public override bool SupportsCore(SecurityKeyIdentifierClause clause)
{
if (typeof(SamlAssertionKeyIdentifierClause).IsAssignableFrom(clause.GetType()))
{
SamlAssertionKeyIdentifierClause samlclause = clause as SamlAssertionKeyIdentifierClause;
if ((samlclause.TokenTypeUri == null) || (samlclause.TokenTypeUri == this.GetTokenTypeUri()))
{
return(true);
}
}
return(false);
}
public override bool SupportsCore(SecurityKeyIdentifierClause clause)
{
return(typeof(RelAssertionDirectKeyIdentifierClause).IsAssignableFrom(clause.GetType()));
}
public override bool SupportsCore(SecurityKeyIdentifierClause clause)
{
return(ClauseType.IsAssignableFrom(clause.GetType()));
}
protected override void WriteKeyIdentifierClauseCore (
XmlWriter writer,
SecurityKeyIdentifierClause keyIdentifierClause)
{
string errorReason = null;
if (keyIdentifierClause == null)
throw new ArgumentNullException ("keyIdentifierClause");
if (keyIdentifierClause is LocalIdKeyIdentifierClause)
WriteLocalIdKeyIdentifierClause (writer, (LocalIdKeyIdentifierClause) keyIdentifierClause);
else if (keyIdentifierClause is SecurityContextKeyIdentifierClause)
WriteSecurityContextKeyIdentifierClause (writer, (SecurityContextKeyIdentifierClause) keyIdentifierClause);
else if (keyIdentifierClause is X509IssuerSerialKeyIdentifierClause)
WriteX509IssuerSerialKeyIdentifierClause (writer, (X509IssuerSerialKeyIdentifierClause) keyIdentifierClause);
else if (keyIdentifierClause is X509ThumbprintKeyIdentifierClause) {
if (WSS1_0)
errorReason = String.Format ("Security key identifier clause '{0}' is not supported in this serializer.", keyIdentifierClause.GetType ());
else
WriteX509ThumbprintKeyIdentifierClause (writer, (X509ThumbprintKeyIdentifierClause) keyIdentifierClause);
}
else if (keyIdentifierClause is EncryptedKeyIdentifierClause)
WriteEncryptedKeyIdentifierClause (writer, (EncryptedKeyIdentifierClause) keyIdentifierClause);
else if (keyIdentifierClause is BinarySecretKeyIdentifierClause)
WriteBinarySecretKeyIdentifierClause (writer, (BinarySecretKeyIdentifierClause) keyIdentifierClause);
else if (keyIdentifierClause is InternalEncryptedKeyIdentifierClause)
WriteInternalEncryptedKeyIdentifierClause (writer, (InternalEncryptedKeyIdentifierClause) keyIdentifierClause);
else if (keyIdentifierClause is SamlAssertionKeyIdentifierClause)
WriteSamlAssertionKeyIdentifierClause (writer, (SamlAssertionKeyIdentifierClause) keyIdentifierClause);
else
throw new NotImplementedException (String.Format ("Security key identifier clause '{0}' is not either implemented or supported.", keyIdentifierClause.GetType ()));
if (errorReason != null)
throw new InvalidOperationException (errorReason);
}
public override void WriteKeyIdentifierClauseCore(XmlDictionaryWriter writer, SecurityKeyIdentifierClause keyIdentifierClause)
{
for (int i = 0; i < this.strEntries.Count; ++i)
{
if (this.strEntries[i].SupportsCore(keyIdentifierClause))
{
writer.WriteStartElement(XD.SecurityJan2004Dictionary.Prefix.Value, XD.SecurityJan2004Dictionary.SecurityTokenReference, XD.SecurityJan2004Dictionary.Namespace);
this.strEntries[i].WriteContent(writer, keyIdentifierClause);
writer.WriteEndElement();
return;
}
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.StandardsManagerCannotWriteObject, keyIdentifierClause.GetType())));
}
public override void WriteKeyIdentifierClauseCore(XmlDictionaryWriter writer, SecurityKeyIdentifierClause keyIdentifierClause)
{
for (int i = 0; i < this.StrEntries.Count; ++i)
{
if (this.StrEntries[i].SupportsCore(keyIdentifierClause))
{
writer.WriteStartElement(XD.SecurityJan2004Dictionary.Prefix.Value, XD.SecurityJan2004Dictionary.SecurityTokenReference, XD.SecurityJan2004Dictionary.Namespace);
string tokenTypeUri = this.GetTokenTypeUri(this.StrEntries[i], keyIdentifierClause);
if (tokenTypeUri != null)
{
writer.WriteAttributeString(XD.SecurityXXX2005Dictionary.Prefix.Value, XD.SecurityXXX2005Dictionary.TokenTypeAttribute, XD.SecurityXXX2005Dictionary.Namespace, tokenTypeUri);
}
this.StrEntries[i].WriteContent(writer, keyIdentifierClause);
writer.WriteEndElement();
return;
}
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.StandardsManagerCannotWriteObject, keyIdentifierClause.GetType())));
}
