public InfoCardTraceRecord(string eventID, string message)
{
InfoCardTrace.Assert(!string.IsNullOrEmpty(eventID), "null eventid", new object[0]);
InfoCardTrace.Assert(!string.IsNullOrEmpty(message), "null message", new object[0]);
this.m_eventID = eventID;
this.m_message = message;
}
//
// Summary:
// Marshals the PolicyElement to it's native format.
//
// Parameters:
// ptr - A pointer to native memory in which to place the native format of the PolicyElement. Must be
// a buffer atleast as large as this.Size.
//
public void DoMarshal(IntPtr ptr)
{
string target = m_element.Target.OuterXml;
string issuer = "";
IDT.DebugAssert(IntPtr.Zero == m_nativePtr, "Pointer already assigned");
m_nativePtr = ptr;
if (m_element.Issuer != null)
{
issuer = m_element.Issuer.OuterXml;
}
string tokenParameters = string.Empty;
if (null != m_element.Parameters)
{
tokenParameters = CardSpaceSelector.XmlToString(m_element.Parameters);
}
m_nativeElement.targetEndpointAddress = target;
m_nativeElement.issuerEndpointAddress = issuer;
m_nativeElement.issuedTokenParameters = tokenParameters;
m_nativeElement.policyNoticeLink = null != m_element.PolicyNoticeLink ? m_element.PolicyNoticeLink.ToString() : null;
m_nativeElement.policyNoticeVersion = m_element.PolicyNoticeVersion;
m_nativeElement.isManagedCardProvider = m_element.IsManagedIssuer;
Marshal.StructureToPtr(m_nativeElement, ptr, false);
return;
}
public InfoCardTraceRecord(string eventID, string message)
{
InfoCardTrace.Assert(!String.IsNullOrEmpty(eventID), "null eventid");
InfoCardTrace.Assert(!String.IsNullOrEmpty(message), "null message");
m_eventID = eventID;
m_message = message;
}
//
// Summary:
// Return handle to the CardSpace implementation dll.
// We will first check to see if a v2 (or above) redirection dll has been installed.
// If not we will check to see if the v1 infocardapi.dll is installed.
// If that's not found as well, an exception is thrown
//
private string GetCardSpaceImplementationDll()
{
string implDllFullPath = GetV2ImplementationDllPath();
if (!File.Exists(implDllFullPath))
{
//
// Choose infocardapi.dll, if v2+ dll does not exist
//
implDllFullPath = Path.Combine(
Environment.GetFolderPath(Environment.SpecialFolder.System),
REDIRECT_DLL_CARDSPACE_V1 + ".dll");
if (!File.Exists(implDllFullPath))
{
//
// If this does not exist either, then even CardSpace v1 is NOT installed
// on this machine. Note: Throwing an exception using IDT.ThrowHelperError
// does not log to event log unless it derives from InfoCardBaseException.
// This seems fine given that we don't want to be logging as "CardSpace X.0.0.0",
// rather we'll let the client application log to event log if desired.
//
throw IDT.ThrowHelperError(
new CardSpaceException(SR.GetString(SR.ClientAPIServiceNotInstalledError)));
}
}
return(implDllFullPath);
}
// Summary
// Request a security token from the infocard system
//
// Parameters
// endPoint - The token recipient end point.
// policy - Policy stating the requirements for the token.
// requiredRemoteTokenIssuer - The returned token should be issued by this
// specific issuer.
