/** * Builds a certificate reference expression that is an {@link ExtensionField}. * @param token The token used to build the field. * @return An {@link ExtensionField} object that represents the token. Returns null if the token does not represent an {@link ExtensionField}. * @throws PolicyParseException */ public IPolicyExpression BuildExtensionField(String token) //throws PolicyParseException { IPolicyExpression retVal = null; ExtensionIdentifier fieldType = ExtensionIdentifier.FromToken(token); bool required = token.EndsWith("+"); if (fieldType != null) { try { Type retType = fieldType.GetReferenceClass(token, required); if (retType == null) { throw new PolicyParseException("ExtensionField with token name " + token + " has not been implemented yet."); } var ctor = retType.Ctor <bool, IPolicyExpression>(); retVal = ctor(required); } catch (PolicyParseException ex) { throw ex; } catch (Exception e) { throw new PolicyParseException("Error building ExtensionField", e); } } return(retVal); }
public void TestBuildX509Field_UnknownField_AssertNull() { var parser = new SimpleTextV1LexiconPolicyParser(); IPolicyExpression field = parser.BuildX509Field("X509.Bogus"); Assert.Null(field); }
public void Add(string domain, IPolicyExpression policyExpression) { lock (m_policyExpressions) { m_policyExpressions.Add(domain, policyExpression); } }
public void TestBuildX509Field_SignatureAlgorithm_AssertBuilt() { var parser = new SimpleTextV1LexiconPolicyParser(); IPolicyExpression field = parser.BuildX509Field("X509.Algorithm"); Assert.NotNull(field); field.GetType().Should().Be(typeof(SignatureAlgorithmField)); }
public void Serialize(IPolicyExpression expression, TextWriter writer) { if (expression == null) { throw new ArgumentNullException("expression"); } XmlSerializer xmlSerializer = new XmlSerializer(expression.GetType()); xmlSerializer.Serialize(writer, expression); }
public bool IsCompliant(X509Certificate2 cert, IPolicyExpression expression) { if (m_compiler == null) throw new InvalidOperationException("Compiler cannot be null"); if (m_executionEngine == null) throw new InvalidOperationException("Execution engine cannot be null"); IList<IOpCode> opcodes = m_compiler.Compile(cert, expression); var compliant = m_executionEngine.Evaluate(opcodes); return compliant; }
public string Serialize(IPolicyExpression expression) { if (expression == null) { throw new ArgumentNullException("expression"); } using (StringWriter writer = new StringWriter()) { Serialize(expression, writer); return(writer.ToString()); } }
public bool IsCompliant(X509Certificate2 cert, IPolicyExpression expression) { if (m_compiler == null) { throw new InvalidOperationException("Compiler cannot be null"); } StackMachine executionEngine = new StackMachine(); IList <IOpCode> opcodes = m_compiler.Compile(cert, expression); var compliant = executionEngine.Evaluate(opcodes); return(compliant); }
public IPolicyExpression GetPolicyExpression(byte[] policy) { try { //might get parser from policy.Lexicon in the future var parser = new SimpleTextV1LexiconPolicyParser(); IPolicyExpression expression = parser.Parse(policy.ToMemoryStream()); return(expression); } catch (Exception) { return(null); } }
public IList <IOpCode> Compile(X509Certificate2 cert, IPolicyExpression expression) { IList <String> report = m_compilerReport.Value; if (report != null) { report.Clear(); } IList <IOpCode> entries = new List <IOpCode>(); entries.Add(Compile(entries, cert, expression)); return(entries); }
private async void CallLexiconParser(string lexicon, RichTextBox rtxBox) { try { IPolicyExpression expression = await ParseLexicon(lexicon); var textRange = new TextRange(rtxBox.Document.ContentStart, rtxBox.Document.ContentEnd); textRange.ApplyPropertyValue(TextElement.ForegroundProperty, Brushes.Black); } catch (PolicyGrammarException) { var textRange = new TextRange(rtxBox.Document.ContentStart, rtxBox.Document.ContentEnd); textRange.ApplyPropertyValue(TextElement.ForegroundProperty, Brushes.Red); } }
public bool IsCompliant(X509Certificate2 cert, IPolicyExpression expression) { if (m_compiler == null) { throw new InvalidOperationException("Compiler cannot be null"); } if (m_executionEngine == null) { throw new InvalidOperationException("Execution engine cannot be null"); } IList <IOpCode> opcodes = m_compiler.Compile(cert, expression); return(m_executionEngine.Evaluate(opcodes)); }
