public RmsOnlineTpdImporter(Uri rmsOnlineKeySharingLocation, string authenticationCertificateSubjectName) { RmsUtil.ThrowIfParameterNull(rmsOnlineKeySharingLocation, "rmsOnlineKeySharingLocation"); RmsUtil.ThrowIfStringParameterNullOrEmpty(authenticationCertificateSubjectName, "authenticationCertificateSubjectName"); this.rmsOnlineKeySharingLocation = rmsOnlineKeySharingLocation; this.authenticationCertificateSubjectName = authenticationCertificateSubjectName; }
public static void ThrowIfRightsTemplatesInvalid(IEnumerable <string> templates, string tpdName, TrustedPublishingDomainImportUtilities tpdImportUtilities, Uri intranetLicensingUrl, Uri extranetLicensingUrl, out object failureTarget) { failureTarget = null; if (templates != null) { RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); RmsUtil.ThrowIfParameterNull(tpdImportUtilities, "tpdImportUtilities"); RmsUtil.ThrowIfParameterNull(intranetLicensingUrl, "intranetLicensingUrl"); RmsUtil.ThrowIfParameterNull(extranetLicensingUrl, "extranetLicensingUrl"); foreach (string template in templates) { Uri templateDistributionPoint; Uri templateDistributionPoint2; Guid templateGuid; try { DrmClientUtils.ParseTemplate(template, out templateDistributionPoint, out templateDistributionPoint2, out templateGuid); } catch (RightsManagementException innerException) { failureTarget = tpdName; throw new InvalidTemplateException(innerException); } RmsUtil.ThrowIfRightsTemplateInvalid(tpdImportUtilities, tpdName, template, templateGuid, out failureTarget); RmsUtil.ThrowIfTemplateDistributionPointInvalid(templateDistributionPoint, RmsUtil.TemplateDistributionPointType.Intranet, templateGuid, intranetLicensingUrl, extranetLicensingUrl, out failureTarget); RmsUtil.ThrowIfTemplateDistributionPointInvalid(templateDistributionPoint2, RmsUtil.TemplateDistributionPointType.Extranet, templateGuid, intranetLicensingUrl, extranetLicensingUrl, out failureTarget); } } }
private static void ThrowIfKeyTypeInvalid(KeyInformation keyInfo, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(keyInfo, "keyInfo"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); failureTarget = null; if (string.IsNullOrEmpty(keyInfo.strIDType)) { failureTarget = tpdName; throw new NoKeyIDTypeInImportedTrustedPublishingDomainException(); } }
public static void ThrowIfSlcCertificateChainInvalid(TrustedDocDomain tpd, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); failureTarget = null; if (tpd.m_strLicensorCertChain == null || tpd.m_strLicensorCertChain.Length == 0 || string.IsNullOrEmpty(tpd.m_strLicensorCertChain[0])) { failureTarget = tpdName; throw new NoSLCCertChainInImportedTrustedPublishingDomainException(); } }
public static void ThrowIfTpdDoesNotHavePrivateKeyIfInternalLicensingEnabled(TrustedDocDomain tpd, string tpdName, bool internalLicensingEnabled, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); RmsUtil.ThrowIfParameterNull(tpd.m_ttdki, "tpd.m_ttdki"); failureTarget = null; if (internalLicensingEnabled && string.IsNullOrEmpty(tpd.m_ttdki.strEncryptedPrivateKey)) { failureTarget = tpdName; throw new NoPrivateKeyInImportedTrustedPublishingDomainException(); } }
public static void ThrowIfImportedKeyIdAndTypeDoNotMatchExistingTPD(string tpdName, string importedKeyIdOrType, string existingKeyIdOrType, out object failureTarget) { RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); RmsUtil.ThrowIfStringParameterNullOrEmpty(importedKeyIdOrType, "importedKeyIdOrType"); RmsUtil.ThrowIfStringParameterNullOrEmpty(existingKeyIdOrType, "existingKeyIdOrType"); failureTarget = null; if (!string.Equals(importedKeyIdOrType, existingKeyIdOrType, StringComparison.OrdinalIgnoreCase)) { failureTarget = existingKeyIdOrType; throw new KeyNoMatchException(tpdName); } }
public static void ThrowIfKeyInformationInvalid(TrustedDocDomain tpd, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); if (tpd.m_ttdki == null) { failureTarget = tpdName; throw new NoKeyInformationInImportedTrustedPublishingDomainException(); } RmsUtil.ThrowIfKeyIdInvalid(tpd.m_ttdki, tpdName, out failureTarget); RmsUtil.ThrowIfKeyTypeInvalid(tpd.m_ttdki, tpdName, out failureTarget); }
