Beispiel #1
0
        /// <summary>
        /// Initialize with settings
        /// </summary>
        /// <param name="settings">pipeline settings</param>
        public void Init(MultiSourceAnchorResolverSettings settings)
        {
            if (settings == null)
            {
                throw new ArgumentNullException("settings");
            }

            //
            // We will combine the individual certificate resolvers for each TrustAnchorResolver
            //
            m_inbound  = new AnchorCertificateResolvers();
            m_outbound = new AnchorCertificateResolvers();

            foreach (TrustAnchorResolverSettings anchorSettings in settings.Resolvers)
            {
                ITrustAnchorResolver resolver = anchorSettings.CreateResolver();
                if (resolver.IncomingAnchors != null)
                {
                    m_inbound.Add(resolver.IncomingAnchors);
                }
                if (resolver.OutgoingAnchors != null)
                {
                    m_outbound.Add(resolver.OutgoingAnchors);
                }
            }
        }
Beispiel #2
0
        void Verify(TrustAnchorSettings settings)
        {
            Assert.NotNull(settings.Resolver);
            Assert.DoesNotThrow(() => settings.Validate());

            AnchorServiceResolverSettings serviceResolverSettings = settings.Resolver as AnchorServiceResolverSettings;

            if (serviceResolverSettings != null)
            {
                Assert.False(serviceResolverSettings.OrgCertificatesOnly);
            }

            ITrustAnchorResolver resolver = null;

            Assert.DoesNotThrow(() => resolver = settings.Resolver.CreateResolver());
            Assert.NotNull(resolver);

            if (serviceResolverSettings != null)
            {
                ConfigAnchorResolver serviceResolver = (ConfigAnchorResolver)resolver;
                Assert.False(serviceResolver.OrgCertificatesOnly);

                Assert.False(((CertificateResolver)serviceResolver.IncomingAnchors).OrgCertificatesOnly);
                Assert.False(((CertificateResolver)serviceResolver.OutgoingAnchors).OrgCertificatesOnly);

                serviceResolverSettings.OrgCertificatesOnly = true;
                serviceResolver = (ConfigAnchorResolver)serviceResolverSettings.CreateResolver();

