private static MessagePartSpecification ExtractMessageParts(string action, ScopedMessagePartSpecification scopedParts, bool isForSignature) { MessagePartSpecification parts = null; if (scopedParts.TryGetParts(action, out parts)) { return(parts); } else if (scopedParts.TryGetParts(MessageHeaders.WildcardAction, out parts)) { return(parts); } // send back a fault indication that the action is unknown SecurityVersion wss = MessageSecurityVersion.Default.SecurityVersion; FaultCode subCode = new FaultCode(wss.InvalidSecurityFaultCode.Value, wss.HeaderNamespace.Value); FaultCode senderCode = FaultCode.CreateSenderFaultCode(subCode); FaultReason reason = new FaultReason(SR.Format(SR.InvalidOrUnrecognizedAction, action), System.Globalization.CultureInfo.CurrentCulture); MessageFault fault = MessageFault.CreateFault(senderCode, reason); if (isForSignature) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.Format(SR.NoSignaturePartsSpecified, action), null, fault)); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.Format(SR.NoEncryptionPartsSpecified, action), null, fault)); } }
public static MessageSecurityTokenVersion GetSecurityTokenVersion(SecurityVersion version, bool emitBspAttributes) { if (version == SecurityVersion.WSSecurity10) { if (emitBspAttributes) { return(WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); } } else if (version == SecurityVersion.WSSecurity11) { if (emitBspAttributes) { return(WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10); } else { return(WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005); } } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); } }
MessageSecurityTokenVersion(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, string toString, bool emitBspRequiredAttributes, params string[] supportedSpecs) : base() { this.emitBspRequiredAttributes = emitBspRequiredAttributes; this.supportedSpecs = new ReadOnlyCollection<string>(supportedSpecs); this.toString = toString; this.securityVersion = securityVersion; this.trustVersion = trustVersion; this.secureConversationVersion = secureConversationVersion; }
public SignatureConfirmationElement(string id, byte[] signatureValue, SecurityVersion version) { if (id == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(id)); } if (signatureValue == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(signatureValue)); } this.id = id; this.signatureValue = signatureValue; this.version = version; }
internal bool TryGetSecurityContextIds(Message message, string[] actors, bool isStrictMode, ICollection <UniqueId> results) { if (results == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(results)); } SecureConversationDriver driver = SecureConversationDriver; int securityHeaderIndex = SecurityVersion.FindIndexOfSecurityHeader(message, actors); if (securityHeaderIndex < 0) { return(false); } bool addedContextIds = false; using (XmlDictionaryReader reader = message.Headers.GetReaderAtHeader(securityHeaderIndex)) { if (!reader.IsStartElement()) { return(false); } if (reader.IsEmptyElement) { return(false); } reader.ReadStartElement(); while (reader.IsStartElement()) { if (driver.IsAtSecurityContextToken(reader)) { results.Add(driver.GetSecurityContextTokenId(reader)); addedContextIds = true; if (isStrictMode) { break; } } else { reader.Skip(); } } } return(addedContextIds); }
public SignatureConfirmationElement(string id, byte[] signatureValue, SecurityVersion version) { Id = id ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(id)); _signatureValue = signatureValue ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(signatureValue)); _version = version; }
public WSKeyInfoSerializer(bool emitBspRequiredAttributes, DictionaryManager dictionaryManager, TrustDictionary trustDictionary, SecurityTokenSerializer innerSecurityTokenSerializer, SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion) : base(emitBspRequiredAttributes, dictionaryManager, trustDictionary, innerSecurityTokenSerializer, CreateAdditionalEntries(securityVersion, secureConversationVersion)) { }
static Func <KeyInfoSerializer, IEnumerable <SecurityTokenSerializer.SerializerEntries> > CreateAdditionalEntries(SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion) { return((KeyInfoSerializer keyInfoSerializer) => { List <SecurityTokenSerializer.SerializerEntries> serializerEntries = new List <SecurityTokenSerializer.SerializerEntries>(); if (securityVersion == SecurityVersion.WSSecurity10) { serializerEntries.Add(new CoreWCF.IdentityModel.Tokens.WSSecurityJan2004(keyInfoSerializer)); } else if (securityVersion == SecurityVersion.WSSecurity11) { serializerEntries.Add(new CoreWCF.IdentityModel.Tokens.WSSecurityXXX2005(keyInfoSerializer)); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SR.Format(SR.MessageSecurityVersionOutOfRange))); } if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005) { serializerEntries.Add(new WSSecureConversationFeb2005(keyInfoSerializer)); } else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13) { serializerEntries.Add(new WSSecureConversationDec2005(keyInfoSerializer)); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); } return serializerEntries; }); }
