public PeerSecurityCredentialsManager CloneForTransport()
{
PeerSecurityCredentialsManager manager = new PeerSecurityCredentialsManager();
if (this.credential != null)
{
manager.credential = new PeerCredential(this.credential);
}
manager.mode = this.mode;
manager.messageAuth = this.messageAuth;
manager.manager = this.manager;
manager.parent = this.parent;
return manager;
}
public override bool Equals(object other)
{
PeerSecurityCredentialsManager manager = other as PeerSecurityCredentialsManager;
if (manager == null)
{
return(false);
}
if (this.credential != null)
{
return(this.credential.Equals(manager.credential, this.mode, this.messageAuth));
}
return(this.manager.Equals(manager.manager));
}
public PeerSecurityCredentialsManager CloneForTransport()
{
PeerSecurityCredentialsManager manager = new PeerSecurityCredentialsManager();
if (this.credential != null)
{
manager.credential = new PeerCredential(this.credential);
}
manager.mode = this.mode;
manager.messageAuth = this.messageAuth;
manager.manager = this.manager;
manager.parent = this.parent;
return(manager);
}
public override bool Equals(object other)
{
PeerSecurityCredentialsManager that = other as PeerSecurityCredentialsManager;
if (that == null)
{
return(false);
}
if (this.credential != null)
{
return(this.credential.Equals(that.credential, mode, messageAuth));
}
else
{
return(this.manager.Equals(that.manager));
}
}
public void CheckIfCompatible(PeerSecurityCredentialsManager that)
{
if (that == null)
{
PeerExceptionHelper.ThrowInvalidOperation_PeerConflictingPeerNodeSettings(PeerBindingPropertyNames.Credentials);
}
if (this.mode != PeerAuthenticationMode.None)
{
if ((this.mode == PeerAuthenticationMode.Password) && (this.Password != that.Password))
{
PeerExceptionHelper.ThrowInvalidOperation_PeerConflictingPeerNodeSettings(PeerBindingPropertyNames.Password);
}
if (!this.Certificate.Equals((X509Certificate)that.Certificate))
{
PeerExceptionHelper.ThrowInvalidOperation_PeerConflictingPeerNodeSettings(PeerBindingPropertyNames.Certificate);
}
}
}
public void CheckIfCompatible(PeerSecurityCredentialsManager that)
{
if (that == null)
{
PeerExceptionHelper.ThrowInvalidOperation_PeerConflictingPeerNodeSettings(PeerBindingPropertyNames.Credentials);
}
if (this.mode != PeerAuthenticationMode.None)
{
if ((this.mode == PeerAuthenticationMode.Password) && (this.Password != that.Password))
{
PeerExceptionHelper.ThrowInvalidOperation_PeerConflictingPeerNodeSettings(PeerBindingPropertyNames.Password);
}
if (!this.Certificate.Equals((X509Certificate) that.Certificate))
{
PeerExceptionHelper.ThrowInvalidOperation_PeerConflictingPeerNodeSettings(PeerBindingPropertyNames.Certificate);
}
}
}
static public PeerSecurityManager Create(PeerAuthenticationMode authenticationMode, bool signMessages, BindingContext context, XmlDictionaryReaderQuotas readerQuotas)
{
if (authenticationMode == PeerAuthenticationMode.None && !signMessages)
{
return(CreateDummy());
}
// test FIPS mode
if (authenticationMode == PeerAuthenticationMode.Password)
{
try
{
using (HMACSHA256 algo = new HMACSHA256())
{
using (SHA256Managed sha = new SHA256Managed()) { }
}
}
catch (InvalidOperationException e)
{
DiagnosticUtility.TraceHandledException(e, TraceEventType.Information);
PeerExceptionHelper.ThrowInvalidOperation_InsufficientCryptoSupport(e);
}
}
ChannelProtectionRequirements reqs = context.BindingParameters.Find <ChannelProtectionRequirements>();
PeerSecurityCredentialsManager credman = GetCredentialsManager(authenticationMode, signMessages, context);
if (credman.Credential != null)
{
//for compatibility with existing code:
ValidateCredentialSettings(authenticationMode, signMessages, credman.Credential);
}
PeerSecurityManager manager = Create(authenticationMode, signMessages, credman, reqs, readerQuotas);
credman.Parent = manager;
manager.ApplyAuditBehaviorSettings(context);
return(manager);
}
static public PeerSecurityManager Create(PeerAuthenticationMode authenticationMode, bool messageAuthentication, PeerSecurityCredentialsManager credman, ChannelProtectionRequirements reqs, XmlDictionaryReaderQuotas readerQuotas)
{
PeerSecurityManager manager = null;
X509CertificateValidator connectionValidator = null;
X509CertificateValidator messageValidator = null;
PeerCredential credential = credman.Credential;
if (null == credential && credman == null)
{
if (authenticationMode != PeerAuthenticationMode.None || messageAuthentication)
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.Credentials);
}
//create one that doesnt have any credentials in it.
