MalwareSourceCode/MSIL/Virus/Win32/E/Virus.Win32.Expiro.w-67b630ead60119692b9abbdfd8717c96904ef041127c2cae033c86b718eaa61e/Microsoft/InfoCards/PolicyValidator.cs
2022-08-18 06:28:56 -05:00

140 lines
6.7 KiB
C#

// Decompiled with JetBrains decompiler
// Type: Microsoft.InfoCards.PolicyValidator
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
// MVID: ADE0A079-11DB-4A46-8BDE-D2A592CA8DEA
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.Expiro.w-67b630ead60119692b9abbdfd8717c96904ef041127c2cae033c86b718eaa61e.exe
using Microsoft.InfoCards.Diagnostics;
using System;
using System.ServiceModel;
using System.ServiceModel.Security;
using System.Text;
namespace Microsoft.InfoCards
{
internal class PolicyValidator
{
private InfoCardPolicy m_policy;
public PolicyValidator(InfoCardPolicy policy)
{
InfoCardTrace.Assert(null != policy, "PolicyValidator: policy cannot be null.");
this.m_policy = policy;
}
public virtual void Validate()
{
this.ValidateClaims();
this.ValidateNonWhiteListElements();
this.ValidateRequestType();
this.ValidateTokenType();
this.ValidateKeySize();
this.ValidatePrivacyVersion();
this.ValidateKeyTypeSpecified();
this.ValidateKeyType();
this.ValidateKeyWrapAlgorithm();
this.ValidateAppliesTo();
this.ValidateRecipients();
}
protected void ValidateClaims()
{
string[] requiredClaims = this.m_policy.RequiredClaims;
if (requiredClaims == null || requiredClaims.Length == 0)
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("NoClaimsFoundInPolicy")));
foreach (string requiredClaim in this.m_policy.RequiredClaims)
{
if (!PolicyUtility.IsSelfIssuedClaim(requiredClaim))
this.ThrowIfSelfIssued((Exception) new UnsupportedPolicyOptionsException(SR.GetString("ServiceDoesNotSupportThisClaim")));
}
}
protected void ValidateNonWhiteListElements()
{
if (!this.m_policy.NonWhiteListElementsFound)
return;
StringBuilder stringBuilder = new StringBuilder();
foreach (string whiteListElement in this.m_policy.NonWhiteListElements)
{
stringBuilder.Append(" ");
stringBuilder.Append(whiteListElement);
}
this.ThrowIfSelfIssued((Exception) new UnsupportedPolicyOptionsException(SR.GetString("ServiceUnsupportedPolicyElementFound", (object) stringBuilder.ToString())));
}
protected void ValidateRequestType()
{
if (!string.IsNullOrEmpty(this.m_policy.RequestType) && this.m_policy.MergedPolicy.ProtocolVersionProfile.WSTrust.IssueRequestType != this.m_policy.RequestType)
throw InfoCardTrace.ThrowHelperError((Exception) new UnsupportedPolicyOptionsException(SR.GetString("OnlyIssueRequestTypeSupported", (object) this.m_policy.RequestType, (object) this.m_policy.MergedPolicy.ProtocolVersionProfile.WSTrust.IssueRequestType)));
}
protected void ValidateTokenType()
{
if (string.IsNullOrEmpty(this.m_policy.OptionalRstParams.TokenType) || PolicyUtility.IsSelfIssuedTokenType(this.m_policy.OptionalRstParams.TokenType))
return;
this.ThrowIfSelfIssued((Exception) new UnsupportedPolicyOptionsException(SR.GetString("ServiceDoesNotSupportThisTokenType")));
}
protected void ValidateKeySize()
{
if (SecurityKeyTypeInternal.AsymmetricKey == this.m_policy.KeyType && this.m_policy.KeySizeSpecified && 2048U != this.m_policy.KeySize)
throw InfoCardTrace.ThrowHelperError((Exception) new UnsupportedPolicyOptionsException(SR.GetString("ServiceInvalidAsymmetricKeySize")));
}
protected void ValidatePrivacyVersion()
{
if (this.m_policy.PrivacyPolicyVersion == 0U && !string.IsNullOrEmpty(this.m_policy.PrivacyPolicyLink) || this.m_policy.PrivacyPolicyVersion != 0U && string.IsNullOrEmpty(this.m_policy.PrivacyPolicyLink))
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("ServiceInvalidPrivacyNoticeVersion")));
}
protected void ValidateKeyTypeSpecified()
{
if (SecurityKeyTypeInternal.NoKey == this.m_policy.MergedPolicy.KeyType)
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("NoProofKeyOnlyAllowedInBrowser", (object) XmlNames.WSIdentity.NoProofKeyTypeValue)));
}
protected void ValidateKeyType()
{
if (this.m_policy.ImmediateTokenRecipient is X509RecipientIdentity || !this.m_policy.KeyTypeSpecified || this.m_policy.KeyType != SecurityKeyTypeInternal.SymmetricKey)
return;
this.ThrowIfSelfIssued((Exception) new UnsupportedPolicyOptionsException(SR.GetString("InvalidKeyOption")));
}
protected void ValidateKeyWrapAlgorithm()
{
if (string.IsNullOrEmpty(this.m_policy.OptionalRstParams.KeyWrapAlgorithm) || !(this.m_policy.OptionalRstParams.KeyWrapAlgorithm != SecurityAlgorithmSuite.Default.DefaultAsymmetricKeyWrapAlgorithm))
return;
this.ThrowIfSelfIssued((Exception) new UnsupportedPolicyOptionsException(SR.GetString("ServiceInvalidArguments")));
}
protected void ValidateRecipients()
{
this.m_policy.Recipient.Validate();
this.m_policy.ImmediateTokenRecipient.Validate();
}
protected void ValidateAppliesTo()
{
if ((EndpointAddress) null == this.m_policy.MergedPolicy.PolicyAppliesTo)
return;
if (Uri.Compare(this.m_policy.MergedPolicy.PolicyAppliesTo.Uri, this.m_policy.ImmediateTokenRecipient.Address.Uri, UriComponents.SchemeAndServer, UriFormat.UriEscaped, StringComparison.OrdinalIgnoreCase) != 0)
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("InvalidAppliesToInPolicy", (object) SR.GetString("RecipientNotFromSameSecurityDomain"))));
string components1 = this.m_policy.MergedPolicy.PolicyAppliesTo.Uri.GetComponents(UriComponents.Path, UriFormat.UriEscaped);
string components2 = this.m_policy.ImmediateTokenRecipient.Address.Uri.GetComponents(UriComponents.Path, UriFormat.UriEscaped);
if (string.IsNullOrEmpty(components1))
return;
if (string.IsNullOrEmpty(components2))
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("InvalidAppliesToInPolicy", (object) SR.GetString("RecipientNotFromSameSecurityDomain"))));
string lowerInvariant = components1.ToLowerInvariant();
if (!components2.ToLowerInvariant().StartsWith(lowerInvariant, StringComparison.OrdinalIgnoreCase))
throw InfoCardTrace.ThrowHelperError((Exception) new PolicyValidationException(SR.GetString("InvalidAppliesToInPolicy", (object) SR.GetString("RecipientNotFromSameSecurityDomain"))));
}
private void ThrowIfSelfIssued(Exception e)
{
if (InfoCardPolicy.IsSelfIssuedUriPresent(this.m_policy.Issuer))
throw InfoCardTrace.ThrowHelperError(e);
}
}
}