public RmsOnlineTpdImporter(Uri rmsOnlineKeySharingLocation, string authenticationCertificateSubjectName)
{
RmsUtil.ThrowIfParameterNull(rmsOnlineKeySharingLocation, "rmsOnlineKeySharingLocation");
RmsUtil.ThrowIfStringParameterNullOrEmpty(authenticationCertificateSubjectName, "authenticationCertificateSubjectName");
this.rmsOnlineKeySharingLocation = rmsOnlineKeySharingLocation;
this.authenticationCertificateSubjectName = authenticationCertificateSubjectName;
}
public static void ThrowIfRightsTemplatesInvalid(IEnumerable <string> templates, string tpdName, TrustedPublishingDomainImportUtilities tpdImportUtilities, Uri intranetLicensingUrl, Uri extranetLicensingUrl, out object failureTarget)
{
failureTarget = null;
if (templates != null)
{
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
RmsUtil.ThrowIfParameterNull(tpdImportUtilities, "tpdImportUtilities");
RmsUtil.ThrowIfParameterNull(intranetLicensingUrl, "intranetLicensingUrl");
RmsUtil.ThrowIfParameterNull(extranetLicensingUrl, "extranetLicensingUrl");
foreach (string template in templates)
{
Uri templateDistributionPoint;
Uri templateDistributionPoint2;
Guid templateGuid;
try
{
DrmClientUtils.ParseTemplate(template, out templateDistributionPoint, out templateDistributionPoint2, out templateGuid);
}
catch (RightsManagementException innerException)
{
failureTarget = tpdName;
throw new InvalidTemplateException(innerException);
}
RmsUtil.ThrowIfRightsTemplateInvalid(tpdImportUtilities, tpdName, template, templateGuid, out failureTarget);
RmsUtil.ThrowIfTemplateDistributionPointInvalid(templateDistributionPoint, RmsUtil.TemplateDistributionPointType.Intranet, templateGuid, intranetLicensingUrl, extranetLicensingUrl, out failureTarget);
RmsUtil.ThrowIfTemplateDistributionPointInvalid(templateDistributionPoint2, RmsUtil.TemplateDistributionPointType.Extranet, templateGuid, intranetLicensingUrl, extranetLicensingUrl, out failureTarget);
}
}
}
public static bool TryExtractDecryptionCertificateSKIFromEncryptedXml(string encryptedData, out string requiredCertificateSKI, out Exception exception)
{
RmsUtil.ThrowIfParameterNull(encryptedData, "encryptedData");
requiredCertificateSKI = null;
exception = null;
try
{
XmlDocument xmlDocument = new SafeXmlDocument();
xmlDocument.LoadXml(encryptedData);
using (XmlNodeList elementsByTagName = xmlDocument.GetElementsByTagName("X509SKI"))
{
if (elementsByTagName.Count > 0)
{
byte[] value = Convert.FromBase64String(elementsByTagName[0].InnerText);
requiredCertificateSKI = BitConverter.ToString(value);
return(true);
}
}
exception = new XmlException("X509SKI node not found in encrypted XML document");
}
catch (FormatException ex)
{
exception = ex;
}
catch (XmlException ex2)
{
exception = ex2;
}
return(false);
}
private bool ValidateTPDCanBeObtainedFromRMSOnline(RmsOnlineTpdImporter tpdImporter, out TrustedDocDomain tpd)
{
tpd = null;
this.result.SetTask(Strings.InfoImportingTpdFromRmsOnline);
bool flag;
try
{
Guid externalDirectoryOrgIdThrowOnFailure = this.rmsOnlineGuidOverride;
if (Guid.Empty == externalDirectoryOrgIdThrowOnFailure)
{
externalDirectoryOrgIdThrowOnFailure = RmsUtil.GetExternalDirectoryOrgIdThrowOnFailure(this.configurationSession, this.organizationId);
}
tpd = tpdImporter.Import(externalDirectoryOrgIdThrowOnFailure);
if (tpd.m_astrRightsTemplates.Length == 0)
{
flag = this.result.SetSuccessResult(Strings.InfoImportingTpdFromRmsOnlineCheckedNoTemplates);
}
else
{
flag = this.result.SetSuccessResult(Strings.InfoImportingTpdFromRmsOnlineCheckedWithTemplates(RmsUtil.TemplateNamesFromTemplateArray(tpd.m_astrRightsTemplates)));
