/// <summary>
/// Converts the specified <paramref name="uriLocation"/> to a tampering protected <see cref="Uri"/>.
/// </summary>
/// <param name="uriLocation">The URI to protect from tampering.</param>
/// <param name="securityKey">The security key to use for the <see cref="SecurityToken"/> encryption.</param>
/// <param name="settings">The settings to apply to the <see cref="SecurityToken"/>.</param>
/// <returns>An URI equivalent to the <paramref name="uriLocation"/> but protected from tampering - including but not limited to - MITM attacks.</returns>
public static Uri ToProtectedUri(this string uriLocation, byte[] securityKey, SecurityTokenSettings settings)
{
return(WebSecurityUtility.CreateTamperingProtectedUri(uriLocation, securityKey, settings));
}
/// <summary>
/// Converts the specified <paramref name="location"/> to a tampering protected <see cref="Uri"/>.
/// </summary>
/// <param name="location">The URI to protect from tampering.</param>
/// <param name="securityKey">The security key to use for the <see cref="SecurityToken"/> encryption.</param>
/// <param name="settings">The settings to apply to the <see cref="SecurityToken"/>.</param>
/// <param name="algorithmType">The hash algorithm to use for the URI checksum computation. Default is <b><see cref="HashAlgorithmType.SHA1"/></b>.</param>
/// <returns>An URI equivalent to the <paramref name="location"/> but protected from tampering - including but not limited to - MITM attacks.</returns>
public static Uri ToProtectedUri(this Uri location, byte[] securityKey, SecurityTokenSettings settings, HashAlgorithmType algorithmType)
{
return(WebSecurityUtility.CreateTamperingProtectedUri(location, securityKey, settings, algorithmType));
}
/// <summary>
/// Converts the specified <paramref name="location"/> to a tampering protected <see cref="Uri"/>.
/// </summary>
/// <param name="location">The URI to protect from tampering.</param>
/// <param name="securityKey">The security key to use for the <see cref="SecurityToken"/> encryption.</param>
/// <param name="settings">The settings to apply to the <see cref="SecurityToken"/>.</param>
/// <param name="algorithmType">The hash algorithm to use for the URI checksum computation. Default is <b><see cref="HashAlgorithmType.SHA1"/></b>.</param>
/// <param name="secureUriFormat">The naming format of the required query string parameters of the tamper protected URI. Default is <b>?token={0}&iv={1}&salt={2}</b>, where you can change the naming of the query string parameters.</param>
/// <param name="querystringParameterHashName">The name of the checksum parameter to append to the tampering protected URI. Default is <b>hash</b>.</param>
/// <returns>An URI equivalent to the <paramref name="location"/> but protected from tampering - including but not limited to - MITM attacks.</returns>
public static Uri ToProtectedUri(this Uri location, byte[] securityKey, SecurityTokenSettings settings, HashAlgorithmType algorithmType, string secureUriFormat, string querystringParameterHashName)
{
return(WebSecurityUtility.CreateTamperingProtectedUri(location, securityKey, settings, algorithmType, secureUriFormat, querystringParameterHashName));
}
/// <summary>
/// Parses and verifies the tampering protected URI.
/// </summary>
/// <param name="protectedUri">The tampering protected URI.</param>
/// <param name="securityKey">The security key to use in the decryption of the <paramref name="token"/>.</param>
/// <param name="token">The security token to decrypt and parse for a <see cref="SecurityToken"/>.</param>
/// <param name="iv">The initialization vector (IV) to use in the decryption of the <paramref name="token"/>.</param>
/// <param name="salt">The salt used in the computation of the integrity verification of <paramref name="protectedUri"/>.</param>
/// <param name="hash">The checksum to verify the integrity of <paramref name="protectedUri"/>.</param>
/// <param name="algorithmType">The hash algorithm to use for the <paramref name="protectedUri"/> checksum computation. Default is <b><see cref="HashAlgorithmType.SHA1"/></b>.</param>
/// <param name="querystringParameterHashName">The name of the checksum parameter to remove from the <paramref name="protectedUri"/> before integrity verification. Default is <b>hash</b>.</param>
/// <exception cref="SecurityException">This exception is thrown when an unsucessfull parse is meet, hence values has been tampered with, <paramref name="protectedUri"/> is invalid, token has expired or one or more of the necessary parameters is missing.</exception>
public static void VerifyProtectedUri(this Uri protectedUri, byte[] securityKey, string token, string iv, string salt, string hash, HashAlgorithmType algorithmType, string querystringParameterHashName)
{
WebSecurityUtility.ParseTamperingProtectedUri(protectedUri, securityKey, token, iv, salt, hash, algorithmType, querystringParameterHashName);
}
/// <summary>
/// Parses and verifies the tampering protected URI.