public static bool TPDExists(IConfigurationSession session, string keyIdBeingImported, string keyIdTypeBeingImported) { RmsUtil.ThrowIfParameterNull(session, "session"); RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdBeingImported, "keyIdBeingImported"); RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdTypeBeingImported, "keyIdTypeBeingImported"); QueryFilter filter = new AndFilter(new QueryFilter[] { new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyId, keyIdBeingImported), new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyIdType, keyIdTypeBeingImported) }); return(RmsUtil.TPDExists(session, filter)); }
public static void ThrowIfSlcCertificateDoesNotChainToProductionHeirarchyCertificate(TrustedPublishingDomainImportUtilities tpdImportUtilities, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpdImportUtilities, "tpdImportUtilities"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); try { failureTarget = null; tpdImportUtilities.ValidateTrustedPublishingDomain(); } catch (ValidationException ex) { failureTarget = tpdName; throw new FailedToValidateSLCCertChainException(ex.ErrorCode); } }
public static void ThrowIfImportedTPDsKeyIdIsNotUnique(IConfigurationSession session, string keyIdBeingImported, string keyIdTypeBeingImported, out object failureTarget) { RmsUtil.ThrowIfParameterNull(session, "session"); RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdBeingImported, "keyIdBeingImported"); RmsUtil.ThrowIfStringParameterNullOrEmpty(keyIdTypeBeingImported, "keyIdTypeBeingImported"); failureTarget = null; QueryFilter filter = new AndFilter(new QueryFilter[] { new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyId, keyIdBeingImported), new ComparisonFilter(ComparisonOperator.Equal, RMSTrustedPublishingDomainSchema.KeyIdType, keyIdTypeBeingImported) }); if (RmsUtil.TPDExists(session, filter)) { failureTarget = keyIdBeingImported; throw new DuplicateTPDKeyIdException(keyIdTypeBeingImported, keyIdBeingImported); } }
public static string GenerateRmsOnlineTpdName(string existingDefaultTpdName, string newTpdNameRoot) { RmsUtil.ThrowIfStringParameterNullOrEmpty(newTpdNameRoot, "newTpdNameRoot"); if (string.IsNullOrEmpty(existingDefaultTpdName)) { return(string.Format("{0}{1}{2}", newTpdNameRoot, " - ", "1")); } int num = 0; if (existingDefaultTpdName.Length > " - ".Length && string.Compare(existingDefaultTpdName, 0, newTpdNameRoot, 0, newTpdNameRoot.Length, true) == 0) { int num2 = existingDefaultTpdName.LastIndexOf(" - ", StringComparison.Ordinal); if (-1 != num2 && existingDefaultTpdName.Length > num2 + " - ".Length) { int.TryParse(existingDefaultTpdName.Substring(num2 + " - ".Length), out num); } } return(string.Format("{0}{1}{2}", newTpdNameRoot, " - ", num + 1)); }
public static void ThrowIfTpdUsesUnauthorizedCryptoModeOnFips(TrustedDocDomain tpd, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); failureTarget = null; using (RegistryKey registryKey = Registry.LocalMachine.OpenSubKey("System\\CurrentControlSet\\Control\\Lsa\\FIPSAlgorithmPolicy\\", false)) { object value; if (registryKey != null && (value = registryKey.GetValue("Enabled")) != null && (int)value == 1) { int num = RmsUtil.CryptoModeFromTpd(tpd); if (num == 1) { failureTarget = tpdName; throw new InvalidFipsCryptoModeInImportedTrustedPublishingDomainException(num); } } } }
public byte[] Decrypt(string encryptedData) { RmsUtil.ThrowIfParameterNull(encryptedData, "encryptedData"); RmsUtil.ThrowIfStringParameterNullOrEmpty(encryptedData, "encryptedData"); byte[] result; try { result = this.DecryptTenantsPrivateKey(encryptedData); } catch (CryptographicException ex) { string ski; Exception ex2; if (RmsUtil.TryExtractDecryptionCertificateSKIFromEncryptedXml(encryptedData, out ski, out ex2)) { throw new PrivateKeyDecryptionFailedException(ex.Message + " " + Strings.RequiredDecryptionCertificate(ski), ex); } throw new PrivateKeyDecryptionFailedException(ex2.Message, ex2); } return(result); }
private static void ThrowIfRightsTemplateInvalid(TrustedPublishingDomainImportUtilities tpdImportUtilities, string tpdName, string template, Guid templateGuid, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpdImportUtilities, "tpdImportUtilities"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); RmsUtil.ThrowIfStringParameterNullOrEmpty(template, "template"); failureTarget = null; if (Guid.Empty == templateGuid) { failureTarget = tpdName; throw new InvalidTemplateException(); } try { tpdImportUtilities.ValidateRightsTemplate(template); } catch (ValidationException ex) { failureTarget = tpdName; throw new FailedToValidateTemplateException(templateGuid, ex.ErrorCode); } }