private static void ValidateCertificate(bool validateCertificate, SecurityKeyIdentifierClause keyIdentifier)
{
if (validateCertificate)
{
var rawCert = keyIdentifier as X509RawDataKeyIdentifierClause;
if (rawCert == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture,
"Certificate validation enabled, but the signing key identifier is of type {0} which cannot be validated as a certificate.",
keyIdentifier.GetType().Name));
}
if (!new X509Certificate2(rawCert.GetX509RawData()).Verify())
{
throw new InvalidSignatureException("The signature was valid, but the verification of the certificate failed. Is it expired or revoked? Are you sure you really want to enable ValidateCertificates (it's normally not needed)?");
}
}
}
/// <summary>
/// Serialize a SecurityKeyIdentifierClause to the given XmlWriter.
/// </summary>
/// <param name="writer">XmlWriter to which the SecurityKeyIdentifierClause is serialized.</param>
/// <param name="securityKeyIdentifierClause">SecurityKeyIdentifierClause to serialize.</param>
/// <exception cref="ArgumentNullException">The input parameter 'reader' or 'securityKeyIdentifierClause' is null.</exception>
/// <exception cref="ArgumentException">The parameter 'securityKeyIdentifierClause' is not a supported clause type.</exception>
public override void WriteKeyIdentifierClause(XmlWriter writer, SecurityKeyIdentifierClause securityKeyIdentifierClause)
{
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
}
if (securityKeyIdentifierClause == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityKeyIdentifierClause");
}
X509IssuerSerialKeyIdentifierClause issuerSerialClause = securityKeyIdentifierClause as X509IssuerSerialKeyIdentifierClause;
if (issuerSerialClause != null)
{
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace);
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509IssuerSerial, XmlSignatureConstants.Namespace);
writer.WriteElementString(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509IssuerName, XmlSignatureConstants.Namespace, issuerSerialClause.IssuerName);
writer.WriteElementString(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509SerialNumber, XmlSignatureConstants.Namespace, issuerSerialClause.IssuerSerialNumber);
writer.WriteEndElement();
writer.WriteEndElement();
return;
}
X509SubjectKeyIdentifierClause skiClause = securityKeyIdentifierClause as X509SubjectKeyIdentifierClause;
if (skiClause != null)
{
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace);
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509SKI, XmlSignatureConstants.Namespace);
byte[] ski = skiClause.GetX509SubjectKeyIdentifier();
writer.WriteBase64(ski, 0, ski.Length);
writer.WriteEndElement();
writer.WriteEndElement();
return;
}
#if INCLUDE_CERT_CHAIN
X509ChainRawDataKeyIdentifierClause x509ChainDataClause = securityKeyIdentifierClause as X509ChainRawDataKeyIdentifierClause;
if ( x509ChainDataClause != null )
{
writer.WriteStartElement( XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace );
for( int i = 0; i < x509ChainDataClause.CertificateCount; i++ )
{
writer.WriteStartElement( XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Certificate, XmlSignatureConstants.Namespace );
byte[] rawData = x509ChainDataClause.GetX509RawData( i );
writer.WriteBase64( rawData, 0, rawData.Length );
writer.WriteEndElement();
}
writer.WriteEndElement();
return;
}
#endif
X509RawDataKeyIdentifierClause rawDataClause = securityKeyIdentifierClause as X509RawDataKeyIdentifierClause;
if (rawDataClause != null)
{
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace);
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Certificate, XmlSignatureConstants.Namespace);
byte[] rawData = rawDataClause.GetX509RawData();
writer.WriteBase64(rawData, 0, rawData.Length);
writer.WriteEndElement();
writer.WriteEndElement();
return;
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("securityKeyIdentifierClause", SR.GetString(SR.ID4259, securityKeyIdentifierClause.GetType()));
}
public override bool SupportsCore(SecurityKeyIdentifierClause clause)
{
return typeof(SamlAssertionDirectKeyIdentifierClause).IsAssignableFrom(clause.GetType());
}
public override bool SupportsCore(SecurityKeyIdentifierClause clause)
{
