public override bool Matches(SecurityKeyIdentifierClause clause) { X509IssuerSerialKeyIdentifierClause other = clause as X509IssuerSerialKeyIdentifierClause; return(other != null && Matches(other.name, other.serial)); }
public void MatchesKeyIdentifierClause () { UniqueId id = new UniqueId (); X509SecurityToken t = new X509SecurityToken (cert, id.ToString ()); LocalIdKeyIdentifierClause l = new LocalIdKeyIdentifierClause (id.ToString ()); Assert.IsTrue (t.MatchesKeyIdentifierClause (l), "#1-1"); l = new LocalIdKeyIdentifierClause ("#" + id.ToString ()); Assert.IsFalse (t.MatchesKeyIdentifierClause (l), "#1-2"); X509ThumbprintKeyIdentifierClause h = new X509ThumbprintKeyIdentifierClause (cert); Assert.IsTrue (t.MatchesKeyIdentifierClause (h), "#2-1"); h = new X509ThumbprintKeyIdentifierClause (cert2); Assert.IsFalse (t.MatchesKeyIdentifierClause (h), "#2-2"); X509IssuerSerialKeyIdentifierClause i = new X509IssuerSerialKeyIdentifierClause (cert); Assert.IsTrue (t.MatchesKeyIdentifierClause (i), "#3-1"); i = new X509IssuerSerialKeyIdentifierClause (cert2); Assert.IsFalse (t.MatchesKeyIdentifierClause (i), "#3-2"); X509RawDataKeyIdentifierClause s = new X509RawDataKeyIdentifierClause (cert); Assert.IsTrue (t.MatchesKeyIdentifierClause (s), "#4-1"); s = new X509RawDataKeyIdentifierClause (cert2); Assert.IsFalse (t.MatchesKeyIdentifierClause (s), "#4-2"); }
public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause) { ThrowIfDisposed(); X509SubjectKeyIdentifierClause subjectKeyIdentifierClause = keyIdentifierClause as X509SubjectKeyIdentifierClause; if (subjectKeyIdentifierClause != null) { return(subjectKeyIdentifierClause.Matches(certificate)); } X509ThumbprintKeyIdentifierClause thumbprintKeyIdentifierClause = keyIdentifierClause as X509ThumbprintKeyIdentifierClause; if (thumbprintKeyIdentifierClause != null) { return(thumbprintKeyIdentifierClause.Matches(certificate)); } X509IssuerSerialKeyIdentifierClause issuerKeyIdentifierClause = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; if (issuerKeyIdentifierClause != null) { return(issuerKeyIdentifierClause.Matches(certificate)); } X509RawDataKeyIdentifierClause rawCertKeyIdentifierClause = keyIdentifierClause as X509RawDataKeyIdentifierClause; if (rawCertKeyIdentifierClause != null) { return(rawCertKeyIdentifierClause.Matches(certificate)); } return(base.MatchesKeyIdentifierClause(keyIdentifierClause)); }
public void NegativeSerialNumber () { var clause = new X509IssuerSerialKeyIdentifierClause (cert3); Assert.AreEqual ("CN=test, OU=cert, O=test, [email protected]", clause.IssuerName, "#1"); Assert.AreEqual ("-168428216848510272180165529369113665228", clause.IssuerSerialNumber, "#2"); Assert.AreEqual (null, clause.ClauseType, "#3"); }
public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause) { this.ThrowIfDisposed(); X509SubjectKeyIdentifierClause clause = keyIdentifierClause as X509SubjectKeyIdentifierClause; if (clause != null) { return(clause.Matches(this.certificate)); } X509ThumbprintKeyIdentifierClause clause2 = keyIdentifierClause as X509ThumbprintKeyIdentifierClause; if (clause2 != null) { return(clause2.Matches(this.certificate)); } X509IssuerSerialKeyIdentifierClause clause3 = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; if (clause3 != null) { return(clause3.Matches(this.certificate)); } X509RawDataKeyIdentifierClause clause4 = keyIdentifierClause as X509RawDataKeyIdentifierClause; if (clause4 != null) { return(clause4.Matches(this.certificate)); } return(base.MatchesKeyIdentifierClause(keyIdentifierClause)); }
