static Func<KeyInfoSerializer, IEnumerable<SecurityTokenSerializer.SerializerEntries>> CreateAdditionalEntries(SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
{
return (KeyInfoSerializer keyInfoSerializer) =>
{
List<SecurityTokenSerializer.SerializerEntries> serializerEntries = new List<SecurityTokenSerializer.SerializerEntries>();
if (securityVersion == SecurityVersion.WSSecurity10)
{
serializerEntries.Add(new System.IdentityModel.Tokens.WSSecurityJan2004(keyInfoSerializer));
}
else if (securityVersion == SecurityVersion.WSSecurity11)
{
serializerEntries.Add(new System.IdentityModel.Tokens.WSSecurityXXX2005(keyInfoSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SR.GetString(SR.MessageSecurityVersionOutOfRange)));
}
if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
serializerEntries.Add(new WSSecureConversationFeb2005(keyInfoSerializer));
}
else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
{
serializerEntries.Add(new WSSecureConversationDec2005(keyInfoSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
return serializerEntries;
};
}
MessageSecurityTokenVersion(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, string toString, bool emitBspRequiredAttributes, params string[] supportedSpecs)
: base()
{
this.emitBspRequiredAttributes = emitBspRequiredAttributes;
this.supportedSpecs = new ReadOnlyCollection <string>(supportedSpecs);
this.toString = toString;
this.securityVersion = securityVersion;
this.trustVersion = trustVersion;
this.secureConversationVersion = secureConversationVersion;
}
/// <summary>
/// Overriden from the base class. Creates the requested Token Serializer.
/// Returns a Security Token Serializer that is wraps the list of token
/// hanlders registerd and also the serializers from the inner token manager.
/// </summary>
/// <param name="version">SecurityTokenVersion of the serializer to be created.</param>
/// <returns>Instance of SecurityTokenSerializer.</returns>
/// <exception cref="ArgumentNullException">Input parameter is null.</exception>
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("version");
}
TrustVersion trustVersion = null;
SecureConversationVersion scVersion = null;
foreach (string securitySpecification in version.GetSecuritySpecifications())
{
if (StringComparer.Ordinal.Equals(securitySpecification, WSTrustFeb2005Constants.NamespaceURI))
{
trustVersion = TrustVersion.WSTrustFeb2005;
}
else if (StringComparer.Ordinal.Equals(securitySpecification, WSTrust13Constants.NamespaceURI))
{
trustVersion = TrustVersion.WSTrust13;
}
else if (StringComparer.Ordinal.Equals(securitySpecification, WSSecureConversationFeb2005Constants.Namespace))
{
scVersion = SecureConversationVersion.WSSecureConversationFeb2005;
}
else if (StringComparer.Ordinal.Equals(securitySpecification, WSSecureConversation13Constants.Namespace))
{
scVersion = SecureConversationVersion.WSSecureConversation13;
}
if (trustVersion != null && scVersion != null)
{
break;
}
}
if (trustVersion == null)
{
trustVersion = TrustVersion.WSTrust13;
}
if (scVersion == null)
{
scVersion = SecureConversationVersion.WSSecureConversation13;
}
WsSecurityTokenSerializerAdapter adapter = new WsSecurityTokenSerializerAdapter(_securityTokenHandlerCollection,
GetSecurityVersion(version), trustVersion, scVersion, false, this.ServiceCredentials.IssuedTokenAuthentication.SamlSerializer,
this.ServiceCredentials.SecureConversationAuthentication.SecurityStateEncoder,
this.ServiceCredentials.SecureConversationAuthentication.SecurityContextClaimTypes);
adapter.MapExceptionsToSoapFaults = true;
adapter.ExceptionMapper = _exceptionMapper;
return(adapter);
}
/// <summary>
/// Initializes an instance of <see cref="WsSecurityTokenSerializerAdapter"/>
/// </summary>
/// <param name="securityTokenHandlerCollection">
/// The <see cref="SecurityTokenHandlerCollection" /> containing the set of <see cref="SecurityTokenHandler" />
/// objects used for serializing and validating tokens found in WS-Trust messages.