}
}
catch (ImportTpdException ex)
{
flag = this.result.SetFailureResult(Strings.ErrorImportingTpdFromRmsOnline, ex, true);
}
return(flag);
}
public static TrustedPublishingDomainImportUtilities CreateTpdImportUtilities(XrmlCertificateChain slcCertificate, TrustedPublishingDomainPrivateKeyProvider privateKeyProvider)
{
RmsUtil.ThrowIfParameterNull(slcCertificate, "slcCertificate");
if (privateKeyProvider == null)
{
return(new TrustedPublishingDomainImportUtilities(slcCertificate));
}
return(new TrustedPublishingDomainImportUtilities(slcCertificate, privateKeyProvider));
}
private bool ValidateRmsOnlinePrerequisites(IRMConfiguration irmConfiguration)
{
this.result.SetTask(Strings.InfoCheckingRmsOnlinePrerequisites);
if (!RmsUtil.AreRmsOnlinePreRequisitesMet(irmConfiguration))
{
return(this.result.SetFailureResult(Strings.ErrorRmsOnlinePrerequisites, null, true));
}
return(this.result.SetSuccessResult(Strings.InfoRmsOnlinePrerequisitesChecked));
}
public static TrustedDocDomain ConvertFromRmsOnlineTrustedDocDomain(TrustedDocDomain rmsoTPD)
{
RmsUtil.ThrowIfParameterNull(rmsoTPD, "rmsoTPD");
return(new TrustedDocDomain
{
m_ttdki = RmsUtil.ConvertFromRmsOnlineKeyInformation(rmsoTPD.m_ttdki),
m_strLicensorCertChain = rmsoTPD.m_strLicensorCertChain,
m_astrRightsTemplates = rmsoTPD.m_astrRightsTemplates
});
}
protected virtual X509Certificate2 ReadAuthenticationCertificateFromStore(X509Store store)
{
X509Certificate2Collection certificates = store.Certificates;
RmsUtil.ThrowIfCertificateCollectionIsNullOrEmpty(certificates, "X509Store returned a null or empty certificate collection; unable to load the RMS Online authentication certificate");
X509Certificate2Collection x509Certificate2Collection = certificates.Find(X509FindType.FindBySubjectDistinguishedName, this.AuthenticationCertificateSubjectDistinguishedName, this.AcceptValidAuthenticationCertificateOnly);
RmsUtil.ThrowIfCertificateCollectionIsNullOrEmpty(x509Certificate2Collection, string.Format("X509Store was unable to find the RMS Online authentication certificate with distinguished name '{0}'", this.AuthenticationCertificateSubjectDistinguishedName));
return(x509Certificate2Collection[0]);
}
private static void ThrowIfKeyTypeInvalid(KeyInformation keyInfo, string tpdName, out object failureTarget)
{
RmsUtil.ThrowIfParameterNull(keyInfo, "keyInfo");
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
failureTarget = null;
if (string.IsNullOrEmpty(keyInfo.strIDType))
{
failureTarget = tpdName;
throw new NoKeyIDTypeInImportedTrustedPublishingDomainException();
}
}
public static void ThrowIfSlcCertificateChainInvalid(TrustedDocDomain tpd, string tpdName, out object failureTarget)
{
RmsUtil.ThrowIfParameterNull(tpd, "tpd");
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
failureTarget = null;
if (tpd.m_strLicensorCertChain == null || tpd.m_strLicensorCertChain.Length == 0 || string.IsNullOrEmpty(tpd.m_strLicensorCertChain[0]))
{
failureTarget = tpdName;
throw new NoSLCCertChainInImportedTrustedPublishingDomainException();
}
}
public static string TemplateNamesFromTemplateArray(string[] templateXrMLArray)
{
RmsUtil.ThrowIfParameterNull(templateXrMLArray, "templateXrMLArray");
List <string> list = new List <string>();
foreach (string templateXrml in templateXrMLArray)
{
RmsTemplate rmsTemplate = RmsTemplate.CreateServerTemplateFromTemplateDefinition(templateXrml, RmsTemplateType.Archived);
list.Add(rmsTemplate.Name);
}
return(string.Join(", ", list.ToArray()));
}
public static void ThrowIfKeyInformationInvalid(TrustedDocDomain tpd, string tpdName, out object failureTarget)
