Moved sequence numbers back to transport.

tyranid · tyranid · commit dfb7059932ac · 2021-08-13T08:23:14.000-07:00
diff --git a/NtApiDotNet/Win32/Rpc/Transport/RpcConnectedClientTransport.cs b/NtApiDotNet/Win32/Rpc/Transport/RpcConnectedClientTransport.cs
@@ -74,6 +74,8 @@ protected RpcConnectedClientTransport(ushort max_recv_fragment, ushort max_send_
         private int _current_context_id;
         private ushort _max_recv_fragment;
         private ushort _max_send_fragment;
+        private int _recv_sequence_no;
+        private int _send_senqunce_no;
         private BindTimeFeatureNegotiation? _bind_time_features;
         private bool _transport_bound;
         private Guid _interface_id;
@@ -147,7 +149,7 @@ private Tuple<PDUBase, AuthData> SendReceivePDU(int call_id, PDUBase send_pdu, b
                 RpcUtils.DumpBuffer(true, $"{GetType().Name} Send Buffer", fragment);
                 if (!WriteFragment(fragment))
                     throw new RpcTransportException("Failed to write out PDU buffer.");
-                security_context.SendSequenceNo++;
+                _send_senqunce_no++;
                 if (!receive_pdu)
                     return null;
 
@@ -168,7 +170,7 @@ private Tuple<PDUBase, AuthData> SendReceivePDU(int call_id, PDUBase send_pdu, b
                     throw new RpcTransportException($"Mismatching context ID - {pdu.Item3.ContextId} should be {security_context.ContextId}.");
                 }
 
-                security_context.RecvSequenceNo++;
+                _recv_sequence_no++;
 
                 return Tuple.Create(CheckFault(curr_header.ToPDU(pdu.Item2)), pdu.Item3);
             }
@@ -255,7 +257,7 @@ private byte[] SendReceiveRequestPDU(int proc_num, Guid objuuid, byte[] stub_dat
                         }
 
                         header = request_pdu.ToArray(pdu_header, stub_fragment.Length + AuthData.PDU_AUTH_DATA_HEADER_SIZE, auth_data_length);
-                        auth_data = security_context.ProtectPDU(header, ref stub_fragment, auth_data_padding);
+                        auth_data = security_context.ProtectPDU(header, ref stub_fragment, auth_data_padding, _send_senqunce_no);
                     }
 
                     MemoryStream send_stm = new MemoryStream();
@@ -268,7 +270,7 @@ private byte[] SendReceiveRequestPDU(int proc_num, Guid objuuid, byte[] stub_dat
                     RpcUtils.DumpBuffer(true, name, fragment);
                     if (!WriteFragment(fragment))
                         throw new RpcTransportException("Failed to write out PDU buffer.");
-                    security_context.SendSequenceNo++;
+                    _send_senqunce_no++;
                 }
 
                 MemoryStream recv_stm = new MemoryStream();
@@ -293,8 +295,8 @@ private byte[] SendReceiveRequestPDU(int proc_num, Guid objuuid, byte[] stub_dat
                     if (recv_pdu is PDUResponse resp_pdu)
                     {
                         byte[] resp_stub_data = auth_required ? security_context.UnprotectPDU(resp_pdu.ToArray(curr_header), 
-                            resp_pdu.StubData, auth_data) : resp_pdu.StubData;
-                        security_context.RecvSequenceNo++;
+                            resp_pdu.StubData, auth_data, _recv_sequence_no) : resp_pdu.StubData;
+                        _recv_sequence_no++;
                         recv_stm.Write(resp_stub_data, 0, resp_stub_data.Length);
                     }
                     else
diff --git a/NtApiDotNet/Win32/Rpc/Transport/RpcTransportSecurityContext.cs b/NtApiDotNet/Win32/Rpc/Transport/RpcTransportSecurityContext.cs
@@ -48,14 +48,6 @@ public sealed class RpcTransportSecurityContext
         /// The authentication level.
         /// </summary>
         public RpcAuthenticationLevel AuthenticationLevel => TransportSecurity.AuthenticationLevel;
-        /// <summary>
-        /// The current send sequence no.
-        /// </summary>
-        public int SendSequenceNo { get; internal set; }
-        /// <summary>
-        /// The current receive sequence no.
-        /// </summary>
-        public int RecvSequenceNo { get; internal set; }
 
         internal bool Authenticated => AuthContext?.Done ?? false;
         internal bool NeedAuthData => TransportSecurity.AuthenticationLevel == RpcAuthenticationLevel.PacketIntegrity ||
@@ -96,7 +88,7 @@ internal RpcTransportSecurityContext(IRpcClientTransport client_transport,
             AuthContext = transport_security.CreateClientContext();
         }
 
