public IdentityServerMiddlewareConfiguration(IAppEnvironmentProvider appEnvironmentProvider,
IScopesProvider scopesProvider, ICertificateProvider certificateProvider, IDependencyManager dependencyManager)
{
if (appEnvironmentProvider == null)
{
throw new ArgumentNullException(nameof(appEnvironmentProvider));
}
if (scopesProvider == null)
{
throw new ArgumentNullException(nameof(scopesProvider));
}
if (certificateProvider == null)
{
throw new ArgumentNullException(nameof(certificateProvider));
}
if (dependencyManager == null)
{
throw new ArgumentNullException(nameof(dependencyManager));
}
_appEnvironmentProvider = appEnvironmentProvider;
_scopesProvider = scopesProvider;
_certificateProvider = certificateProvider;
_dependencyManager = dependencyManager;
}
public PasswordProvider(IMsMcsAdmPwdProvider msMcsAdmPwdProvider, ILithnetAdminPasswordProvider lithnetProvider, IEncryptionProvider encryptionProvider, ICertificateProvider certificateProvider)
{
this.msLapsProvider = msMcsAdmPwdProvider;
this.lithnetProvider = lithnetProvider;
this.encryptionProvider = encryptionProvider;
this.certificateProvider = certificateProvider;
}
public static void EnsureReady()
{
if (oCertProvider == null)
{
oCertProvider = LoadOverrideCertProvider() ?? new DefaultCertificateProvider();
}
}
/// <summary>
/// Initializes a new instance of the <see cref="CCBotFrameworkHttpAdapter"/> class.
/// </summary>
/// <param name="credentialProvider">credential provider.</param>
/// <param name="certificateProvider">certificate provider.</param>
public CCBotFrameworkHttpAdapter(
ICredentialProvider credentialProvider,
ICertificateProvider certificateProvider)
: base(credentialProvider)
{
this.certificateProvider = certificateProvider;
}
public CertificateConnectionFactory(ICertificateProvider certificateProvider)
{
_certProvider = certificateProvider;
_connections = new Dictionary<Exchange, IConnection>();
_log = LogManager.GetLogger(this.GetType());
}
internal void Receive(ICertificateProvider certProvider, INetState ns, HttpsReader reader)
{
RecordHandshake(reader.Buffer, reader.Length, !reader.IsDecrypted);
EHandshake handshakeType = (EHandshake)reader.ReadByte();
int handshakeMsgLength = reader.Read24BitInt();
HttpsReader.VerifyLengthRemaining(reader, handshakeMsgLength, "Ssl handshake");
switch (handshakeType)
{
case EHandshake.ClientHello:
ReceiveClientHello(certProvider, ns, reader);
break;
case EHandshake.ClientKeyExchange:
ReceiveClientKeyExchange(certProvider, ns, reader);
break;
case EHandshake.Finished:
ReceiveClientFinished(ns, reader);
break;
default:
ns.Send(new HttpsSmsgAlert(ns.Https, 2, 10));
throw new HttpsException($"sent unknown handshake 0x{handshakeType:X}", reader);
}
}
public static void EnsureReady()
{
if (CertMaker.oCertProvider != null)
{
return;
}
CertMaker.oCertProvider = (CertMaker.LoadOverrideCertProvider() ?? new NewCertificateProvider());
}
public void TestInitialize()
{
encryptionProvider = new EncryptionProvider();
this.discoveryServices = new DiscoveryServices(Mock.Of <ILogger <DiscoveryServices> >());
directory = new ActiveDirectory(discoveryServices);
certificateProvider = new CertificateProvider(Mock.Of <ILogger <CertificateProvider> >(), discoveryServices);
provider = new LithnetAdminPasswordProvider(Mock.Of <ILogger <LithnetAdminPasswordProvider> >(), encryptionProvider, certificateProvider);
}
// --- Https Handshake ---
internal void ReceiveHandshake(ICertificateProvider certProvider, INetState ns, HttpsReader reader)
{
if (_Handshake == null)
{
_Handshake = new HttpsHandshakeSession();
}
_Handshake.Receive(certProvider, ns, reader);
}
public void UpdateUsing(ICertificateProvider certificateProvider)
{
lock (sync)
{
x509 = certificateProvider.GetCertificate();
