public static void ThrowIfRightsTemplatesInvalid(IEnumerable <string> templates, string tpdName, TrustedPublishingDomainImportUtilities tpdImportUtilities, Uri intranetLicensingUrl, Uri extranetLicensingUrl, out object failureTarget) { failureTarget = null; if (templates != null) { RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); RmsUtil.ThrowIfParameterNull(tpdImportUtilities, "tpdImportUtilities"); RmsUtil.ThrowIfParameterNull(intranetLicensingUrl, "intranetLicensingUrl"); RmsUtil.ThrowIfParameterNull(extranetLicensingUrl, "extranetLicensingUrl"); foreach (string template in templates) { Uri templateDistributionPoint; Uri templateDistributionPoint2; Guid templateGuid; try { DrmClientUtils.ParseTemplate(template, out templateDistributionPoint, out templateDistributionPoint2, out templateGuid); } catch (RightsManagementException innerException) { failureTarget = tpdName; throw new InvalidTemplateException(innerException); } RmsUtil.ThrowIfRightsTemplateInvalid(tpdImportUtilities, tpdName, template, templateGuid, out failureTarget); RmsUtil.ThrowIfTemplateDistributionPointInvalid(templateDistributionPoint, RmsUtil.TemplateDistributionPointType.Intranet, templateGuid, intranetLicensingUrl, extranetLicensingUrl, out failureTarget); RmsUtil.ThrowIfTemplateDistributionPointInvalid(templateDistributionPoint2, RmsUtil.TemplateDistributionPointType.Extranet, templateGuid, intranetLicensingUrl, extranetLicensingUrl, out failureTarget); } } }
public static bool TryExtractDecryptionCertificateSKIFromEncryptedXml(string encryptedData, out string requiredCertificateSKI, out Exception exception) { RmsUtil.ThrowIfParameterNull(encryptedData, "encryptedData"); requiredCertificateSKI = null; exception = null; try { XmlDocument xmlDocument = new SafeXmlDocument(); xmlDocument.LoadXml(encryptedData); using (XmlNodeList elementsByTagName = xmlDocument.GetElementsByTagName("X509SKI")) { if (elementsByTagName.Count > 0) { byte[] value = Convert.FromBase64String(elementsByTagName[0].InnerText); requiredCertificateSKI = BitConverter.ToString(value); return(true); } } exception = new XmlException("X509SKI node not found in encrypted XML document"); } catch (FormatException ex) { exception = ex; } catch (XmlException ex2) { exception = ex2; } return(false); }
public RmsOnlineTpdImporter(Uri rmsOnlineKeySharingLocation, string authenticationCertificateSubjectName) { RmsUtil.ThrowIfParameterNull(rmsOnlineKeySharingLocation, "rmsOnlineKeySharingLocation"); RmsUtil.ThrowIfStringParameterNullOrEmpty(authenticationCertificateSubjectName, "authenticationCertificateSubjectName"); this.rmsOnlineKeySharingLocation = rmsOnlineKeySharingLocation; this.authenticationCertificateSubjectName = authenticationCertificateSubjectName; }
public static TrustedPublishingDomainImportUtilities CreateTpdImportUtilities(XrmlCertificateChain slcCertificate, TrustedPublishingDomainPrivateKeyProvider privateKeyProvider) { RmsUtil.ThrowIfParameterNull(slcCertificate, "slcCertificate"); if (privateKeyProvider == null) { return(new TrustedPublishingDomainImportUtilities(slcCertificate)); } return(new TrustedPublishingDomainImportUtilities(slcCertificate, privateKeyProvider)); }
public static TrustedDocDomain ConvertFromRmsOnlineTrustedDocDomain(TrustedDocDomain rmsoTPD) { RmsUtil.ThrowIfParameterNull(rmsoTPD, "rmsoTPD"); return(new TrustedDocDomain { m_ttdki = RmsUtil.ConvertFromRmsOnlineKeyInformation(rmsoTPD.m_ttdki), m_strLicensorCertChain = rmsoTPD.m_strLicensorCertChain, m_astrRightsTemplates = rmsoTPD.m_astrRightsTemplates }); }