/// </param>
/// <param name="securityVersion">The SecurityVersion of the base WSSecurityTokenSerializer.</param>
/// <param name="trustVersion">The TrustVersion of the serializer uses.</param>
/// <param name="secureConversationVersion">The SecureConversationVersion of the serializer.</param>
/// <param name="emitBspAttributes">Flag that determines if the serailization shoudl be BSP compliant.</param>
/// <param name="samlSerializer">Serializer for SAML 1.1 tokens.</param>
/// <param name="stateEncoder">SecurityStateEncoder used for resolving SCT.</param>
/// <param name="knownTypes">The collection of known claim types.</param>
public WsSecurityTokenSerializerAdapter(SecurityTokenHandlerCollection securityTokenHandlerCollection, SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspAttributes, SamlSerializer samlSerializer, SecurityStateEncoder stateEncoder, IEnumerable <Type> knownTypes)
: base(securityVersion, trustVersion, secureConversationVersion, emitBspAttributes, samlSerializer, stateEncoder, knownTypes)
{
if (securityTokenHandlerCollection == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityTokenHandlerCollection");
}
_scVersion = secureConversationVersion;
_securityTokenHandlers = securityTokenHandlerCollection;
}
internal string GetSignatureKeyDerivationAlgorithm(SecurityToken token, SecureConversationVersion version)
{
if (token == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token");
}
string keyDerivationAlgorithm = System.ServiceModel.Security.SecurityUtils.GetKeyDerivationAlgorithm(version);
if (System.ServiceModel.Security.SecurityUtils.IsSupportedAlgorithm(keyDerivationAlgorithm, token))
{
return(keyDerivationAlgorithm);
}
return(null);
}
internal int GetSignatureKeyDerivationLength(SecurityToken token, SecureConversationVersion version)
{
if (token == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token");
}
if (!System.ServiceModel.Security.SecurityUtils.IsSupportedAlgorithm(System.ServiceModel.Security.SecurityUtils.GetKeyDerivationAlgorithm(version), token))
{
return(0);
}
if ((this.DefaultSignatureKeyDerivationLength % 8) != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(System.ServiceModel.SR.GetString("Psha1KeyLengthInvalid", new object[] { this.DefaultSignatureKeyDerivationLength })));
}
return(this.DefaultSignatureKeyDerivationLength / 8);
}
internal string GetEncryptionKeyDerivationAlgorithm(SecurityToken token, SecureConversationVersion version)
{
if (token == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token");
}
string derivationAlgorithm = SecurityUtils.GetKeyDerivationAlgorithm(version);
if (SecurityUtils.IsSupportedAlgorithm(derivationAlgorithm, token))
{
return(derivationAlgorithm);
}
else
{
return(null);
}
}
internal static string GetKeyDerivationAlgorithm(SecureConversationVersion version)
{
string derivationAlgorithm = null;
if (version == SecureConversationVersion.WSSecureConversationFeb2005)
{
derivationAlgorithm = SecurityAlgorithms.Psha1KeyDerivation;
}
else if (version == SecureConversationVersion.WSSecureConversation13)
{
derivationAlgorithm = SecurityAlgorithms.Psha1KeyDerivationDec2005;
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
return(derivationAlgorithm);
}
internal int GetSignatureKeyDerivationLength(SecurityToken token, SecureConversationVersion version)
{
if (token == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token");
}
string derivationAlgorithm = SecurityUtils.GetKeyDerivationAlgorithm(version);
if (SecurityUtils.IsSupportedAlgorithm(derivationAlgorithm, token))
{
if (this.DefaultSignatureKeyDerivationLength % 8 != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(string.Format(SRServiceModel.Psha1KeyLengthInvalid, this.DefaultSignatureKeyDerivationLength)));
}
return(this.DefaultSignatureKeyDerivationLength / 8);
}
else
{
return(0);
}
}
/// <summary>
/// Initializes an instance of <see cref="WsSecurityTokenSerializerAdapter"/>
/// </summary>
/// <param name="securityTokenHandlerCollection">
/// The <see cref="SecurityTokenHandlerCollection" /> containing the set of <see cref="SecurityTokenHandler" />
/// objects used for serializing and validating tokens found in WS-Trust messages.