if (typeof(SamlAssertionKeyIdentifierClause).IsAssignableFrom(clause.GetType()))
{
SamlAssertionKeyIdentifierClause clause2 = clause as SamlAssertionKeyIdentifierClause;
if ((clause2.TokenTypeUri == null) || (clause2.TokenTypeUri == this.GetTokenTypeUri()))
{
return true;
}
}
return false;
}
protected override void WriteKeyIdentifierClauseCore(XmlWriter writer, SecurityKeyIdentifierClause keyIdentifierClause)
{
bool flag = false;
XmlDictionaryWriter writer2 = XmlDictionaryWriter.CreateDictionaryWriter(writer);
for (int i = 0; i < this.keyIdentifierClauseEntries.Count; i++)
{
KeyIdentifierClauseEntry entry = this.keyIdentifierClauseEntries[i];
if (entry.SupportsCore(keyIdentifierClause))
{
try
{
entry.WriteKeyIdentifierClauseCore(writer2, keyIdentifierClause);
}
catch (Exception exception)
{
if (!this.ShouldWrapException(exception))
{
throw;
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(System.ServiceModel.SR.GetString("ErrorSerializingKeyIdentifierClause"), exception));
}
flag = true;
break;
}
}
if (!flag)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("StandardsManagerCannotWriteObject", new object[] { keyIdentifierClause.GetType() })));
}
writer2.Flush();
}
public override bool SupportsCore(SecurityKeyIdentifierClause clause)
{
return this.ClauseType.IsAssignableFrom(clause.GetType());
}
public override void WriteKeyIdentifierClauseCore(XmlDictionaryWriter writer, SecurityKeyIdentifierClause keyIdentifierClause)
{
for (int i = 0; i < this.strEntries.Count; i++)
{
if (this.strEntries[i].SupportsCore(keyIdentifierClause))
{
writer.WriteStartElement(XD.SecurityJan2004Dictionary.Prefix.Value, XD.SecurityJan2004Dictionary.SecurityTokenReference, XD.SecurityJan2004Dictionary.Namespace);
this.strEntries[i].WriteContent(writer, keyIdentifierClause);
writer.WriteEndElement();
return;
}
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("StandardsManagerCannotWriteObject", new object[] { keyIdentifierClause.GetType() })));
}
protected override void WriteKeyIdentifierClauseCore(XmlWriter writer, SecurityKeyIdentifierClause keyIdentifierClause)
{
bool wroteKeyIdentifierClause = false;
XmlDictionaryWriter localWriter = XmlDictionaryWriter.CreateDictionaryWriter(writer);
for (int i = 0; i < _keyIdentifierClauseEntries.Count; ++i)
{
KeyIdentifierClauseEntry keyIdentifierClauseEntry = _keyIdentifierClauseEntries[i];
if (keyIdentifierClauseEntry.SupportsCore(keyIdentifierClause))
{
try
{
keyIdentifierClauseEntry.WriteKeyIdentifierClauseCore(localWriter, keyIdentifierClause);
}
#pragma warning disable 56500 // covered by FxCOP
catch (Exception e)
{
if (Fx.IsFatal(e))
{
throw;
}
if (!ShouldWrapException(e))
{
throw;
}
throw /*System.ServiceModel.*/ DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(string.Format(SR_IdentityModel.ErrorSerializingKeyIdentifierClause), e));
}
wroteKeyIdentifierClause = true;
break;
}
}
if (!wroteKeyIdentifierClause)
{
throw /*System.ServiceModel.*/ DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(string.Format(SRServiceModel.StandardsManagerCannotWriteObject, keyIdentifierClause.GetType())));
}
localWriter.Flush();
}
protected override void WriteKeyIdentifierClauseCore(XmlWriter writer, SecurityKeyIdentifierClause keyIdentifierClause)
{
bool wroteKeyIdentifierClause = false;
XmlDictionaryWriter localWriter = XmlDictionaryWriter.CreateDictionaryWriter(writer);
for (int i = 0; i < this.keyIdentifierClauseEntries.Count; ++i)
{
KeyIdentifierClauseEntry keyIdentifierClauseEntry = this.keyIdentifierClauseEntries[i];
if (keyIdentifierClauseEntry.SupportsCore(keyIdentifierClause))
{
try
{
keyIdentifierClauseEntry.WriteKeyIdentifierClauseCore(localWriter, keyIdentifierClause);
}
#pragma warning suppress 56500 // covered by FxCOP
catch (Exception e)
{
if (Fx.IsFatal(e))
throw;
if (!ShouldWrapException(e))
{
throw;
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.ErrorSerializingKeyIdentifierClause), e));
}
wroteKeyIdentifierClause = true;
break;
}
}
if (!wroteKeyIdentifierClause)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.StandardsManagerCannotWriteObject, keyIdentifierClause.GetType())));
localWriter.Flush();
}
/// <summary>
/// Serialize a SecurityKeyIdentifierClause to the given XmlWriter.