public void Properties () { X509IssuerSerialKeyIdentifierClause ic = new X509IssuerSerialKeyIdentifierClause (cert); Assert.AreEqual ("CN=Mono Test Root Agency", ic.IssuerName, "#1"); Assert.AreEqual ("22491767666218099257720700881460366085", ic.IssuerSerialNumber, "#2"); Assert.AreEqual (null, ic.ClauseType, "#3"); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { X509IssuerSerialKeyIdentifierClause that = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; // PreSharp Bug: Parameter 'that' to this public method must be validated: A null-dereference can occur here. #pragma warning suppress 56506 return(ReferenceEquals(this, that) || (that != null && that.Matches(this.issuerName, this.issuerSerialNumber))); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { X509IssuerSerialKeyIdentifierClause that = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; // PreSharp #pragma warning suppress 56506 return(ReferenceEquals(this, that) || (that != null && that.Matches(this.issuerName, this.issuerSerialNumber))); }
public override void WriteContent(XmlDictionaryWriter writer, SecurityKeyIdentifierClause clause) { X509IssuerSerialKeyIdentifierClause issuerClause = clause as X509IssuerSerialKeyIdentifierClause; writer.WriteStartElement(XD.XmlSignatureDictionary.Prefix.Value, XD.XmlSignatureDictionary.X509Data, XD.XmlSignatureDictionary.Namespace); writer.WriteStartElement(XD.XmlSignatureDictionary.Prefix.Value, XD.XmlSignatureDictionary.X509IssuerSerial, XD.XmlSignatureDictionary.Namespace); writer.WriteElementString(XD.XmlSignatureDictionary.Prefix.Value, XD.XmlSignatureDictionary.X509IssuerName, XD.XmlSignatureDictionary.Namespace, issuerClause.IssuerName); writer.WriteElementString(XD.XmlSignatureDictionary.Prefix.Value, XD.XmlSignatureDictionary.X509SerialNumber, XD.XmlSignatureDictionary.Namespace, issuerClause.IssuerSerialNumber); writer.WriteEndElement(); writer.WriteEndElement(); }
public override void WriteKeyIdentifierClauseCore(XmlDictionaryWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) { X509RawDataKeyIdentifierClause x509Clause = keyIdentifierClause as X509RawDataKeyIdentifierClause; if (x509Clause != null) { writer.WriteStartElement(XD.XmlSignatureDictionary.Prefix.Value, XD.XmlSignatureDictionary.X509Data, NamespaceUri); writer.WriteStartElement(XD.XmlSignatureDictionary.Prefix.Value, XD.XmlSignatureDictionary.X509Certificate, NamespaceUri); byte[] certBytes = x509Clause.GetX509RawData(); writer.WriteBase64(certBytes, 0, certBytes.Length); writer.WriteEndElement(); writer.WriteEndElement(); } X509IssuerSerialKeyIdentifierClause issuerSerialClause = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; if (issuerSerialClause != null) { writer.WriteStartElement(XD.XmlSignatureDictionary.Prefix.Value, XD.XmlSignatureDictionary.X509Data, XD.XmlSignatureDictionary.Namespace); writer.WriteStartElement(XD.XmlSignatureDictionary.Prefix.Value, XD.XmlSignatureDictionary.X509IssuerSerial, XD.XmlSignatureDictionary.Namespace); writer.WriteElementString(XD.XmlSignatureDictionary.Prefix.Value, XD.XmlSignatureDictionary.X509IssuerName, XD.XmlSignatureDictionary.Namespace, issuerSerialClause.IssuerName); writer.WriteElementString(XD.XmlSignatureDictionary.Prefix.Value, XD.XmlSignatureDictionary.X509SerialNumber, XD.XmlSignatureDictionary.Namespace, issuerSerialClause.IssuerSerialNumber); writer.WriteEndElement(); writer.WriteEndElement(); return; } X509SubjectKeyIdentifierClause skiClause = keyIdentifierClause as X509SubjectKeyIdentifierClause; if (skiClause != null) { writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace); writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509SKI, XmlSignatureConstants.Namespace); byte[] ski = skiClause.GetX509SubjectKeyIdentifier(); writer.WriteBase64(ski, 0, ski.Length); writer.WriteEndElement(); writer.WriteEndElement(); return; } }