public void Serialize(IPolicyExpression expression, Stream stream) { if (expression == null) { throw new ArgumentNullException("expression"); } if (stream == null) { throw new ArgumentNullException("stream"); } XmlSerializer xmlSerializer = new XmlSerializer(expression.GetType()); xmlSerializer.Serialize(stream, expression); }
public void Combine(IPolicyExpressionRoot right, PolicyOperator @operator) { if (right == null) { throw new ArgumentNullException(nameof(right)); } PolicyExpressionWithOperator exp = new PolicyExpressionWithOperator(@operator, expression, right.Expression); if (isPolicyOnly) { isPolicyOnly = false; policyName = null; } expression = exp; result = exp.Result; }
protected IPolicyExpression BuildCertificateReferenceField(String token) //throws PolicyParseException { IPolicyExpression checkObj = BuildX509Field(token); // check to see if its an X509Field if (checkObj == null) { // check to see if TBSFieldName checkObj = BuildTBSField(token); if (checkObj == null) { // check for extension field checkObj = BuildExtensionField(token); } } return(checkObj); }
public void TestExtensionBasicContraint_CA_AssertTrue() { var parser = new SimpleTextV1LexiconPolicyParser(); using (Stream stream = ("X509.TBS.EXTENSION.BasicConstraints.CA = true").ToStream()) { IList <SimpleTextV1LexiconPolicyParser.TokenTypeAssociation> tokens = parser.ParseToTokens(stream); tokens.Count.Should().Be(3); } using (Stream stream = ("X509.TBS.EXTENSION.BasicConstraints.CA = true").ToStream()) { IPolicyExpression expression = parser.Parse(stream); expression.Should().BeAssignableTo <OperationPolicyExpression>(); var operationPolicyExpression = expression as OperationPolicyExpression; operationPolicyExpression.GetOperands().Count.Should().Be(2); } }
public PolicyExpressionWithOperator(PolicyOperator @operator, IPolicyExpression left, IPolicyExpression right) { this.@operator = @operator; this.left = left; this.right = right; PolicyResult leftResult = left.Result; PolicyResult rightResult = right.Result; switch (@operator) { case PolicyOperator.And: this.result = AndOperation[(int)leftResult, (int)rightResult]; break; case PolicyOperator.Or: default: this.result = OrOperation[(int)leftResult, (int)rightResult]; break; } }
public override IPolicyExpression Parse(Stream stream) { IList <TokenTypeAssociation> tokens = ParseToTokens(stream); ResetLevel(); IPolicyExpression retExpression = BuildExpression(tokens.GetEnumerator()); if (GetLevel() != 0) { throw new PolicyGrammarException("Group not closed."); } if (retExpression.GetExpressionType() != PolicyExpressionType.OPERATION) { throw new PolicyGrammarException("Expression must evaluate to an operation"); } return(retExpression); }
public PolicyExpressionRoot(IPolicyExpression expression) { this.expression = expression; result = expression.Result; switch (expression) { case IPolicyOnlyExpression policyOnly: isPolicyOnly = true; policyName = policyOnly.Policy; break; case IPolicyExpressionWithOperator withOperator: isPolicyOnly = false; policyName = null; break; default: throw new Exception($"expression of type {expression.GetType()} is not supported"); } }
private string GetOperandType(IPolicyExpression policyExpression) { try { IEnumerable <Type> genericInterfaces = policyExpression.GetType().GetInterfaces().Where(i => i.GenericTypeArguments.Any()).ToArray(); // IPolicyExpression is a IOperationPolicyExpression if (!genericInterfaces.Any()) { var policyOpertor = policyExpression as IOperationPolicyExpression; if (policyOpertor == null) { return(null); } var returnName = policyOpertor.GetPolicyOperator().ExecuteRef.Method.ReturnType.Name; return(returnName); } //if (genericInterfaces //Looing for ITBSField<IEnumerable<String>> // .Any(i => i.GetGenericTypeDefinition() == typeof(ITBSField<>) && i.GetGenericArguments() // .Any(a => a.GetInterfaces() // .Any(ai => ai.IsGenericType && ai.GetGenericTypeDefinition() == typeof(IEnumerable<>))))) //{ // return "String"; //} var rdnType = genericInterfaces.FirstOrDefault(i => i.GetGenericTypeDefinition() == typeof(IRdn <>)); if (rdnType != null) { return(rdnType.GetGenericArguments().First().Name); } var args = genericInterfaces.First().GetGenericArguments(); return(args[0].Name); } catch (Exception ex) { throw new PolicyParseException("Error getting operand type for: " + policyExpression, ex); } }