public string ValidateTpdSuitableForImport(TrustedDocDomain tpd, string tpdName, out object failureTarget, IConfigurationSession configurationSession = null, string existingTpdKeyId = null, string existingTpdKeyType = null, Uri existingTpdIntranetLicensingUrl = null, Uri existingTpdExtranetLicensingUrl = null, SecureString tpdFilePassword = null) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); RmsUtil.ThrowIfKeyInformationInvalid(tpd, tpdName, out failureTarget); RmsUtil.ThrowIfSlcCertificateChainInvalid(tpd, tpdName, out failureTarget); RmsUtil.ThrowIfTpdCspDoesNotMatchCryptoMode(tpd, tpdName, out failureTarget); RmsUtil.ThrowIfTpdUsesUnauthorizedCryptoModeOnFips(tpd, tpdName, out failureTarget); string result; using (TrustedPublishingDomainPrivateKeyProvider trustedPublishingDomainPrivateKeyProvider = this.CreatePrivateKeyProvider(tpdName, tpd.m_ttdki, tpdFilePassword, out result, out failureTarget)) { TrustedPublishingDomainImportUtilities tpdImportUtilities = this.CreateTpdImportUtilities(tpd, trustedPublishingDomainPrivateKeyProvider); RmsUtil.ThrowIfSlcCertificateDoesNotChainToProductionHeirarchyCertificate(tpdImportUtilities, tpdName, out failureTarget); if (this.refreshTemplatesSwitch) { RmsUtil.ThrowIfUrlWasSpecified(this.intranetLicensingUrl, this.refreshTemplatesSwitch, out failureTarget); RmsUtil.ThrowIfUrlWasSpecified(this.extranetLicensingUrl, this.refreshTemplatesSwitch, out failureTarget); RmsUtil.ThrowIfUrlWasSpecified(this.intranetCertificationUrl, this.refreshTemplatesSwitch, out failureTarget); RmsUtil.ThrowIfUrlWasSpecified(this.extranetCertificationUrl, this.refreshTemplatesSwitch, out failureTarget); RmsUtil.ThrowIfDefaultWasSpecified(this.defaultSwitch, out failureTarget); RmsUtil.ThrowIfImportedKeyIdAndTypeDoNotMatchExistingTPD(tpdName, tpd.m_ttdki.strID, existingTpdKeyId, out failureTarget); RmsUtil.ThrowIfImportedKeyIdAndTypeDoNotMatchExistingTPD(tpdName, tpd.m_ttdki.strIDType, existingTpdKeyType, out failureTarget); } else { RmsUtil.ThrowIfTpdDoesNotHavePrivateKeyIfInternalLicensingEnabled(tpd, tpdName, this.internalLicensingEnabled, out failureTarget); if (!this.rmsOnlineSwitch) { RmsUtil.ThrowIfImportedTPDsKeyIdIsNotUnique(configurationSession, tpd.m_ttdki.strID, tpd.m_ttdki.strIDType, out failureTarget); } RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.intranetLicensingUrl, out failureTarget); RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.extranetLicensingUrl, out failureTarget); RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.intranetCertificationUrl, out failureTarget); RmsUtil.ThrowIfIsNotWellFormedRmServiceUrl(this.extranetCertificationUrl, out failureTarget); } RmsUtil.ThrowIfRightsTemplatesInvalid(tpd.m_astrRightsTemplates, tpdName, tpdImportUtilities, this.refreshTemplatesSwitch ? existingTpdIntranetLicensingUrl : this.intranetLicensingUrl, this.refreshTemplatesSwitch ? existingTpdExtranetLicensingUrl : this.extranetLicensingUrl, out failureTarget); } return(result); }
public static void ThrowIfTpdCspDoesNotMatchCryptoMode(TrustedDocDomain tpd, string tpdName, out object failureTarget) { RmsUtil.ThrowIfParameterNull(tpd, "tpd"); RmsUtil.ThrowIfStringParameterNullOrEmpty(tpdName, "tpdName"); failureTarget = null; int cryptoMode = RmsUtil.CryptoModeFromTpd(tpd); RmsUtil.CSP_TYPE csp_TYPE; if (!RmsUtil.TryCspEnumFromInteger(tpd.m_ttdki.nCSPType, out csp_TYPE)) { failureTarget = tpdName; throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode); } switch (cryptoMode) { case 1: if (csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_FULL && csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_AES) { failureTarget = tpdName; throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode); } break; case 2: if (csp_TYPE != RmsUtil.CSP_TYPE.PROV_RSA_AES) { failureTarget = tpdName; throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode); } break; default: failureTarget = tpdName; throw new InvalidCspForCryptoModeInImportedTrustedPublishingDomainException(csp_TYPE.ToString(), cryptoMode); } }