BuildChannelListenerCore <TChannel> (
BindingContext context)
{
if (InitiatorTokenParameters == null)
{
throw new InvalidOperationException("InitiatorTokenParameters must be set before building channel factory.");
}
if (RecipientTokenParameters == null)
{
throw new InvalidOperationException("RecipientTokenParameters must be set before building channel factory.");
}
SetIssuerBindingContextIfRequired(InitiatorTokenParameters, context);
SetIssuerBindingContextIfRequired(RecipientTokenParameters, context);
ServiceCredentials cred = context.BindingParameters.Find <ServiceCredentials> ();
if (cred == null)
{
// it happens when there is no ChannelFactory<T>.
cred = new ServiceCredentials();
}
ServiceCredentialsSecurityTokenManager manager = (ServiceCredentialsSecurityTokenManager)cred.CreateSecurityTokenManager();
ChannelProtectionRequirements requirements =
context.BindingParameters.Find <ChannelProtectionRequirements> ();
return(new SecurityChannelListener <TChannel> (
context.BuildInnerChannelListener <TChannel> (), new RecipientMessageSecurityBindingSupport(GetCapabilities(), manager, requirements)));
}
public void DefaultValues()
{
MyParameters p = new MyParameters();
Assert.IsNull(p.BootstrapSecurityBindingElement, "#1-1");
Assert.IsNotNull(p.BootstrapProtectionRequirements, "#1-2");
Assert.AreEqual(true, p.RequireCancellation, "#1-3");
Assert.AreEqual(false, p.Asym, "#1-4");
// they cause NRE on winfx, likely a bug.
//Assert.AreEqual (true, p.Client, "#1-5");
//Assert.AreEqual (true, p.Win, "#1-6");
//Assert.AreEqual (true, p.Server, "#1-7");
p = new MyParameters(new AsymmetricSecurityBindingElement());
Assert.IsNotNull(p.BootstrapSecurityBindingElement, "#2-1");
Assert.IsNotNull(p.BootstrapProtectionRequirements, "#2-2");
Assert.AreEqual(true, p.RequireCancellation, "#2-3");
Assert.AreEqual(false, p.Asym, "#2-4"); // regardless of binding element.
Assert.AreEqual(false, p.Client, "#2-5");
Assert.AreEqual(false, p.Win, "#2-6");
Assert.AreEqual(false, p.Server, "#2-7");
ChannelProtectionRequirements r =
p.BootstrapProtectionRequirements;
Assert.IsTrue(r.IncomingSignatureParts.ChannelParts.IsBodyIncluded, "#3-1");
Assert.IsTrue(r.OutgoingSignatureParts.ChannelParts.IsBodyIncluded, "#3-2");
Assert.IsTrue(r.IncomingEncryptionParts.ChannelParts.IsBodyIncluded, "#3-3");
Assert.IsTrue(r.OutgoingEncryptionParts.ChannelParts.IsBodyIncluded, "#3-4");
}
protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters source)
: base(source)
{
this.element = (SecurityBindingElement)source.element.Clone();
this.cancellable = source.cancellable;
this.requirements = new ChannelProtectionRequirements(default_channel_protection_requirements);
}
public override T GetProperty <T>(BindingContext context) where T : class
{
if (context == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
}
if (typeof(T) == typeof(ChannelProtectionRequirements))
{
ChannelProtectionRequirements protectionRequirements = this.GetProtectionRequirements(context);
protectionRequirements.Add(context.GetInnerProperty <ChannelProtectionRequirements>() ?? new ChannelProtectionRequirements());
return((T)protectionRequirements);
}
Collection <BindingElement> collection = context.BindingParameters.FindAll <BindingElement>();
T individualProperty = default(T);
for (int i = 0; i < collection.Count; i++)
{
individualProperty = collection[i].GetIndividualProperty <T>();
if (individualProperty != new T())
{
return(individualProperty);
}
}
if (typeof(T) == typeof(MessageVersion))
{
return((T)TransportDefaults.GetDefaultMessageEncoderFactory().MessageVersion);
}
if (typeof(T) == typeof(XmlDictionaryReaderQuotas))
{
return((T) new XmlDictionaryReaderQuotas());
}
return(default(T));
}
private ChannelProtectionRequirements GetProtectionRequirements()
{
