//
// Summary:
// Creates a new InfoCardKeyedHashAlgorithm based on a SymmetricCryptoHandle.
//
// Parameters:
// cryptoHandle - The handle to the symmetric key on which to base the keyed hash.
//
public InfoCardKeyedHashAlgorithm(SymmetricCryptoHandle cryptoHandle)
{
InternalRefCountedHandle nativeHandle = null;
try
{
//
// Call native api to get a hashCryptoHandle.
//
int status = CardSpaceSelector.GetShim().m_csShimGetKeyedHash(cryptoHandle.InternalHandle, out nativeHandle);
if (0 != status)
{
IDT.CloseInvalidOutSafeHandle(nativeHandle);
ExceptionHelper.ThrowIfCardSpaceException(status);
throw IDT.ThrowHelperError(new Win32Exception(status));
}
m_cryptoHandle = (HashCryptoHandle)CryptoHandle.Create(nativeHandle);
m_param = (RpcHashCryptoParameters)m_cryptoHandle.Parameters;
}
catch
{
if (null != m_cryptoHandle)
{
m_cryptoHandle.Dispose();
}
throw;
}
}
public InfoCardKeyedHashAlgorithm(SymmetricCryptoHandle cryptoHandle)
{
InternalRefCountedHandle nativeHashHandle = null;
try
{
int status = CardSpaceSelector.GetShim().m_csShimGetKeyedHash(cryptoHandle.InternalHandle, out nativeHashHandle);
if (status != 0)
{
InfoCardTrace.CloseInvalidOutSafeHandle(nativeHashHandle);
ExceptionHelper.ThrowIfCardSpaceException(status);
throw InfoCardTrace.ThrowHelperError(new Win32Exception(status));
}
this.m_cryptoHandle = (HashCryptoHandle)CryptoHandle.Create(nativeHashHandle);
this.m_param = (RpcHashCryptoParameters)this.m_cryptoHandle.Parameters;
}
catch
{
if (this.m_cryptoHandle != null)
{
this.m_cryptoHandle.Dispose();
}
throw;
}
}
public void Dispose()
{
if (!this.m_isDisposed)
{
this.m_internalHandle.Release();
this.m_internalHandle = null;
this.m_isDisposed = true;
}
}
public void Dispose()
{
if (m_isDisposed)
{
return;
}
m_internalHandle.Release();
m_internalHandle = null;
m_isDisposed = true;
}
//
// Summary:
// Given a pointer to a native cryptosession this method creates the appropriate CryptoHandle type.
//
static internal CryptoHandle Create(InternalRefCountedHandle nativeHandle)
{
CryptoHandle handle = null;
bool mustRelease = false;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
nativeHandle.DangerousAddRef(ref mustRelease);
RpcInfoCardCryptoHandle hCrypto =
(RpcInfoCardCryptoHandle)Marshal.PtrToStructure(nativeHandle.DangerousGetHandle(),
typeof(RpcInfoCardCryptoHandle));
DateTime expiration = DateTime.FromFileTimeUtc(hCrypto.expiration);
switch (hCrypto.type)
{
case RpcInfoCardCryptoHandle.HandleType.Asymmetric:
handle = new AsymmetricCryptoHandle(nativeHandle, expiration, hCrypto.cryptoParameters);
break;
case RpcInfoCardCryptoHandle.HandleType.Symmetric:
handle = new SymmetricCryptoHandle(nativeHandle, expiration, hCrypto.cryptoParameters);
break;
case RpcInfoCardCryptoHandle.HandleType.Transform:
handle = new TransformCryptoHandle(nativeHandle, expiration, hCrypto.cryptoParameters);
break;
case RpcInfoCardCryptoHandle.HandleType.Hash:
handle = new HashCryptoHandle(nativeHandle, expiration, hCrypto.cryptoParameters);
break;
default:
IDT.DebugAssert(false, "Invalid crypto operation type");
throw IDT.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.GeneralExceptionMessage)));
}
return(handle);
}
finally
{
if (mustRelease)
{
nativeHandle.DangerousRelease();
}
}
}
internal static CryptoHandle Create(InternalRefCountedHandle nativeHandle)
{
CryptoHandle handle = null;
CryptoHandle handle3;
bool success = false;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
nativeHandle.DangerousAddRef(ref success);
