File: System\IdentityModel\Claims\ClaimComparer.cs
Project: ndp\cdf\src\WCF\IdentityModel\System.IdentityModel.csproj (System.IdentityModel)
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation.  All rights reserved.
//------------------------------------------------------------
 
namespace System.IdentityModel.Claims
{
    using System.Collections;
    using System.Collections.Generic;
    using System.Diagnostics;
    using System.Runtime.CompilerServices;
    using System.Security.Cryptography;
    using System.Security.Cryptography.X509Certificates;
    using System.Security.Principal;
 
    class ClaimComparer : IEqualityComparer<Claim>
    {
        static IEqualityComparer<Claim> defaultComparer;
        static IEqualityComparer<Claim> hashComparer;
        static IEqualityComparer<Claim> dnsComparer;
        static IEqualityComparer<Claim> rsaComparer;
        static IEqualityComparer<Claim> thumbprintComparer;
        static IEqualityComparer<Claim> upnComparer;
        static IEqualityComparer<Claim> x500DistinguishedNameComparer;
        IEqualityComparer resourceComparer;
 
        ClaimComparer(IEqualityComparer resourceComparer)
        {
            this.resourceComparer = resourceComparer;
        }
 
        public static IEqualityComparer<Claim> GetComparer(string claimType)
        {
            if (claimType == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("claimType");
            if (claimType == ClaimTypes.Dns)
                return Dns;
            if (claimType == ClaimTypes.Hash)
                return Hash;
            if (claimType == ClaimTypes.Rsa)
                return Rsa;
            if (claimType == ClaimTypes.Thumbprint)
                return Thumbprint;
            if (claimType == ClaimTypes.Upn)
                return Upn;
            if (claimType == ClaimTypes.X500DistinguishedName)
                return X500DistinguishedName;
            return Default;
        }
 
        public static IEqualityComparer<Claim> Default
        {
            get
            {
                if (defaultComparer == null)
                {
                    defaultComparer = new ClaimComparer(new ObjectComparer());
                }
                return defaultComparer;
            }
        }
 
        public static IEqualityComparer<Claim> Dns
        {
            get
            {
                if (dnsComparer == null)
                {
                    dnsComparer = new ClaimComparer(StringComparer.OrdinalIgnoreCase);
                }
                return dnsComparer;
            }
        }
 
        public static IEqualityComparer<Claim> Hash
        {
            get
            {
                if (hashComparer == null)
                {
                    hashComparer = new ClaimComparer(new BinaryObjectComparer());
                }
                return hashComparer;
            }
        }
 
        public static IEqualityComparer<Claim> Rsa
        {
            get
            {
                if (rsaComparer == null)
                {
                    rsaComparer = new ClaimComparer(new RsaObjectComparer());
                }
                return rsaComparer;
            }
        }
 
        public static IEqualityComparer<Claim> Thumbprint
        {
            get
            {
                if (thumbprintComparer == null)
                {
                    thumbprintComparer = new ClaimComparer(new BinaryObjectComparer());
                }
                return thumbprintComparer;
            }
        }
 
        public static IEqualityComparer<Claim> Upn
        {
            get
            {
                if (upnComparer == null)
                {
                    upnComparer = new ClaimComparer(new UpnObjectComparer());
                }
                return upnComparer;
            }
        }
 
        public static IEqualityComparer<Claim> X500DistinguishedName
        {
            get
            {
                if (x500DistinguishedNameComparer == null)
                {
                    x500DistinguishedNameComparer = new ClaimComparer(new X500DistinguishedNameObjectComparer());
                }
                return x500DistinguishedNameComparer;
            }
        }
 
        // we still need to review how the default equals works, this is not how Doug envisioned it.
        public bool Equals(Claim claim1, Claim claim2)
        {
            if (ReferenceEquals(claim1, claim2))
                return true;
 
            if (claim1 == null || claim2 == null)
                return false;
 
            if (claim1.ClaimType != claim2.ClaimType || claim1.Right != claim2.Right)
                return false;
 
            return resourceComparer.Equals(claim1.Resource, claim2.Resource);
        }
 
        public int GetHashCode(Claim claim)
        {
            if (claim == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("claim");
 
            return claim.ClaimType.GetHashCode() ^ claim.Right.GetHashCode()
                ^ ( (claim.Resource == null) ? 0 : resourceComparer.GetHashCode(claim.Resource));
        }
 
        class ObjectComparer : IEqualityComparer
        {
            bool IEqualityComparer.Equals(object obj1, object obj2)
            {
                if (obj1 == null && obj2 == null)
                    return true;
                if (obj1 == null || obj2 == null)
                    return false;
                return obj1.Equals(obj2);
            }
 
            int IEqualityComparer.GetHashCode(object obj)
            {
                if (obj == null)
                    return 0;
                return obj.GetHashCode();
            }
        }
 
        class BinaryObjectComparer : IEqualityComparer
        {
            bool IEqualityComparer.Equals(object obj1, object obj2)
            {
                if (ReferenceEquals(obj1, obj2))
                    return true;
 
