mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-22 19:36:11 +00:00
140 lines
6.7 KiB
C#
140 lines
6.7 KiB
C#
|
// Decompiled with JetBrains decompiler
|
|||
|
// Type: Microsoft.InfoCards.PolicyValidator
|
|||
|
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
|
|||
|
// MVID: ADE0A079-11DB-4A46-8BDE-D2A592CA8DEA
|
|||
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.Expiro.w-67b630ead60119692b9abbdfd8717c96904ef041127c2cae033c86b718eaa61e.exe
|
|||
|
|
|||
|
using Microsoft.InfoCards.Diagnostics;
|
|||
|
using System;
|
|||
|
using System.ServiceModel;
|
|||
|
using System.ServiceModel.Security;
|
|||
|
using System.Text;
|
|||
|
|
|||
|
namespace Microsoft.InfoCards
|
|||
|
{
|
|||
|
internal class PolicyValidator
|
|||
|
{
|
|||
|
private InfoCardPolicy m_policy;
|
|||
|
|
|||
|
public PolicyValidator(InfoCardPolicy policy)
|
|||
|
{
|
|||
|
InfoCardTrace.Assert(null != policy, "PolicyValidator: policy cannot be null.");
|
|||
|
this.m_policy = policy;
|
|||
|
}
|
|||
|
|
|||
|
public virtual void Validate()
|
|||
|
{
|
|||
|
this.ValidateClaims();
|
|||
|
this.ValidateNonWhiteListElements();
|
|||
|
this.ValidateRequestType();
|
|||
|
this.ValidateTokenType();
|
|||
|
this.ValidateKeySize();
|
|||
|
this.ValidatePrivacyVersion();
|
|||
|
this.ValidateKeyTypeSpecified();
|
|||
|
this.ValidateKeyType();
|
|||
|
this.ValidateKeyWrapAlgorithm();
|
|||
|
this.ValidateAppliesTo();
|
|||
|
this.ValidateRecipients();
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidateClaims()
|
|||
|
{
|
|||
|
string[] requiredClaims = this.m_policy.RequiredClaims;
|
|||
|
if (requiredClaims == null || requiredClaims.Length == 0)
|
|||
|
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("NoClaimsFoundInPolicy")));
|
|||
|
foreach (string requiredClaim in this.m_policy.RequiredClaims)
|
|||
|
{
|
|||
|
if (!PolicyUtility.IsSelfIssuedClaim(requiredClaim))
|
|||
|
this.ThrowIfSelfIssued((Exception) new UnsupportedPolicyOptionsException(SR.GetString("ServiceDoesNotSupportThisClaim")));
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidateNonWhiteListElements()
|
|||
|
{
|
|||
|
if (!this.m_policy.NonWhiteListElementsFound)
|
|||
|
return;
|
|||
|
StringBuilder stringBuilder = new StringBuilder();
|
|||
|
foreach (string whiteListElement in this.m_policy.NonWhiteListElements)
|
|||
|
{
|
|||
|
stringBuilder.Append(" ");
|
|||
|
stringBuilder.Append(whiteListElement);
|
|||
|
}
|
|||
|
this.ThrowIfSelfIssued((Exception) new UnsupportedPolicyOptionsException(SR.GetString("ServiceUnsupportedPolicyElementFound", (object) stringBuilder.ToString())));
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidateRequestType()
|
|||
|
{
|
|||
|
if (!string.IsNullOrEmpty(this.m_policy.RequestType) && this.m_policy.MergedPolicy.ProtocolVersionProfile.WSTrust.IssueRequestType != this.m_policy.RequestType)
|
|||
|
throw InfoCardTrace.ThrowHelperError((Exception) new UnsupportedPolicyOptionsException(SR.GetString("OnlyIssueRequestTypeSupported", (object) this.m_policy.RequestType, (object) this.m_policy.MergedPolicy.ProtocolVersionProfile.WSTrust.IssueRequestType)));
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidateTokenType()
|
|||
|
{
|
|||
|
if (string.IsNullOrEmpty(this.m_policy.OptionalRstParams.TokenType) || PolicyUtility.IsSelfIssuedTokenType(this.m_policy.OptionalRstParams.TokenType))
|
|||
|
return;
|
|||
|
this.ThrowIfSelfIssued((Exception) new UnsupportedPolicyOptionsException(SR.GetString("ServiceDoesNotSupportThisTokenType")));
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidateKeySize()
|
|||
|
{
|
|||
|
