Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / infocard / Service / managed / Microsoft / InfoCards / RecipientIdentity.cs / 2 / RecipientIdentity.cs
//------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace Microsoft.InfoCards
{
using System;
using System.Diagnostics;
using System.Globalization;
using System.ServiceModel;
using System.Security.Cryptography.X509Certificates;
using System.IdentityModel.Tokens;
using System.Security.Cryptography;
using System.Text;
using IDT = Microsoft.InfoCards.Diagnostics.InfoCardTrace;
//
// Summary
// This class is the base class for a recipient identity. The base identity is DNS.
//
internal class RecipientIdentity
{
EndpointAddress m_address;
string m_identifier = string.Empty;
string m_organizationIdentifier = string.Empty;
string m_organizationPPIDIdentifier = string.Empty;
bool m_hasBeenValidated = false;
public static RecipientIdentity CreateIdentity( EndpointAddress epr, bool validate )
{
if( epr.Identity is X509CertificateEndpointIdentity )
{
if( null == ( (X509CertificateEndpointIdentity)epr.Identity ).Certificates || ( (X509CertificateEndpointIdentity)epr.Identity ).Certificates.Count < 1 )
{
throw IDT.ThrowHelperError( new PolicyValidationException() );
}
RecipientIdentity id = new X509RecipientIdentity( epr, ( (X509CertificateEndpointIdentity)epr.Identity ).Certificates );
if( validate )
{
id.Validate();
}
return id;
}
else if( null == epr.Identity )
{
RecipientIdentity id = new RecipientIdentity( epr );
if( validate )
{
id.Validate();
}
return id;
}
else
{
throw IDT.ThrowHelperError( new IdentityValidationException( SR.GetString( SR.UnsupportedIdentityType ) ) );
}
}
public RecipientIdentity( EndpointAddress epr )
{
m_address = epr;
}
public EndpointAddress Address
{
get { return m_address; }
}
protected bool HasBeenValidated
{
set { m_hasBeenValidated = value; }
get { return m_hasBeenValidated; }
}
protected string Identifier
{
set { m_identifier = value; }
}
protected string OrganizationIdentifier
{
set { m_organizationIdentifier = value; }
}
protected string OrganizationPPIDIdentifier
{
set { m_organizationPPIDIdentifier = value; }
}
public virtual void Validate()
{
if( !m_hasBeenValidated )
{
using( SHA256 sha = new SHA256Managed() )
{
m_identifier = Convert.ToBase64String( sha.ComputeHash( Encoding.Unicode.GetBytes( m_address.Uri.Host ) ) );
m_organizationIdentifier = m_identifier;
m_organizationPPIDIdentifier = m_identifier;
}
m_hasBeenValidated = true;
}
}
public virtual string GetIdentifier()
{
IDT.Assert( HasBeenValidated, "Identity has not been validated" );
return m_identifier;
}
public virtual string GetOrganizationIdentifier()
{
IDT.Assert( HasBeenValidated, "Identity has not been validated" );
return m_organizationIdentifier;
}
public virtual string GetOrganizationPPIDIdentifier()
{
IDT.Assert( HasBeenValidated, "Identity has not been validated" );
return m_organizationPPIDIdentifier;
}
public virtual string GetName()
{
return m_address.Uri.Host;
}
}
//
// Summary
// This class represents an X509 based recipient identity.
//
internal class X509RecipientIdentity : RecipientIdentity
{
X509Certificate2Collection m_certificates;
Recipient.RecipientCertParameters m_recipientParams;
bool isChainTrusted = false;
public Recipient.RecipientCertParameters RecipientParams
{
get
{
return m_recipientParams;
}
}
public X509Certificate2 LeafCertificate
{
get { return m_certificates[ 0 ]; }
}
public X509RecipientIdentity( EndpointAddress epr, X509Certificate2Collection certificates )
: base( epr )
{
m_certificates = certificates;
}
public override void Validate()
{
if( !HasBeenValidated )
{
isChainTrusted = ValidateCertificate();
Identifier = Microsoft.InfoCards.Recipient.CertGetRecipientIdHash( LeafCertificate,
m_certificates,
isChainTrusted,
out m_recipientParams );
OrganizationIdentifier = Microsoft.InfoCards.Recipient.CertGetRecipientOrganizationIdHash( LeafCertificate, m_certificates, ValidateCertificate() );
OrganizationPPIDIdentifier = Microsoft.InfoCards.Recipient.CertGetRecipientOrganizationPPIDSeedHash( LeafCertificate, m_certificates, ValidateCertificate() );
HasBeenValidated = true;
}
}
public override string GetName()
{
string name = LeafCertificate.FriendlyName;
if( string.IsNullOrEmpty( name ) )
{
name = LeafCertificate.GetNameInfo( X509NameType.SimpleName, false );
}
return name;
}
//
// Summary:
// Verify that the chain for the RP certificate is trusted.