if (!this.Transactions && (this.IssuedTokens == TransactionFlowOption.NotAllowed))
{
return(null);
}
ChannelProtectionRequirements requirements = new ChannelProtectionRequirements();
if (this.Transactions)
{
MessagePartSpecification specification = new MessagePartSpecification(new XmlQualifiedName[] { new XmlQualifiedName("CoordinationContext", "http://schemas.xmlsoap.org/ws/2004/10/wscoor"), new XmlQualifiedName("CoordinationContext", "http://docs.oasis-open.org/ws-tx/wscoor/2006/06"), new XmlQualifiedName("OleTxTransaction", "http://schemas.microsoft.com/ws/2006/02/tx/oletx") });
specification.MakeReadOnly();
requirements.IncomingSignatureParts.AddParts(specification);
requirements.OutgoingSignatureParts.AddParts(specification);
requirements.IncomingEncryptionParts.AddParts(specification);
requirements.OutgoingEncryptionParts.AddParts(specification);
}
if (this.IssuedTokens != TransactionFlowOption.NotAllowed)
{
MessagePartSpecification issuedTokenHeaderSpecification = GetIssuedTokenHeaderSpecification(SecurityStandardsManager.DefaultInstance);
issuedTokenHeaderSpecification.MakeReadOnly();
requirements.IncomingSignatureParts.AddParts(issuedTokenHeaderSpecification);
requirements.IncomingEncryptionParts.AddParts(issuedTokenHeaderSpecification);
requirements.OutgoingSignatureParts.AddParts(issuedTokenHeaderSpecification);
requirements.OutgoingEncryptionParts.AddParts(issuedTokenHeaderSpecification);
}
MessagePartSpecification parts = new MessagePartSpecification(true);
parts.MakeReadOnly();
requirements.OutgoingSignatureParts.AddParts(parts, "http://schemas.microsoft.com/net/2005/12/windowscommunicationfoundation/transactions/fault");
requirements.OutgoingEncryptionParts.AddParts(parts, "http://schemas.microsoft.com/net/2005/12/windowscommunicationfoundation/transactions/fault");
return(requirements);
}
public void AddBindingParameters(ServiceEndpoint endpoint, System.ServiceModel.Channels.BindingParameterCollection bindingParameters)
{
// Sign only the header, but not the body.
// This does not work.
//endpoint.Contract.ProtectionLevel = System.Net.Security.ProtectionLevel.Sign;
//foreach (OperationDescription operation in endpoint.Contract.Operations)
//{
// MessageDescription requestMessage = operation.Messages.First(msg => msg.Direction == MessageDirection.Input);
// foreach (MessagePartDescription body in requestMessage.Body.Parts)
// {
// body.ProtectionLevel = System.Net.Security.ProtectionLevel.None;
// }
//}
bindingParameters.Remove <ChannelProtectionRequirements>();
var m = new MessagePartSpecification();
m.IsBodyIncluded = false;
var c1 = new ChannelProtectionRequirements();
c1.IncomingSignatureParts.AddParts(m, "*");
MessagePartSpecification m1 = new MessagePartSpecification();
m.IsBodyIncluded = false;
c1.IncomingEncryptionParts.AddParts(m1, "*");
bindingParameters.Add(c1);
}
IChannelFactory <IRequestChannel> CreateDefaultServiceCertFactory()
{
CustomBinding b = CreateBinding(delegate(Message req) {
return(null);
});
ClientCredentials cred = new ClientCredentials();
cred.ServiceCertificate.DefaultCertificate = new X509Certificate2("Test/Resources/test.pfx", "mono");
BindingParameterCollection parameters =
new BindingParameterCollection();
parameters.Add(cred);
ChannelProtectionRequirements cp =
new ChannelProtectionRequirements();
cp.IncomingSignatureParts.AddParts(
new MessagePartSpecification(true),
"http://tempuri.org/MyAction");
cp.IncomingEncryptionParts.AddParts(
new MessagePartSpecification(true),
"http://tempuri.org/MyAction");
parameters.Add(cp);
return(b.BuildChannelFactory <IRequestChannel> (parameters));
}
public override T GetProperty <T>(BindingContext context)
{
if (context == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
}
if (typeof(T) == typeof(ISecurityCapabilities))