if (SecurityKeyTypeInternal.AsymmetricKey == this.m_policy.KeyType && this.m_policy.KeySizeSpecified && 2048U != this.m_policy.KeySize)
|
|||
|
throw InfoCardTrace.ThrowHelperError((Exception) new UnsupportedPolicyOptionsException(SR.GetString("ServiceInvalidAsymmetricKeySize")));
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidatePrivacyVersion()
|
|||
|
{
|
|||
|
if (this.m_policy.PrivacyPolicyVersion == 0U && !string.IsNullOrEmpty(this.m_policy.PrivacyPolicyLink) || this.m_policy.PrivacyPolicyVersion != 0U && string.IsNullOrEmpty(this.m_policy.PrivacyPolicyLink))
|
|||
|
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("ServiceInvalidPrivacyNoticeVersion")));
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidateKeyTypeSpecified()
|
|||
|
{
|
|||
|
if (SecurityKeyTypeInternal.NoKey == this.m_policy.MergedPolicy.KeyType)
|
|||
|
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("NoProofKeyOnlyAllowedInBrowser", (object) XmlNames.WSIdentity.NoProofKeyTypeValue)));
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidateKeyType()
|
|||
|
{
|
|||
|
if (this.m_policy.ImmediateTokenRecipient is X509RecipientIdentity || !this.m_policy.KeyTypeSpecified || this.m_policy.KeyType != SecurityKeyTypeInternal.SymmetricKey)
|
|||
|
return;
|
|||
|
this.ThrowIfSelfIssued((Exception) new UnsupportedPolicyOptionsException(SR.GetString("InvalidKeyOption")));
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidateKeyWrapAlgorithm()
|
|||
|
{
|
|||
|
if (string.IsNullOrEmpty(this.m_policy.OptionalRstParams.KeyWrapAlgorithm) || !(this.m_policy.OptionalRstParams.KeyWrapAlgorithm != SecurityAlgorithmSuite.Default.DefaultAsymmetricKeyWrapAlgorithm))
|
|||
|
return;
|
|||
|
this.ThrowIfSelfIssued((Exception) new UnsupportedPolicyOptionsException(SR.GetString("ServiceInvalidArguments")));
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidateRecipients()
|
|||
|
{
|
|||
|
this.m_policy.Recipient.Validate();
|
|||
|
this.m_policy.ImmediateTokenRecipient.Validate();
|
|||
|
}
|
|||
|
|
|||
|
protected void ValidateAppliesTo()
|
|||
|
{
|
|||
|
if ((EndpointAddress) null == this.m_policy.MergedPolicy.PolicyAppliesTo)
|
|||
|
return;
|
|||
|
if (Uri.Compare(this.m_policy.MergedPolicy.PolicyAppliesTo.Uri, this.m_policy.ImmediateTokenRecipient.Address.Uri, UriComponents.SchemeAndServer, UriFormat.UriEscaped, StringComparison.OrdinalIgnoreCase) != 0)
|
|||
|
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("InvalidAppliesToInPolicy", (object) SR.GetString("RecipientNotFromSameSecurityDomain"))));
|
|||
|
string components1 = this.m_policy.MergedPolicy.PolicyAppliesTo.Uri.GetComponents(UriComponents.Path, UriFormat.UriEscaped);
|
|||
|
string components2 = this.m_policy.ImmediateTokenRecipient.Address.Uri.GetComponents(UriComponents.Path, UriFormat.UriEscaped);
|
|||
|
if (string.IsNullOrEmpty(components1))
|
|||
|
return;
|
|||
|
if (string.IsNullOrEmpty(components2))
|
|||
|
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("InvalidAppliesToInPolicy", (object) SR.GetString("RecipientNotFromSameSecurityDomain"))));
|
|||
|
string lowerInvariant = components1.ToLowerInvariant();
|
|||
|
if (!components2.ToLowerInvariant().StartsWith(lowerInvariant, StringComparison.OrdinalIgnoreCase))
|
|||
|
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("InvalidAppliesToInPolicy", (object) SR.GetString("RecipientNotFromSameSecurityDomain"))));
|
|||
|
}
|
|||
|
|
|||
|
private void ThrowIfSelfIssued(Exception e)
|
|||
|
{
|
|||
|
if (InfoCardPolicy.IsSelfIssuedUriPresent(this.m_policy.Issuer))
|
|||
|
throw InfoCardTrace.ThrowHelperError(e);
|
|||
|
}
|
|||
|
}
|
|||
|
}
|