public void ThaliWebRequestTest() { var keyPair = ThaliCryptoUtilities.GenerateThaliAcceptablePublicPrivateKeyPair(); var pkcs12Stream = ThaliCryptoUtilities.CreatePKCS12KeyStoreWithPublicPrivateKeyPair( keyPair, ThaliCryptoUtilities.DefaultPassPhrase); var cert = ThaliCryptoUtilities.GetX509Certificate(pkcs12Stream, ThaliCryptoUtilities.DefaultPassPhrase); var serverKey = ThaliClientToDeviceHubUtilities.GetServersRootPublicKey(Host, Port, cert); var serverHttpKeyUri = HttpKeyUri.BuildHttpKeyUri(serverKey, Host, Port, null, null); var thaliWebRequest = ThaliClientToDeviceHubUtilities.CreateThaliWebRequest(serverHttpKeyUri, cert); thaliWebRequest.Method = "GET"; thaliWebRequest.GetResponse().Close(); }
private static XmlHttpResponse ExecuteProvisionLocalClientToLocalHub( XmlHttpRequest xmlHttpRequest, X509Certificate2 clientCert) { var hubHttpKeyUri = DiscoverRootCertIfNeeded(HttpKeyUri.BuildHttpKeyUri(xmlHttpRequest.url), clientCert); ThaliClientToDeviceHubUtilities.ProvisionThaliClient( hubHttpKeyUri.ServerPublicKey, hubHttpKeyUri.Host, hubHttpKeyUri.Port, clientCert); return new XmlHttpResponse { status = 200, transactionId = xmlHttpRequest.transactionId, responseText = hubHttpKeyUri.AbsoluteUri }; }
private static XmlHttpResponse ExecuteProvisionLocalHubToRemoteHub( XmlHttpRequest xmlHttpRequest, X509Certificate2 clientCert) { var remoteHubHttpKeyUri = DiscoverRootCertIfNeeded(HttpKeyUri.BuildHttpKeyUri(xmlHttpRequest.url), clientCert); var localHubHttpKeyUri = HttpKeyUri.BuildHttpKeyUri(xmlHttpRequest.requestText); ThaliClientToDeviceHubUtilities.ProvisionKeyInPrincipalDatabase(remoteHubHttpKeyUri.ServerPublicKey, remoteHubHttpKeyUri.Host, remoteHubHttpKeyUri.Port, localHubHttpKeyUri.ServerPublicKey, clientCert); return new XmlHttpResponse { status = 200, transactionId = xmlHttpRequest.transactionId, responseText = remoteHubHttpKeyUri.AbsoluteUri }; }
private static XmlHttpResponse ProxyRequest( XmlHttpRequest xmlHttpRequest, X509Certificate2 clientCert) { var httpKeyUri = HttpKeyUri.BuildHttpKeyUri(xmlHttpRequest.url); HttpWebRequest webRequest = ThaliClientToDeviceHubUtilities.CreateThaliWebRequest(httpKeyUri, clientCert); webRequest.Method = xmlHttpRequest.method; // There are multiple headers that cannot be set directly via webRequest.Headers. I only catch // two below that seem of some reasonable use. foreach (var headerNameValue in xmlHttpRequest.headers) { if (headerNameValue.Key.Equals("Accept", StringComparison.OrdinalIgnoreCase)) { webRequest.Accept = headerNameValue.Value; } else if (headerNameValue.Key.Equals("Content-Type", StringComparison.OrdinalIgnoreCase)) { webRequest.ContentType = headerNameValue.Value; } else { webRequest.Headers.Add(headerNameValue.Key, headerNameValue.Value); } } if (string.IsNullOrWhiteSpace(xmlHttpRequest.requestText)) { return ProcessResponse(xmlHttpRequest.transactionId, webRequest); } var bodyAsBytes = Encoding.UTF8.GetBytes(xmlHttpRequest.requestText); webRequest.GetRequestStream().Write(bodyAsBytes, 0, bodyAsBytes.Count()); var response = ProcessResponse(xmlHttpRequest.transactionId, webRequest); return response; }