RpcInfoCardCryptoHandle handle2 = (RpcInfoCardCryptoHandle)Marshal.PtrToStructure(nativeHandle.DangerousGetHandle(), typeof(RpcInfoCardCryptoHandle));
DateTime expiration = DateTime.FromFileTimeUtc(handle2.expiration);
switch (handle2.type)
{
case RpcInfoCardCryptoHandle.HandleType.Asymmetric:
handle = new AsymmetricCryptoHandle(nativeHandle, expiration, handle2.cryptoParameters);
break;
case RpcInfoCardCryptoHandle.HandleType.Symmetric:
handle = new SymmetricCryptoHandle(nativeHandle, expiration, handle2.cryptoParameters);
break;
case RpcInfoCardCryptoHandle.HandleType.Transform:
handle = new TransformCryptoHandle(nativeHandle, expiration, handle2.cryptoParameters);
break;
case RpcInfoCardCryptoHandle.HandleType.Hash:
handle = new HashCryptoHandle(nativeHandle, expiration, handle2.cryptoParameters);
break;
default:
throw InfoCardTrace.ThrowHelperError(new InvalidOperationException(Microsoft.InfoCards.SR.GetString("GeneralExceptionMessage")));
}
handle3 = handle;
}
finally
{
if (success)
{
nativeHandle.DangerousRelease();
}
}
return(handle3);
}
public CryptoTransform(InfoCardSymmetricAlgorithm symAlgo, Direction cryptoDirection)
{
InternalRefCountedHandle nativeTransformHandle = null;
byte[] iV = symAlgo.IV;
using (HGlobalSafeHandle handle2 = HGlobalSafeHandle.Construct(iV.Length))
{
Marshal.Copy(iV, 0, handle2.DangerousGetHandle(), iV.Length);
int status = CardSpaceSelector.GetShim().m_csShimGetCryptoTransform(symAlgo.m_cryptoHandle.InternalHandle, (int)symAlgo.Mode, (int)symAlgo.Padding, symAlgo.FeedbackSize, (int)cryptoDirection, iV.Length, handle2, out nativeTransformHandle);
if (status != 0)
{
InfoCardTrace.CloseInvalidOutSafeHandle(nativeTransformHandle);
ExceptionHelper.ThrowIfCardSpaceException(status);
throw InfoCardTrace.ThrowHelperError(new Win32Exception(status));
}
this.m_transCryptoHandle = (TransformCryptoHandle)CryptoHandle.Create(nativeTransformHandle);
this.m_param = (RpcTransformCryptoParameters)this.m_transCryptoHandle.Parameters;
}
}
//
// Parameters:
// symAlgo - the algorithm being requested.
// cryptoDirection - determines whether the transform will encrypt or decrypt.
//
public CryptoTransform(InfoCardSymmetricAlgorithm symAlgo, Direction cryptoDirection)
{
InternalRefCountedHandle nativeHandle = null;
byte[] iv = symAlgo.IV;
using (HGlobalSafeHandle pIV = HGlobalSafeHandle.Construct(iv.Length))
{
//
// Marshal the initialization vector.
//
Marshal.Copy(iv, 0, pIV.DangerousGetHandle(), iv.Length);
//
// Call native method to get a handle to a native transform.
//
int status = CardSpaceSelector.GetShim().m_csShimGetCryptoTransform(symAlgo.m_cryptoHandle.InternalHandle,
(int)symAlgo.Mode,
(int)symAlgo.Padding,
symAlgo.FeedbackSize,
(int)cryptoDirection,
iv.Length,
pIV,
out nativeHandle);
if (0 != status)
{
IDT.CloseInvalidOutSafeHandle(nativeHandle);
ExceptionHelper.ThrowIfCardSpaceException(status);
throw IDT.ThrowHelperError(new Win32Exception(status));
}
m_transCryptoHandle = (TransformCryptoHandle)CryptoHandle.Create(nativeHandle);
m_param = (RpcTransformCryptoParameters)m_transCryptoHandle.Parameters;
}
}
protected ProofTokenCryptoHandle(InternalRefCountedHandle internalHandle)
: base(internalHandle)
{
}
protected ProofTokenCryptoHandle(InternalRefCountedHandle nativeHandle, DateTime expiration, IntPtr nativeParameters, Type paramType)
: base(nativeHandle, expiration, nativeParameters, paramType)
{
}
// Summary
// Request a security token from the infocard system
//
// Parameters
// policyChain - an array of PolicyElements that describe the federated security chain that the client
// needs a final token to unwind.