/// </param>
/// <param name="securityVersion">The SecurityVersion of the base WSSecurityTokenSerializer.</param>
/// <param name="trustVersion">The TrustVersion of the serializer uses.</param>
/// <param name="secureConversationVersion">The SecureConversationVersion of the serializer.</param>
/// <param name="emitBspAttributes">Flag that determines if the serailization shoudl be BSP compliant.</param>
/// <param name="samlSerializer">Serializer for SAML 1.1 tokens.</param>
/// <param name="stateEncoder">SecurityStateEncoder used for resolving SCT.</param>
/// <param name="knownTypes">The collection of known claim types.</param>
public WsSecurityTokenSerializerAdapter( SecurityTokenHandlerCollection securityTokenHandlerCollection, SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspAttributes, SamlSerializer samlSerializer, SecurityStateEncoder stateEncoder, IEnumerable<Type> knownTypes )
: base( securityVersion, trustVersion, secureConversationVersion, emitBspAttributes, samlSerializer, stateEncoder, knownTypes )
{
if ( securityTokenHandlerCollection == null )
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "securityTokenHandlerCollection" );
}
_scVersion = secureConversationVersion;
_securityTokenHandlers = securityTokenHandlerCollection;
}
public WSKeyInfoSerializer(bool emitBspRequiredAttributes, DictionaryManager dictionaryManager, System.IdentityModel.TrustDictionary trustDictionary, SecurityTokenSerializer innerSecurityTokenSerializer, SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
: base(emitBspRequiredAttributes, dictionaryManager, trustDictionary, innerSecurityTokenSerializer, CreateAdditionalEntries(securityVersion, secureConversationVersion))
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, System.IdentityModel.Tokens.SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes, int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, System.IdentityModel.Tokens.SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes,
int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
throw ExceptionHelper.PlatformNotSupported();
}
MessageSecurityTokenVersion(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, string toString, bool emitBspRequiredAttributes, params string[] supportedSpecs)
: base()
{
this.emitBspRequiredAttributes = emitBspRequiredAttributes;
this.supportedSpecs = new ReadOnlyCollection<string>(supportedSpecs);
this.toString = toString;
this.securityVersion = securityVersion;
this.trustVersion = trustVersion;
this.secureConversationVersion = secureConversationVersion;
}
public WSSecurityTokenSerializer(System.ServiceModel.Security.SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes, int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
if (securityVersion == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("securityVersion"));
}
if (maximumKeyDerivationOffset < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationOffset", System.ServiceModel.SR.GetString("ValueMustBeNonNegative")));
}
if (maximumKeyDerivationLabelLength < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationLabelLength", System.ServiceModel.SR.GetString("ValueMustBeNonNegative")));
}
if (maximumKeyDerivationNonceLength <= 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationNonceLength", System.ServiceModel.SR.GetString("ValueMustBeGreaterThanZero")));
}
this.securityVersion = securityVersion;
this.emitBspRequiredAttributes = emitBspRequiredAttributes;
this.maximumKeyDerivationOffset = maximumKeyDerivationOffset;
this.maximumKeyDerivationNonceLength = maximumKeyDerivationNonceLength;
this.maximumKeyDerivationLabelLength = maximumKeyDerivationLabelLength;
this.serializerEntries = new List <SerializerEntries>();
if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
this.secureConversation = new WSSecureConversationFeb2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
else
{
if (secureConversationVersion != SecureConversationVersion.WSSecureConversation13)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
this.secureConversation = new WSSecureConversationDec2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
this.serializerEntries.Add(new XmlDsigSep2000(this));
this.serializerEntries.Add(new XmlEncApr2001(this));
if (securityVersion == System.ServiceModel.Security.SecurityVersion.WSSecurity10)
{
this.serializerEntries.Add(new WSSecurityJan2004(this, samlSerializer));
}
else
{
if (securityVersion != System.ServiceModel.Security.SecurityVersion.WSSecurity11)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", System.ServiceModel.SR.GetString("MessageSecurityVersionOutOfRange")));
}
this.serializerEntries.Add(new WSSecurityXXX2005(this, samlSerializer));
}
this.serializerEntries.Add(this.secureConversation);
