechanism
55	/// </summary>
56	/// <remarks>Needs an audit by a cryptographic professional - was not "roll your own"'d by choice but rather a serious lack of decent authentication mechanisms in .NET remoting</remarks>
57	/// <param name="sharedSecret">The shared secret between systems (for inter-sim, this is provided in encrypted form during connection, for grid this is input manually in setup)</param>
58	/// <param name="salt">Binary salt - some common value - to be decided what</param>
59	/// <param name="challenge">The challenge key provided by the third party</param>
60	public RemoteDigest(string sharedSecret, byte[] salt, string challenge)
61	{
62	SHA512 = new SHA512Managed();
63	Rfc2898DeriveBytes RFC2898 = new Rfc2898DeriveBytes(sharedSecret,salt);
64	secret = RFC2898.GetBytes(512);
65	ASCIIEncoding ASCII = new ASCIIEncoding();
66
67	currentHash = SHA512.ComputeHash(AppendArrays(secret, ASCII.GetBytes(challenge)));
68	}
69
70	/// <summary>
71	/// Authenticates a piece of incoming data against the local digest. Upon successful authentication, digest string is incremented.
72	/// </summary>
73	/// <param name="data">The incoming data</param>
74	/// <param name="digest">The remote digest</param>
75	/// <returns></returns>
76	public bool Authenticate(byte[] data, byte[] digest)
77	{
78	byte[] newHash = SHA512.ComputeHash(AppendArrays(AppendArrays(currentHash, secret), data));
79	if (digest == newHash)
80	{
81	currentHash = newHash;
82	return true;
83	}
84	else
85	{
86	throw new Exception("Hash comparison failed. Key resync required.");
87	}
88	}
89
90	/// <summary>
91	/// Signs a new bit of data with the current hash. Returns a byte array which should be affixed to the message.
92	/// Signing a piece of data will automatically increment the hash - if you sign data and do not send it, the
93	/// hashes will get out of sync and throw an exception when validation is attempted.
94	/// </summary>
95	/// <param name="data">The outgoing data</param>
96	/// <returns>The local digest</returns>
97	public byte[] Sign(byte[] data)
98	{
99	currentHash = SHA512.ComputeHash(AppendArrays(AppendArrays(currentHash, secret), data));
100	return currentHash;
101	}
102
103	/// <summary>
104	/// Generates a new challenge string to be issued to a foreign host. Challenges are 1024-bit (effective strength of less than 512-bits) messages generated using the Crytographic Random Number Generator.
105	/// </summary>
106	/// <returns>A 128-character hexadecimal string containing the challenge.</returns>
107	public static string GenerateChallenge()
108	{
109	RNGCryptoServiceProvider RNG = new RNGCryptoServiceProvider();
110	byte[] bytes = new byte[64];
111	RNG.GetBytes(bytes);
112
113	StringBuilder sb = new StringBuilder(bytes.Length * 2);
114	foreach (byte b in bytes)
115	{
116	sb.AppendFormat("{0:x2}", b);
117	}
118	return sb.ToString();
119	}
120
121	/// <summary>
122	/// Helper function, merges two byte arrays
123	/// </summary>
124	/// <remarks>Sourced from MSDN Forum</remarks>
125	/// <param name="a">A</param>
126	/// <param name="b">B</param>
127	/// <returns>C</returns>
128	private byte[] AppendArrays(byte[] a, byte[] b)
129	{
130	byte[] c = new byte[a.Length + b.Length];
131	Buffer.BlockCopy(a, 0, c, 0, a.Length);
132	Buffer.BlockCopy(b, 0, c, a.Length, b.Length);
133	return c;
134	}
135
136	}
137	}