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes, int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength) { if (maximumKeyDerivationOffset < 0) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException(nameof(maximumKeyDerivationOffset), SR.ValueMustBeNonNegative)); } if (maximumKeyDerivationLabelLength < 0) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException(nameof(maximumKeyDerivationLabelLength), SR.ValueMustBeNonNegative)); } if (maximumKeyDerivationNonceLength <= 0) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException(nameof(maximumKeyDerivationNonceLength), SR.ValueMustBeGreaterThanZero)); } SecurityVersion = securityVersion ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException(nameof(securityVersion))); EmitBspRequiredAttributes = emitBspRequiredAttributes; MaximumKeyDerivationOffset = maximumKeyDerivationOffset; MaximumKeyDerivationNonceLength = maximumKeyDerivationNonceLength; MaximumKeyDerivationLabelLength = maximumKeyDerivationLabelLength; _serializerEntries = new List <SerializerEntries>(); if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005) { _secureConversation = new WSSecureConversationFeb2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength); } else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13) { _secureConversation = new WSSecureConversationDec2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); } if (securityVersion == SecurityVersion.WSSecurity10) { _serializerEntries.Add(new WSSecurityJan2004(this, samlSerializer)); } else if (securityVersion == SecurityVersion.WSSecurity11) { _serializerEntries.Add(new WSSecurityXXX2005(this, samlSerializer)); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException(nameof(securityVersion), SR.MessageSecurityVersionOutOfRange)); } _serializerEntries.Add(_secureConversation); //TODO later TrustDictionary trustDictionary; if (trustVersion == TrustVersion.WSTrustFeb2005) { _serializerEntries.Add(new WSTrustFeb2005(this)); trustDictionary = DXD.TrustDec2005Dictionary; } else if (trustVersion == TrustVersion.WSTrust13) { _serializerEntries.Add(new WSTrustDec2005(this)); trustDictionary = DXD.TrustDec2005Dictionary; } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); } _tokenEntries = new List <TokenEntry>(); for (int i = 0; i < _serializerEntries.Count; ++i) { SerializerEntries serializerEntry = _serializerEntries[i]; serializerEntry.PopulateTokenEntries(_tokenEntries); } DictionaryManager dictionaryManager = new DictionaryManager(ServiceModelDictionary.CurrentVersion) { SecureConversationDec2005Dictionary = DXD.SecureConversationDec2005Dictionary, SecurityAlgorithmDec2005Dictionary = DXD.SecurityAlgorithmDec2005Dictionary }; _keyInfoSerializer = new WSKeyInfoSerializer(EmitBspRequiredAttributes, dictionaryManager, trustDictionary, this, securityVersion, secureConversationVersion); }
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes, int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength) : this(securityVersion, TrustVersion.Default, SecureConversationVersion.Default, emitBspRequiredAttributes, samlSerializer, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength) { }
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer) : this(securityVersion, emitBspRequiredAttributes, samlSerializer, null, null) { }
public WSSecurityTokenSerializer(SecurityVersion securityVersion) : this(securityVersion, false) { }
internal bool DoesMessageContainSecurityHeader(Message message) { return(SecurityVersion.DoesMessageContainSecurityHeader(message)); }
internal ReceiveSecurityHeader TryCreateReceiveSecurityHeader(Message message, string actor, SecurityAlgorithmSuite algorithmSuite, MessageDirection direction) { return(SecurityVersion.TryCreateReceiveSecurityHeader(message, actor, this, algorithmSuite, direction)); }
internal SendSecurityHeader CreateSendSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay, SecurityAlgorithmSuite algorithmSuite, MessageDirection direction) { return(SecurityVersion.CreateSendSecurityHeader(message, actor, mustUnderstand, relay, this, algorithmSuite, direction)); }