public bool MoveNext() { if (policyOnly != null) { if (current == policyOnly) { return(false); } current = policyOnly; return(true); } if (stack.Count <= 0) { return(false); } IPolicyExpression top = stack.Pop(); while (true) { switch (top) { case IPolicyExpressionWithOperator op: stack.Push(op.Right); top = op.Left; break; case IPolicyOnlyExpression policyOnly: current = policyOnly; return(true); default: throw new Exception($"unsupported expression node of type {top.GetType()}"); } } }
private string GetOperandType(IPolicyExpression policyExpression) { try { IEnumerable<Type> genericInterfaces = policyExpression.GetType().GetInterfaces().Where(i => i.GenericTypeArguments.Any()).ToArray(); // IPolicyExpression is a IOperationPolicyExpression if (!genericInterfaces.Any()) { var policyOpertor = policyExpression as IOperationPolicyExpression; if (policyOpertor == null) { return null; } var returnName = policyOpertor.GetPolicyOperator().ExecuteRef.Method.ReturnType.Name; return returnName; } //if (genericInterfaces //Looing for ITBSField<IEnumerable<String>> // .Any(i => i.GetGenericTypeDefinition() == typeof(ITBSField<>) && i.GetGenericArguments() // .Any(a => a.GetInterfaces() // .Any(ai => ai.IsGenericType && ai.GetGenericTypeDefinition() == typeof(IEnumerable<>))))) //{ // return "String"; //} var rdnType = genericInterfaces.FirstOrDefault(i => i.GetGenericTypeDefinition() == typeof (IRdn<>)); if(rdnType != null) { return rdnType.GetGenericArguments().First().Name; } var args = genericInterfaces.First().GetGenericArguments(); return args[0].Name; } catch (Exception ex) { throw new PolicyParseException("Error getting operand type for: " + policyExpression, ex); } }
/** * Builds an aggregated {@link PolicyExpression} from a parsed list of tokens. * @param tokens Parsed list of tokens used to build the {@link PolicyExpression}. * @param level Used for keeping track of depth of operations. * @return A {@link PolicyExpression} built from the parsed list of tokens. * @throws PolicyParseException */ protected IPolicyExpression BuildExpression(IEnumerator <TokenTypeAssociation> tokens, bool operandFrame) { if (!tokens.MoveNext()) { return(null); } IList <IPolicyExpression> builtOperandExpressions = new List <IPolicyExpression>(); do { TokenTypeAssociation assos = tokens.Current; switch (assos.GetTokenType()) { case TokenType.START_LEVEL: { IncrementLevel(); IPolicyExpression expression = BuildExpression(tokens); if (operandFrame) { return(expression); } builtOperandExpressions.Add(expression); break; } case TokenType.END_LEVEL: if (GetLevel() == 0) { throw new PolicyGrammarException("To many \")\" tokens. Delete this token"); } if (builtOperandExpressions.Count == 0) { throw new PolicyGrammarException("Group must contain at least one expression."); } DecrementLevel(); return(builtOperandExpressions[0]); case TokenType.OPERATOR_BINARY_EXPRESSION: case TokenType.OPERATOR_UNARY_EXPRESSION: { // regardless if this is a unary or binary expression, then next set of tokens should consist // of a parameter to this operator IPolicyExpression subExpression = BuildExpression(tokens, true); int tokenHashCode = 0; if (subExpression != null) { //TODO Refactor if (assos.GetTokenType() == TokenType.OPERATOR_UNARY_EXPRESSION) { tokenHashCode = (assos.GetToken() + "_" + GetOperandType(subExpression)).GetHashCode(); } if (assos.GetTokenType() == TokenType.OPERATOR_BINARY_EXPRESSION) { string leftOperandType = GetOperandType(builtOperandExpressions.First()); string rightOperandType = GetOperandType(subExpression); tokenHashCode = (assos.GetToken() + "_" + leftOperandType + "_" + rightOperandType).GetHashCode(); } } else //(subExpression == null) { throw new PolicyGrammarException("Missing parameter. Operator must be followed by an expression."); } builtOperandExpressions.Add(subExpression); // get the operator for this token OperatorBase operatorBase = PolicyOperator.FromToken(tokenHashCode); // now add