{
RmsUtil.ThrowIfParameterNull(tpd, "tpd");
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
if (tpd.m_ttdki == null)
{
failureTarget = tpdName;
throw new NoKeyInformationInImportedTrustedPublishingDomainException();
}
RmsUtil.ThrowIfKeyIdInvalid(tpd.m_ttdki, tpdName, out failureTarget);
RmsUtil.ThrowIfKeyTypeInvalid(tpd.m_ttdki, tpdName, out failureTarget);
}
public static void ThrowIfTpdDoesNotHavePrivateKeyIfInternalLicensingEnabled(TrustedDocDomain tpd, string tpdName, bool internalLicensingEnabled, out object failureTarget)
{
RmsUtil.ThrowIfParameterNull(tpd, "tpd");
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
RmsUtil.ThrowIfParameterNull(tpd.m_ttdki, "tpd.m_ttdki");
failureTarget = null;
if (internalLicensingEnabled && string.IsNullOrEmpty(tpd.m_ttdki.strEncryptedPrivateKey))
{
failureTarget = tpdName;
throw new NoPrivateKeyInImportedTrustedPublishingDomainException();
}
}
public static void ThrowIfImportedKeyIdAndTypeDoNotMatchExistingTPD(string tpdName, string importedKeyIdOrType, string existingKeyIdOrType, out object failureTarget)
{
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
RmsUtil.ThrowIfStringParameterNullOrEmpty(importedKeyIdOrType, "importedKeyIdOrType");
RmsUtil.ThrowIfStringParameterNullOrEmpty(existingKeyIdOrType, "existingKeyIdOrType");
failureTarget = null;
if (!string.Equals(importedKeyIdOrType, existingKeyIdOrType, StringComparison.OrdinalIgnoreCase))
{
failureTarget = existingKeyIdOrType;
throw new KeyNoMatchException(tpdName);
}
}
public static bool TPDExists(IConfigurationSession session, string keyIdBeingImported, string keyIdTypeBeingImported)
{
RmsUtil.ThrowIfParameterNull(session, "session");
RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdBeingImported, "keyIdBeingImported");
RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdTypeBeingImported, "keyIdTypeBeingImported");
QueryFilter filter = new AndFilter(new QueryFilter[]
{
new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyId, keyIdBeingImported),
new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyIdType, keyIdTypeBeingImported)
});
return(RmsUtil.TPDExists(session, filter));
}
private static void ThrowIfTemplateDistributionPointInvalid(Uri templateDistributionPoint, RmsUtil.TemplateDistributionPointType templateDistributionPointType, Guid templateGuid, Uri intranetLicensingUrl, Uri extranetLicensingUrl, out object failureTarget)
{
RmsUtil.ThrowIfParameterNull(templateDistributionPointType, "templateDistributionPointType");
RmsUtil.ThrowIfParameterNull(intranetLicensingUrl, "intranetLicensingUrl");
RmsUtil.ThrowIfParameterNull(extranetLicensingUrl, "extranetLicensingUrl");
failureTarget = null;
if (templateDistributionPoint != null && Uri.Compare(templateDistributionPoint, intranetLicensingUrl, UriComponents.SchemeAndServer, UriFormat.UriEscaped, StringComparison.OrdinalIgnoreCase) != 0 && Uri.Compare(templateDistributionPoint, extranetLicensingUrl, UriComponents.SchemeAndServer, UriFormat.UriEscaped, StringComparison.OrdinalIgnoreCase) != 0)
{
Uri uri = (templateDistributionPointType == RmsUtil.TemplateDistributionPointType.Intranet) ? intranetLicensingUrl : extranetLicensingUrl;
failureTarget = uri;
throw new FailedToMatchTemplateDistributionPointToLicensingUriException(templateGuid, templateDistributionPoint, uri);
}
}
public RMSOnlineValidator(IConfigurationSession configurationSession, IConfigurationSession dataSession, OrganizationId organizationId, Guid rmsOnlineGuidOverride, string authenticationCertificateSubjectNameOverride = null)
{
RmsUtil.ThrowIfParameterNull(dataSession, "configurationSession");