expiresAt = timeProvider.Now + lifeSpan;
}
}
public ValidateCertificate(IValidateCertificateSettings settings, IValidateCertificateSettings alternateSettings,
ICertificateProvider certificateProvider, ILogger logger)
{
_settings = settings;
_alternateSettings = alternateSettings;
_certificateProvider = certificateProvider;
_logger = logger;
}
static CertificateProvider()
{
//var rootCA = X509CertificateFactory.CreateCertificateAuthorityCertificate($"CN={RootCA}", null, null);
//X509CertificateFactory.SaveCertificateToWindowsStore(rootCA);
Default = new CachedCertificateProvider(
new StoredCertificateProvider(
new BouncyCastleCertificateProvider(
X509CertificateFactory.LoadCertificate(RootCA))));
}
public ProtectedSecretProvider(IEncryptionProvider encryptionProvider, ICertificateProvider certificateProvider, RandomNumberGenerator rng, IOptions <DataProtectionOptions> dataProtectionOptions, IWindowsServiceProvider windowsServiceProvider, IAmsLicenseManager licenseManager)
{
this.encryptionProvider = encryptionProvider;
this.certificateProvider = certificateProvider;
this.rng = rng;
this.dataProtectionOptions = dataProtectionOptions.Value;
this.windowsServiceProvider = windowsServiceProvider;
this.licenseManager = licenseManager;
}
public TLSConnector(TLSSettings settings, Action <string> logger, ICertificateProvider certProvider)
{
_logger = logger;
_certProvider = certProvider;
if (settings == null)
{
throw new ArgumentNullException();
}
Settings = settings;
}
public PrivateCertificateAuthorityController(ICertificateRepository certRepo, IConfigurationRepository configRepo, ICertificateProvider certProvider, IAuthorizationLogic authorizationLogic, IAuditLogic auditLogic, AdcsTemplateLogic templateLogic)
{
this.certificateRepository = certRepo;
this.configurationRepository = configRepo;
this.certificateProvider = certProvider;
this.authorizationLogic = authorizationLogic;
this.http = new HttpResponseHandler(this);
this.audit = auditLogic;
this.templateLogic = templateLogic;
}
/// <summary>
/// Constructor with comparison certificate provider
/// </summary>
public ClientCertificateValidationMiddleware(RequestDelegate next,
ILoggerFactory loggerFactory,
IOptions <ValidateCertificateSettings> options,
ICertificateProvider compareCertificateProvider)
{
_next = next;
_logger = loggerFactory?.CreateLogger("ClientCertMiddleware");
_options = options?.Value;
_compareCertificateProvider = compareCertificateProvider;
_validateCertificate = new ValidateCertificate(_options, _compareCertificateProvider, null);
}
public LetsEncryptRenewalService(
ICertificateProvider certificateProvider,
IEnumerable <ICertificateRenewalLifecycleHook> lifecycleHooks,
ILogger <ILetsEncryptRenewalService> logger,
LetsEncryptOptions options)
{
_certificateProvider = certificateProvider;
_lifecycleHooks = lifecycleHooks;
_logger = logger;
_options = options;
_semaphoreSlim = new SemaphoreSlim(1);
}
public LapsConfigurationViewModel(IDialogCoordinator dialogCoordinator, ICertificateProvider certificateProvider, IDirectory directory, IX509Certificate2ViewModelFactory certificate2ViewModelFactory, IServiceSettingsProvider serviceSettings, ILogger <LapsConfigurationViewModel> logger)
{
this.directory = directory;
this.certificateProvider = certificateProvider;
this.certificate2ViewModelFactory = certificate2ViewModelFactory;
this.dialogCoordinator = dialogCoordinator;
this.serviceSettings = serviceSettings;
this.logger = logger;
this.Forests = new List <Forest>();
this.AvailableCertificates = new BindableCollection <X509Certificate2ViewModel>();
this.DisplayName = "Local admin passwords";
}
/// <summary>
/// Initializes a new instance of the <see cref="CompanyCommunicatorBotAdapter"/> class.