                Assert.True(((CertificateResolver)serviceResolver.IncomingAnchors).OrgCertificatesOnly);
                Assert.True(((CertificateResolver)serviceResolver.OutgoingAnchors).OrgCertificatesOnly);
            }
        }
Beispiel #3
0
 /// <summary>
 /// Creates a DirectAgent instance, specifying private, external and trust anchor certificate stores, and
 /// and defaulting to the standard trust and cryptography models.
 /// </summary>
 /// <param name="domainResolver">
 /// An <see cref="IDomainResolver"/> instance providing array of local domain name managed by this agent.
 /// </param>
 /// <param name="privateCerts">
 /// An <see cref="ICertificateResolver"/> instance providing private certificates
 /// for senders of outgoing messages and receivers of incoming messages.
 /// </param>
 /// <param name="publicCerts">
 /// An <see cref="ICertificateResolver"/> instance providing public certificates
 /// for receivers of outgoing messages and senders of incoming messages.
 /// </param>
 /// <param name="anchors">
 /// An <see cref="ITrustAnchorResolver"/> instance providing trust anchors.
 /// </param>
 public DirectAgent(IDomainResolver domainResolver,
                    ICertificateResolver privateCerts,
                    ICertificateResolver publicCerts,
                    ITrustAnchorResolver anchors)
     : this(domainResolver, privateCerts,
            publicCerts,
            anchors,
            TrustModel.Default,
            SMIMECryptographer.Default)
 {
 }
Beispiel #4
0
 /// <summary>
 /// Creates a DirectAgent instance, specifying private, external and trust anchor certificate stores, and
 /// and defaulting to the standard trust and cryptography models.
 /// </summary>
 /// <param name="domain">
 /// The local domain name managed by this agent.
 /// </param>
 /// <param name="privateCerts">
 /// An <see cref="ICertificateResolver"/> instance providing private certificates
 /// for senders of outgoing messages and receivers of incoming messages.
 /// </param>
 /// <param name="publicCerts">
 /// An <see cref="ICertificateResolver"/> instance providing public certificates
 /// for receivers of outgoing messages and senders of incoming messages.
 /// </param>
 /// <param name="anchors">
 /// An <see cref="ITrustAnchorResolver"/> instance providing trust anchors.
 /// </param>
 public DirectAgent(string domain,
                    ICertificateResolver privateCerts,
                    ICertificateResolver publicCerts,
                    ITrustAnchorResolver anchors)
     : this(new StaticDomainResolver(domain),
            privateCerts,
            publicCerts,
            anchors,
            TrustModel.Default,
            SMIMECryptographer.Default)
 {
 }
Beispiel #5
0
 /// <summary>
 /// Creates a DirectAgent instance, specifying private, external and trust anchor certificate stores, and
 /// trust and cryptography models.
 /// </summary>
 /// <param name="domainResolver">
 /// An <see cref="IDomainResolver"/> instance providing array of local domain name managed by this agent.
 /// </param>
 /// <param name="privateCerts">
 /// An <see cref="ICertificateResolver"/> instance providing private certificates
 /// for senders of outgoing messages and receivers of incoming messages.
 /// </param>
 /// <param name="publicCerts">
 /// An <see cref="ICertificateResolver"/> instance providing public certificates
 /// for receivers of outgoing messages and senders of incoming messages.
 /// </param>
 /// <param name="anchors">
 /// An <see cref="ITrustAnchorResolver"/> instance providing trust anchors.
 /// </param>
 /// <param name="trustModel">
 /// An instance or subclass of <see cref="SMIMECryptographer"/> providing a custom trust model.
 /// </param>
 /// <param name="cryptographer">
 /// An instance or subclass of <see cref="Health.Direct.Agent"/> providing a custom cryptography model.
 /// </param>
 public DirectAgent(IDomainResolver domainResolver,
                    ICertificateResolver privateCerts,
                    ICertificateResolver publicCerts,
                    ITrustAnchorResolver anchors,
                    TrustModel trustModel,
                    ISmimeCryptographer cryptographer)
     : this(domainResolver,
            privateCerts,
            publicCerts,
            anchors,
            trustModel,
            cryptographer,
            CertPolicyResolvers.Default)
 {
 }
Beispiel #6
0
        /// <summary>
        /// Creates a DirectAgent instance, specifying private, external and trust anchor certificate stores, and
        /// trust and cryptography models.
        /// </summary>
        /// <param name="domainResolver">
        /// An <see cref="IDomainResolver"/> instance providing array of local domain name managed by this agent.
        /// </param>
        /// <param name="privateCerts">
        /// An <see cref="ICertificateResolver"/> instance providing private certificates
        /// for senders of outgoing messages and receivers of incoming messages.
        /// </param>
        /// <param name="publicCerts">
        /// An <see cref="ICertificateResolver"/> instance providing public certificates
        /// for receivers of outgoing messages and senders of incoming messages.
        /// </param>
        /// <param name="anchors">
        /// An <see cref="ITrustAnchorResolver"/> instance providing trust anchors.
        /// </param>
        /// <param name="trustModel">
        /// An instance or subclass of <see cref="SMIMECryptographer"/> providing a custom trust model.
        /// </param>
        /// <param name="cryptographer">
        /// An instance or subclass of <see cref="Health.Direct.Agent"/> providing a custom cryptography model.
        /// </param>
        /// <param name="certPolicyResolvers">Certificate <see cref="ICertPolicyResolvers">policy container</see></param>
        public DirectAgent(IDomainResolver domainResolver,
                           ICertificateResolver privateCerts,
                           ICertificateResolver publicCerts,
                           ITrustAnchorResolver anchors,
                           TrustModel trustModel,
                           ISmimeCryptographer cryptographer,
                           ICertPolicyResolvers certPolicyResolvers)
        {
            m_managedDomains = new AgentDomains(domainResolver);