private static void ThrowIfKeyTypeInvalid(KeyInformation keyInfo, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(keyInfo, "keyInfo"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); failureTarget = null; if (string.IsNullOrEmpty(keyInfo.strIDType)) { failureTarget = tpdName; throw new NoKeyIDTypeInImportedTrustedPublishingDomainException(); } }
public static void ThrowIfSlcCertificateChainInvalid(TrustedDocDomain tpd, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); failureTarget = null; if (tpd.m_strLicensorCertChain == null || tpd.m_strLicensorCertChain.Length == 0 || string.IsNullOrEmpty(tpd.m_strLicensorCertChain[0])) { failureTarget = tpdName; throw new NoSLCCertChainInImportedTrustedPublishingDomainException(); } }
public static void ThrowIfTpdDoesNotHavePrivateKeyIfInternalLicensingEnabled(TrustedDocDomain tpd, string tpdName, bool internalLicensingEnabled, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); RmsUtil.ThrowIfParameterNull(tpd.m_ttdki, "tpd.m_ttdki"); failureTarget = null; if (internalLicensingEnabled && string.IsNullOrEmpty(tpd.m_ttdki.strEncryptedPrivateKey)) { failureTarget = tpdName; throw new NoPrivateKeyInImportedTrustedPublishingDomainException(); } }
public static string TemplateNamesFromTemplateArray(string[] templateXrMLArray) { RmsUtil.ThrowIfParameterNull(templateXrMLArray, "templateXrMLArray"); List <string> list = new List <string>(); foreach (string templateXrml in templateXrMLArray) { RmsTemplate rmsTemplate = RmsTemplate.CreateServerTemplateFromTemplateDefinition(templateXrml, RmsTemplateType.Archived); list.Add(rmsTemplate.Name); } return(string.Join(", ", list.ToArray())); }
public static void ThrowIfKeyInformationInvalid(TrustedDocDomain tpd, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); if (tpd.m_ttdki == null) { failureTarget = tpdName; throw new NoKeyInformationInImportedTrustedPublishingDomainException(); } RmsUtil.ThrowIfKeyIdInvalid(tpd.m_ttdki, tpdName, out failureTarget); RmsUtil.ThrowIfKeyTypeInvalid(tpd.m_ttdki, tpdName, out failureTarget); }
private static void ThrowIfTemplateDistributionPointInvalid(Uri templateDistributionPoint, RmsUtil.TemplateDistributionPointType templateDistributionPointType, Guid templateGuid, Uri intranetLicensingUrl, Uri extranetLicensingUrl, out object failureTarget) { RmsUtil.ThrowIfParameterNull(templateDistributionPointType, "templateDistributionPointType"); RmsUtil.ThrowIfParameterNull(intranetLicensingUrl, "intranetLicensingUrl"); RmsUtil.ThrowIfParameterNull(extranetLicensingUrl, "extranetLicensingUrl"); failureTarget = null; if (templateDistributionPoint != null && Uri.Compare(templateDistributionPoint, intranetLicensingUrl, UriComponents.SchemeAndServer, UriFormat.UriEscaped, StringComparison.OrdinalIgnoreCase) != 0 && Uri.Compare(templateDistributionPoint, extranetLicensingUrl, UriComponents.SchemeAndServer, UriFormat.UriEscaped, StringComparison.OrdinalIgnoreCase) != 0) { Uri uri = (templateDistributionPointType == RmsUtil.TemplateDistributionPointType.Intranet) ? intranetLicensingUrl : extranetLicensingUrl; failureTarget = uri; throw new FailedToMatchTemplateDistributionPointToLicensingUriException(templateGuid, templateDistributionPoint, uri); } }
public static bool TPDExists(IConfigurationSession session, string keyIdBeingImported, string keyIdTypeBeingImported) { RmsUtil.ThrowIfParameterNull(session, "session"); RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdBeingImported, "keyIdBeingImported"); RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdTypeBeingImported, "keyIdTypeBeingImported"); QueryFilter filter = new AndFilter(new QueryFilter[] { new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyId, keyIdBeingImported), new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyIdType, keyIdTypeBeingImported) }); return(RmsUtil.TPDExists(session, filter)); }