/// </summary>
/// <param name="writer">XmlWriter to which the SecurityKeyIdentifierClause is serialized.</param>
/// <param name="securityKeyIdentifierClause">SecurityKeyIdentifierClause to serialize.</param>
/// <exception cref="ArgumentNullException">The input parameter 'reader' or 'securityKeyIdentifierClause' is null.</exception>
/// <exception cref="ArgumentException">The parameter 'securityKeyIdentifierClause' is not a supported clause type.</exception>
public override void WriteKeyIdentifierClause(XmlWriter writer, SecurityKeyIdentifierClause securityKeyIdentifierClause)
{
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
}
if (securityKeyIdentifierClause == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityKeyIdentifierClause");
}
X509IssuerSerialKeyIdentifierClause issuerSerialClause = securityKeyIdentifierClause as X509IssuerSerialKeyIdentifierClause;
if (issuerSerialClause != null)
{
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace);
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509IssuerSerial, XmlSignatureConstants.Namespace);
writer.WriteElementString(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509IssuerName, XmlSignatureConstants.Namespace, issuerSerialClause.IssuerName);
writer.WriteElementString(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509SerialNumber, XmlSignatureConstants.Namespace, issuerSerialClause.IssuerSerialNumber);
writer.WriteEndElement();
writer.WriteEndElement();
return;
}
X509SubjectKeyIdentifierClause skiClause = securityKeyIdentifierClause as X509SubjectKeyIdentifierClause;
if (skiClause != null)
{
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace);
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509SKI, XmlSignatureConstants.Namespace);
byte[] ski = skiClause.GetX509SubjectKeyIdentifier();
writer.WriteBase64(ski, 0, ski.Length);
writer.WriteEndElement();
writer.WriteEndElement();
return;
}
#if INCLUDE_CERT_CHAIN
X509ChainRawDataKeyIdentifierClause x509ChainDataClause = securityKeyIdentifierClause as X509ChainRawDataKeyIdentifierClause;
if (x509ChainDataClause != null)
{
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace);
for (int i = 0; i < x509ChainDataClause.CertificateCount; i++)
{
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Certificate, XmlSignatureConstants.Namespace);
byte[] rawData = x509ChainDataClause.GetX509RawData(i);
writer.WriteBase64(rawData, 0, rawData.Length);
writer.WriteEndElement();
}
writer.WriteEndElement();
return;
}
#endif
X509RawDataKeyIdentifierClause rawDataClause = securityKeyIdentifierClause as X509RawDataKeyIdentifierClause;
if (rawDataClause != null)
{
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Data, XmlSignatureConstants.Namespace);
writer.WriteStartElement(XmlSignatureConstants.Prefix, XmlSignatureConstants.Elements.X509Certificate, XmlSignatureConstants.Namespace);
byte[] rawData = rawDataClause.GetX509RawData();
writer.WriteBase64(rawData, 0, rawData.Length);
writer.WriteEndElement();
writer.WriteEndElement();
return;
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("securityKeyIdentifierClause", SR.GetString(SR.ID4259, securityKeyIdentifierClause.GetType()));
}