//
public static GenericXmlSecurityToken GetToken(XmlElement endpoint,
IEnumerable <XmlElement> policy,
XmlElement requiredRemoteTokenIssuer,
SecurityTokenSerializer tokenSerializer)
{
if (null == endpoint)
{
throw IDT.ThrowHelperArgumentNull("endpoint");
}
if (null == policy)
{
throw IDT.ThrowHelperArgumentNull("policy");
}
if (null == tokenSerializer)
{
throw IDT.ThrowHelperArgumentNull("tokenSerializer");
}
Collection <XmlElement> policyCollection = new Collection <XmlElement>();
foreach (XmlElement element in policy)
{
policyCollection.Add(element);
}
return(GetToken(new CardSpacePolicyElement[] { new CardSpacePolicyElement(endpoint, requiredRemoteTokenIssuer, policyCollection, null, 0, false) }, tokenSerializer));
}
public static HGlobalSafeHandle Construct(string managedString)
{
IDT.DebugAssert(!String.IsNullOrEmpty(managedString), "null string");
int bytes = (managedString.Length + 1) * 2;
return(new HGlobalSafeHandle(Marshal.StringToHGlobalUni(managedString), bytes));
}
//
// Summary:
// Zero the string contents and release the handle
//
protected override bool ReleaseHandle()
{
IDT.DebugAssert(!IsInvalid, "handle is invalid in release handle");
IDT.DebugAssert(0 != m_bytes, "invalid size");
ZeroMemory(base.handle, m_bytes);
Marshal.FreeHGlobal(base.handle);
return(true);
}
//
// Parameters:
// target - The target of the token being described.
// parameters - describes the type of token required by the target.
//
public InternalPolicyElement(CardSpacePolicyElement element)
{
m_nativePtr = IntPtr.Zero;
if (null == element.Target)
{
throw IDT.ThrowHelperArgumentNull("PolicyElement.Target");
}
m_element = element;
}
//
// Summary:
// Return the path to the v2 (or a version above v2) implementation dll.
// We expect this to be infocardapi2.dll unless overriden by a registry key
//
// Remarks: It is left upto the caller to check if the v2+ implementation
// dll actually exists or not.
//
private string GetV2ImplementationDllPath()
{
string v2AndAboveImplementationDll = String.Empty;
//
// First look in the registry key to see if this is defined
//
using (RegistryKey implDllKey = Registry.LocalMachine.OpenSubKey(REDIRECT_DLL_REG_KEY))
{
if (null != implDllKey)
{
v2AndAboveImplementationDll = (string)implDllKey.GetValue(REDIRECT_DLL_IMPLEMENTATION_VALUE);
if (!String.IsNullOrEmpty(v2AndAboveImplementationDll))
{
string v2RegPath = Path.Combine(
Environment.GetFolderPath(Environment.SpecialFolder.System),
v2AndAboveImplementationDll + ".dll");
//
// Is the filename safe (use alphanumeric like the CSD Main 58552). Does it exist?
// If not, discard the registry key we just read.
//
if (!IsSafeFile(v2AndAboveImplementationDll) || !File.Exists(v2RegPath))
{
v2AndAboveImplementationDll = String.Empty;
}
}
}
}
//
// If reg key was not found or not safe, or value was not found, or found to be empty,
// then use the default of infocardapi2.dll
//
if (String.IsNullOrEmpty(v2AndAboveImplementationDll))
{
v2AndAboveImplementationDll = REDIRECT_DLL_IMPLEMENTATION_VALUE_DEFAULT;
}
IDT.Assert(!String.IsNullOrEmpty(v2AndAboveImplementationDll), "v2AndAboveImplementationDll should not be empty");
//
// Get the full path to the v2Above dll
//
return(Path.Combine(
Environment.GetFolderPath(Environment.SpecialFolder.System),
v2AndAboveImplementationDll + ".dll"));
}
//
// Summary
// Convert the XML data to a string
//
// Parameter
// xml - The xml data to be converted into a string
//
// Returns
// A string format of the XML
//
internal static string XmlToString(IEnumerable <XmlElement> xml)
{
StringBuilder builder = new StringBuilder();
foreach (XmlElement element in xml)
{
if (null == element)
{
throw IDT.ThrowHelperError(new ArgumentException(SR.GetString(SR.ClientAPIInvalidPolicy)));
}
builder.Append(element.OuterXml);
}
return(builder.ToString());
}
//
// Summary
// Start the management user interface
//
public static void Manage()
{
Int32 result = CardSpaceSelector.GetShim().m_csShimManageCardSpace();