public override bool MatchesKeyIdentifierClause( SecurityKeyIdentifierClause keyIdentifierClause) { LocalIdKeyIdentifierClause l = keyIdentifierClause as LocalIdKeyIdentifierClause; if (l != null) { return(l.LocalId == Id); } X509ThumbprintKeyIdentifierClause t = keyIdentifierClause as X509ThumbprintKeyIdentifierClause; if (t != null) { return(t.Matches(cert)); } X509IssuerSerialKeyIdentifierClause i = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; if (i != null) { return(i.Matches(cert)); } X509SubjectKeyIdentifierClause s = keyIdentifierClause as X509SubjectKeyIdentifierClause; if (s != null) { return(s.Matches(cert)); } X509RawDataKeyIdentifierClause r = keyIdentifierClause as X509RawDataKeyIdentifierClause; if (r != null) { return(r.Matches(cert)); } return(false); }
public override SecurityKeyIdentifierClause ReadKeyIdentifierClauseCore(XmlDictionaryReader reader) { SecurityKeyIdentifierClause ski = null; reader.ReadStartElement(XD.XmlSignatureDictionary.X509Data, NamespaceUri); while (reader.IsStartElement()) { if (ski == null && reader.IsStartElement(XD.XmlSignatureDictionary.X509Certificate, NamespaceUri)) { X509Certificate2 certificate = null; if (!SecurityUtils.TryCreateX509CertificateFromRawData(reader.ReadElementContentAsBase64(), out certificate)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityMessageSerializationException(SR.GetString(SR.InvalidX509RawData))); } ski = new X509RawDataKeyIdentifierClause(certificate); } else if (ski == null && reader.IsStartElement(XmlSignatureStrings.X509Ski, NamespaceUri.ToString())) { ski = new X509SubjectKeyIdentifierClause(reader.ReadElementContentAsBase64()); } else if ((ski == null) && reader.IsStartElement(XD.XmlSignatureDictionary.X509IssuerSerial, XD.XmlSignatureDictionary.Namespace)) { reader.ReadStartElement(XD.XmlSignatureDictionary.X509IssuerSerial, XD.XmlSignatureDictionary.Namespace); reader.ReadStartElement(XD.XmlSignatureDictionary.X509IssuerName, XD.XmlSignatureDictionary.Namespace); string issuerName = reader.ReadContentAsString(); reader.ReadEndElement(); reader.ReadStartElement(XD.XmlSignatureDictionary.X509SerialNumber, XD.XmlSignatureDictionary.Namespace); string serialNumber = reader.ReadContentAsString(); reader.ReadEndElement(); reader.ReadEndElement(); ski = new X509IssuerSerialKeyIdentifierClause(issuerName, serialNumber); } else { reader.Skip(); } } reader.ReadEndElement(); return(ski); }
public void WriteX509IssuerSerialKeyIdentifierClause1 () { StringWriter sw = new StringWriter (); X509IssuerSerialKeyIdentifierClause ic = new X509IssuerSerialKeyIdentifierClause (cert); string expected = "<o:SecurityTokenReference xmlns:o=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"><X509Data xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><X509IssuerSerial><X509IssuerName>CN=Mono Test Root Agency</X509IssuerName><X509SerialNumber>22491767666218099257720700881460366085</X509SerialNumber></X509IssuerSerial></X509Data></o:SecurityTokenReference>"; using (XmlWriter w = XmlWriter.Create (sw, GetWriterSettings ())) { WSSecurityTokenSerializer.DefaultInstance.WriteKeyIdentifierClause (w, ic); } Assert.AreEqual (expected, sw.ToString (), "WSS1.1"); sw = new StringWriter (); using (XmlWriter w = XmlWriter.Create (sw, GetWriterSettings ())) { new WSSecurityTokenSerializer (SecurityVersion.WSSecurity10).WriteKeyIdentifierClause (w, ic); Assert.AreEqual (expected, sw.ToString (), "WSS1.0"); } }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { X509IssuerSerialKeyIdentifierClause that = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; return(ReferenceEquals(this, that) || (that != null && that.Matches(IssuerName, _issuerSerialNumber))); }