//
public static GenericXmlSecurityToken GetToken(CardSpacePolicyElement[] policyChain, SecurityTokenSerializer tokenSerializer)
{
IDT.TraceDebug("ICARDCLIENT: GetToken called with a policy chain of length {0}", policyChain.Length);
InfoCardProofToken proofToken = null;
InternalRefCountedHandle nativeCryptoHandle = null;
GenericXmlSecurityToken token = null;
RpcGenericXmlToken infocardToken = new RpcGenericXmlToken();
SafeTokenHandle nativeToken = null;
Int32 result = 0;
if (null == policyChain || 0 == policyChain.Length)
{
throw IDT.ThrowHelperArgumentNull("policyChain");
}
if (null == tokenSerializer)
{
throw IDT.ThrowHelperArgumentNull("tokenSerializer");
}
if (null == tokenSerializer)
{
throw IDT.ThrowHelperArgumentNull("tokenSerializer");
}
try
{
RuntimeHelpers.PrepareConstrainedRegions();
bool mustRelease = false;
try
{
}
finally
{
//
// The PolicyChain class will do the marshalling and native buffer management for us.
//
try
{
using (PolicyChain tmpChain = new PolicyChain(policyChain))
{
IDT.TraceDebug("ICARDCLIENT: PInvoking the native GetToken call");
result = GetShim().m_csShimGetToken(
tmpChain.Length,
tmpChain.DoMarshal(),
out nativeToken,
out nativeCryptoHandle);
}
if (0 == result)
{
IDT.TraceDebug("ICARDCLIENT: The PInvoke of GetToken succeeded");
nativeToken.DangerousAddRef(ref mustRelease);
infocardToken = (RpcGenericXmlToken)Marshal.PtrToStructure(
nativeToken.DangerousGetHandle(),
typeof(RpcGenericXmlToken));
}
}
finally
{
if (mustRelease)
{
nativeToken.DangerousRelease();
}
}
}
if (0 == result)
{
using (ProofTokenCryptoHandle crypto =
(ProofTokenCryptoHandle)CryptoHandle.Create(nativeCryptoHandle))
{
proofToken = crypto.CreateProofToken();
}
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.LoadXml(infocardToken.xmlToken);
SecurityKeyIdentifierClause internalTokenReference = null;
if (null != infocardToken.internalTokenReference)
{
internalTokenReference = tokenSerializer.ReadKeyIdentifierClause(
CreateReaderWithQuotas(infocardToken.internalTokenReference));
}
SecurityKeyIdentifierClause externalTokenReference = null;
if (null != infocardToken.externalTokenReference)
{
externalTokenReference = tokenSerializer.ReadKeyIdentifierClause(
CreateReaderWithQuotas(infocardToken.externalTokenReference));
}
IDT.TraceDebug("ICARDCLIENT: Constructing a new GenericXmlSecurityToken");
token = new GenericXmlSecurityToken(
xmlDoc.DocumentElement,
proofToken,
DateTime.FromFileTimeUtc(infocardToken.createDate),
DateTime.FromFileTimeUtc(infocardToken.expiryDate),
internalTokenReference,
externalTokenReference,
null);
}
else
{
IDT.TraceDebug("ICARDCLIENT: The PInvoke of GetToken failed with a return code of {0}", result);
//
// Convert the HRESULTS to exceptions
//
ExceptionHelper.ThrowIfCardSpaceException((int)result);
throw IDT.ThrowHelperError(new CardSpaceException(SR.GetString(SR.ClientAPIInfocardError)));
}
}
catch
{
if (null != nativeCryptoHandle)
{
nativeCryptoHandle.Dispose();
}
if (null != proofToken)
{
proofToken.Dispose();
}
throw;
}
finally
{
if (null != nativeToken)
{
nativeToken.Dispose();
}
}
return(token);
}
public static GenericXmlSecurityToken GetToken(CardSpacePolicyElement[] policyChain, SecurityTokenSerializer tokenSerializer)