/// </summary>
/// <param name="protectedUri">The tampering protected URI.</param>
/// <param name="securityKey">The security key to use in the decryption of the <paramref name="token"/>.</param>
/// <param name="token">The security token to decrypt and parse for a <see cref="SecurityToken"/>.</param>
/// <param name="iv">The initialization vector (IV) to use in the decryption of the <paramref name="token"/>.</param>
/// <param name="salt">The salt used in the computation of the integrity verification of <paramref name="protectedUri"/>.</param>
/// <param name="hash">The checksum to verify the integrity of <paramref name="protectedUri"/>.</param>
/// <exception cref="SecurityException">This exception is thrown when an unsucessfull parse is meet, hence values has been tampered with, <paramref name="protectedUri"/> is invalid, token has expired or one or more of the necessary parameters is missing.</exception>
public static void VerifyProtectedUri(this Uri protectedUri, byte[] securityKey, string token, string iv, string salt, string hash)
{
WebSecurityUtility.ParseTamperingProtectedUri(protectedUri, securityKey, token, iv, salt, hash);
}
/// <summary>
/// Converts the specified <paramref name="location"/> to a tampering protected <see cref="Uri"/>.
/// </summary>
/// <param name="location">The URI to protect from tampering.</param>
/// <param name="securityKey">The security key to use for the <see cref="SecurityToken"/> encryption.</param>
/// <returns>An URI equivalent to the <paramref name="location"/> but protected from tampering - including but not limited to - MITM attacks.</returns>
public static Uri ToProtectedUri(this Uri location, byte[] securityKey)
{
return(WebSecurityUtility.CreateTamperingProtectedUri(location, securityKey));
}
/// <summary>
/// Parses and verifies the tampering protected URI.
/// </summary>
/// <param name="protectedUri">The tampering protected URI.</param>
/// <param name="securityKey">The security key to use in the decryption of the <paramref name="token"/>.</param>
/// <param name="token">The security token to decrypt and parse for a <see cref="SecurityToken"/>.</param>
/// <exception cref="SecurityException">This exception is thrown when an unsucessfull parse is meet, hence values has been tampered with, <paramref name="protectedUri"/> is invalid, token has expired or one or more of the necessary parameters is missing.</exception>
public static void VerifyProtectedUri(this Uri protectedUri, byte[] securityKey, string token)
{
WebSecurityUtility.ParseTamperingProtectedUri(protectedUri, securityKey, token);
}
/// <summary>
/// Converts the specified <paramref name="uriLocation"/> to a tampering protected <see cref="Uri"/>.
/// </summary>
/// <param name="uriLocation">The URI to protect from tampering.</param>
/// <param name="securityKey">The security key to use for the <see cref="SecurityToken"/> encryption.</param>
/// <param name="settings">The settings to apply to the <see cref="SecurityToken"/>.</param>
/// <param name="algorithmType">The hash algorithm to use for the URI checksum computation. Default is <b><see cref="HashAlgorithmType.SHA1"/></b>.</param>
/// <param name="secureUriFormat">The naming format of the required query string parameters of the tamper protected URI. Default is <b>?token={0}&iv={1}&salt={2}</b>, where you can change the naming of the query string parameters.</param>
/// <returns>An URI equivalent to the <paramref name="uriLocation"/> but protected from tampering - including but not limited to - MITM attacks.</returns>
public static Uri ToProtectedUri(this string uriLocation, byte[] securityKey, SecurityTokenSettings settings, HashAlgorithmType algorithmType, string secureUriFormat)
{
return(WebSecurityUtility.CreateTamperingProtectedUri(uriLocation, securityKey, settings, algorithmType, secureUriFormat));
}