the parameters to the operator if (builtOperandExpressions.Count == 1 && operatorBase is BinaryOperator) { throw new PolicyGrammarException("Missing parameter. Binary operators require two parameters."); } IPolicyExpression operatorExpression = new OperationPolicyExpression(operatorBase, builtOperandExpressions); if (operandFrame) { return(operatorExpression); } builtOperandExpressions = new List <IPolicyExpression>(); builtOperandExpressions.Add(operatorExpression); break; } case TokenType.LITERAL_EXPRESSION: { IPolicyExpression expression = new LiteralPolicyExpression <string>(new PolicyValue <string>(assos.GetToken())); if (operandFrame) { return(expression); // exit this operand frame } builtOperandExpressions.Add(expression); break; } case TokenType.CERTIFICATE_REFERENCE_EXPRESSION: { IPolicyExpression expression = BuildCertificateReferenceField(assos.GetToken()); if (operandFrame) { return(expression); // exit this operand frame } builtOperandExpressions.Add(expression); break; } } } while(tokens.MoveNext()); if (builtOperandExpressions.Count > 1) { throw new PolicyGrammarException("Erroneous expression."); } return(builtOperandExpressions[0]); }
public virtual IPolicyExpression Parse(Stream stream) { m_policyExpression = Deserialize <IPolicyExpression>(stream); return(m_policyExpression); }
/// <summary> /// Create a new XMLLexiconPolicyParser /// </summary> public XMLLexiconPolicyParser(IPolicyExpression policyExpression) { m_policyExpression = policyExpression; }
public bool IsCompliant(X509Certificate2 cert, Stream policyStream) { IPolicyExpression expression = m_parser.Parse(policyStream); return(IsCompliant(cert, expression)); }
protected StackMachineEntry <OperationPolicyExpression> Compile(IList <IOpCode> entries, X509Certificate2 cert, IPolicyExpression expression) { switch (expression.GetExpressionType()) { //case PolicyExpressionType.LITERAL: // return new StackMachineEntry(((LiteralPolicyExpression < ? >) // expression). // GetPolicyValue()) // ; //case PolicyExpressionType.REFERENCE: //{ // object refExpression = GetRefExpressionType(expression); // //IReferencePolicyExpression<X509Certificate2, object> refExpression = null; // EvaluateReferenceExpression(cert, refExpression); // return new ReferenceMachineEntry<IReferencePolicyExpression<X509Certificate2,T>>(expression); //} case PolicyExpressionType.OPERATION: { OperationPolicyExpression opExpression = (OperationPolicyExpression)expression; foreach (IPolicyExpression policyExpression in opExpression.GetOperands()) { if (policyExpression is IReferencePolicyExpression <X509Certificate2, String> ) { var refExpression = policyExpression as IReferencePolicyExpression <X509Certificate2, String>; EvaluateReferenceExpression(cert, refExpression); entries.Add(Compile(refExpression)); } else if (policyExpression is IReferencePolicyExpression <X509Certificate2, Int32> ) { var refExpression = policyExpression as IReferencePolicyExpression <X509Certificate2, Int32>; EvaluateReferenceExpression(cert, refExpression); entries.Add(Compile(refExpression)); } else if (policyExpression is IReferencePolicyExpression <X509Certificate2, Int64> ) { var refExpression = policyExpression as IReferencePolicyExpression <X509Certificate2, Int64>; EvaluateReferenceExpression(cert, refExpression); entries.Add(Compile(refExpression)); } else if (policyExpression is IReferencePolicyExpression <X509Certificate2, IList <String> > ) { var refExpression = policyExpression as IReferencePolicyExpression <X509Certificate2, IList <String> >; EvaluateReferenceExpression(cert, refExpression); entries.Add(Compile(refExpression)); } else if (policyExpression is IReferencePolicyExpression <X509Certificate2, Boolean> ) { var refExpression = policyExpression as IReferencePolicyExpression <X509Certificate2, Boolean>; EvaluateReferenceExpression(cert, refExpression); entries.Add(Compile(refExpression)); } else if (policyExpression is ILiteralPolicyExpression <String> ) { entries.Add(Compile(policyExpression as ILiteralPolicyExpression <String>)); } else { entries.Add(Compile(entries, cert, policyExpression)); } } return(new StackMachineEntry <OperationPolicyExpression>(opExpression.GetPolicyOperator())); } default: return(null); } }