RmsUtil.ThrowIfParameterNull(dataSession, "dataSession");
RmsUtil.ThrowIfParameterNull(organizationId, "organizationId");
this.configurationSession = configurationSession;
this.dataSession = dataSession;
this.organizationId = organizationId;
this.rmsOnlineGuidOverride = rmsOnlineGuidOverride;
if (authenticationCertificateSubjectNameOverride != null)
{
this.authenticationCertificateSubjectName = authenticationCertificateSubjectNameOverride;
}
}
private static KeyInformation ConvertFromRmsOnlineKeyInformation(KeyInformation rmsoKeyInfo)
{
RmsUtil.ThrowIfParameterNull(rmsoKeyInfo, "rmsoKeyInfo");
return(new KeyInformation
{
strID = rmsoKeyInfo.strID,
strIDType = rmsoKeyInfo.strIDType,
nCSPType = rmsoKeyInfo.nCSPType,
strCSPName = rmsoKeyInfo.strCSPName,
strKeyContainerName = rmsoKeyInfo.strKeyContainerName,
nKeyNumber = rmsoKeyInfo.nKeyNumber,
strEncryptedPrivateKey = rmsoKeyInfo.strEncryptedPrivateKey
});
}
public static void ThrowIfSlcCertificateDoesNotChainToProductionHeirarchyCertificate(TrustedPublishingDomainImportUtilities tpdImportUtilities, string tpdName, out object failureTarget)
{
RmsUtil.ThrowIfParameterNull(tpdImportUtilities, "tpdImportUtilities");
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
try
{
failureTarget = null;
tpdImportUtilities.ValidateTrustedPublishingDomain();
}
catch (ValidationException ex)
{
failureTarget = tpdName;
throw new FailedToValidateSLCCertChainException(ex.ErrorCode);
}
}
public static void ThrowIfImportedTPDsKeyIdIsNotUnique(IConfigurationSession session, string keyIdBeingImported, string keyIdTypeBeingImported, out object failureTarget)
{
RmsUtil.ThrowIfParameterNull(session, "session");
RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdBeingImported, "keyIdBeingImported");
RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdTypeBeingImported, "keyIdTypeBeingImported");
failureTarget = null;
QueryFilter filter = new AndFilter(new QueryFilter[]
{
new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyId, keyIdBeingImported),
new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyIdType, keyIdTypeBeingImported)
});
if (RmsUtil.TPDExists(session, filter))
{
failureTarget = keyIdBeingImported;
throw new DuplicateTPDKeyIdException(keyIdTypeBeingImported, keyIdBeingImported);
}
}
public TrustedDocDomain Import(Guid externalDirectoryOrgId)
{
RmsUtil.ThrowIfGuidEmpty(externalDirectoryOrgId, "externalDirectoryOrgId");
X509Certificate2 authenticationCertificate = this.LoadAuthenticationCertificate();
this.ThrowIfAuthenticationCertificateIsInvalid(authenticationCertificate);
ITenantManagementService tenantManagementService = this.CreateRmsOnlineWebServiceProxy(authenticationCertificate);
TrustedDocDomain result;
try
{
TenantInfo[] tenantInfo = tenantManagementService.GetTenantInfo(new string[]
{
externalDirectoryOrgId.ToString()
});
RmsUtil.ThrowIfTenantInfoisNull(tenantInfo, externalDirectoryOrgId);
RmsUtil.ThrowIfZeroOrMultipleTenantInfoObjectsReturned(tenantInfo, externalDirectoryOrgId);
RmsUtil.ThrowIfErrorInfoObjectReturned(tenantInfo[0], externalDirectoryOrgId);
RmsUtil.ThrowIfTenantInfoDoesNotIncludeActiveTPD(tenantInfo[0], externalDirectoryOrgId);
RmsUtil.ThrowIfTpdDoesNotIncludeKeyInformation(tenantInfo[0].ActivePublishingDomain, externalDirectoryOrgId);
RmsUtil.ThrowIfTpdDoesNotIncludeSLC(tenantInfo[0].ActivePublishingDomain, externalDirectoryOrgId);
RmsUtil.ThrowIfTpdDoesNotIncludeTemplates(tenantInfo[0].ActivePublishingDomain, externalDirectoryOrgId);
RmsUtil.ThrowIfTenantInfoDoesNotIncludeLicensingUrls(tenantInfo[0], externalDirectoryOrgId);
