Пример #1
0
        public void ThaliWebRequestTest()
        {
            var keyPair      = ThaliCryptoUtilities.GenerateThaliAcceptablePublicPrivateKeyPair();
            var pkcs12Stream = ThaliCryptoUtilities.CreatePKCS12KeyStoreWithPublicPrivateKeyPair(
                keyPair,
                ThaliCryptoUtilities.DefaultPassPhrase);
            var cert             = ThaliCryptoUtilities.GetX509Certificate(pkcs12Stream, ThaliCryptoUtilities.DefaultPassPhrase);
            var serverKey        = ThaliClientToDeviceHubUtilities.GetServersRootPublicKey(Host, Port, cert);
            var serverHttpKeyUri = HttpKeyUri.BuildHttpKeyUri(serverKey, Host, Port, null, null);
            var thaliWebRequest  = ThaliClientToDeviceHubUtilities.CreateThaliWebRequest(serverHttpKeyUri, cert);

            thaliWebRequest.Method = "GET";
            thaliWebRequest.GetResponse().Close();
        }
Пример #2
0
        private static XmlHttpResponse ExecuteProvisionLocalClientToLocalHub(
            XmlHttpRequest xmlHttpRequest,
            X509Certificate2 clientCert)
        {
            var hubHttpKeyUri = DiscoverRootCertIfNeeded(HttpKeyUri.BuildHttpKeyUri(xmlHttpRequest.url), clientCert);

            ThaliClientToDeviceHubUtilities.ProvisionThaliClient(
                hubHttpKeyUri.ServerPublicKey,
                hubHttpKeyUri.Host,
                hubHttpKeyUri.Port,
                clientCert);

            return new XmlHttpResponse { status = 200, transactionId = xmlHttpRequest.transactionId, responseText = hubHttpKeyUri.AbsoluteUri };
        }
Пример #3
0
        private static XmlHttpResponse ExecuteProvisionLocalHubToRemoteHub(
            XmlHttpRequest xmlHttpRequest,
            X509Certificate2 clientCert)
        {
            var remoteHubHttpKeyUri = DiscoverRootCertIfNeeded(HttpKeyUri.BuildHttpKeyUri(xmlHttpRequest.url), clientCert);

            var localHubHttpKeyUri = HttpKeyUri.BuildHttpKeyUri(xmlHttpRequest.requestText);

            ThaliClientToDeviceHubUtilities.ProvisionKeyInPrincipalDatabase(remoteHubHttpKeyUri.ServerPublicKey, remoteHubHttpKeyUri.Host, remoteHubHttpKeyUri.Port, localHubHttpKeyUri.ServerPublicKey, clientCert);

            return new XmlHttpResponse
            {
                status = 200,
                transactionId = xmlHttpRequest.transactionId,
                responseText = remoteHubHttpKeyUri.AbsoluteUri
            };
        }
Пример #4
0
        private static XmlHttpResponse ProxyRequest(
            XmlHttpRequest xmlHttpRequest,
            X509Certificate2 clientCert)
        {
            var httpKeyUri = HttpKeyUri.BuildHttpKeyUri(xmlHttpRequest.url);

            HttpWebRequest webRequest = ThaliClientToDeviceHubUtilities.CreateThaliWebRequest(httpKeyUri, clientCert);

            webRequest.Method = xmlHttpRequest.method;

            // There are multiple headers that cannot be set directly via webRequest.Headers. I only catch
            // two below that seem of some reasonable use.
            foreach (var headerNameValue in xmlHttpRequest.headers)
            {
                if (headerNameValue.Key.Equals("Accept", StringComparison.OrdinalIgnoreCase))
                {
                    webRequest.Accept = headerNameValue.Value;
                }
                else if (headerNameValue.Key.Equals("Content-Type", StringComparison.OrdinalIgnoreCase))
                {
                    webRequest.ContentType = headerNameValue.Value;
                }
                else
                {
                    webRequest.Headers.Add(headerNameValue.Key, headerNameValue.Value);
                }
            }

            if (string.IsNullOrWhiteSpace(xmlHttpRequest.requestText))
            {
                return ProcessResponse(xmlHttpRequest.transactionId, webRequest);
            }

            var bodyAsBytes = Encoding.UTF8.GetBytes(xmlHttpRequest.requestText);
            webRequest.GetRequestStream().Write(bodyAsBytes, 0, bodyAsBytes.Count());

            var response = ProcessResponse(xmlHttpRequest.transactionId, webRequest);

            return response;
        }
Пример #5
0
        /// <summary>
        /// TODO: This whole method is just wrong, what happens if the server at the address changes its key?!?!?!
        /// TODO: Once we have a real discovery framework this whole 0.0 mechanism needs to go away.
        /// </summary>
        /// <param name="httpKeyUri"></param>
        /// <param name="clientCert"></param>
        /// <returns></returns>
        private static HttpKeyUri DiscoverRootCertIfNeeded(HttpKeyUri httpKeyUri, X509Certificate2 clientCert)
        {
            if (httpKeyUri.ServerPublicKey.Exponent.Equals(BigInteger.Zero)
                && httpKeyUri.ServerPublicKey.Modulus.Equals(BigInteger.Zero))
            {
                var host = httpKeyUri.Host;
                var port = httpKeyUri.Port;
                var hostPortTuple = new Tuple<string, int>(host, port);