// Either machine or user roots are ok.
// If not, try peer trust.
//
// Returns
// True if the recipient is chain trusted
//
private bool ValidateCertificate()
{
bool isCertChainTrusted = false;
try
{
InfoCardX509Validator.ValidateChainOrPeer( LeafCertificate, m_certificates, out isCertChainTrusted );
}
catch( SecurityTokenValidationException validationE )
{
throw IDT.ThrowHelperError(
new IdentityValidationException(
SR.GetString( SR.RecipientCertificateNotValid ), validationE ) );
}
return isCertChainTrusted;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- SoapElementAttribute.cs
- COM2EnumConverter.cs
- TextRange.cs
- SelectionRange.cs
- ProfileParameter.cs
- WebConfigurationHostFileChange.cs
- securestring.cs
- XsltContext.cs
- DataGridViewButtonColumn.cs
- EmptyImpersonationContext.cs
- DemultiplexingClientMessageFormatter.cs
- CachedTypeface.cs
- FormParameter.cs
- CodeMemberEvent.cs
- ListViewItem.cs
- BindingContext.cs
- TrackingDataItemValue.cs
- LiteralSubsegment.cs
- TabControlToolboxItem.cs
- PageClientProxyGenerator.cs
- IisTraceWebEventProvider.cs
- VBCodeProvider.cs
- LambdaCompiler.cs
- TransformerTypeCollection.cs
- ChannelSinkStacks.cs
- SchemaElementDecl.cs
- SHA1CryptoServiceProvider.cs
- PreviewControlDesigner.cs
- XamlReader.cs
- DefaultPropertiesToSend.cs
- EdmItemCollection.cs
- PageAdapter.cs
- CompileXomlTask.cs
- NameValueFileSectionHandler.cs
- SafeEventLogWriteHandle.cs
- DependencyPropertyKind.cs
- CodeAssignStatement.cs
- PngBitmapDecoder.cs
- MachineSettingsSection.cs
- FactoryRecord.cs
- ButtonBaseDesigner.cs
- Polygon.cs
- XmlSchemaAttribute.cs
- ViewLoader.cs
- HelpKeywordAttribute.cs
- RepeatButton.cs
- NumericUpDown.cs
- MimeObjectFactory.cs
- LassoSelectionBehavior.cs
- ToolboxBitmapAttribute.cs
- EventEntry.cs
- DataBoundControl.cs
- SizeKeyFrameCollection.cs
- LassoSelectionBehavior.cs
- DataGridSortCommandEventArgs.cs
- EmptyReadOnlyDictionaryInternal.cs
- DeflateEmulationStream.cs
- Identity.cs
- DiscoveryMessageProperty.cs
- StreamedFramingRequestChannel.cs
- XmlObjectSerializerReadContext.cs
- StatusBarPanel.cs
- SHA1Managed.cs
- PasswordTextContainer.cs
- XmlHierarchicalDataSourceView.cs
- WindowsListViewGroupSubsetLink.cs
- _AuthenticationState.cs
- FakeModelPropertyImpl.cs
- HostExecutionContextManager.cs
- PrincipalPermission.cs
- OleStrCAMarshaler.cs
- ComponentConverter.cs
- LoadRetryConstantStrategy.cs
- FontUnit.cs
- FixUpCollection.cs
- DataListItem.cs
- RegexCaptureCollection.cs
- FormsAuthenticationCredentials.cs
- WorkflowTerminatedException.cs
- SqlDependencyUtils.cs
- Pair.cs
- DataServiceSaveChangesEventArgs.cs
- SmtpMail.cs
- QuaternionConverter.cs
- OrthographicCamera.cs
- AppDomainProtocolHandler.cs
- RequestCacheValidator.cs
- PrimitiveXmlSerializers.cs
- MarkupCompiler.cs
- RegistrationServices.cs
- DiscardableAttribute.cs
- StoreConnection.cs
- CapiSymmetricAlgorithm.cs
- DeviceContexts.cs
- TrackBarRenderer.cs
- ReaderOutput.cs
- ValidateNames.cs
- DifferencingCollection.cs
- TypefaceCollection.cs
- SerializationInfoEnumerator.cs