public RMSOnlineValidator(IConfigurationSession configurationSession, IConfigurationSession dataSession, OrganizationId organizationId, Guid rmsOnlineGuidOverride, string authenticationCertificateSubjectNameOverride = null) { RmsUtil.ThrowIfParameterNull(dataSession, "configurationSession"); RmsUtil.ThrowIfParameterNull(dataSession, "dataSession"); RmsUtil.ThrowIfParameterNull(organizationId, "organizationId"); this.configurationSession = configurationSession; this.dataSession = dataSession; this.organizationId = organizationId; this.rmsOnlineGuidOverride = rmsOnlineGuidOverride; if (authenticationCertificateSubjectNameOverride != null) { this.authenticationCertificateSubjectName = authenticationCertificateSubjectNameOverride; } }
private static KeyInformation ConvertFromRmsOnlineKeyInformation(KeyInformation rmsoKeyInfo) { RmsUtil.ThrowIfParameterNull(rmsoKeyInfo, "rmsoKeyInfo"); return(new KeyInformation { strID = rmsoKeyInfo.strID, strIDType = rmsoKeyInfo.strIDType, nCSPType = rmsoKeyInfo.nCSPType, strCSPName = rmsoKeyInfo.strCSPName, strKeyContainerName = rmsoKeyInfo.strKeyContainerName, nKeyNumber = rmsoKeyInfo.nKeyNumber, strEncryptedPrivateKey = rmsoKeyInfo.strEncryptedPrivateKey }); }
public static void ThrowIfSlcCertificateDoesNotChainToProductionHeirarchyCertificate(TrustedPublishingDomainImportUtilities tpdImportUtilities, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpdImportUtilities, "tpdImportUtilities"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); try { failureTarget = null; tpdImportUtilities.ValidateTrustedPublishingDomain(); } catch (ValidationException ex) { failureTarget = tpdName; throw new FailedToValidateSLCCertChainException(ex.ErrorCode); } }
public static void ThrowIfImportedTPDsKeyIdIsNotUnique(IConfigurationSession session, string keyIdBeingImported, string keyIdTypeBeingImported, out object failureTarget) { RmsUtil.ThrowIfParameterNull(session, "session"); RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdBeingImported, "keyIdBeingImported"); RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdTypeBeingImported, "keyIdTypeBeingImported"); failureTarget = null; QueryFilter filter = new AndFilter(new QueryFilter[] { new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyId, keyIdBeingImported), new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyIdType, keyIdTypeBeingImported) }); if (RmsUtil.TPDExists(session, filter)) { failureTarget = keyIdBeingImported; throw new DuplicateTPDKeyIdException(keyIdTypeBeingImported, keyIdBeingImported); } }
public static void ThrowIfTpdUsesUnauthorizedCryptoModeOnFips(TrustedDocDomain tpd, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); failureTarget = null; using (RegistryKey registryKey = Registry.LocalMachine.OpenSubKey("System\\CurrentControlSet\\Control\\Lsa\\FIPSAlgorithmPolicy\\", false)) { object value; if (registryKey != null && (value = registryKey.GetValue("Enabled")) != null && (int)value == 1) { int num = RmsUtil.CryptoModeFromTpd(tpd); if (num == 1) { failureTarget = tpdName; throw new InvalidFipsCryptoModeInImportedTrustedPublishingDomainException(num); } } } }