            if (privateCerts == null)
            {
                throw new ArgumentNullException("privateCerts");
            }
            if (publicCerts == null)
            {
                throw new ArgumentNullException("publicCerts");
            }
            if (anchors == null)
            {
                throw new ArgumentNullException("anchors");
            }
            if (trustModel == null)
            {
                throw new ArgumentNullException("trustModel");
            }
            if (cryptographer == null)
            {
                throw new ArgumentNullException("cryptographer");
            }

            m_privateCertResolver = privateCerts;
            m_publicCertResolver  = publicCerts;
            m_cryptographer       = cryptographer;
            m_trustAnchors        = anchors;
            m_trustModel          = trustModel;
            if (!m_trustModel.CertChainValidator.HasCertificateResolver)
            {
                m_trustModel.CertChainValidator.IssuerResolver = m_publicCertResolver;
            }

            m_minTrustRequirement = TrustEnforcementStatus.Success;

            m_privatePolicyResolver = certPolicyResolvers.PrivateResolver;
            m_publicPolicyResolver  = certPolicyResolvers.PublicResolver;
        }
Beispiel #7
0
        /// <summary>
        /// Creates a agent from settings.
        /// </summary>
        /// <returns>The configured agent instance.</returns>
        public DirectAgent CreateAgent()
        {
            this.Validate();

            ICertificateResolver privateCerts  = this.PrivateCerts.CreateResolver();
            ICertificateResolver publicCerts   = this.PublicCerts.CreateResolver();
            ITrustAnchorResolver trustAnchors  = this.Anchors.Resolver.CreateResolver();
            TrustModel           trustModel    = (this.Trust != null) ? this.Trust.CreateTrustModel() : TrustModel.Default;
            SMIMECryptographer   cryptographer = this.Cryptographer.Create();

            IDomainResolver domainResolver = this.CreateResolver();

            DirectAgent agent = new DirectAgent(domainResolver, privateCerts, publicCerts, trustAnchors, trustModel, cryptographer);

            agent.AllowNonWrappedIncoming = m_allowNonWrappedIncoming;
            agent.WrapMessages            = m_wrapOutgoing;

            return(agent);
        }
        public void Init(PluginDefinition pluginDef)
        {
            MachineAnchorResolverSettings settings = pluginDef.DeserializeSettings <MachineAnchorResolverSettings>();