RmsUtil.ThrowIfTenantInfoDoesNotIncludeCertificationUrls(tenantInfo[0], externalDirectoryOrgId);
this.IntranetLicensingUrl = RMUtil.ConvertUriToLicenseLocationDistributionPoint(tenantInfo[0].LicensingIntranetDistributionPointUrl);
this.ExtranetLicensingUrl = RMUtil.ConvertUriToLicenseLocationDistributionPoint(tenantInfo[0].LicensingExtranetDistributionPointUrl);
this.IntranetCertificationUrl = RMUtil.ConvertUriToLicenseLocationDistributionPoint(tenantInfo[0].CertificationIntranetDistributionPointUrl);
this.ExtranetCertificationUrl = RMUtil.ConvertUriToLicenseLocationDistributionPoint(tenantInfo[0].CertificationExtranetDistributionPointUrl);
result = RmsUtil.ConvertFromRmsOnlineTrustedDocDomain(tenantInfo[0].ActivePublishingDomain);
}
catch (FaultException <ArgumentException> innerException)
{
throw new ImportTpdException("Caught FaultException<ArgumentException> while obtaining TPD from RMS Online", innerException);
}
catch (CommunicationException innerException2)
{
throw new ImportTpdException("Unable to communicate with RMS Online key sharing web service", innerException2);
}
catch (TimeoutException innerException3)
{
throw new ImportTpdException("The TPD import request to the RMS Online key sharing web service has timed out", innerException3);
}
return(result);
}
public static void ThrowIfTpdUsesUnauthorizedCryptoModeOnFips(TrustedDocDomain tpd, string tpdName, out object failureTarget)
{
RmsUtil.ThrowIfParameterNull(tpd, "tpd");
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
failureTarget = null;
using (RegistryKey registryKey = Registry.LocalMachine.OpenSubKey("System\\CurrentControlSet\\Control\\Lsa\\FIPSAlgorithmPolicy\\", false))
{
object value;
if (registryKey != null && (value = registryKey.GetValue("Enabled")) != null && (int)value == 1)
{
int num = RmsUtil.CryptoModeFromTpd(tpd);
if (num == 1)
{
failureTarget = tpdName;
throw new InvalidFipsCryptoModeInImportedTrustedPublishingDomainException(num);
}
}
}
}
public static string GenerateRmsOnlineTpdName(string existingDefaultTpdName, string newTpdNameRoot)
{
RmsUtil.ThrowIfStringParameterNullOrEmpty(newTpdNameRoot, "newTpdNameRoot");
if (string.IsNullOrEmpty(existingDefaultTpdName))
{
return(string.Format("{0}{1}{2}", newTpdNameRoot, " - ", "1"));
}
int num = 0;
if (existingDefaultTpdName.Length > " - ".Length && string.Compare(existingDefaultTpdName, 0, newTpdNameRoot, 0, newTpdNameRoot.Length, true) == 0)
{
int num2 = existingDefaultTpdName.LastIndexOf(" - ", StringComparison.Ordinal);
if (-1 != num2 && existingDefaultTpdName.Length > num2 + " - ".Length)
{
int.TryParse(existingDefaultTpdName.Substring(num2 + " - ".Length), out num);
}
}
return(string.Format("{0}{1}{2}", newTpdNameRoot, " - ", num + 1));
}
protected virtual ITenantManagementService CreateRmsOnlineWebServiceProxy(X509Certificate2 authenticationCertificate)
{
TenantManagementServiceClient tenantManagementServiceClient = new TenantManagementServiceClient(new WSHttpBinding
{
SendTimeout = RmsOnlineConstants.SendTimeout,
ReceiveTimeout = RmsOnlineConstants.ReceiveTimeout,
ReaderQuotas = RmsOnlineConstants.ReaderQuotas,
MaxReceivedMessageSize = RmsOnlineConstants.MaxReceivedMessageSize,
Name = RmsOnlineConstants.BindingName,
Security = RmsOnlineConstants.Security
}, new EndpointAddress(this.rmsOnlineKeySharingLocation, new AddressHeader[0]));
RmsUtil.ThrowIfClientCredentialsIsNull(tenantManagementServiceClient);
if (tenantManagementServiceClient.ClientCredentials != null)
{
tenantManagementServiceClient.ClientCredentials.ClientCertificate.Certificate = authenticationCertificate;