public byte[] Decrypt(string encryptedData) { RmsUtil.ThrowIfParameterNull(encryptedData, "encryptedData"); RmsUtil.ThrowIfStringParameterNullOrEmpty(encryptedData, "encryptedData"); byte[] result; try { result = this.DecryptTenantsPrivateKey(encryptedData); } catch (CryptographicException ex) { string ski; Exception ex2; if (RmsUtil.TryExtractDecryptionCertificateSKIFromEncryptedXml(encryptedData, out ski, out ex2)) { throw new PrivateKeyDecryptionFailedException(ex.Message + " " + Strings.RequiredDecryptionCertificate(ski), ex); } throw new PrivateKeyDecryptionFailedException(ex2.Message, ex2); } return(result); }
private static void ThrowIfRightsTemplateInvalid(TrustedPublishingDomainImportUtilities tpdImportUtilities, string tpdName, string template, Guid templateGuid, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpdImportUtilities, "tpdImportUtilities"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); RmsUtil.ThrowIfStringParameterNullOrEmpty(template, "template"); failureTarget = null; if (Guid.Empty == templateGuid) { failureTarget = tpdName; throw new InvalidTemplateException(); } try { tpdImportUtilities.ValidateRightsTemplate(template); } catch (ValidationException ex) { failureTarget = tpdName; throw new FailedToValidateTemplateException(templateGuid, ex.ErrorCode); } }
public string ValidateTpdSuitableForImport(TrustedDocDomain tpd, string tpdName, out object failureTarget, IConfigurationSession configurationSession = null, string existingTpdKeyId = null, string existingTpdKeyType = null, Uri existingTpdIntranetLicensingUrl = null, Uri existingTpdExtranetLicensingUrl = null, SecureString tpdFilePassword = null) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); RmsUtil.ThrowIfKeyInformationInvalid(tpd, tpdName, out failureTarget); RmsUtil.ThrowIfSlcCertificateChainInvalid(tpd, tpdName, out failureTarget); RmsUtil.ThrowIfTpdCspDoesNotMatchCryptoMode(tpd, tpdName, out failureTarget); RmsUtil.ThrowIfTpdUsesUnauthorizedCryptoModeOnFips(tpd, tpdName, out failureTarget); string result; using (TrustedPublishingDomainPrivateKeyProvider trustedPublishingDomainPrivateKeyProvider = this.CreatePrivateKeyProvider(tpdName, tpd.m_ttdki, tpdFilePassword, out result, out failureTarget)) { TrustedPublishingDomainImportUtilities tpdImportUtilities = this.CreateTpdImportUtilities(tpd, trustedPublishingDomainPrivateKeyProvider); RmsUtil.ThrowIfSlcCertificateDoesNotChainToProductionHeirarchyCertificate(tpdImportUtilities, tpdName, out failureTarget); if (this.refreshTemplatesSwitch) { RmsUtil.ThrowIfUrlWasSpecified(this.intranetLicensingUrl, this.refreshTemplatesSwitch, out failureTarget); RmsUtil.ThrowIfUrlWasSpecified(this.extranetLicensingUrl, this.refreshTemplatesSwitch, out failureTarget); RmsUtil.ThrowIfUrlWasSpecified(this.intranetCertificationUrl, this.refreshTemplatesSwitch, out failureTarget); RmsUtil.ThrowIfUrlWasSpecified(this.extranetCertificationUrl, this.refreshTemplatesSwitch, out failureTarget); RmsUtil.ThrowIfDefaultWasSpecified(this.defaultSwitch, out failureTarget); RmsUtil.ThrowIfImportedKeyIdAndTypeDoNotMatchExistingTPD(tpdName, tpd.m_ttdki.strID, existingTpdKeyId, out failureTarget); RmsUtil.ThrowIfImportedKeyIdAndTypeDoNotMatchExistingTPD(tpdName, tpd.m_ttdki.strIDType, existingTpdKeyType, out failureTarget); } else { RmsUtil.ThrowIfTpdDoesNotHavePrivateKeyIfInternalLicensingEnabled(tpd, tpdName, this.internalLicensingEnabled, out failureTarget); if (!this.rmsOnlineSwitch) { RmsUtil.ThrowIfImportedTPDsKeyIdIsNotUnique(configurationSession, tpd.m_ttdki.strID, tpd.m_ttdki.strIDType, out failureTarget); } RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.intranetLicensingUrl, out failureTarget); RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.extranetLicensingUrl, out failureTarget); RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.intranetCertificationUrl, out failureTarget); RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.extranetCertificationUrl, out failureTarget); } RmsUtil.ThrowIfRightsTemplatesInvalid(tpd.m_astrRightsTemplates, tpdName, tpdImportUtilities, this.refreshTemplatesSwitch ? existingTpdIntranetLicensingUrl : this.intranetLicensingUrl, this.refreshTemplatesSwitch ? existingTpdExtranetLicensingUrl : this.extranetLicensingUrl, out failureTarget); } return(result); }
