Example #1
0
 public static void ThrowIfTpdDoesNotIncludeTemplates(TrustedDocDomain tpd, Guid externalDirectoryOrgId)
 {
     if (tpd.m_astrRightsTemplates == null)
     {
         throw new ImportTpdException(string.Format("RMS Online returned a TPD containing no templates for tenant with external directory organization ID {0}", externalDirectoryOrgId), null);
     }
 }
Example #2
0
        private static int CryptoModeFromTpd(TrustedDocDomain tpd)
        {
            string compressedCerts = RMUtil.CompressSLCCertificateChain(tpd.m_strLicensorCertChain);
            XrmlCertificateChain xrmlCertificateChain = RMUtil.DecompressSLCCertificate(compressedCerts);

            return(xrmlCertificateChain.GetCryptoMode());
        }
Example #3
0
 public static void ThrowIfTpdDoesNotIncludeSLC(TrustedDocDomain tpd, Guid externalDirectoryOrgId)
 {
     if (tpd.m_strLicensorCertChain == null)
     {
         throw new ImportTpdException(string.Format("RMS Online returned a TPD containing no SLC for tenant with external directory organization ID {0}", externalDirectoryOrgId), null);
     }
 }
Example #4
0
 public static TrustedDocDomain ConvertFromRmsOnlineTrustedDocDomain(TrustedDocDomain rmsoTPD)
 {
     RmsUtil.ThrowIfParameterNull(rmsoTPD, "rmsoTPD");
     return(new TrustedDocDomain
     {
         m_ttdki = RmsUtil.ConvertFromRmsOnlineKeyInformation(rmsoTPD.m_ttdki),
         m_strLicensorCertChain = rmsoTPD.m_strLicensorCertChain,
         m_astrRightsTemplates = rmsoTPD.m_astrRightsTemplates
     });
 }
Example #5
0
 public static void ThrowIfSlcCertificateChainInvalid(TrustedDocDomain tpd, string tpdName, out object failureTarget)
 {
     RmsUtil.ThrowIfParameterNull(tpd, "tpd");
     RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
     failureTarget = null;
     if (tpd.m_strLicensorCertChain == null || tpd.m_strLicensorCertChain.Length == 0 || string.IsNullOrEmpty(tpd.m_strLicensorCertChain[0]))
     {
         failureTarget = tpdName;
         throw new NoSLCCertChainInImportedTrustedPublishingDomainException();
     }
 }
Example #6
0
 public static void ThrowIfTpdDoesNotHavePrivateKeyIfInternalLicensingEnabled(TrustedDocDomain tpd, string tpdName, bool internalLicensingEnabled, out object failureTarget)
 {
     RmsUtil.ThrowIfParameterNull(tpd, "tpd");
     RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
     RmsUtil.ThrowIfParameterNull(tpd.m_ttdki, "tpd.m_ttdki");
     failureTarget = null;
     if (internalLicensingEnabled && string.IsNullOrEmpty(tpd.m_ttdki.strEncryptedPrivateKey))
     {
         failureTarget = tpdName;
         throw new NoPrivateKeyInImportedTrustedPublishingDomainException();
     }
 }
Example #7
0
 public static void ThrowIfKeyInformationInvalid(TrustedDocDomain tpd, string tpdName, out object failureTarget)
 {
     RmsUtil.ThrowIfParameterNull(tpd, "tpd");
     RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
     if (tpd.m_ttdki == null)
     {
         failureTarget = tpdName;
         throw new NoKeyInformationInImportedTrustedPublishingDomainException();
     }
     RmsUtil.ThrowIfKeyIdInvalid(tpd.m_ttdki, tpdName, out failureTarget);
     RmsUtil.ThrowIfKeyTypeInvalid(tpd.m_ttdki, tpdName, out failureTarget);
 }
Example #8
0
        private bool ValidateTpdSuitableForImport(IRMConfiguration irmConfiguration, TrustedDocDomain tpd, RmsOnlineTpdImporter tpdImporter)
        {
            this.result.SetTask(Strings.InfoCheckingTpdFromRmsOnline);
            TpdValidator tpdValidator = new TpdValidator(irmConfiguration.InternalLicensingEnabled, tpdImporter.IntranetLicensingUrl, tpdImporter.ExtranetLicensingUrl, tpdImporter.IntranetCertificationUrl, tpdImporter.ExtranetCertificationUrl, true, true, false);

            try
            {
                object obj;
                tpdValidator.ValidateTpdSuitableForImport(tpd, Strings.RmsOnline, out obj, null, null, null, null, null, null);
            }
            catch (LocalizedException ex)
            {
                return(this.result.SetFailureResult(Strings.ErrorTpdCheckingFailed, ex, true));
            }
            return(this.result.SetSuccessResult(Strings.InfoTpdFromRmsOnlineChecked));
        }
Example #9
0
        private static TrustedDocDomain DecryptTrustedDocDomainData(EncryptedTrustedDocDomain encryptedData, SecureString password)
        {
            IPrivateKeyDecryptor privateKeyDecryptor = new OnPremisePrivateKeyDecryptor(password);