{
InfoCardProofToken proofToken = null;
InternalRefCountedHandle pCryptoHandle = null;
RpcGenericXmlToken token3 = new RpcGenericXmlToken();
SafeTokenHandle securityToken = null;
int status = 0;
if ((policyChain == null) || (policyChain.Length == 0))
{
throw InfoCardTrace.ThrowHelperArgumentNull("policyChain");
}
if (tokenSerializer == null)
{
throw InfoCardTrace.ThrowHelperArgumentNull("tokenSerializer");
}
if (tokenSerializer == null)
{
throw InfoCardTrace.ThrowHelperArgumentNull("tokenSerializer");
}
try
{
RuntimeHelpers.PrepareConstrainedRegions();
bool success = false;
try
{
}
finally
{
try
{
using (PolicyChain chain = new PolicyChain(policyChain))
{
status = GetShim().m_csShimGetToken(chain.Length, chain.DoMarshal(), out securityToken, out pCryptoHandle);
}
if (status == 0)
{
securityToken.DangerousAddRef(ref success);
token3 = (RpcGenericXmlToken)Marshal.PtrToStructure(securityToken.DangerousGetHandle(), typeof(RpcGenericXmlToken));
}
}
finally
{
if (success)
{
securityToken.DangerousRelease();
}
}
}
if (status == 0)
{
using (ProofTokenCryptoHandle handle3 = (ProofTokenCryptoHandle)CryptoHandle.Create(pCryptoHandle))
{
proofToken = handle3.CreateProofToken();
}
XmlDocument document = new XmlDocument();
document.LoadXml(token3.xmlToken);
SecurityKeyIdentifierClause internalTokenReference = null;
if (token3.internalTokenReference != null)
{
internalTokenReference = tokenSerializer.ReadKeyIdentifierClause(CreateReaderWithQuotas(token3.internalTokenReference));
}
SecurityKeyIdentifierClause externalTokenReference = null;
if (token3.externalTokenReference != null)
{
externalTokenReference = tokenSerializer.ReadKeyIdentifierClause(CreateReaderWithQuotas(token3.externalTokenReference));
}
DateTime effectiveTime = DateTime.FromFileTimeUtc(token3.createDate);
return(new GenericXmlSecurityToken(document.DocumentElement, proofToken, effectiveTime, DateTime.FromFileTimeUtc(token3.expiryDate), internalTokenReference, externalTokenReference, null));
}
ExceptionHelper.ThrowIfCardSpaceException(status);
throw InfoCardTrace.ThrowHelperError(new CardSpaceException(Microsoft.InfoCards.SR.GetString("ClientAPIInfocardError")));
}
catch
{
if (pCryptoHandle != null)
{
pCryptoHandle.Dispose();
}
if (proofToken != null)
{
proofToken.Dispose();
}
throw;
}
finally
{
if (securityToken != null)
{
securityToken.Dispose();
}
}
return(null);
}
//
// Summary:
// This constructor creates a new CryptoHandle instance with the same InternalRefCountedHandle and adds
// a ref count to that InternalRefCountedHandle.
//
protected CryptoHandle(InternalRefCountedHandle internalHandle)
{
m_internalHandle = internalHandle;
m_internalHandle.AddRef();
}
public TransformCryptoHandle(InternalRefCountedHandle nativeHandle, DateTime expiration, IntPtr parameters)
: base(nativeHandle, expiration, parameters, typeof(RpcTransformCryptoParameters))
{
}
public SymmetricCryptoHandle(InternalRefCountedHandle nativeHandle, DateTime expiration, IntPtr parameters)
: base(nativeHandle, expiration, parameters, typeof(RpcSymmetricCryptoParameters))
{
}
//
// Summary:
// Given a pointer to a native cryptosession this method creates the appropriate CryptoHandle type.