/// <summary> /// Resolves the given SecurityKeyIdentifierClause to a SecurityToken. /// </summary> /// <param name="keyIdentifierClause">SecurityKeyIdentifierClause to resolve.</param> /// <param name="token">The resolved SecurityToken.</param> /// <returns>True if successfully resolved.</returns> /// <exception cref="ArgumentNullException">The input argument 'keyIdentifierClause' is null.</exception> protected override bool TryResolveTokenCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityToken token) { if (keyIdentifierClause == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyIdentifierClause"); } token = null; X509Store store = null; X509Certificate2Collection certs = null; try { store = new X509Store(this.storeName, this.storeLocation); store.Open(OpenFlags.ReadOnly); certs = store.Certificates; foreach (X509Certificate2 cert in certs) { X509ThumbprintKeyIdentifierClause thumbprintKeyIdentifierClause = keyIdentifierClause as X509ThumbprintKeyIdentifierClause; if (thumbprintKeyIdentifierClause != null && thumbprintKeyIdentifierClause.Matches(cert)) { token = new X509SecurityToken(cert); return(true); } X509IssuerSerialKeyIdentifierClause issuerSerialKeyIdentifierClause = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; if (issuerSerialKeyIdentifierClause != null && issuerSerialKeyIdentifierClause.Matches(cert)) { token = new X509SecurityToken(cert); return(true); } X509SubjectKeyIdentifierClause subjectKeyIdentifierClause = keyIdentifierClause as X509SubjectKeyIdentifierClause; if (subjectKeyIdentifierClause != null && subjectKeyIdentifierClause.Matches(cert)) { token = new X509SecurityToken(cert); return(true); } X509RawDataKeyIdentifierClause rawDataKeyIdentifierClause = keyIdentifierClause as X509RawDataKeyIdentifierClause; if (rawDataKeyIdentifierClause != null && rawDataKeyIdentifierClause.Matches(cert)) { token = new X509SecurityToken(cert); return(true); } } } finally { if (certs != null) { for (int i = 0; i < certs.Count; i++) { certs[i].Reset(); } } if (store != null) { store.Close(); } } return(false); }
void WriteX509IssuerSerialKeyIdentifierClause ( XmlWriter w, X509IssuerSerialKeyIdentifierClause ic) { w.WriteStartElement ("o", "SecurityTokenReference", Constants.WssNamespace); w.WriteStartElement ("X509Data", Constants.XmlDsig); w.WriteStartElement ("X509IssuerSerial", Constants.XmlDsig); w.WriteStartElement ("X509IssuerName", Constants.XmlDsig); w.WriteString (ic.IssuerName); w.WriteEndElement (); w.WriteStartElement ("X509SerialNumber", Constants.XmlDsig); w.WriteString (ic.IssuerSerialNumber); w.WriteEndElement (); w.WriteEndElement (); w.WriteEndElement (); w.WriteEndElement (); }
public override SecurityKeyIdentifierClause ReadKeyIdentifierClauseCore( XmlDictionaryReader reader ) { SecurityKeyIdentifierClause ski = null; reader.ReadStartElement( XD.XmlSignatureDictionary.X509Data, NamespaceUri ); while ( reader.IsStartElement() ) { if ( ski == null && reader.IsStartElement( XD.XmlSignatureDictionary.X509Certificate, NamespaceUri ) ) { X509Certificate2 certificate = null; if ( !SecurityUtils.TryCreateX509CertificateFromRawData( reader.ReadElementContentAsBase64(), out certificate ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new SecurityMessageSerializationException( SR.GetString( SR.InvalidX509RawData ) ) ); } ski = new X509RawDataKeyIdentifierClause( certificate ); } else if ( ski == null && reader.IsStartElement( XmlSignatureStrings.X509Ski, NamespaceUri.ToString() ) ) { ski = new X509SubjectKeyIdentifierClause( reader.ReadElementContentAsBase64() ); } else if ( ( ski == null ) && reader.IsStartElement( XD.XmlSignatureDictionary.X509IssuerSerial, XD.XmlSignatureDictionary.Namespace ) ) { reader.ReadStartElement( XD.XmlSignatureDictionary.X509IssuerSerial, XD.XmlSignatureDictionary.Namespace ); reader.ReadStartElement( XD.XmlSignatureDictionary.X509IssuerName, XD.XmlSignatureDictionary.Namespace ); string issuerName = reader.ReadContentAsString(); reader.ReadEndElement(); reader.ReadStartElement( XD.XmlSignatureDictionary.X509SerialNumber, XD.XmlSignatureDictionary.Namespace ); string serialNumber = reader.ReadContentAsString(); reader.ReadEndElement(); reader.ReadEndElement(); ski = new X509IssuerSerialKeyIdentifierClause( issuerName, serialNumber ); } else { reader.Skip(); } } reader.ReadEndElement(); return ski; }