            byte[] buffer = null;
            try
            {
                buffer = privateKeyDecryptor.Decrypt(encryptedData.m_strTrustedDocDomainInfo);
            }
            catch (PrivateKeyDecryptionFailedException innerException)
            {
                throw new TrustedPublishingDomainParser.ParseFailedException("OnPremisePrivateKeyDecryptor.Decrypt() failed", innerException);
            }
            TrustedDocDomain result;

            using (MemoryStream memoryStream = new MemoryStream(buffer))
            {
                try
                {
                    SafeXmlSerializer safeXmlSerializer = new SafeXmlSerializer(typeof(ArrayList), new Type[]
                    {
                        typeof(TrustedDocDomain[])
                    });
                    ArrayList arrayList = safeXmlSerializer.Deserialize(memoryStream) as ArrayList;
                    if (arrayList == null || arrayList.Count != 1)
                    {
                        throw new TrustedPublishingDomainParser.ParseFailedException("DecryptedTPD_NoORMoreThanOneElements");
                    }
                    TrustedDocDomain trustedDocDomain = arrayList[0] as TrustedDocDomain;
                    if (trustedDocDomain == null)
                    {
                        throw new TrustedPublishingDomainParser.ParseFailedException("DecryptedTPD_NotOfType_TrustedDocDomain");
                    }
                    trustedDocDomain.m_ttdki.strEncryptedPrivateKey = encryptedData.m_strKeyData;
                    result = trustedDocDomain;
                }
                catch (InvalidOperationException innerException2)
                {
                    throw new TrustedPublishingDomainParser.ParseFailedException("DecryptedTPD_XmlDeserializationFailed", innerException2);
                }
                catch (XmlException innerException3)
                {
                    throw new TrustedPublishingDomainParser.ParseFailedException("DecryptedTPD_XmlDeserializationFailed", innerException3);
                }
            }
            return(result);
        }
Example #10
0
 public static void ThrowIfTpdUsesUnauthorizedCryptoModeOnFips(TrustedDocDomain tpd, string tpdName, out object failureTarget)
 {
     RmsUtil.ThrowIfParameterNull(tpd, "tpd");
     RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
     failureTarget = null;
     using (RegistryKey registryKey = Registry.LocalMachine.OpenSubKey("System\\CurrentControlSet\\Control\\Lsa\\FIPSAlgorithmPolicy\\", false))
     {
         object value;
         if (registryKey != null && (value = registryKey.GetValue("Enabled")) != null && (int)value == 1)
         {
             int num = RmsUtil.CryptoModeFromTpd(tpd);
             if (num == 1)
             {
                 failureTarget = tpdName;
                 throw new InvalidFipsCryptoModeInImportedTrustedPublishingDomainException(num);
             }
         }
     }
 }
Example #11
0
        public string ValidateTpdSuitableForImport(TrustedDocDomain tpd, string tpdName, out object failureTarget, IConfigurationSession configurationSession = null, string existingTpdKeyId = null, string existingTpdKeyType = null, Uri existingTpdIntranetLicensingUrl = null, Uri existingTpdExtranetLicensingUrl = null, SecureString tpdFilePassword = null)
        {
            RmsUtil.ThrowIfParameterNull(tpd, "tpd");
            RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
            RmsUtil.ThrowIfKeyInformationInvalid(tpd, tpdName, out failureTarget);
            RmsUtil.ThrowIfSlcCertificateChainInvalid(tpd, tpdName, out failureTarget);
            RmsUtil.ThrowIfTpdCspDoesNotMatchCryptoMode(tpd, tpdName, out failureTarget);
            RmsUtil.ThrowIfTpdUsesUnauthorizedCryptoModeOnFips(tpd, tpdName, out failureTarget);
            string result;