//
// Convert HRESULTS to errors
//
if (0 != result)
{
//
// Convert the HRESULTS to exceptions
//
ExceptionHelper.ThrowIfCardSpaceException((int)result);
throw IDT.ThrowHelperError(new CardSpaceException(SR.GetString(SR.ClientAPIInfocardError)));
}
}
public static void ThrowIfCardSpaceException(int status)
{
switch (status)
{
case (int)EventCode.E_ICARD_COMMUNICATION:
throw IDT.ThrowHelperError(new CardSpaceException(SR.GetString(SR.ClientAPIInfocardError)));
case (int)EventCode.E_ICARD_USERCANCELLED:
throw IDT.ThrowHelperError(new UserCancellationException(SR.GetString(SR.ClientAPIUserCancellationError)));
case (int)EventCode.E_ICARD_SERVICE:
throw IDT.ThrowHelperError(new ServiceNotStartedException(SR.GetString(SR.ClientAPIServiceNotStartedError)));
case (int)EventCode.E_ICARD_UNTRUSTED:
throw IDT.ThrowHelperError(new UntrustedRecipientException(SR.GetString(SR.ClientAPIUntrustedRecipientError)));
case (int)EventCode.E_ICARD_TRUSTEXCHANGE:
throw IDT.ThrowHelperError(new StsCommunicationException(SR.GetString(SR.ClientStsCommunicationException)));
case (int)EventCode.E_ICARD_IDENTITY:
throw IDT.ThrowHelperError(new IdentityValidationException(SR.GetString(SR.ClientAPIInvalidIdentity)));
case (int)EventCode.E_ICARD_SERVICEBUSY:
throw IDT.ThrowHelperError(new ServiceBusyException(SR.GetString(SR.ClientAPIServiceBusy)));
case (int)EventCode.E_ICARD_POLICY:
throw IDT.ThrowHelperError(new PolicyValidationException(SR.GetString(SR.ClientAPIInvalidPolicy)));
case (int)EventCode.E_ICARD_UNSUPPORTED:
throw IDT.ThrowHelperError(new UnsupportedPolicyOptionsException(SR.GetString(SR.ClientAPIUnsupportedPolicyOptions)));
case (int)EventCode.E_ICARD_UI_INITIALIZATION:
throw IDT.ThrowHelperError(new UIInitializationException(SR.GetString(SR.ClientAPIUIInitializationFailed)));
case (int)EventCode.E_ICARD_IMPORT:
throw IDT.ThrowHelperError(new CardSpaceException(SR.GetString(SR.ClientAPICannotImport)));
default:
//
// In current implementation, caller will determine what to do in the default case.
//
break;
}
}
//
// Summary
// Start the import card user interface
//
public static void Import(string fileName)
{
if (String.IsNullOrEmpty(fileName))
{
throw IDT.ThrowHelperArgumentNull("fileName");
}
IDT.TraceDebug("Import Infocard has been called");
Int32 result = CardSpaceSelector.GetShim().m_csShimImportInformationCard(fileName);
//
// Convert HRESULTS to errors
//
if (0 != result)
{
//
// Convert the HRESULTS to exceptions
//
ExceptionHelper.ThrowIfCardSpaceException((int)result);
throw IDT.ThrowHelperError(new CardSpaceException(SR.GetString(SR.ClientAPIInfocardError)));
}
}
public static HGlobalSafeHandle Construct(int bytes)
{
IDT.DebugAssert(bytes > 0, "attempt to allocate a handle with <= 0 bytes");
return(new HGlobalSafeHandle(Marshal.AllocHGlobal(bytes), bytes));
}
// Summary
// Request a security token from the infocard system
//
// Parameters
// policyChain - an array of PolicyElements that describe the federated security chain that the client
// needs a final token to unwind.
//
public static GenericXmlSecurityToken GetToken(CardSpacePolicyElement[] policyChain, SecurityTokenSerializer tokenSerializer)
{
IDT.TraceDebug("ICARDCLIENT: GetToken called with a policy chain of length {0}", policyChain.Length);
InfoCardProofToken proofToken = null;
InternalRefCountedHandle nativeCryptoHandle = null;
GenericXmlSecurityToken token = null;
RpcGenericXmlToken infocardToken = new RpcGenericXmlToken();
SafeTokenHandle nativeToken = null;
Int32 result = 0;
if (null == policyChain || 0 == policyChain.Length)
{
throw IDT.ThrowHelperArgumentNull("policyChain");
}
if (null == tokenSerializer)
{
throw IDT.ThrowHelperArgumentNull("tokenSerializer");
}
if (null == tokenSerializer)
{
throw IDT.ThrowHelperArgumentNull("tokenSerializer");
}
try
{
RuntimeHelpers.PrepareConstrainedRegions();
bool mustRelease = false;
try
{
}
finally
{
//
// The PolicyChain class will do the marshalling and native buffer management for us.