{
ISecurityCapabilities lowerCapabilities = context.GetInnerProperty <ISecurityCapabilities>();
if (lowerCapabilities != null)
{
// composite duplex cannot ensure that messages it receives are from the part it sends
// messages to. So it cannot offer server auth
return((T)(object)(new SecurityCapabilities(lowerCapabilities.SupportsClientAuthentication,
false, lowerCapabilities.SupportsClientWindowsIdentity, lowerCapabilities.SupportedRequestProtectionLevel,
System.Net.Security.ProtectionLevel.None)));
}
else
{
return(null);
}
}
else if (typeof(T) == typeof(ChannelProtectionRequirements))
{
ChannelProtectionRequirements myRequirements = this.GetProtectionRequirements();
myRequirements.Add(context.GetInnerProperty <ChannelProtectionRequirements>() ?? new ChannelProtectionRequirements());
return((T)(object)myRequirements);
}
else
{
return(context.GetInnerProperty <T>());
}
}
public void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection parameters)
{
// get Contract info security needs, and put in BindingParameterCollection
ISecurityCapabilities isc = null;
BindingElementCollection elements = endpoint.Binding.CreateBindingElements();
if (isc != null)
{
// ensure existence of binding parameter
ChannelProtectionRequirements requirements = parameters.Find <ChannelProtectionRequirements>();
if (requirements == null)
{
requirements = new ChannelProtectionRequirements();
parameters.Add(requirements);
}
MessageEncodingBindingElement encoding = elements.Find <MessageEncodingBindingElement>();
// use endpoint.Binding.Version
if (encoding != null && encoding.MessageVersion.Addressing == AddressingVersion.None)
{
// This binding does not support response actions, so...
requirements.Add(ChannelProtectionRequirements.CreateFromContractAndUnionResponseProtectionRequirements(endpoint.Contract, isc, _isForClient));
}
else
{
requirements.Add(ChannelProtectionRequirements.CreateFromContract(endpoint.Contract, isc, _isForClient));
}
}
}
public override T GetProperty <T>(BindingContext context) where T : class
{
if (context == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
}
if (!(typeof(T) == typeof(ChannelProtectionRequirements)))
{
return(context.GetInnerProperty <T>());
}
ChannelProtectionRequirements requirements = new ChannelProtectionRequirements();
if (this.PacketRoutable)
{
requirements.IncomingSignatureParts.AddParts(OneWaySignedMessageParts);
requirements.OutgoingSignatureParts.AddParts(OneWaySignedMessageParts);
}
ChannelProtectionRequirements innerProperty = context.GetInnerProperty <ChannelProtectionRequirements>();
if (innerProperty != null)
{
requirements.Add(innerProperty);
}
return((T)requirements);
}
public override T GetProperty <T>(BindingContext context)
{
if (context == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
}
if (typeof(T) == typeof(ChannelProtectionRequirements))
{
AddressingVersion addressing = MessageVersion.Default.Addressing;
#pragma warning disable 56506
MessageEncodingBindingElement encoding = context.Binding.Elements.Find <MessageEncodingBindingElement>();
if (encoding != null)
{
addressing = encoding.MessageVersion.Addressing;
}
ChannelProtectionRequirements myRequirements = base.GetProtectionRequirements(addressing, ProtectionLevel.EncryptAndSign);
myRequirements.Add(context.GetInnerProperty <ChannelProtectionRequirements>() ?? new ChannelProtectionRequirements());
return((T)(object)myRequirements);
}
else
{
return(base.GetProperty <T>(context));
}
}
public void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters)
{
ChannelProtectionRequirements requirements = bindingParameters.Find <ChannelProtectionRequirements>();
MessagePartSpecification part = new MessagePartSpecification(true);
requirements.OutgoingSignatureParts.AddParts(part);