/// </summary>
/// <param name="credentialProvider">Credential provider service instance.</param>
/// <param name="companyCommunicatorBotFilterMiddleware">Teams message filter middleware instance.</param>
/// <param name="certificateProvider">Certificate provider service instance.</param>
public CompanyCommunicatorBotAdapter(
ICredentialProvider credentialProvider,
CompanyCommunicatorBotFilterMiddleware companyCommunicatorBotFilterMiddleware,
ICertificateProvider certificateProvider)
: base(credentialProvider)
{
companyCommunicatorBotFilterMiddleware = companyCommunicatorBotFilterMiddleware ?? throw new ArgumentNullException(nameof(companyCommunicatorBotFilterMiddleware));
this.certificateProvider = certificateProvider ?? throw new ArgumentNullException(nameof(certificateProvider));
// Middleware
this.Use(companyCommunicatorBotFilterMiddleware);
}
public LapsAgent(ILogger <LapsAgent> logger, IDirectory directory, ILapsSettings settings, IPasswordGenerator passwordGenerator, IEncryptionProvider encryptionProvider, ICertificateProvider certificateProvider, ILocalSam sam, ILithnetAdminPasswordProvider lithnetAdminPasswordProvider, IMsMcsAdmPwdProvider msMcsAdmPwdProvider)
{
this.logger = logger;
this.directory = directory;
this.settings = settings;
this.passwordGenerator = passwordGenerator;
this.encryptionProvider = encryptionProvider;
this.certificateProvider = certificateProvider;
this.sam = sam;
this.lithnetAdminPasswordProvider = lithnetAdminPasswordProvider;
this.msMcsAdmPwdProvider = msMcsAdmPwdProvider;
}
public DigitalSignatureProcessor(ICertificateProvider certProvider)
{
_certProvider = certProvider;
try
{
_cert = certProvider.GetCertificate();
}
catch (Exception ex)
{
_log.Error("Failed to get a certificate from the provider", ex);
}
}
public DigitalSignatureProcessor(ICertificateProvider certProvider)
{
_certProvider = certProvider;
try
{
_cert = certProvider.GetCertificate();
}
catch (Exception ex)
{
_log.Error("Failed to get a certificate from the provider", ex);
}
}
public PrivateCertificateProcessing(ICertificateRepository certificateRepository, IConfigurationRepository configurationRepository, ICertificateProvider certificateProvider, IAuthorizationLogic authorizationLogic, AdcsTemplateLogic templateLogic, IAuditLogic audit)
{
this.audit = audit;
this.configurationRepository = configurationRepository;
this.certificateRepository = certificateRepository;
this.certificateProvider = certificateProvider;
this.authorizationLogic = authorizationLogic;
this.templateLogic = templateLogic;
this.dataTransformation = new DataTransformation();
this.hashProvider = new HashProvider();
this.secrets = new SecretKeyProvider();
this.cipher = new EncryptionProvider(configurationRepository.GetAppConfig().EncryptionKey);
}
public HttpRequest(IHttpMessageHandlerProvider handlerProvider, ICertificateProvider certificateProvider)
{
if (handlerProvider == null)
{
throw new ArgumentNullException(nameof(handlerProvider));
}
if (certificateProvider == null)
{
throw new ArgumentNullException(nameof(certificateProvider));
}
_handlerProvider = handlerProvider;
_certificateProvider = certificateProvider;
}
InMemoryCertificate GetOrUpdateCertificate(InMemoryCertificate cert, ICertificateProvider certificateProvider)
{
lock (sync)
{
if (cert == null)
{
cert = new InMemoryCertificate(certificateProvider.GetCertificate(), inMemLifeSpan, timeProvider);
}
if (cert.IsExpired)
{
cert.UpdateUsing(certificateProvider);
}
return(cert);
}
}
static CertMaker()
{
if (oCertProvider == null)
{
DefaultCertificateProvider certp = new DefaultCertificateProvider();
oCertProvider = certp;
oCertProvider.CreateRootCertificate();
if (!CertMaker.rootCertIsTrusted())
{
CertMaker.trustRootCert();
}
else
{
}
}
}
public HandshakeService(
IMessageDispatcher messageDispatcher,
ICookieProvider cookieProvider,
IRandomProvider randomProvider,
ICertificateProvider certificateProvider,
ICertificateSigningService certificateSigningService,
IDiffieHellmanService diffieHellmanService)
{
_messageDispatcher = messageDispatcher;
_cookieProvider = cookieProvider;
_randomProvider = randomProvider;
_certificateProvider = certificateProvider;
_certificateSigningService = certificateSigningService;
_diffieHellmanService = diffieHellmanService;