/// <summary> /// Serialize a SecurityKeyIdentifierClause to the given XmlWriter. /// </summary> /// <param name="writer">XmlWriter to which the SecurityKeyIdentifierClause is serialized.</param> /// <param name="securityKeyIdentifierClause">SecurityKeyIdentifierClause to serialize.</param> /// <exception cref="ArgumentNullException">The input parameter 'reader' or 'securityKeyIdentifierClause' is null.</exception> /// <exception cref="ArgumentException">The parameter 'securityKeyIdentifierClause' is not a supported clause type.</exception> public override void WriteKeyIdentifierClause(XmlWriter writer, SecurityKeyIdentifierClause securityKeyIdentifierClause) { if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer"); } if (securityKeyIdentifierClause == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityKeyIdentifierClause"); } X509IssuerSerialKeyIdentifierClause issuerSerialClause = securityKeyIdentifierClause as X509IssuerSerialKeyIdentifierClause; if (issuerSerialClause != null) { writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace); writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509IssuerSerial, XmlSignatureConstants.Namespace); writer.WriteElementString(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509IssuerName, XmlSignatureConstants.Namespace, issuerSerialClause.IssuerName); writer.WriteElementString(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509SerialNumber, XmlSignatureConstants.Namespace, issuerSerialClause.IssuerSerialNumber); writer.WriteEndElement(); writer.WriteEndElement(); return; } X509SubjectKeyIdentifierClause skiClause = securityKeyIdentifierClause as X509SubjectKeyIdentifierClause; if (skiClause != null) { writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace); writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509SKI, XmlSignatureConstants.Namespace); byte[] ski = skiClause.GetX509SubjectKeyIdentifier(); writer.WriteBase64(ski, 0, ski.Length); writer.WriteEndElement(); writer.WriteEndElement(); return; } #if INCLUDE_CERT_CHAIN X509ChainRawDataKeyIdentifierClause x509ChainDataClause = securityKeyIdentifierClause as X509ChainRawDataKeyIdentifierClause; if (x509ChainDataClause != null) { writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace); for (int i = 0; i < x509ChainDataClause.CertificateCount; i++) { writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Certificate, XmlSignatureConstants.Namespace); byte[] rawData = x509ChainDataClause.GetX509RawData(i); writer.WriteBase64(rawData, 0, rawData.Length); writer.WriteEndElement(); } writer.WriteEndElement(); return; } #endif X509RawDataKeyIdentifierClause rawDataClause = securityKeyIdentifierClause as X509RawDataKeyIdentifierClause; if (rawDataClause != null) { writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace); writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Certificate, XmlSignatureConstants.Namespace); byte[] rawData = rawDataClause.GetX509RawData(); writer.WriteBase64(rawData, 0, rawData.Length); writer.WriteEndElement(); writer.WriteEndElement(); return; } throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("securityKeyIdentifierClause", SR.GetString(SR.ID4259, securityKeyIdentifierClause.GetType())); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { X509IssuerSerialKeyIdentifierClause objB = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; return(object.ReferenceEquals(this, objB) || ((objB != null) && objB.Matches(this.issuerName, this.issuerSerialNumber))); }