Exemplo n.º 1
0
 private void InternalValidateSignature(Federation.Federation federation, ICredentialVault vault, bool checkTrust = true)
 {
     if (AuthenticationLevel.Level < AuthenticationLevel.VocesTrustedSystem.Level)
     {
         throw new ModelException("AuthenticationLevel does not support signature");
     }
     if (Xassertion == null)
     {
         throw new ModelException("Assertion not initialized");
     }
     if (!SealUtilities.CheckAssertionSignature(Xassertion))
     {
         throw new ModelException("IDCard is not signed!");
     }
     if (ConfigurationManager.AppSettings.AllKeys.Contains("CheckTrust"))
     {
         checkTrust = ConfigurationManager.AppSettings["CheckTrust"].ToLower().Equals("true");
     }
     if (checkTrust)
     {
         var checkCrl = true;
         if (ConfigurationManager.AppSettings.AllKeys.Contains("CheckCrl"))
         {
             checkCrl = ConfigurationManager.AppSettings["CheckCrl"].ToLower().Equals("true");
         }
         //Check that Signature is in credentialVault and that no certificate in chain is revoked
         if (!SignatureUtil.Validate(Xassertion, federation, vault, checkTrust, checkCrl))
         {
             throw new ModelException("Signature on IdCard could not be validated");
         }
     }
 }
Exemplo n.º 2
0
        public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
        {
            var xdoc = new XDocument();

            using (var wr = xdoc.CreateWriter())
            {
                wr.WriteStartElement("DGWSInfo");
                request.Headers.WriteHeader(request.Headers.FindHeader("Security", NameSpaces.wsse), wr);
                request.Headers.WriteHeader(request.Headers.FindHeader("Header", NameSpaces.dgws), wr);
                wr.WriteEndElement();
            }

            var err = SealUtilities.ValidateSecurity(xdoc.Root.Descendants(NameSpaces.xwsse + "Security").FirstOrDefault());

            if (err != null)
            {
                xdoc.Root.Add(new XElement("Fault",
                                           new XElement("reason", err.Item1),
                                           new XElement("detail", err.Item2))
                              );

                throw new FaultException <string>(xdoc.ToString(SaveOptions.DisableFormatting), new FaultReason("requesterror"));
            }
            return(xdoc);
        }
Exemplo n.º 3
0
        public object BeforeSendRequest(ref Message request, IClientChannel channel)
        {
            if (clientCredentials == null || clientCredentials.ClientCertificate.Certificate == null)
            {
                throw new Exception("clientCredentials Certificate is missing");
            }
            string action = null, messageID = "urn:uuid:" + Guid.NewGuid().ToString("D");

            foreach (var head in request.Headers)
            {
                var x = XElement.Parse(head.ToString());
                switch (head.Name)
                {
                case "Action": action = x.Value; break;

                case "MessageID": messageID = x.Value; break;
                }
            }

            MessageBuffer msgbuf = request.CreateBufferedCopy(int.MaxValue);
            var           xdoc   = XDocument.Load(msgbuf.AsStream());

            SealUtilities.CheckAndSetSamlDsPreFix(xdoc);             //Hack

            //Fill header
            NameSpaces.SetMissingNamespaces(xdoc);
            var hd = xdoc.Root.Element(NameSpaces.xsoap + "Header");
            var ac = hd.Element(NameSpaces.xwsa2 + "Action") ?? hd.Element(NameSpaces.xwsa + "Action");
            var md = hd.Element(NameSpaces.xwsa2 + "MessageID") ?? hd.Element(NameSpaces.xwsa + "MessageID");

            hd.Add(new XElement(NameSpaces.xwsa + "Action", new XAttribute("mustUnderstand", "1"), new XAttribute(NameSpaces.xwsu + "Id", "action"), action),
                   new XElement(NameSpaces.xwsa + "MessageID", new XAttribute(NameSpaces.xwsu + "Id", "messageID"), messageID),
                   new XElement(NameSpaces.xwsse + "Security", new XAttribute("mustUnderstand", "1"), new XAttribute(NameSpaces.xwsu + "Id", "security"),
                                new XElement(NameSpaces.xwsu + "Timestamp", new XAttribute(NameSpaces.xwsu + "Id", "timestamp"),
                                             new XElement(NameSpaces.xwsu + "Created", DateTime.UtcNow.ToString("u").Replace(' ', 'T'))
                                             )
                                )
                   );
            ac.Remove();
            if (md != null)
            {
                md.Remove();
            }

            xdoc.Root.Element(NameSpaces.xsoap + "Body").Add(new XAttribute(NameSpaces.xwsu + "Id", "body"));

            var         signer   = new SealSignedXml(xdoc);
            XmlDocument envelope = signer.Sign(clientCredentials.ClientCertificate.Certificate);

            var nrd = new XmlNodeReader(envelope);

            msgbuf  = Message.CreateMessage(nrd, int.MaxValue, request.Version).CreateBufferedCopy(int.MaxValue);
            request = msgbuf.CreateMessage();
            return(envelope);
        }
Exemplo n.º 4
0
        public object BeforeSendRequest(ref Message request, IClientChannel channel)
        {
            var hdidx = request.Headers.FindHeader("Security", NameSpaces.wsse);

            if (hdidx == -1)
            {
                throw new FaultException("Security header is missing");
            }
            var hd = request.Headers[hdidx];

            if (!(hd is SealCardMessageHeader))
            {
                var xdoc = XDocument.Load(request.ToStream());
                SealUtilities.CheckAndSetSamlDsPreFix(xdoc); //Hack
                request = xdoc.ToMessage(request.Version);
            }
            else
            {
                request.Headers.RemoveAt(hdidx);
                request.Headers.Insert(hdidx, hd as SealCardMessageHeader);
            }
            return(null);
        }