-        internal byte[] ProtectPDU(byte[] header, ref byte[] stub_data, int auth_padding_length)
+        internal byte[] ProtectPDU(byte[] header, ref byte[] stub_data, int auth_padding_length, int send_sequence_no)
         {
             List<SecurityBuffer> buffers = new List<SecurityBuffer>();
             buffers.Add(new SecurityBufferInOut(SecurityBufferType.Data | SecurityBufferType.ReadOnly, header));
@@ -108,11 +100,11 @@ internal byte[] ProtectPDU(byte[] header, ref byte[] stub_data, int auth_padding
             byte[] signature;
             if (TransportSecurity.AuthenticationLevel == RpcAuthenticationLevel.PacketIntegrity)
             {
-                signature = AuthContext.MakeSignature(buffers, SendSequenceNo);
+                signature = AuthContext.MakeSignature(buffers, send_sequence_no);
             }
             else
             {
-                signature = AuthContext.EncryptMessage(buffers, SecurityQualityOfProtectionFlags.None, SendSequenceNo);
+                signature = AuthContext.EncryptMessage(buffers, SecurityQualityOfProtectionFlags.None, send_sequence_no);
                 stub_data = stub_data_buffer.ToArray();
                 RpcUtils.DumpBuffer(true, "Send Encrypted Data", stub_data);
             }
@@ -121,7 +113,7 @@ internal byte[] ProtectPDU(byte[] header, ref byte[] stub_data, int auth_padding
             return AuthData.ToArray(TransportSecurity, auth_padding_length, ContextId, signature);
         }
 
-        internal byte[] UnprotectPDU(byte[] header, byte[] stub_data, AuthData auth_data)
+        internal byte[] UnprotectPDU(byte[] header, byte[] stub_data, AuthData auth_data, int recv_sequence_no)
         {
             List<SecurityBuffer> buffers = new List<SecurityBuffer>();
             buffers.Add(new SecurityBufferInOut(SecurityBufferType.Data | SecurityBufferType.ReadOnly, header));
@@ -137,14 +129,14 @@ internal byte[] UnprotectPDU(byte[] header, byte[] stub_data, AuthData auth_data
 
             if (TransportSecurity.AuthenticationLevel == RpcAuthenticationLevel.PacketIntegrity)
             {
-                if (!AuthContext.VerifySignature(buffers, signature, RecvSequenceNo))
+                if (!AuthContext.VerifySignature(buffers, signature, recv_sequence_no))
                 {
                     throw new RpcTransportException("Invalid response PDU signature.");
                 }
             }
             else
             {
-                AuthContext.DecryptMessage(buffers, signature, RecvSequenceNo);
+                AuthContext.DecryptMessage(buffers, signature, recv_sequence_no);
                 stub_data = stub_data_buffer.ToArray();
             }
 