}
return(tenantManagementServiceClient);
}
private static void ThrowIfRightsTemplateInvalid(TrustedPublishingDomainImportUtilities tpdImportUtilities, string tpdName, string template, Guid templateGuid, out object failureTarget)
{
RmsUtil.ThrowIfParameterNull(tpdImportUtilities, "tpdImportUtilities");
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
RmsUtil.ThrowIfStringParameterNullOrEmpty(template, "template");
failureTarget = null;
if (Guid.Empty == templateGuid)
{
failureTarget = tpdName;
throw new InvalidTemplateException();
}
try
{
tpdImportUtilities.ValidateRightsTemplate(template);
}
catch (ValidationException ex)
{
failureTarget = tpdName;
throw new FailedToValidateTemplateException(templateGuid, ex.ErrorCode);
}
}
public byte[] Decrypt(string encryptedData)
{
RmsUtil.ThrowIfParameterNull(encryptedData, "encryptedData");
RmsUtil.ThrowIfStringParameterNullOrEmpty(encryptedData, "encryptedData");
byte[] result;
try
{
result = this.DecryptTenantsPrivateKey(encryptedData);
}
catch (CryptographicException ex)
{
string ski;
Exception ex2;
if (RmsUtil.TryExtractDecryptionCertificateSKIFromEncryptedXml(encryptedData, out ski, out ex2))
{
throw new PrivateKeyDecryptionFailedException(ex.Message + " " + Strings.RequiredDecryptionCertificate(ski), ex);
}
throw new PrivateKeyDecryptionFailedException(ex2.Message, ex2);
}
return(result);
}
public string ValidateTpdSuitableForImport(TrustedDocDomain tpd, string tpdName, out object failureTarget, IConfigurationSession configurationSession = null, string existingTpdKeyId = null, string existingTpdKeyType = null, Uri existingTpdIntranetLicensingUrl = null, Uri existingTpdExtranetLicensingUrl = null, SecureString tpdFilePassword = null)
{
RmsUtil.ThrowIfParameterNull(tpd, "tpd");
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
RmsUtil.ThrowIfKeyInformationInvalid(tpd, tpdName, out failureTarget);
RmsUtil.ThrowIfSlcCertificateChainInvalid(tpd, tpdName, out failureTarget);
RmsUtil.ThrowIfTpdCspDoesNotMatchCryptoMode(tpd, tpdName, out failureTarget);
RmsUtil.ThrowIfTpdUsesUnauthorizedCryptoModeOnFips(tpd, tpdName, out failureTarget);
string result;
using (TrustedPublishingDomainPrivateKeyProvider trustedPublishingDomainPrivateKeyProvider = this.CreatePrivateKeyProvider(tpdName, tpd.m_ttdki, tpdFilePassword, out result, out failureTarget))
{
TrustedPublishingDomainImportUtilities tpdImportUtilities = this.CreateTpdImportUtilities(tpd, trustedPublishingDomainPrivateKeyProvider);
RmsUtil.ThrowIfSlcCertificateDoesNotChainToProductionHeirarchyCertificate(tpdImportUtilities, tpdName, out failureTarget);
if (this.refreshTemplatesSwitch)
{
RmsUtil.ThrowIfUrlWasSpecified(this.intranetLicensingUrl, this.refreshTemplatesSwitch, out failureTarget);
RmsUtil.ThrowIfUrlWasSpecified(this.extranetLicensingUrl, this.refreshTemplatesSwitch, out failureTarget);
RmsUtil.ThrowIfUrlWasSpecified(this.intranetCertificationUrl, this.refreshTemplatesSwitch, out failureTarget);
RmsUtil.ThrowIfUrlWasSpecified(this.extranetCertificationUrl, this.refreshTemplatesSwitch, out failureTarget);
RmsUtil.ThrowIfDefaultWasSpecified(this.defaultSwitch, out failureTarget);
RmsUtil.ThrowIfImportedKeyIdAndTypeDoNotMatchExistingTPD(tpdName, tpd.m_ttdki.strID, existingTpdKeyId, out failureTarget);
RmsUtil.ThrowIfImportedKeyIdAndTypeDoNotMatchExistingTPD(tpdName, tpd.m_ttdki.strIDType, existingTpdKeyType, out failureTarget);
}
else
{
RmsUtil.ThrowIfTpdDoesNotHavePrivateKeyIfInternalLicensingEnabled(tpd, tpdName, this.internalLicensingEnabled, out failureTarget);
if (!this.rmsOnlineSwitch)
{