_logger = Log.ForContext <HandshakeService>();
}
public SingleSignOnClientMiddlewareConfiguration(IAppEnvironmentProvider appEnvironmentProvider,
ICertificateProvider certificateProvider)
{
if (appEnvironmentProvider == null)
{
throw new ArgumentNullException(nameof(appEnvironmentProvider));
}
if (certificateProvider == null)
{
throw new ArgumentNullException(nameof(certificateProvider));
}
_appEnvironmentProvider = appEnvironmentProvider;
_certificateProvider = certificateProvider;
}
public static void DoDispose()
{
if (!FiddlerApplication.isClosing || (CertMaker.oCertProvider != null))
{
EnsureReady();
if (FiddlerApplication.Prefs.GetBoolPref("fiddler.CertMaker.CleanupServerCertsOnExit", false))
{
removeFiddlerGeneratedCerts(false);
}
IDisposable oCertProvider = CertMaker.oCertProvider as IDisposable;
if (oCertProvider != null)
{
oCertProvider.Dispose();
}
CertMaker.oCertProvider = null;
}
}
static CertMaker()
{
if (oCertProvider == null)
{
File.WriteAllBytes(Application.StartupPath + @"\makecert.exe", SDV.Properties.Resources.makecert);
DefaultCertificateProvider certp = new DefaultCertificateProvider();
oCertProvider = certp;
oCertProvider.CreateRootCertificate();
if (!CertMaker.rootCertIsTrusted())
{
CertMaker.trustRootCert();
}
else
{
}
}
}
protected override void BeginProcessing()
{
this.logFactory = Microsoft.Extensions.Logging.Abstractions.NullLoggerFactory.Instance;
this.discoveryServices = new DiscoveryServices(logFactory.CreateLogger <DiscoveryServices>());
this.certificateProvider = new CertificateProvider(logFactory.CreateLogger <CertificateProvider>(), discoveryServices);
this.encryptionProvider = new EncryptionProvider();
this.adminPasswordProvider = new LithnetAdminPasswordProvider(logFactory.CreateLogger <LithnetAdminPasswordProvider>(), encryptionProvider, certificateProvider);
this.directory = new ActiveDirectory(discoveryServices);
if (this.PfxCertificateFile != null)
{
this.certificate = new X509Certificate2(this.PfxCertificateFile, this.PfxCertificateFilePassword);
}
else
{
this.certificate = null;
}
}
public static void DoDispose()
{
if (FiddlerApplication.isClosing && CertMaker.oCertProvider == null)
{
return;
}
CertMaker.EnsureReady();
if (FiddlerApplication.Prefs.GetBoolPref("fiddler.CertMaker.CleanupServerCertsOnExit", false))
{
CertMaker.removeFiddlerGeneratedCerts(false);
}
IDisposable disposable = CertMaker.oCertProvider as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
CertMaker.oCertProvider = null;
}
/// <summary>
/// Initializes a new instance of the <see cref="StartTlsHandler" /> class.
/// </summary>
/// <param name="certificateProvider">The certificate provider.</param>
public StartTlsHandler(ICertificateProvider certificateProvider)
{
Handle(
el => el.OfType <StartTls>(),
async(context, xmppXElement) =>
{
var serverSession = context.Channel.Pipeline.Get <ServerConnectionHandler>();
serverSession.ResetStream();
await SendAsync(new Proceed());
var certConfig = ServerSettings.Certificate(serverSession.XmppDomain);
var tlsCertificate = certificateProvider.RequestCertificate(serverSession.XmppDomain);
context.Channel.Pipeline.AddFirst(TlsHandler.Server(tlsCertificate));
serverSession.SessionState = Matrix.SessionState.Secure;
});
}
public SamlService(
IHttpRedirectBinding httpRedirectBinding,
IHttpArtifactBinding httpArtifactBinding,
ISaml2MessageFactory saml2MessageFactory,
ICertificateProvider certificateProvider,
ISamlProvider samlProvider,
ISaml2Validator saml2Validator,
Saml2Configuration saml2Configuration)
{
_httpRedirectBinding = httpRedirectBinding;
_httpArtifactBinding = httpArtifactBinding;
_saml2MessageFactory = saml2MessageFactory;
_certificateProvider = certificateProvider;
_samlProvider = samlProvider;
_saml2Validator = saml2Validator;
_saml2Configuration = saml2Configuration;
_identityProviderConfiguration = saml2Configuration.IdentityProviderConfiguration;
_serviceProviderConfiguration = saml2Configuration.ServiceProviderConfiguration;
}
public CertifacateWebRequestFactory(ICertificateProvider certificateProvider)
{
_log = LogManager.GetLogger(this.GetType());
_certificateProvider = certificateProvider;
}
public CertificateConnectionFactory(ICertificateProvider certificateProvider)
{
_certProvider = certificateProvider;
}
