Ejemplo n.º 1
0
        protected override SecurityKeyIdentifierClause CreateKeyIdentifierClause(
            SecurityToken token, SecurityTokenReferenceStyle referenceStyle)
        {
            if (token == null)
            {
                throw new ArgumentNullException("token");
            }

            if (referenceStyle == SecurityTokenReferenceStyle.Internal)
            {
                return(new LocalIdKeyIdentifierClause(token.Id, token.GetType()));
            }

            switch (reference_style)
            {
            default:
                return(token.CreateKeyIdentifierClause <X509IssuerSerialKeyIdentifierClause> ());

            case X509KeyIdentifierClauseType.Thumbprint:
                return(token.CreateKeyIdentifierClause <X509ThumbprintKeyIdentifierClause> ());

            case X509KeyIdentifierClauseType.SubjectKeyIdentifier:
                return(token.CreateKeyIdentifierClause <X509SubjectKeyIdentifierClause> ());

            case X509KeyIdentifierClauseType.RawDataKeyIdentifier:
                return(token.CreateKeyIdentifierClause <X509RawDataKeyIdentifierClause> ());

            case X509KeyIdentifierClauseType.Any:
                if (token.CanCreateKeyIdentifierClause <X509SubjectKeyIdentifierClause> ())
                {
                    goto case X509KeyIdentifierClauseType.SubjectKeyIdentifier;
                }
                goto default;
            }
        }
Ejemplo n.º 2
0
        // This method returns a security key identifier that can be used to refer to the provided security token when
        // the provided token appears in the message
        private SecurityKeyIdentifier GetInternalSecurityKeyIdentifier(SecurityToken t)
        {
            // If t is null, we're toast
            if (t == null)
            {
                throw new ArgumentNullException("t");
            }

            // Set skiClause to null
            SecurityKeyIdentifierClause skiClause = null;

            // Try for a local id reference first...
            if (t.CanCreateKeyIdentifierClause <LocalIdKeyIdentifierClause>())
            {
                Console.WriteLine("GetInternalSecurityKeyIdentifier using LocalIdKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <LocalIdKeyIdentifierClause>();

                // return a SecurityKeyIdentifier
                return(new SecurityKeyIdentifier(skiClause));
            }
            else
            {
                return(GetExternalSecurityKeyIdentifier(t));
            }
        }
Ejemplo n.º 3
0
        // This method returns a security key identifier that can be used to refer to the provided security token when
        // the provided token does not appear in the message
        private SecurityKeyIdentifier GetExternalSecurityKeyIdentifier(SecurityToken t)
        {
            // If t is null, we're toast
            if (t == null)
            {
                throw new ArgumentNullException("t");
            }

            // Set skiClause to null
            SecurityKeyIdentifierClause skiClause = null;

            // Try for an encrypted key reference first...
            if (t.CanCreateKeyIdentifierClause <EncryptedKeyIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using EncryptedKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <EncryptedKeyIdentifierClause>();
            }
            // ... kerb token reference next...
            else if (t.CanCreateKeyIdentifierClause <KerberosTicketHashKeyIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using KerberosTicketHashKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <KerberosTicketHashKeyIdentifierClause>();
            }
            // ... X509 thumbprint next...
            else if (t.CanCreateKeyIdentifierClause <X509ThumbprintKeyIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using X509ThumbprintKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <X509ThumbprintKeyIdentifierClause>();
            }
            // ... X509 raw reference next...
            else if (t.CanCreateKeyIdentifierClause <X509RawDataKeyIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using X509RawDataKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <X509RawDataKeyIdentifierClause>();
            }
            // ... X509 SKI next...
            else if (t.CanCreateKeyIdentifierClause <X509SubjectKeyIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using X509SubjectKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <X509SubjectKeyIdentifierClause>();
            }
            // ... try for a binary secret...
            else if (t.CanCreateKeyIdentifierClause <BinarySecretKeyIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using BinarySecretKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <BinarySecretKeyIdentifierClause>();
            }
            // ... then a X509IssuerSerial reference ...
            else if (t.CanCreateKeyIdentifierClause <X509IssuerSerialKeyIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using X509IssuerSerialKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <X509IssuerSerialKeyIdentifierClause>();
            }
            // ... then a SAML assertion reference...
            else if (t.CanCreateKeyIdentifierClause <SamlAssertionKeyIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using SamlAssertionKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <SamlAssertionKeyIdentifierClause>();
            }

            // ... then an RSA key reference...
            else if (t.CanCreateKeyIdentifierClause <RsaKeyIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using RsaKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <RsaKeyIdentifierClause>();
            }
            // ... then a key name reference...
            else if (t.CanCreateKeyIdentifierClause <KeyNameIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using KeyNameIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <KeyNameIdentifierClause>();
            }
            // ... and finally an SCT reference...
            else if (t.CanCreateKeyIdentifierClause <SecurityContextKeyIdentifierClause>())
            {
                Console.WriteLine("GetExternalSecurityKeyIdentifier using SecurityContextKeyIdentifierClause");
                skiClause = t.CreateKeyIdentifierClause <SecurityContextKeyIdentifierClause>();
            }

            // return a SecurityKeyIdentifier
            return(new SecurityKeyIdentifier(skiClause));
        }