//
static internal CryptoHandle Create(InternalRefCountedHandle nativeHandle)
{
CryptoHandle handle = null;
bool mustRelease = false;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
nativeHandle.DangerousAddRef(ref mustRelease);
RpcInfoCardCryptoHandle hCrypto =
(RpcInfoCardCryptoHandle)Marshal.PtrToStructure(nativeHandle.DangerousGetHandle(),
typeof(RpcInfoCardCryptoHandle));
DateTime expiration = DateTime.FromFileTimeUtc(hCrypto.expiration);
switch (hCrypto.type)
{
case RpcInfoCardCryptoHandle.HandleType.Asymmetric:
handle = new AsymmetricCryptoHandle(nativeHandle, expiration, hCrypto.cryptoParameters);
break;
case RpcInfoCardCryptoHandle.HandleType.Symmetric:
handle = new SymmetricCryptoHandle(nativeHandle, expiration, hCrypto.cryptoParameters);
break;
case RpcInfoCardCryptoHandle.HandleType.Transform:
handle = new TransformCryptoHandle(nativeHandle, expiration, hCrypto.cryptoParameters);
break;
case RpcInfoCardCryptoHandle.HandleType.Hash:
handle = new HashCryptoHandle(nativeHandle, expiration, hCrypto.cryptoParameters);
break;
default:
IDT.DebugAssert(false, "Invalid crypto operation type");
throw IDT.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.GeneralExceptionMessage)));
}
return handle;
}
finally
{
if (mustRelease)
{
nativeHandle.DangerousRelease();
}
}
}
protected ProofTokenCryptoHandle(InternalRefCountedHandle internalHandle)
: base(internalHandle) { }
protected ProofTokenCryptoHandle(InternalRefCountedHandle nativeHandle, DateTime expiration, IntPtr nativeParameters, Type paramType)
: base(nativeHandle, expiration, nativeParameters, paramType)
{
}
private HashCryptoHandle(InternalRefCountedHandle internalHandle) : base(internalHandle)
{
}
//
// Summary:
// Creates a new CryptoHandle. ParamType has information as to what
// nativeParameters has to be marshaled into.
//
protected CryptoHandle(InternalRefCountedHandle nativeHandle, DateTime expiration, IntPtr nativeParameters, Type paramType)
{
m_internalHandle = nativeHandle;
m_internalHandle.Initialize(expiration, Marshal.PtrToStructure(nativeParameters, paramType));
}
private HashCryptoHandle(InternalRefCountedHandle internalHandle) : base(internalHandle)
{
}
public void Dispose()
{
if (m_isDisposed)
{
return;
}
m_internalHandle.Release();
m_internalHandle = null;
m_isDisposed = true;
}
private AsymmetricCryptoHandle(InternalRefCountedHandle internalHandle) : base(internalHandle) { }
//
// Summary:
// Creates a new CryptoHandle. ParamType has information as to what
// nativeParameters has to be marshaled into.
//
protected CryptoHandle(InternalRefCountedHandle nativeHandle, DateTime expiration, IntPtr nativeParameters, Type paramType)
{
m_internalHandle = nativeHandle;
m_internalHandle.Initialize(expiration, Marshal.PtrToStructure(nativeParameters, paramType));
}
private SymmetricCryptoHandle(InternalRefCountedHandle internalHandle) : base(internalHandle)
{
}
//
// Summary:
// This constructor creates a new CryptoHandle instance with the same InternalRefCountedHandle and adds
// a ref count to that InternalRefCountedHandle.
//
protected CryptoHandle(InternalRefCountedHandle internalHandle)
{
m_internalHandle = internalHandle;
m_internalHandle.AddRef();
}
private TransformCryptoHandle(InternalRefCountedHandle internalHandle) : base(internalHandle) { }
private TransformCryptoHandle(InternalRefCountedHandle internalHandle) : base(internalHandle)
{
}