}
public override T GetProperty <T>(BindingContext context)
{
if (context == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
}
// make sure our Datagram header is signed
if (typeof(T) == typeof(ChannelProtectionRequirements))
{
ChannelProtectionRequirements myRequirements = new ChannelProtectionRequirements();
if (PacketRoutable)
{
myRequirements.IncomingSignatureParts.AddParts(OneWaySignedMessageParts);
myRequirements.OutgoingSignatureParts.AddParts(OneWaySignedMessageParts);
}
ChannelProtectionRequirements innerRequirements = context.GetInnerProperty <ChannelProtectionRequirements>();
if (innerRequirements != null)
{
myRequirements.Add(innerRequirements);
}
return((T)(object)myRequirements);
}
else
{
return(context.GetInnerProperty <T>());
}
}
public RecipientMessageSecurityBindingSupport(
SecurityCapabilities elementSupport,
SecurityTokenManager manager,
ChannelProtectionRequirements requirements)
: base(elementSupport, manager, requirements)
{
}
protected MessageSecurityBindingSupport(
SecurityCapabilities elementSupport,
SecurityTokenManager manager,
ChannelProtectionRequirements requirements)
{
element_support = elementSupport;
Initialize(manager, requirements);
}
public void AddToReadOnly()
{
ChannelProtectionRequirements r =
new ChannelProtectionRequirements();
r.MakeReadOnly();
r.Add(new ChannelProtectionRequirements());
}
ChannelProtectionRequirements GetProtectionRequirements(AddressingVersion addressingVersion)
{
ChannelProtectionRequirements result = new ChannelProtectionRequirements();
result.IncomingSignatureParts.AddParts(addressingVersion.SignedMessageParts);
result.OutgoingSignatureParts.AddParts(addressingVersion.SignedMessageParts);
return(result);
}
public void MessageSecurityManualProtection()
{
SymmetricSecurityBindingElement sbe =
new SymmetricSecurityBindingElement();
sbe.ProtectionTokenParameters =
new X509SecurityTokenParameters();
RequestSender sender = delegate(Message input) {
MessageBuffer buf = input.CreateBufferedCopy(0x10000);
using (XmlWriter w = XmlWriter.Create(Console.Error)) {
buf.CreateMessage().WriteMessage(w);
}
return(buf.CreateMessage());
};
CustomBinding binding = new CustomBinding(
sbe,
new TextMessageEncodingBindingElement(),
new HandlerTransportBindingElement(sender));
EndpointAddress address = new EndpointAddress(
new Uri("http://localhost:8080"),
new X509CertificateEndpointIdentity(new X509Certificate2("Test/Resources/test.pfx", "mono")));
ChannelProtectionRequirements reqs =
new ChannelProtectionRequirements();
reqs.OutgoingSignatureParts.AddParts(
new MessagePartSpecification(new XmlQualifiedName("SampleValue", "urn:foo")), "urn:myaction");
BindingParameterCollection parameters =
new BindingParameterCollection();
parameters.Add(reqs);
/*
* SymmetricSecurityBindingElement innersbe =
* new SymmetricSecurityBindingElement ();
* innersbe.ProtectionTokenParameters =
* new X509SecurityTokenParameters ();
* sbe.ProtectionTokenParameters =
* new SecureConversationSecurityTokenParameters (
* innersbe, false, reqs);
*/
IChannelFactory <IRequestChannel> cf =
binding.BuildChannelFactory <IRequestChannel> (parameters);
cf.Open();
IRequestChannel ch = cf.CreateChannel(address);
ch.Open();
try {
ch.Request(Message.CreateMessage(MessageVersion.None, "urn:myaction", new SampleValue()));
} finally {
ch.Close();
}
}
protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other)
: base(other)
{
this.element = (SecurityBindingElement)other.element.Clone();
this.cancellable = other.cancellable;
#if !MOBILE && !XAMMAC_4_5
this.requirements = new ChannelProtectionRequirements(default_channel_protection_requirements);
#endif
}
public override IChannelFactory <T> BuildChannelFactory <T> (BindingContext ctx)
{