if (trustVersion == TrustVersion.WSTrustFeb2005)
{
this.serializerEntries.Add(new WSTrustFeb2005(this));
}
else
{
if (trustVersion != TrustVersion.WSTrust13)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
this.serializerEntries.Add(new WSTrustDec2005(this));
}
this.tokenEntries = new List <TokenEntry>();
this.keyIdentifierEntries = new List <KeyIdentifierEntry>();
this.keyIdentifierClauseEntries = new List <KeyIdentifierClauseEntry>();
for (int i = 0; i < this.serializerEntries.Count; i++)
{
SerializerEntries entries = this.serializerEntries[i];
entries.PopulateTokenEntries(this.tokenEntries);
entries.PopulateKeyIdentifierEntries(this.keyIdentifierEntries);
entries.PopulateKeyIdentifierClauseEntries(this.keyIdentifierClauseEntries);
}
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes)
: this(securityVersion, trustVersion, secureConversationVersion, emitBspRequiredAttributes, samlSerializer, securityStateEncoder, knownTypes, DefaultMaximumKeyDerivationOffset, DefaultMaximumKeyDerivationLabelLength, DefaultMaximumKeyDerivationNonceLength)
{
}
internal string GetSignatureKeyDerivationAlgorithm(SecurityToken token, SecureConversationVersion version)
{
if (token == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token");
string derivationAlgorithm = SecurityUtils.GetKeyDerivationAlgorithm(version);
if (SecurityUtils.IsSupportedAlgorithm(derivationAlgorithm, token))
return derivationAlgorithm;
else
return null;
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer1 samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes)
: this(securityVersion, trustVersion, secureConversationVersion, emitBspRequiredAttributes, samlSerializer, securityStateEncoder, knownTypes, DefaultMaximumKeyDerivationOffset, DefaultMaximumKeyDerivationLabelLength, DefaultMaximumKeyDerivationNonceLength)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes,
int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
if (securityVersion == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("securityVersion"));
}
if (maximumKeyDerivationOffset < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationOffset", SRServiceModel.ValueMustBeNonNegative));
}
if (maximumKeyDerivationLabelLength < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationLabelLength", SRServiceModel.ValueMustBeNonNegative));
}
if (maximumKeyDerivationNonceLength <= 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationNonceLength", SRServiceModel.ValueMustBeGreaterThanZero));
}
_securityVersion = securityVersion;
_emitBspRequiredAttributes = emitBspRequiredAttributes;
_maximumKeyDerivationOffset = maximumKeyDerivationOffset;
_maximumKeyDerivationNonceLength = maximumKeyDerivationNonceLength;
_maximumKeyDerivationLabelLength = maximumKeyDerivationLabelLength;
_serializerEntries = new List <SerializerEntries>();
if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
_secureConversation = new WSSecureConversationFeb2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
{
_secureConversation = new WSSecureConversationDec2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
if (securityVersion == SecurityVersion.WSSecurity10)
{
_serializerEntries.Add(new WSSecurityJan2004(this, samlSerializer));
}
else if (securityVersion == SecurityVersion.WSSecurity11)
{
_serializerEntries.Add(new WSSecurityXXX2005(this, samlSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SRServiceModel.MessageSecurityVersionOutOfRange));
}
_serializerEntries.Add(_secureConversation);
IdentityModel.TrustDictionary trustDictionary;
if (trustVersion == TrustVersion.WSTrustFeb2005)
{
_serializerEntries.Add(new WSTrustFeb2005(this));
trustDictionary = new IdentityModel.TrustFeb2005Dictionary(new CollectionDictionary(DXD.TrustDec2005Dictionary.Feb2005DictionaryStrings));
}
else if (trustVersion == TrustVersion.WSTrust13)
{
_serializerEntries.Add(new WSTrustDec2005(this));
trustDictionary = new IdentityModel.TrustDec2005Dictionary(new CollectionDictionary(DXD.TrustDec2005Dictionary.Dec2005DictionaryString));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
_tokenEntries = new List <TokenEntry>();
for (int i = 0; i < _serializerEntries.Count; ++i)
{
SerializerEntries serializerEntry = _serializerEntries[i];
serializerEntry.PopulateTokenEntries(_tokenEntries);
}
IdentityModel.DictionaryManager dictionaryManager = new IdentityModel.DictionaryManager(ServiceModelDictionary.CurrentVersion);
dictionaryManager.SecureConversationDec2005Dictionary = new IdentityModel.SecureConversationDec2005Dictionary(new CollectionDictionary(DXD.SecureConversationDec2005Dictionary.SecureConversationDictionaryStrings));
dictionaryManager.SecurityAlgorithmDec2005Dictionary = new IdentityModel.SecurityAlgorithmDec2005Dictionary(new CollectionDictionary(DXD.SecurityAlgorithmDec2005Dictionary.SecurityAlgorithmDictionaryStrings));