            m_inner = settings.CreateResolver();
        }
Beispiel #9
0
 /// <summary>
 /// Creates a DirectAgent instance, specifying private, external and trust anchor certificate stores, and
 /// and defaulting to the standard trust and cryptography models.
 /// </summary>
 /// <param name="domainResolver">
 /// An <see cref="IDomainResolver"/> instance providing array of local domain name managed by this agent.
 /// </param>
 /// <param name="privateCerts">
 /// An <see cref="ICertificateResolver"/> instance providing private certificates
 /// for senders of outgoing messages and receivers of incoming messages.
 /// </param>
 /// <param name="publicCerts">
 /// An <see cref="ICertificateResolver"/> instance providing public certificates
 /// for receivers of outgoing messages and senders of incoming messages.
 /// </param>
 /// <param name="anchors">
 /// An <see cref="ITrustAnchorResolver"/> instance providing trust anchors.
 /// </param>
 /// <param name="certPolicyResolvers">Certificate <see cref="ICertPolicyResolvers">policy container</see></param>
 public DirectAgent(IDomainResolver domainResolver, ICertificateResolver privateCerts, ICertificateResolver publicCerts, ITrustAnchorResolver anchors
                    , ICertPolicyResolvers certPolicyResolvers, IPolicyFilter polciyFilter)
     : this(domainResolver, privateCerts, publicCerts, anchors, TrustModel.Default, SMIMECryptographer.Default, certPolicyResolvers, polciyFilter)
 {
 }
Beispiel #10
0
        /// <summary>
        /// Creates a DirectAgent instance, specifying private, external and trust anchor certificate stores, and 
        /// trust and cryptography models.
        /// </summary>
        /// <param name="domainResolver">
        /// An <see cref="IDomainResolver"/> instance providing array of local domain name managed by this agent.
        /// </param>
        /// <param name="privateCerts">
        /// An <see cref="ICertificateResolver"/> instance providing private certificates
        /// for senders of outgoing messages and receivers of incoming messages.
        /// </param>
        /// <param name="publicCerts">
        /// An <see cref="ICertificateResolver"/> instance providing public certificates 
        /// for receivers of outgoing messages and senders of incoming messages. 
        /// </param>
        /// <param name="anchors">
        /// An <see cref="ITrustAnchorResolver"/> instance providing trust anchors.
        /// </param>
        /// <param name="trustModel">
        /// An instance or subclass of <see cref="SMIMECryptographer"/> providing a custom trust model.
        /// </param>
        /// <param name="cryptographer">
        /// An instance or subclass of <see cref="Health.Direct.Agent"/> providing a custom cryptography model.
        /// </param>
        public DirectAgent(IDomainResolver domainResolver, ICertificateResolver privateCerts, ICertificateResolver publicCerts, ITrustAnchorResolver anchors, TrustModel trustModel, SMIMECryptographer cryptographer)
        {
            m_managedDomains = new AgentDomains(domainResolver);

            if (privateCerts == null)
            {
                throw new ArgumentNullException("privateCerts");
            }
            if (publicCerts == null)
            {
                throw new ArgumentNullException("publicCerts");
            }
            if (anchors == null)
            {
                throw new ArgumentNullException("anchors");
            }
            if (trustModel == null)
            {
                throw new ArgumentNullException("trustModel");
            }
            if (cryptographer == null)
            {
                throw new ArgumentNullException("cryptographer");
            }

            m_privateCertResolver = privateCerts;
            m_publicCertResolver = publicCerts;
            m_cryptographer = cryptographer;
            m_trustAnchors = anchors;
            m_trustModel = trustModel;
            if (!m_trustModel.CertChainValidator.HasCertificateResolver)
            {
                m_trustModel.CertChainValidator.IssuerResolver = m_publicCertResolver;
            }
            