ChannelProtectionRequirements cp = ctx.BindingParameters.Find <ChannelProtectionRequirements> ();
DumpParts(cp.IncomingEncryptionParts);
DumpParts(cp.IncomingSignatureParts);
DumpParts(cp.OutgoingEncryptionParts);
DumpParts(cp.OutgoingSignatureParts);
return(ctx.BuildInnerChannelFactory <T> ());
}
private static ChannelProtectionRequirements GetProtectionRequirements(AddressingVersion addressingVersion)
{
PropertyInfo property = addressingVersion.GetType().GetProperty("SignedMessageParts", BindingFlags.Instance | BindingFlags.NonPublic);
MessagePartSpecification value = (MessagePartSpecification)property.GetValue(addressingVersion, new object[0]);
ChannelProtectionRequirements channelProtectionRequirement = new ChannelProtectionRequirements();
channelProtectionRequirement.IncomingSignatureParts.AddParts(value);
channelProtectionRequirement.OutgoingSignatureParts.AddParts(value);
return(channelProtectionRequirement);
}
public void AddBindingParameters(ContractDescription contractDescription,
ServiceEndpoint endpoint,
BindingParameterCollection bindingParameters)
{
Console.WriteLine("add outgoing signature parts");
ChannelProtectionRequirements requirements = bindingParameters.Find <ChannelProtectionRequirements>();
MessagePartSpecification part = new MessagePartSpecification(true);
requirements.OutgoingSignatureParts.AddParts(part);
}
public void Initialize(SecurityTokenManager manager,
ChannelProtectionRequirements requirements)
{
this.manager = manager;
if (requirements == null)
{
requirements = new ChannelProtectionRequirements();
}
this.requirements = requirements;
}
internal ChannelProtectionRequirements GetProtectionRequirements(AddressingVersion addressing, ProtectionLevel defaultProtectionLevel)
{
if (addressing == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(addressing));
}
ChannelProtectionRequirements result = new ChannelProtectionRequirements();
ProtectionLevel supportedRequestProtectionLevel = GetIndividualProperty <ISecurityCapabilities>().SupportedRequestProtectionLevel;
ProtectionLevel supportedResponseProtectionLevel = GetIndividualProperty <ISecurityCapabilities>().SupportedResponseProtectionLevel;
bool canSupportMoreThanTheDefault =
(ProtectionLevelHelper.IsStrongerOrEqual(supportedRequestProtectionLevel, defaultProtectionLevel) &&
ProtectionLevelHelper.IsStrongerOrEqual(supportedResponseProtectionLevel, defaultProtectionLevel));
if (canSupportMoreThanTheDefault)
{
MessagePartSpecification signedParts = new MessagePartSpecification();
MessagePartSpecification encryptedParts = new MessagePartSpecification();
if (defaultProtectionLevel != ProtectionLevel.None)
{
signedParts.IsBodyIncluded = true;
if (defaultProtectionLevel == ProtectionLevel.EncryptAndSign)
{
encryptedParts.IsBodyIncluded = true;
}
}
signedParts.MakeReadOnly();
encryptedParts.MakeReadOnly();
if (addressing.FaultAction != null)
{
// Addressing faults
result.IncomingSignatureParts.AddParts(signedParts, addressing.FaultAction);
result.OutgoingSignatureParts.AddParts(signedParts, addressing.FaultAction);
result.IncomingEncryptionParts.AddParts(encryptedParts, addressing.FaultAction);
result.OutgoingEncryptionParts.AddParts(encryptedParts, addressing.FaultAction);
}
if (addressing.DefaultFaultAction != null)
{
// Faults that do not specify a particular action
result.IncomingSignatureParts.AddParts(signedParts, addressing.DefaultFaultAction);
result.OutgoingSignatureParts.AddParts(signedParts, addressing.DefaultFaultAction);
result.IncomingEncryptionParts.AddParts(encryptedParts, addressing.DefaultFaultAction);
result.OutgoingEncryptionParts.AddParts(encryptedParts, addressing.DefaultFaultAction);
}
// Infrastructure faults
result.IncomingSignatureParts.AddParts(signedParts, FaultCodeConstants.Actions.NetDispatcher);