            using (TrustedPublishingDomainPrivateKeyProvider trustedPublishingDomainPrivateKeyProvider = this.CreatePrivateKeyProvider(tpdName, tpd.m_ttdki, tpdFilePassword, out result, out failureTarget))
            {
                TrustedPublishingDomainImportUtilities tpdImportUtilities = this.CreateTpdImportUtilities(tpd, trustedPublishingDomainPrivateKeyProvider);
                RmsUtil.ThrowIfSlcCertificateDoesNotChainToProductionHeirarchyCertificate(tpdImportUtilities, tpdName, out failureTarget);
                if (this.refreshTemplatesSwitch)
                {
                    RmsUtil.ThrowIfUrlWasSpecified(this.intranetLicensingUrl, this.refreshTemplatesSwitch, out failureTarget);
                    RmsUtil.ThrowIfUrlWasSpecified(this.extranetLicensingUrl, this.refreshTemplatesSwitch, out failureTarget);
                    RmsUtil.ThrowIfUrlWasSpecified(this.intranetCertificationUrl, this.refreshTemplatesSwitch, out failureTarget);
                    RmsUtil.ThrowIfUrlWasSpecified(this.extranetCertificationUrl, this.refreshTemplatesSwitch, out failureTarget);
                    RmsUtil.ThrowIfDefaultWasSpecified(this.defaultSwitch, out failureTarget);
                    RmsUtil.ThrowIfImportedKeyIdAndTypeDoNotMatchExistingTPD(tpdName, tpd.m_ttdki.strID, existingTpdKeyId, out failureTarget);
                    RmsUtil.ThrowIfImportedKeyIdAndTypeDoNotMatchExistingTPD(tpdName, tpd.m_ttdki.strIDType, existingTpdKeyType, out failureTarget);
                }
                else
                {
                    RmsUtil.ThrowIfTpdDoesNotHavePrivateKeyIfInternalLicensingEnabled(tpd, tpdName, this.internalLicensingEnabled, out failureTarget);
                    if (!this.rmsOnlineSwitch)
                    {
                        RmsUtil.ThrowIfImportedTPDsKeyIdIsNotUnique(configurationSession, tpd.m_ttdki.strID, tpd.m_ttdki.strIDType, out failureTarget);
                    }
                    RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.intranetLicensingUrl, out failureTarget);
                    RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.extranetLicensingUrl, out failureTarget);
                    RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.intranetCertificationUrl, out failureTarget);
                    RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.extranetCertificationUrl, out failureTarget);
                }
                RmsUtil.ThrowIfRightsTemplatesInvalid(tpd.m_astrRightsTemplates, tpdName, tpdImportUtilities, this.refreshTemplatesSwitch ? existingTpdIntranetLicensingUrl : this.intranetLicensingUrl, this.refreshTemplatesSwitch ? existingTpdExtranetLicensingUrl : this.extranetLicensingUrl, out failureTarget);
            }
            return(result);
        }
Example #12
0
        public static void ThrowIfTpdCspDoesNotMatchCryptoMode(TrustedDocDomain tpd, string tpdName, out object failureTarget)
        {
            RmsUtil.ThrowIfParameterNull(tpd, "tpd");
            RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName");
            failureTarget = null;
            int cryptoMode = RmsUtil.CryptoModeFromTpd(tpd);

            RmsUtil.CSP_TYPE csp_TYPE;
            if (!RmsUtil.TryCspEnumFromInteger(tpd.m_ttdki.nCSPType, out csp_TYPE))
            {
                failureTarget = tpdName;
                throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode);
            }
            switch (cryptoMode)
            {
            case 1:
                if (csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_FULL && csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_AES)
                {
                    failureTarget = tpdName;
                    throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode);
                }
                break;

            case 2:
                if (csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_AES)
                {
                    failureTarget = tpdName;
                    throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode);
                }
                break;

            default:
                failureTarget = tpdName;
                throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode);
            }
        }
Example #13
0
        private bool ValidateTPDCanBeObtainedFromRMSOnline(RmsOnlineTpdImporter tpdImporter, out TrustedDocDomain tpd)
        {
            tpd = null;
            this.result.SetTask(Strings.InfoImportingTpdFromRmsOnline);
            bool flag;

            try
            {
                Guid externalDirectoryOrgIdThrowOnFailure = this.rmsOnlineGuidOverride;
                if (Guid.Empty == externalDirectoryOrgIdThrowOnFailure)
                {
                    externalDirectoryOrgIdThrowOnFailure = RmsUtil.GetExternalDirectoryOrgIdThrowOnFailure(this.configurationSession, this.organizationId);
                }
                tpd = tpdImporter.Import(externalDirectoryOrgIdThrowOnFailure);
                if (tpd.m_astrRightsTemplates.Length == 0)
                {
                    flag = this.result.SetSuccessResult(Strings.InfoImportingTpdFromRmsOnlineCheckedNoTemplates);
                }
                else
                {
                    flag = this.result.SetSuccessResult(Strings.InfoImportingTpdFromRmsOnlineCheckedWithTemplates(RmsUtil.TemplateNamesFromTemplateArray(tpd.m_astrRightsTemplates)));
                }
            }
            catch (ImportTpdException ex)
            {
                flag = this.result.SetFailureResult(Strings.ErrorImportingTpdFromRmsOnline, ex, true);
            }
            return(flag);
        }
Example #14
0
 protected virtual TrustedPublishingDomainImportUtilities CreateTpdImportUtilities(TrustedDocDomain tpd, TrustedPublishingDomainPrivateKeyProvider privateKeyProvider)
 {
     return(RmsUtil.CreateTpdImportUtilities(new XrmlCertificateChain(tpd.m_strLicensorCertChain), privateKeyProvider));
 }