return(CreateDummy());
}
manager = new PeerSecurityManager(authenticationMode, messageAuthentication);
manager.credManager = credman;
manager.password = credman.Password;
manager.readerQuotas = readerQuotas;
if (reqs != null)
{
manager.protection = new ChannelProtectionRequirements(reqs);
}
manager.tokenManager = credman.CreateSecurityTokenManager();
if (credential == null)
{
return(manager);
}
switch (authenticationMode)
{
case PeerAuthenticationMode.None:
break;
case PeerAuthenticationMode.Password:
{
manager.password = credential.MeshPassword;
if (String.IsNullOrEmpty(manager.credManager.Password))
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.Password);
}
connectionValidator = X509CertificateValidator.None;
}
break;
case PeerAuthenticationMode.MutualCertificate:
{
if (manager.credManager.Certificate == null)
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.Certificate);
}
if (!credential.PeerAuthentication.TryGetCertificateValidator(out connectionValidator))
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.PeerAuthentication);
}
}
break;
}
if (messageAuthentication)
{
if (credential.MessageSenderAuthentication != null)
{
if (!credential.MessageSenderAuthentication.TryGetCertificateValidator(out messageValidator))
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.MessageSenderAuthentication);
}
}
else
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.MessageSenderAuthentication);
}
}
return(manager);
}
public static PeerSecurityManager Create(PeerAuthenticationMode authenticationMode, bool messageAuthentication, PeerSecurityCredentialsManager credman, ChannelProtectionRequirements reqs, XmlDictionaryReaderQuotas readerQuotas)
{
PeerSecurityManager manager = null;
X509CertificateValidator none = null;
X509CertificateValidator validator2 = null;
PeerCredential credential = credman.Credential;
if ((credential == null) && (credman == null))
{
if ((authenticationMode != PeerAuthenticationMode.None) || messageAuthentication)
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.Credentials);
}
return(CreateDummy());
}
manager = new PeerSecurityManager(authenticationMode, messageAuthentication)
{
credManager = credman,
password = credman.Password,
readerQuotas = readerQuotas
};
if (reqs != null)
{
manager.protection = new ChannelProtectionRequirements(reqs);
}
manager.tokenManager = credman.CreateSecurityTokenManager();
if (credential != null)
{
switch (authenticationMode)
{
case PeerAuthenticationMode.Password:
manager.password = credential.MeshPassword;
if (string.IsNullOrEmpty(manager.credManager.Password))
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.Password);
}
none = X509CertificateValidator.None;
break;
case PeerAuthenticationMode.MutualCertificate:
if (manager.credManager.Certificate == null)
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.Certificate);
}
if (!credential.PeerAuthentication.TryGetCertificateValidator(out none))
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.PeerAuthentication);
}
break;
}
if (messageAuthentication)
{
if (credential.MessageSenderAuthentication != null)
{
if (!credential.MessageSenderAuthentication.TryGetCertificateValidator(out validator2))
{
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.MessageSenderAuthentication);
}
return(manager);
}
PeerExceptionHelper.ThrowArgument_InsufficientCredentials(PeerPropertyNames.MessageSenderAuthentication);
}
}
return(manager);
}
internal bool HasCompatibleMessageSecuritySettings(PeerSecurityCredentialsManager.PeerClientSecurityTokenManager that)
{
if (this.credential == null)
{
return this.delegateManager.Equals(that.delegateManager);
}
return ((that.credential != null) && this.credential.Equals(that.credential));
}