result.OutgoingSignatureParts.AddParts(signedParts, FaultCodeConstants.Actions.NetDispatcher);
result.IncomingEncryptionParts.AddParts(encryptedParts, FaultCodeConstants.Actions.NetDispatcher);
result.OutgoingEncryptionParts.AddParts(encryptedParts, FaultCodeConstants.Actions.NetDispatcher);
}
return(result);
}
private ChannelProtectionRequirements GetProtectionRequirements()
{
ChannelProtectionRequirements requirements = new ChannelProtectionRequirements();
XmlQualifiedName name = new XmlQualifiedName(XD.UtilityDictionary.UniqueEndpointHeaderName.Value, XD.UtilityDictionary.UniqueEndpointHeaderNamespace.Value);
MessagePartSpecification parts = new MessagePartSpecification(new XmlQualifiedName[] { name });
parts.MakeReadOnly();
requirements.IncomingSignatureParts.AddParts(parts);
requirements.OutgoingSignatureParts.AddParts(parts);
return(requirements);
}
public void DefaultValues()
{
ChannelProtectionRequirements r =
new ChannelProtectionRequirements();
Assert.AreEqual(false, r.IsReadOnly, "#1");
Assert.IsNotNull(r.IncomingSignatureParts, "#2");
Assert.IsNotNull(r.IncomingEncryptionParts, "#3");
Assert.IsNotNull(r.OutgoingSignatureParts, "#4");
Assert.IsNotNull(r.OutgoingEncryptionParts, "#5");
}
ChannelProtectionRequirements GetProtectionRequirements()
{
ChannelProtectionRequirements result = new ChannelProtectionRequirements();
XmlQualifiedName refPropHeaderName = new XmlQualifiedName(XD.UtilityDictionary.UniqueEndpointHeaderName.Value,
XD.UtilityDictionary.UniqueEndpointHeaderNamespace.Value);
MessagePartSpecification headerParts = new MessagePartSpecification(refPropHeaderName);
headerParts.MakeReadOnly();
result.IncomingSignatureParts.AddParts(headerParts);
result.OutgoingSignatureParts.AddParts(headerParts);
return(result);
}
CreateSecureConversationBindingElement(
SecurityBindingElement binding, bool requireCancellation,
ChannelProtectionRequirements protectionRequirements)
{
SymmetricSecurityBindingElement be =
new SymmetricSecurityBindingElement();
be.ProtectionTokenParameters =
new SecureConversationSecurityTokenParameters(
binding, requireCancellation, protectionRequirements);
return(be);
}
public void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters)
{
//Find the old requirements and remove
var requirements = bindingParameters.Find <ChannelProtectionRequirements>();
bindingParameters.Remove(requirements);
//Setting the ProtectionLevel at the Service Contract
if (ProtectionSetting == "None")
{
endpoint.Contract.ProtectionLevel = ProtectionLevel.None;
}
if (ProtectionSetting == "Sign")
{
endpoint.Contract.ProtectionLevel = ProtectionLevel.Sign;
}
if (ProtectionSetting == "EncryptAndSign")
{
endpoint.Contract.ProtectionLevel = ProtectionLevel.EncryptAndSign;
}
//create a new set of requirements
requirements = new ChannelProtectionRequirements();
bindingParameters.Add(requirements);
var unprotectedBody = new MessagePartSpecification();
var protectedBody = new MessagePartSpecification(true);
switch (endpoint.Contract.ProtectionLevel)
{
case ProtectionLevel.None:
requirements.OutgoingSignatureParts.AddParts(unprotectedBody, "*");
requirements.IncomingSignatureParts.AddParts(unprotectedBody, "*");
requirements.OutgoingEncryptionParts.AddParts(unprotectedBody, "*");
requirements.IncomingEncryptionParts.AddParts(unprotectedBody, "*");
break;
case ProtectionLevel.Sign:
requirements.OutgoingSignatureParts.AddParts(protectedBody, "*");
requirements.IncomingSignatureParts.AddParts(protectedBody, "*");
requirements.OutgoingEncryptionParts.AddParts(unprotectedBody, "*");
requirements.IncomingEncryptionParts.AddParts(unprotectedBody, "*");
break;
case ProtectionLevel.EncryptAndSign:
requirements.OutgoingSignatureParts.AddParts(protectedBody, "*");
requirements.IncomingSignatureParts.AddParts(protectedBody, "*");