/// <summary> /// TODO: This whole method is just wrong, what happens if the server at the address changes its key?!?!?! /// TODO: Once we have a real discovery framework this whole 0.0 mechanism needs to go away. /// </summary> /// <param name="httpKeyUri"></param> /// <param name="clientCert"></param> /// <returns></returns> private static HttpKeyUri DiscoverRootCertIfNeeded(HttpKeyUri httpKeyUri, X509Certificate2 clientCert) { if (httpKeyUri.ServerPublicKey.Exponent.Equals(BigInteger.Zero) && httpKeyUri.ServerPublicKey.Modulus.Equals(BigInteger.Zero)) { var host = httpKeyUri.Host; var port = httpKeyUri.Port; var hostPortTuple = new Tuple<string, int>(host, port); var serverPublicKey = HttpKeyStore.GetOrAdd( hostPortTuple, keyTuple => ThaliClientToDeviceHubUtilities.GetServersRootPublicKey(host, port, clientCert)); var serverHttpKey = HttpKeyUri.BuildHttpKeyUri( serverPublicKey, host, port, httpKeyUri.PathWithoutPublicKey, httpKeyUri.Query); return serverHttpKey; } return httpKeyUri; }
public void HttpKeyUriTests() { var keyPair = ThaliCryptoUtilities.GenerateThaliAcceptablePublicPrivateKeyPair(); var serverPublicKey = new BigIntegerRSAPublicKey((RsaKeyParameters)keyPair.Public); const string Host = "foo.com"; const int Port = 413; string path = "/ick"; string query = "?ark"; string fragment = "#bark"; string extraValue = query + fragment; var httpKeyURL = HttpKeyUri.BuildHttpKeyUri(serverPublicKey, Host, Port, path, extraValue); // We want one we do manually just to make sure everything is o.k. Assert.IsTrue(Host.Equals(httpKeyURL.Host, StringComparison.Ordinal)); Assert.IsTrue(Port == httpKeyURL.Port); Assert.IsTrue(serverPublicKey.Modulus.Equals(httpKeyURL.ServerPublicKey.Modulus)); Assert.IsTrue(serverPublicKey.Exponent.Equals(httpKeyURL.ServerPublicKey.Exponent)); Assert.IsTrue(query.Equals(httpKeyURL.Query, StringComparison.Ordinal)); Assert.IsTrue(fragment.Equals(httpKeyURL.Fragment, StringComparison.Ordinal)); Assert.IsTrue(httpKeyURL.PathWithoutPublicKey.Equals(path, StringComparison.Ordinal)); string expectedURL = HttpKeyUri.HttpKeySchemeName + "://" + Host + ":" + Port + "/" + HttpKeyUri.RsaKeyType + ":" + serverPublicKey.Exponent + "." + serverPublicKey.Modulus + path + query + fragment; Assert.IsTrue(expectedURL.Equals(httpKeyURL.ToString(), StringComparison.Ordinal)); string expectedHttpsURL = "https://" + Host + ":" + Port + path + query + fragment; Assert.IsTrue(expectedHttpsURL.Equals(httpKeyURL.CreateHttpsUrl(), StringComparison.Ordinal)); // ReSharper disable once EqualExpressionComparison Assert.IsTrue(httpKeyURL.Equals(httpKeyURL)); HttpKeyUri secondHttpKeyURL = HttpKeyUri.BuildHttpKeyUri(expectedURL); Assert.IsTrue(httpKeyURL.Equals(secondHttpKeyURL)); HttpKeyUri thirdHttpKeyURL = HttpKeyUri.BuildHttpKeyUri(serverPublicKey, Host, Port, null, null); string expectedThirdURL = HttpKeyUri.HttpKeySchemeName + "://" + Host + ":" + Port + "/" + HttpKeyUri.RsaKeyType + ":" + serverPublicKey.Exponent + "." + serverPublicKey.Modulus; Assert.IsTrue(expectedThirdURL.Equals(thirdHttpKeyURL.ToString(), StringComparison.Ordinal)); Assert.IsTrue(HttpKeyUri.BuildHttpKeyUri(expectedThirdURL).Equals(thirdHttpKeyURL)); path = "/ick ?"; query = "?????? "; fragment = "###???///???"; HttpKeyUri escapedChars = HttpKeyUri.BuildHttpKeyUri(serverPublicKey, Host, Port, path, query + fragment); expectedHttpsURL = "https://" + Host + ":" + Port + "/ick%20%20%3F" + "??????%20%20%20%20" + "###???///???"; Assert.IsTrue(expectedHttpsURL.Equals(escapedChars.CreateHttpsUrl(), StringComparison.Ordinal)); path = "/ick/bick/bark/ark/mark/hark"; httpKeyURL = HttpKeyUri.BuildHttpKeyUri(serverPublicKey, Host, Port, path, extraValue); Assert.IsTrue(httpKeyURL.PathWithoutPublicKey.Equals(path, StringComparison.Ordinal)); httpKeyURL = HttpKeyUri.BuildHttpKeyUri(httpKeyURL.ToString()); Assert.IsTrue(httpKeyURL.PathWithoutPublicKey.Equals(path, StringComparison.Ordinal)); }