RmsUtil.ThrowIfImportedTPDsKeyIdIsNotUnique(configurationSession, tpd.m_ttdki.strID, tpd.m_ttdki.strIDType, out failureTarget);
}
RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.intranetLicensingUrl, out failureTarget);
RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.extranetLicensingUrl, out failureTarget);
RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.intranetCertificationUrl, out failureTarget);
RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.extranetCertificationUrl, out failureTarget);
}
RmsUtil.ThrowIfRightsTemplatesInvalid(tpd.m_astrRightsTemplates, tpdName, tpdImportUtilities, this.refreshTemplatesSwitch ? existingTpdIntranetLicensingUrl : this.intranetLicensingUrl, this.refreshTemplatesSwitch ? existingTpdExtranetLicensingUrl : this.extranetLicensingUrl, out failureTarget);
}
return(result);
}
public static bool TryExtractUrlsFromTenantConfiguration(XElement tenantConfigurationElement, out Uri intranetCertificationUrl, out Uri extranetCertificationUrl, out Uri intranetLicensingUrl, out Uri extranetLicensingUrl, out Exception exception)
{
RmsUtil.ThrowIfParameterNull(tenantConfigurationElement, "tenantConfigurationElement");
intranetCertificationUrl = null;
extranetCertificationUrl = null;
intranetLicensingUrl = null;
extranetLicensingUrl = null;
exception = null;
try
{
XmlReader reader = tenantConfigurationElement.CreateReader();
XmlDocument xmlDocument = new XmlDocument();
xmlDocument.Load(reader);
XmlNode xmlNode = xmlDocument.SelectSingleNode("/TenantConfiguration/CertificationIntranetDistributionPointUrl");
XmlNode xmlNode2 = xmlDocument.SelectSingleNode("/TenantConfiguration/CertificationExtranetDistributionPointUrl");
XmlNode xmlNode3 = xmlDocument.SelectSingleNode("/TenantConfiguration/LicensingIntranetDistributionPointUrl");
XmlNode xmlNode4 = xmlDocument.SelectSingleNode("/TenantConfiguration/LicensingExtranetDistributionPointUrl");
if (xmlNode != null && xmlNode2 != null && xmlNode3 != null && xmlNode4 != null)
{
intranetCertificationUrl = new Uri(xmlNode.InnerText);
extranetCertificationUrl = new Uri(xmlNode2.InnerText);
intranetLicensingUrl = new Uri(xmlNode3.InnerText);
extranetLicensingUrl = new Uri(xmlNode4.InnerText);
return(true);
}
exception = new XmlException("Unable to extract certification/licensing URLs from TenantConfiguration XML");
}
catch (XmlException ex)
{
exception = ex;
}
catch (UriFormatException ex2)
{
exception = ex2;
}
return(false);
}
public static void ThrowIfTpdCspDoesNotMatchCryptoMode(TrustedDocDomain tpd, string tpdName, out object failureTarget)
{
RmsUtil.ThrowIfParameterNull(tpd, "tpd");
RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
failureTarget = null;
int cryptoMode = RmsUtil.CryptoModeFromTpd(tpd);
RmsUtil.CSP_TYPE csp_TYPE;
if (!RmsUtil.TryCspEnumFromInteger(tpd.m_ttdki.nCSPType, out csp_TYPE))
{
failureTarget = tpdName;
throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode);
}
switch (cryptoMode)
{
case 1:
if (csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_FULL && csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_AES)
{
failureTarget = tpdName;
throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode);
}
break;
case 2:
if (csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_AES)
{
failureTarget = tpdName;
throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode);
}
break;
default:
failureTarget = tpdName;
throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode);
}
}
protected override bool IsKnownException(Exception exception)
{
return(base.IsKnownException(exception) || RmsUtil.IsKnownException(exception));
}