requirements.OutgoingEncryptionParts.AddParts(protectedBody, "*");
requirements.IncomingEncryptionParts.AddParts(protectedBody, "*");
break;
}
}
private ChannelProtectionRequirements GetProtectionRequirements()
{
ChannelProtectionRequirements requirements = new ChannelProtectionRequirements();
MessagePartSpecification signedReliabilityMessageParts = WsrmIndex.GetSignedReliabilityMessageParts(this.reliableMessagingVersion);
requirements.IncomingSignatureParts.AddParts(signedReliabilityMessageParts);
requirements.OutgoingSignatureParts.AddParts(signedReliabilityMessageParts);
if (this.reliableMessagingVersion == System.ServiceModel.ReliableMessagingVersion.WSReliableMessagingFebruary2005)
{
ScopedMessagePartSpecification signaturePart = requirements.IncomingSignatureParts;
ScopedMessagePartSpecification encryptionPart = requirements.IncomingEncryptionParts;
ProtectProtocolMessage(signaturePart, encryptionPart, "http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested");
ProtectProtocolMessage(signaturePart, encryptionPart, "http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequence");
ProtectProtocolMessage(signaturePart, encryptionPart, "http://schemas.xmlsoap.org/ws/2005/02/rm/SequenceAcknowledgement");
ProtectProtocolMessage(signaturePart, encryptionPart, "http://schemas.xmlsoap.org/ws/2005/02/rm/LastMessage");
ProtectProtocolMessage(signaturePart, encryptionPart, "http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence");
signaturePart = requirements.OutgoingSignatureParts;
encryptionPart = requirements.OutgoingEncryptionParts;
ProtectProtocolMessage(signaturePart, encryptionPart, "http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequenceResponse");
ProtectProtocolMessage(signaturePart, encryptionPart, "http://schemas.xmlsoap.org/ws/2005/02/rm/SequenceAcknowledgement");
ProtectProtocolMessage(signaturePart, encryptionPart, "http://schemas.xmlsoap.org/ws/2005/02/rm/LastMessage");
ProtectProtocolMessage(signaturePart, encryptionPart, "http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence");
return(requirements);
}
if (this.reliableMessagingVersion != System.ServiceModel.ReliableMessagingVersion.WSReliableMessaging11)
{
throw Fx.AssertAndThrow("Reliable messaging version not supported.");
}
ScopedMessagePartSpecification incomingSignatureParts = requirements.IncomingSignatureParts;
ScopedMessagePartSpecification incomingEncryptionParts = requirements.IncomingEncryptionParts;
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/AckRequested");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/CloseSequence");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/CloseSequenceResponse");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/fault");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/SequenceAcknowledgement");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/TerminateSequence");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/TerminateSequenceResponse");
incomingSignatureParts = requirements.OutgoingSignatureParts;
incomingEncryptionParts = requirements.OutgoingEncryptionParts;
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/AckRequested");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/CloseSequence");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/CloseSequenceResponse");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequenceResponse");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/fault");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/SequenceAcknowledgement");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/TerminateSequence");
ProtectProtocolMessage(incomingSignatureParts, incomingEncryptionParts, "http://docs.oasis-open.org/ws-rx/wsrm/200702/TerminateSequenceResponse");
return(requirements);
}