//
try
{
using (PolicyChain tmpChain = new PolicyChain(policyChain))
{
IDT.TraceDebug("ICARDCLIENT: PInvoking the native GetToken call");
result = GetShim().m_csShimGetToken(
tmpChain.Length,
tmpChain.DoMarshal(),
out nativeToken,
out nativeCryptoHandle);
}
if (0 == result)
{
IDT.TraceDebug("ICARDCLIENT: The PInvoke of GetToken succeeded");
nativeToken.DangerousAddRef(ref mustRelease);
infocardToken = (RpcGenericXmlToken)Marshal.PtrToStructure(
nativeToken.DangerousGetHandle(),
typeof(RpcGenericXmlToken));
}
}
finally
{
if (mustRelease)
{
nativeToken.DangerousRelease();
}
}
}
if (0 == result)
{
using (ProofTokenCryptoHandle crypto =
(ProofTokenCryptoHandle)CryptoHandle.Create(nativeCryptoHandle))
{
proofToken = crypto.CreateProofToken();
}
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.LoadXml(infocardToken.xmlToken);
SecurityKeyIdentifierClause internalTokenReference = null;
if (null != infocardToken.internalTokenReference)
{
internalTokenReference = tokenSerializer.ReadKeyIdentifierClause(
CreateReaderWithQuotas(infocardToken.internalTokenReference));
}
SecurityKeyIdentifierClause externalTokenReference = null;
if (null != infocardToken.externalTokenReference)
{
externalTokenReference = tokenSerializer.ReadKeyIdentifierClause(
CreateReaderWithQuotas(infocardToken.externalTokenReference));
}
IDT.TraceDebug("ICARDCLIENT: Constructing a new GenericXmlSecurityToken");
token = new GenericXmlSecurityToken(
xmlDoc.DocumentElement,
proofToken,
DateTime.FromFileTimeUtc(infocardToken.createDate),
DateTime.FromFileTimeUtc(infocardToken.expiryDate),
internalTokenReference,
externalTokenReference,
null);
}
else
{
IDT.TraceDebug("ICARDCLIENT: The PInvoke of GetToken failed with a return code of {0}", result);
//
// Convert the HRESULTS to exceptions
//
ExceptionHelper.ThrowIfCardSpaceException((int)result);
throw IDT.ThrowHelperError(new CardSpaceException(SR.GetString(SR.ClientAPIInfocardError)));
}
}
catch
{
if (null != nativeCryptoHandle)
{
nativeCryptoHandle.Dispose();
}
if (null != proofToken)
{
proofToken.Dispose();
}
throw;
}
finally
{
if (null != nativeToken)
{
nativeToken.Dispose();
}
}
return(token);
}
//
// Summary:
// Called back by the indigo diagnostic trace infrastructure during etw trace logging.
// Writes the extendedData section out to the TraceRecord.
//
//
internal override void WriteTo(XmlWriter writer)
{
InfoCardTrace.Assert(null != writer, "null writer");
writer.WriteElementString("message", m_message);
}
//
// GetBrowserToken not required because that is accomplished via Pheonix bit etc. (not exposed thru
// managed interface).
//
//
// Summary:
// Performs initialization of the CardSpaceShim if necessary.
// The v1 service will only allow one request from the user,
// however locking anyway in case we change our behavior in v2.