_keyInfoSerializer = new WSKeyInfoSerializer(_emitBspRequiredAttributes, dictionaryManager, trustDictionary, this, securityVersion, secureConversationVersion);
}
public WSSecurityTokenSerializer(System.ServiceModel.Security.SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes, int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
if (securityVersion == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("securityVersion"));
}
if (maximumKeyDerivationOffset < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationOffset", System.ServiceModel.SR.GetString("ValueMustBeNonNegative")));
}
if (maximumKeyDerivationLabelLength < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationLabelLength", System.ServiceModel.SR.GetString("ValueMustBeNonNegative")));
}
if (maximumKeyDerivationNonceLength <= 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationNonceLength", System.ServiceModel.SR.GetString("ValueMustBeGreaterThanZero")));
}
this.securityVersion = securityVersion;
this.emitBspRequiredAttributes = emitBspRequiredAttributes;
this.maximumKeyDerivationOffset = maximumKeyDerivationOffset;
this.maximumKeyDerivationNonceLength = maximumKeyDerivationNonceLength;
this.maximumKeyDerivationLabelLength = maximumKeyDerivationLabelLength;
this.serializerEntries = new List<SerializerEntries>();
if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
this.secureConversation = new WSSecureConversationFeb2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
else
{
if (secureConversationVersion != SecureConversationVersion.WSSecureConversation13)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
this.secureConversation = new WSSecureConversationDec2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
this.serializerEntries.Add(new XmlDsigSep2000(this));
this.serializerEntries.Add(new XmlEncApr2001(this));
if (securityVersion == System.ServiceModel.Security.SecurityVersion.WSSecurity10)
{
this.serializerEntries.Add(new WSSecurityJan2004(this, samlSerializer));
}
else
{
if (securityVersion != System.ServiceModel.Security.SecurityVersion.WSSecurity11)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", System.ServiceModel.SR.GetString("MessageSecurityVersionOutOfRange")));
}
this.serializerEntries.Add(new WSSecurityXXX2005(this, samlSerializer));
}
this.serializerEntries.Add(this.secureConversation);
if (trustVersion == TrustVersion.WSTrustFeb2005)
{
this.serializerEntries.Add(new WSTrustFeb2005(this));
}
else
{
if (trustVersion != TrustVersion.WSTrust13)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
this.serializerEntries.Add(new WSTrustDec2005(this));
}
this.tokenEntries = new List<TokenEntry>();
this.keyIdentifierEntries = new List<KeyIdentifierEntry>();
this.keyIdentifierClauseEntries = new List<KeyIdentifierClauseEntry>();
for (int i = 0; i < this.serializerEntries.Count; i++)
{
SerializerEntries entries = this.serializerEntries[i];
entries.PopulateTokenEntries(this.tokenEntries);
entries.PopulateKeyIdentifierEntries(this.keyIdentifierEntries);
entries.PopulateKeyIdentifierClauseEntries(this.keyIdentifierClauseEntries);
}
}
public WSSecurityTokenSerializer(System.ServiceModel.Security.SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes) : this(securityVersion, trustVersion, secureConversationVersion, emitBspRequiredAttributes, samlSerializer, securityStateEncoder, knownTypes, 0x40, 0x80, 0x80)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, System.IdentityModel.Tokens.SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, System.IdentityModel.Tokens.SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes, int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes,
int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
if (securityVersion == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("securityVersion"));
if (maximumKeyDerivationOffset < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationOffset", SR.GetString(SR.ValueMustBeNonNegative)));
}
if (maximumKeyDerivationLabelLength < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationLabelLength", SR.GetString(SR.ValueMustBeNonNegative)));
}
if (maximumKeyDerivationNonceLength <= 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationNonceLength", SR.GetString(SR.ValueMustBeGreaterThanZero)));
}
this.securityVersion = securityVersion;
this.emitBspRequiredAttributes = emitBspRequiredAttributes;
this.maximumKeyDerivationOffset = maximumKeyDerivationOffset;
this.maximumKeyDerivationNonceLength = maximumKeyDerivationNonceLength;
this.maximumKeyDerivationLabelLength = maximumKeyDerivationLabelLength;
this.serializerEntries = new List<SerializerEntries>();
if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