                var serverPublicKey = HttpKeyStore.GetOrAdd(
                    hostPortTuple,
                    keyTuple => ThaliClientToDeviceHubUtilities.GetServersRootPublicKey(host, port, clientCert));

                var serverHttpKey = HttpKeyUri.BuildHttpKeyUri(
                    serverPublicKey,
                    host,
                    port,
                    httpKeyUri.PathWithoutPublicKey,
                    httpKeyUri.Query);
                return serverHttpKey;
            }

            return httpKeyUri;
        }
Пример #6
0
        public void HttpKeyUriTests()
        {
            var          keyPair         = ThaliCryptoUtilities.GenerateThaliAcceptablePublicPrivateKeyPair();
            var          serverPublicKey = new BigIntegerRSAPublicKey((RsaKeyParameters)keyPair.Public);
            const string Host            = "foo.com";
            const int    Port            = 413;
            string       path            = "/ick";
            string       query           = "?ark";
            string       fragment        = "#bark";
            string       extraValue      = query + fragment;

            var httpKeyURL = HttpKeyUri.BuildHttpKeyUri(serverPublicKey, Host, Port, path, extraValue);

            // We want one we do manually just to make sure everything is o.k.
            Assert.IsTrue(Host.Equals(httpKeyURL.Host, StringComparison.Ordinal));
            Assert.IsTrue(Port == httpKeyURL.Port);
            Assert.IsTrue(serverPublicKey.Modulus.Equals(httpKeyURL.ServerPublicKey.Modulus));
            Assert.IsTrue(serverPublicKey.Exponent.Equals(httpKeyURL.ServerPublicKey.Exponent));
            Assert.IsTrue(query.Equals(httpKeyURL.Query, StringComparison.Ordinal));
            Assert.IsTrue(fragment.Equals(httpKeyURL.Fragment, StringComparison.Ordinal));
            Assert.IsTrue(httpKeyURL.PathWithoutPublicKey.Equals(path, StringComparison.Ordinal));

            string expectedURL = HttpKeyUri.HttpKeySchemeName + "://" + Host + ":" + Port + "/" +
                                 HttpKeyUri.RsaKeyType + ":" + serverPublicKey.Exponent + "." + serverPublicKey.Modulus +
                                 path + query + fragment;

            Assert.IsTrue(expectedURL.Equals(httpKeyURL.ToString(), StringComparison.Ordinal));

            string expectedHttpsURL = "https://" + Host + ":" + Port + path + query + fragment;

            Assert.IsTrue(expectedHttpsURL.Equals(httpKeyURL.CreateHttpsUrl(), StringComparison.Ordinal));

            // ReSharper disable once EqualExpressionComparison
            Assert.IsTrue(httpKeyURL.Equals(httpKeyURL));

            HttpKeyUri secondHttpKeyURL = HttpKeyUri.BuildHttpKeyUri(expectedURL);

            Assert.IsTrue(httpKeyURL.Equals(secondHttpKeyURL));

            HttpKeyUri thirdHttpKeyURL = HttpKeyUri.BuildHttpKeyUri(serverPublicKey, Host, Port, null, null);

            string expectedThirdURL = HttpKeyUri.HttpKeySchemeName + "://" + Host + ":" + Port + "/" +
                                      HttpKeyUri.RsaKeyType + ":" + serverPublicKey.Exponent + "." + serverPublicKey.Modulus;

            Assert.IsTrue(expectedThirdURL.Equals(thirdHttpKeyURL.ToString(), StringComparison.Ordinal));
            Assert.IsTrue(HttpKeyUri.BuildHttpKeyUri(expectedThirdURL).Equals(thirdHttpKeyURL));

            path     = "/ick  ?";
            query    = "??????    ";
            fragment = "###???///???";
            HttpKeyUri escapedChars = HttpKeyUri.BuildHttpKeyUri(serverPublicKey, Host, Port, path, query + fragment);

            expectedHttpsURL = "https://" + Host + ":" + Port + "/ick%20%20%3F" + "??????%20%20%20%20" + "###???///???";
            Assert.IsTrue(expectedHttpsURL.Equals(escapedChars.CreateHttpsUrl(), StringComparison.Ordinal));

            path       = "/ick/bick/bark/ark/mark/hark";
            httpKeyURL = HttpKeyUri.BuildHttpKeyUri(serverPublicKey, Host, Port, path, extraValue);
            Assert.IsTrue(httpKeyURL.PathWithoutPublicKey.Equals(path, StringComparison.Ordinal));

            httpKeyURL = HttpKeyUri.BuildHttpKeyUri(httpKeyURL.ToString());
            Assert.IsTrue(httpKeyURL.PathWithoutPublicKey.Equals(path, StringComparison.Ordinal));
        }