public static bool TryExtractUrlsFromTenantConfiguration(XElement tenantConfigurationElement, out Uri intranetCertificationUrl, out Uri extranetCertificationUrl, out Uri intranetLicensingUrl, out Uri extranetLicensingUrl, out Exception exception) { RmsUtil.ThrowIfParameterNull(tenantConfigurationElement, "tenantConfigurationElement"); intranetCertificationUrl = null; extranetCertificationUrl = null; intranetLicensingUrl = null; extranetLicensingUrl = null; exception = null; try { XmlReader reader = tenantConfigurationElement.CreateReader(); XmlDocument xmlDocument = new XmlDocument(); xmlDocument.Load(reader); XmlNode xmlNode = xmlDocument.SelectSingleNode("/TenantConfiguration/CertificationIntranetDistributionPointUrl"); XmlNode xmlNode2 = xmlDocument.SelectSingleNode("/TenantConfiguration/CertificationExtranetDistributionPointUrl"); XmlNode xmlNode3 = xmlDocument.SelectSingleNode("/TenantConfiguration/LicensingIntranetDistributionPointUrl"); XmlNode xmlNode4 = xmlDocument.SelectSingleNode("/TenantConfiguration/LicensingExtranetDistributionPointUrl"); if (xmlNode != null && xmlNode2 != null && xmlNode3 != null && xmlNode4 != null) { intranetCertificationUrl = new Uri(xmlNode.InnerText); extranetCertificationUrl = new Uri(xmlNode2.InnerText); intranetLicensingUrl = new Uri(xmlNode3.InnerText); extranetLicensingUrl = new Uri(xmlNode4.InnerText); return(true); } exception = new XmlException("Unable to extract certification/licensing URLs from TenantConfiguration XML"); } catch (XmlException ex) { exception = ex; } catch (UriFormatException ex2) { exception = ex2; } return(false); }
public static void ThrowIfTpdCspDoesNotMatchCryptoMode(TrustedDocDomain tpd, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); failureTarget = null; int cryptoMode = RmsUtil.CryptoModeFromTpd(tpd); RmsUtil.CSP_TYPE csp_TYPE; if (!RmsUtil.TryCspEnumFromInteger(tpd.m_ttdki.nCSPType, out csp_TYPE)) { failureTarget = tpdName; throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode); } switch (cryptoMode) { case 1: if (csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_FULL && csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_AES) { failureTarget = tpdName; throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode); } break; case 2: if (csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_AES) { failureTarget = tpdName; throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode); } break; default: failureTarget = tpdName; throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode); } }
public static bool AreRmsOnlinePreRequisitesMet(IRMConfiguration irmConfiguration) { RmsUtil.ThrowIfParameterNull(irmConfiguration, "irmConfiguration"); return(RMUtil.IsWellFormedRmServiceUrl(irmConfiguration.RMSOnlineKeySharingLocation)); }
public static bool TPDExists(IConfigurationSession session, QueryFilter filter = null) { RmsUtil.ThrowIfParameterNull(session, "session"); RMSTrustedPublishingDomain[] array = session.Find <RMSTrustedPublishingDomain>(null, QueryScope.SubTree, filter, null, 1); return(array.Length != 0); }