this.secureConversation = new WSSecureConversationFeb2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
{
this.secureConversation = new WSSecureConversationDec2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
if (securityVersion == SecurityVersion.WSSecurity10)
{
this.serializerEntries.Add(new WSSecurityJan2004(this, samlSerializer));
}
else if (securityVersion == SecurityVersion.WSSecurity11)
{
this.serializerEntries.Add(new WSSecurityXXX2005(this, samlSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SR.GetString(SR.MessageSecurityVersionOutOfRange)));
}
this.serializerEntries.Add(this.secureConversation);
IdentityModel.TrustDictionary trustDictionary;
if (trustVersion == TrustVersion.WSTrustFeb2005)
{
this.serializerEntries.Add(new WSTrustFeb2005(this));
trustDictionary = new IdentityModel.TrustFeb2005Dictionary(new CollectionDictionary(DXD.TrustDec2005Dictionary.Feb2005DictionaryStrings));
}
else if (trustVersion == TrustVersion.WSTrust13)
{
this.serializerEntries.Add(new WSTrustDec2005(this));
trustDictionary = new IdentityModel.TrustDec2005Dictionary(new CollectionDictionary(DXD.TrustDec2005Dictionary.Dec2005DictionaryString));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
this.tokenEntries = new List<TokenEntry>();
for (int i = 0; i < this.serializerEntries.Count; ++i)
{
SerializerEntries serializerEntry = this.serializerEntries[i];
serializerEntry.PopulateTokenEntries(this.tokenEntries);
}
IdentityModel.DictionaryManager dictionaryManager = new IdentityModel.DictionaryManager(ServiceModelDictionary.CurrentVersion);
dictionaryManager.SecureConversationDec2005Dictionary = new IdentityModel.SecureConversationDec2005Dictionary(new CollectionDictionary(DXD.SecureConversationDec2005Dictionary.SecureConversationDictionaryStrings));
dictionaryManager.SecurityAlgorithmDec2005Dictionary = new IdentityModel.SecurityAlgorithmDec2005Dictionary(new CollectionDictionary(DXD.SecurityAlgorithmDec2005Dictionary.SecurityAlgorithmDictionaryStrings));
this.keyInfoSerializer = new WSKeyInfoSerializer(this.emitBspRequiredAttributes, dictionaryManager, trustDictionary, this, securityVersion, secureConversationVersion);
}
static Func <KeyInfoSerializer, IEnumerable <SecurityTokenSerializer.SerializerEntries> > CreateAdditionalEntries(SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
{
return((KeyInfoSerializer keyInfoSerializer) =>
{
List <SecurityTokenSerializer.SerializerEntries> serializerEntries = new List <SecurityTokenSerializer.SerializerEntries>();
if (securityVersion == SecurityVersion.WSSecurity10)
{
serializerEntries.Add(new System.IdentityModel.Tokens.WSSecurityJan2004(keyInfoSerializer));
}
else if (securityVersion == SecurityVersion.WSSecurity11)
{
serializerEntries.Add(new System.IdentityModel.Tokens.WSSecurityXXX2005(keyInfoSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SR.GetString(SR.MessageSecurityVersionOutOfRange)));
}
if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
serializerEntries.Add(new WSSecureConversationFeb2005(keyInfoSerializer));
}
else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
{
serializerEntries.Add(new WSSecureConversationDec2005(keyInfoSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
return serializerEntries;
});
}
internal int GetSignatureKeyDerivationLength(SecurityToken token, SecureConversationVersion version)
{
if (token == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token");
string derivationAlgorithm = SecurityUtils.GetKeyDerivationAlgorithm(version);
if (SecurityUtils.IsSupportedAlgorithm(derivationAlgorithm, token))
{
if (this.DefaultSignatureKeyDerivationLength % 8 != 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.Format(SR.Psha1KeyLengthInvalid, this.DefaultSignatureKeyDerivationLength)));
return this.DefaultSignatureKeyDerivationLength / 8;
}
else
return 0;
}
public WSKeyInfoSerializer(bool emitBspRequiredAttributes, DictionaryManager dictionaryManager, System.IdentityModel.TrustDictionary trustDictionary, SecurityTokenSerializer innerSecurityTokenSerializer, SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
: base(emitBspRequiredAttributes, dictionaryManager, trustDictionary, innerSecurityTokenSerializer, CreateAdditionalEntries(securityVersion, secureConversationVersion))
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer1 samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes,
int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
#if !FEATURE_CORECLR
throw ExceptionHelper.PlatformNotSupported();
#endif
}
public WSSecurityTokenSerializer(System.ServiceModel.Security.SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes) : this(securityVersion, trustVersion, secureConversationVersion, emitBspRequiredAttributes, samlSerializer, securityStateEncoder, knownTypes, 0x40, 0x80, 0x80)
{
}