            m_minTrustRequirement = TrustEnforcementStatus.Success;
        }
Beispiel #11
0
 /// <summary>
 /// Creates a DirectAgent instance, specifying private, external and trust anchor certificate stores, and
 /// and defaulting to the standard trust and cryptography models.
 /// </summary>
 /// <param name="domainResolver">
 /// An <see cref="IDomainResolver"/> instance providing array of local domain name managed by this agent.
 /// </param>
 /// <param name="privateCerts">
 /// An <see cref="ICertificateResolver"/> instance providing private certificates
 /// for senders of outgoing messages and receivers of incoming messages.
 /// </param>
 /// <param name="publicCerts">
 /// An <see cref="ICertificateResolver"/> instance providing public certificates 
 /// for receivers of outgoing messages and senders of incoming messages. 
 /// </param>
 /// <param name="anchors">
 /// An <see cref="ITrustAnchorResolver"/> instance providing trust anchors.
 /// </param>
 public DirectAgent(IDomainResolver domainResolver, ICertificateResolver privateCerts, ICertificateResolver publicCerts, ITrustAnchorResolver anchors)
     : this(domainResolver, privateCerts, publicCerts, anchors, TrustModel.Default, SMIMECryptographer.Default)
 {
 }
Beispiel #12
0
 /// <summary>
 /// Creates a DirectAgent instance, specifying private, external and trust anchor certificate stores, and
 /// and defaulting to the standard trust and cryptography models.
 /// </summary>
 /// <param name="domain">
 /// The local domain name managed by this agent.
 /// </param>
 /// <param name="privateCerts">
 /// An <see cref="ICertificateResolver"/> instance providing private certificates
 /// for senders of outgoing messages and receivers of incoming messages.
 /// </param>
 /// <param name="publicCerts">
 /// An <see cref="ICertificateResolver"/> instance providing public certificates 
 /// for receivers of outgoing messages and senders of incoming messages. 
 /// </param>
 /// <param name="anchors">
 /// An <see cref="ITrustAnchorResolver"/> instance providing trust anchors.
 /// </param>
 public DirectAgent(string domain, ICertificateResolver privateCerts, ICertificateResolver publicCerts, ITrustAnchorResolver anchors)
     : this(new StaticDomainResolver(domain), privateCerts, publicCerts, anchors, TrustModel.Default, SMIMECryptographer.Default)
 {
 }
Beispiel #13
0
 /// <summary>
 /// Creates a DirectAgent instance, specifying private, external and trust anchor certificate stores, and 
 /// trust and cryptography models.
 /// </summary>
 /// <param name="domainResolver">
 /// An <see cref="IDomainResolver"/> instance providing array of local domain name managed by this agent.
 /// </param>
 /// <param name="privateCerts">
 /// An <see cref="ICertificateResolver"/> instance providing private certificates
 /// for senders of outgoing messages and receivers of incoming messages.
 /// </param>
 /// <param name="publicCerts">
 /// An <see cref="ICertificateResolver"/> instance providing public certificates 
 /// for receivers of outgoing messages and senders of incoming messages. 
 /// </param>
 /// <param name="anchors">
 /// An <see cref="ITrustAnchorResolver"/> instance providing trust anchors.
 /// </param>
 /// <param name="trustModel">
 /// An instance or subclass of <see cref="SMIMECryptographer"/> providing a custom trust model.
 /// </param>
 /// <param name="cryptographer">
 /// An instance or subclass of <see cref="Health.Direct.Agent"/> providing a custom cryptography model.
 /// </param>
 public DirectAgent(IDomainResolver domainResolver, ICertificateResolver privateCerts, ICertificateResolver publicCerts, ITrustAnchorResolver anchors, TrustModel trustModel, SMIMECryptographer cryptographer)
     : this(domainResolver, privateCerts, publicCerts, anchors, trustModel, cryptographer, CertPolicyResolvers.Default, null)
 {
 }
Beispiel #14
0
 /// <summary>
 /// Creates a DirectAgent instance, specifying private, external and trust anchor certificate stores, and
 /// and defaulting to the standard trust and cryptography models.
 /// </summary>
 /// <param name="domainResolver">
 /// An <see cref="IDomainResolver"/> instance providing array of local domain name managed by this agent.
 /// </param>
 /// <param name="privateCerts">
 /// An <see cref="ICertificateResolver"/> instance providing private certificates
 /// for senders of outgoing messages and receivers of incoming messages.
 /// </param>
 /// <param name="publicCerts">
 /// An <see cref="ICertificateResolver"/> instance providing public certificates 
 /// for receivers of outgoing messages and senders of incoming messages. 
 /// </param>
 /// <param name="anchors">
 /// An <see cref="ITrustAnchorResolver"/> instance providing trust anchors.
 /// </param>
 /// <param name="certPolicyResolvers">Certificate <see cref="ICertPolicyResolvers">policy container</see></param>
 /// <param name="polciyFilter"></param>
 public DirectAgent(IDomainResolver domainResolver, ICertificateResolver privateCerts, ICertificateResolver publicCerts, ITrustAnchorResolver anchors
     , ICertPolicyResolvers certPolicyResolvers, IPolicyFilter polciyFilter)
     : this(domainResolver, privateCerts, publicCerts, anchors, TrustModel.Default, SMIMECryptographer.Default, certPolicyResolvers, polciyFilter)
 {
 }