public CompactSignatureSecurityChannelFactory( IChannelFactory <IDuplexChannel> innerChannelFactory, DiscoveryVersion discoveryVersion, X509Certificate2 signingCertificate, ReceivedCertificatesStoreSettings receivedCertificatesStoreSettings) : base() { this.signingCertificate = signingCertificate; this.receivedCertificatesStoreSettings = receivedCertificatesStoreSettings; this.InnerChannelFactory = innerChannelFactory; this.discoveryVersion = discoveryVersion; }
public static void VerifyMessage( Message innerMessage, ProtocolSettings discoveryInfo, ReceivedCertificatesStoreSettings receivedCertificatesStoreSettings) { int headerIndex = innerMessage.Headers.FindHeader(ProtocolStrings.SecurityHeaderName, discoveryInfo.DiscoveryNamespace); if (headerIndex < 0) { // A security header is not present, so we can't verify the validity of the message. throw new CompactSignatureSecurityException("The received message doesn't contain a Security header"); } ReceivedCompactSignatureHeader compactSignature = new ReceivedCompactSignatureHeader(innerMessage, headerIndex, discoveryInfo); compactSignature.Process(receivedCertificatesStoreSettings); }
public CompactSignatureSecurityDuplexChannel( ChannelManagerBase channelManager, IDuplexChannel innerChannel, DiscoveryVersion discoveryVersion, X509Certificate2 certificate, ReceivedCertificatesStoreSettings receivedCertificatesStoreSettings) : base(channelManager) { Utility.IfNullThrowNullArgumentException(innerChannel, "innerChannel"); this.DiscoveryInfo = new ProtocolSettings(discoveryVersion); this.InnerChannel = innerChannel; this.ReceivedCertificatesStoreSettings = receivedCertificatesStoreSettings; this.SigningCertificate = certificate; this.onInnerChannelFaulted = new EventHandler(OnInnerChannelFaulted); this.InnerChannel.Faulted += this.onInnerChannelFaulted; }
void Process(ReceivedCertificatesStoreSettings receivedCertificatesStoreSettings) { // The attributes should contain the following: Scheme, KeyId, Refs, Sig, [PrefixList] string schemeUri; string keyId; string refs; string sig; string inclusivePrefixList; this.GetCompactSignatureAttributes(out schemeUri, out keyId, out refs, out sig, out inclusivePrefixList); this.CheckCompactSignatureAttributes(schemeUri, keyId, sig, refs, inclusivePrefixList); // Look for a certificate that matches the KeyId in the compact signature header X509Certificate2 certificate = CertificateHelper.GetCertificateByThumbprint( receivedCertificatesStoreSettings.StoreName, receivedCertificatesStoreSettings.StoreLocation, Utility.ToHexString(keyId)); // Construct a ds:SignedInfo, then compute and verify signature this.VerifySignature(refs, sig, inclusivePrefixList, certificate); }
internal ReceivedCertificatesStoreSettings(ReceivedCertificatesStoreSettings receivedCertificateStoreSettings) { Utility.IfNullThrowNullArgumentException(receivedCertificateStoreSettings, "receivedCertificateStoreSettings"); this.StoreLocation = receivedCertificateStoreSettings.StoreLocation; this.StoreName = receivedCertificateStoreSettings.StoreName; }
internal ReceivedCertificatesStoreSettings(ReceivedCertificatesStoreSettings receivedCertificateStoreSettings) { Utility.IfNullThrowNullArgumentException(receivedCertificateStoreSettings, "receivedCertificateStoreSettings"); this.StoreLocation = receivedCertificateStoreSettings.StoreLocation; this.StoreName = receivedCertificateStoreSettings.StoreName; }