Original file line number	Diff line number	Diff line change
`@@ -48,14 +48,6 @@ public sealed class RpcTransportSecurityContext`
`48`	`48`	`/// The authentication level.`
`49`	`49`	`/// </summary>`
`50`	`50`	`public RpcAuthenticationLevel AuthenticationLevel => TransportSecurity.AuthenticationLevel;`
`51`		`- /// <summary>`
`52`		`- /// The current send sequence no.`
`53`		`- /// </summary>`
`54`		`- public int SendSequenceNo { get; internal set; }`
`55`		`- /// <summary>`
`56`		`- /// The current receive sequence no.`
`57`		`- /// </summary>`
`58`		`- public int RecvSequenceNo { get; internal set; }`
`59`	`51`
`60`	`52`	`internal bool Authenticated => AuthContext?.Done ?? false;`
`61`	`53`	`internal bool NeedAuthData => TransportSecurity.AuthenticationLevel == RpcAuthenticationLevel.PacketIntegrity \|\|`
`@@ -96,7 +88,7 @@ internal RpcTransportSecurityContext(IRpcClientTransport client_transport,`
`96`	`88`	`AuthContext = transport_security.CreateClientContext();`
`97`	`89`	`}`
`98`	`90`
`99`		`- internal byte[] ProtectPDU(byte[] header, ref byte[] stub_data, int auth_padding_length)`
	`91`	`+ internal byte[] ProtectPDU(byte[] header, ref byte[] stub_data, int auth_padding_length, int send_sequence_no)`
`100`	`92`	`{`
`101`	`93`	`List<SecurityBuffer> buffers = new List<SecurityBuffer>();`
`102`	`94`	`buffers.Add(new SecurityBufferInOut(SecurityBufferType.Data \| SecurityBufferType.ReadOnly, header));`
`@@ -108,11 +100,11 @@ internal byte[] ProtectPDU(byte[] header, ref byte[] stub_data, int auth_padding`
`108`	`100`	`byte[] signature;`
`109`	`101`	`if (TransportSecurity.AuthenticationLevel == RpcAuthenticationLevel.PacketIntegrity)`
`110`	`102`	`{`
`111`		`- signature = AuthContext.MakeSignature(buffers, SendSequenceNo);`
	`103`	`+ signature = AuthContext.MakeSignature(buffers, send_sequence_no);`
`112`	`104`	`}`
`113`	`105`	`else`
`114`	`106`	`{`
`115`		`- signature = AuthContext.EncryptMessage(buffers, SecurityQualityOfProtectionFlags.None, SendSequenceNo);`
	`107`	`+ signature = AuthContext.EncryptMessage(buffers, SecurityQualityOfProtectionFlags.None, send_sequence_no);`
`116`	`108`	`stub_data = stub_data_buffer.ToArray();`
`117`	`109`	`RpcUtils.DumpBuffer(true, "Send Encrypted Data", stub_data);`
`118`	`110`	`}`
`@@ -121,7 +113,7 @@ internal byte[] ProtectPDU(byte[] header, ref byte[] stub_data, int auth_padding`
`121`	`113`	`return AuthData.ToArray(TransportSecurity, auth_padding_length, ContextId, signature);`
`122`	`114`	`}`
`123`	`115`
`124`		`- internal byte[] UnprotectPDU(byte[] header, byte[] stub_data, AuthData auth_data)`
	`116`	`+ internal byte[] UnprotectPDU(byte[] header, byte[] stub_data, AuthData auth_data, int recv_sequence_no)`
`125`	`117`	`{`
`126`	`118`	`List<SecurityBuffer> buffers = new List<SecurityBuffer>();`
`127`	`119`	`buffers.Add(new SecurityBufferInOut(SecurityBufferType.Data \| SecurityBufferType.ReadOnly, header));`
`@@ -137,14 +129,14 @@ internal byte[] UnprotectPDU(byte[] header, byte[] stub_data, AuthData auth_data`
`137`	`129`
`138`	`130`	`if (TransportSecurity.AuthenticationLevel == RpcAuthenticationLevel.PacketIntegrity)`
`139`	`131`	`{`
`140`		`- if (!AuthContext.VerifySignature(buffers, signature, RecvSequenceNo))`
	`132`	`+ if (!AuthContext.VerifySignature(buffers, signature, recv_sequence_no))`
`141`	`133`	`{`
`142`	`134`	`throw new RpcTransportException("Invalid response PDU signature.");`
`143`	`135`	`}`
`144`	`136`	`}`
`145`	`137`	`else`
`146`	`138`	`{`
`147`		`- AuthContext.DecryptMessage(buffers, signature, RecvSequenceNo);`
	`139`	`+ AuthContext.DecryptMessage(buffers, signature, recv_sequence_no);`
`148`	`140`	`stub_data = stub_data_buffer.ToArray();`
`149`	`141`	`}`
`150`	`142`