                byte[] bytes1 = obj1 as byte[];
                byte[] bytes2 = obj2 as byte[];
                if (bytes1 == null || bytes2 == null)
                    return false;
 
                if (bytes1.Length != bytes2.Length)
                    return false;
 
                for (int i = 0; i < bytes1.Length; ++i)
                {
                    if (bytes1[i] != bytes2[i])
                        return false;
                }
 
                return true;
            }
 
            int IEqualityComparer.GetHashCode(object obj)
            {
                byte[] bytes = obj as byte[];
                if (bytes == null)
                    return 0;
 
                int hashCode = 0;
                for (int i = 0; i < bytes.Length && i < 4; ++i)
                {
                    hashCode = (hashCode << 8) | bytes[i];
                }
 
                return hashCode ^ bytes.Length;
            }
        }
 
        class RsaObjectComparer : IEqualityComparer
        {
            bool IEqualityComparer.Equals(object obj1, object obj2)
            {
                if (ReferenceEquals(obj1, obj2))
                    return true;
 
                RSA rsa1 = obj1 as RSA;
                RSA rsa2 = obj2 as RSA;
                if (rsa1 == null || rsa2 == null)
                    return false;
 
                RSAParameters parm1 = rsa1.ExportParameters(false);
                RSAParameters parm2 = rsa2.ExportParameters(false);
 
                if (parm1.Modulus.Length != parm2.Modulus.Length ||
                    parm1.Exponent.Length != parm2.Exponent.Length)
                    return false;
 
                for (int i = 0; i < parm1.Modulus.Length; ++i)
                {
                    if (parm1.Modulus[i] != parm2.Modulus[i])
                        return false;
                }
                for (int i = 0; i < parm1.Exponent.Length; ++i)
                {
                    if (parm1.Exponent[i] != parm2.Exponent[i])
                        return false;
                }
                return true;
            }
 
            int IEqualityComparer.GetHashCode(object obj)
            {
                RSA rsa = obj as RSA;
                if (rsa == null)
                    return 0;
 
                RSAParameters parm = rsa.ExportParameters(false);
                return parm.Modulus.Length ^ parm.Exponent.Length;
            }
        }
 
        class X500DistinguishedNameObjectComparer : IEqualityComparer
        {
            IEqualityComparer binaryComparer;
            public X500DistinguishedNameObjectComparer()
            {
                binaryComparer = new BinaryObjectComparer();
            }
 
            bool IEqualityComparer.Equals(object obj1, object obj2)
            {
                if (ReferenceEquals(obj1, obj2))
                    return true;
 
                X500DistinguishedName dn1 = obj1 as X500DistinguishedName;
                X500DistinguishedName dn2 = obj2 as X500DistinguishedName;
                if (dn1 == null || dn2 == null)
                    return false;
 
                // 1) Hopefully cover most cases (perf reason).
                if (StringComparer.Ordinal.Equals(dn1.Name, dn2.Name))
                    return true;
 
                // 2) Raw byte compare.  Note: we assume the rawbyte is in the same order 
                // (default = X500DistinguishedNameFlags.Reversed). 
                return binaryComparer.Equals(dn1.RawData, dn2.RawData);
            }
 
            int IEqualityComparer.GetHashCode(object obj)
            {
                X500DistinguishedName dn = obj as X500DistinguishedName;
                if (dn == null)
                    return 0;
 
                return binaryComparer.GetHashCode(dn.RawData);
            }
        }
 
        class UpnObjectComparer : IEqualityComparer
        {
            bool IEqualityComparer.Equals(object obj1, object obj2)
            {
                if (StringComparer.OrdinalIgnoreCase.Equals(obj1, obj2))
                    return true;
 
                string upn1 = obj1 as string;
                string upn2 = obj2 as string;
                if (upn1 == null || upn2 == null)
                    return false;
 
                SecurityIdentifier sid1;
                if (!TryLookupSidFromName(upn1, out sid1))
                    return false;
 
                // Normalize to sid
                SecurityIdentifier sid2;
                if (!TryLookupSidFromName(upn2, out sid2))
                    return false;
 
                return sid1 == sid2;
            }
 
            int IEqualityComparer.GetHashCode(object obj)
            {
                string upn = obj as string;
                if (upn == null)
                    return 0;
 
                // Normalize to sid
                SecurityIdentifier sid;
                if (TryLookupSidFromName(upn, out sid))
                    return sid.GetHashCode();
 
                return StringComparer.OrdinalIgnoreCase.GetHashCode(upn);
            }
 
            bool TryLookupSidFromName(string upn, out SecurityIdentifier sid)
            {
                sid = null;
                try
                {
                    NTAccount acct = new NTAccount(upn);
                    sid = acct.Translate(typeof(SecurityIdentifier)) as SecurityIdentifier;
                }
                catch (IdentityNotMappedException e) 
                {
                    DiagnosticUtility.TraceHandledException(e, TraceEventType.Information);
                }
                return sid != null;
            }
        }
    }
}