//
public void InitializeIfNecessary()
{
if (!m_isInitialized)
{
lock (m_syncRoot)
{
if (!m_isInitialized)
{
string implDllPath = GetCardSpaceImplementationDll();
m_implementationDll = SafeLibraryHandle.LoadLibraryW(implDllPath);
if (m_implementationDll.IsInvalid)
{
throw NativeMethods.ThrowWin32ExceptionWithContext(new Win32Exception(), implDllPath);
}
try
{
//
// Functions are listed in alphabetical order
//
IntPtr procaddr1 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "CloseCryptoHandle");
m_csShimCloseCryptoHandle =
(CsV2CloseCryptoHandle)Marshal.GetDelegateForFunctionPointer(
procaddr1, typeof(CsV2CloseCryptoHandle));
IntPtr procaddr2 = NativeMethods.GetProcAddressWrapper(
m_implementationDll, "Decrypt");
m_csShimDecrypt =
(CsV2Decrypt)Marshal.GetDelegateForFunctionPointer(
procaddr2, typeof(CsV2Decrypt));
IntPtr procaddr3 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "Encrypt");
m_csShimEncrypt =
(CsV2Encrypt)Marshal.GetDelegateForFunctionPointer(
procaddr3, typeof(CsV2Encrypt));
IntPtr procaddr4 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "FreeToken");
m_csShimFreeToken =
(CsV2FreeToken)Marshal.GetDelegateForFunctionPointer(
procaddr4, typeof(CsV2FreeToken));
IntPtr procaddr5 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "GenerateDerivedKey");
m_csShimGenerateDerivedKey =
(CsV2GenerateDerivedKey)Marshal.GetDelegateForFunctionPointer(
procaddr5, typeof(CsV2GenerateDerivedKey));
IntPtr procaddr6 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "GetCryptoTransform");
m_csShimGetCryptoTransform =
(CsV2GetCryptoTransform)Marshal.GetDelegateForFunctionPointer(
procaddr6, typeof(CsV2GetCryptoTransform));
IntPtr procaddr7 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "GetKeyedHash");
m_csShimGetKeyedHash =
(CsV2GetKeyedHash)Marshal.GetDelegateForFunctionPointer(
procaddr7, typeof(CsV2GetKeyedHash));
IntPtr procaddr8 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "GetToken");
m_csShimGetToken =
(CsV2GetToken)Marshal.GetDelegateForFunctionPointer(
procaddr8, typeof(CsV2GetToken));
IntPtr procaddr9 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "HashCore");
m_csShimHashCore =
(CsV2HashCore)Marshal.GetDelegateForFunctionPointer(
procaddr9, typeof(CsV2HashCore));
IntPtr procaddr10 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "HashFinal");
m_csShimHashFinal =
(CsV2HashFinal)Marshal.GetDelegateForFunctionPointer(
procaddr10, typeof(CsV2HashFinal));
IntPtr procaddr11 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "ImportInformationCard");
m_csShimImportInformationCard =
(CsV2ImportInformationCard)Marshal.GetDelegateForFunctionPointer(
procaddr11, typeof(CsV2ImportInformationCard));
IntPtr procaddr12 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "ManageCardSpace");
m_csShimManageCardSpace =
(CsV2ManageCardSpace)Marshal.GetDelegateForFunctionPointer(
procaddr12, typeof(CsV2ManageCardSpace));
IntPtr procaddr13 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "SignHash");
m_csShimSignHash =
(CsV2SignHash)Marshal.GetDelegateForFunctionPointer(
procaddr13, typeof(CsV2SignHash));
IntPtr procaddr14 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "TransformBlock");
m_csShimTransformBlock =
(CsV2TransformBlock)Marshal.GetDelegateForFunctionPointer(
procaddr14, typeof(CsV2TransformBlock));
IntPtr procaddr15 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "TransformFinalBlock");
m_csShimTransformFinalBlock =
(CsV2TransformFinalBlock)Marshal.GetDelegateForFunctionPointer(
procaddr15, typeof(CsV2TransformFinalBlock));
IntPtr procaddr16 = NativeMethods.GetProcAddressWrapper(m_implementationDll, "VerifyHash");
m_csShimVerifyHash =
(CsV2VerifyHash)Marshal.GetDelegateForFunctionPointer(
procaddr16, typeof(CsV2VerifyHash));
}
catch (Win32Exception)
{
//
// NB: IDT.ThrowHelperError would have logged for the Win32Exception
//
IDT.Assert(!m_isInitialized, "If an exception occurred, we expect this to be false");
throw;
}
m_isInitialized = true;
}
}
}
}
//
// Parameters:
// errorString - If Value gets assigned to more than once an argument exception will be thrown with this
// string as the Exception string.
//
public ThrowOnMultipleAssignment(string errorString)
{
IDT.DebugAssert(!String.IsNullOrEmpty(errorString), "Must have an error string");
m_errorString = errorString;
}
