private static MessagePartSpecification ExtractMessageParts(string action,
                                                                    ScopedMessagePartSpecification scopedParts, bool isForSignature)
        {
            MessagePartSpecification parts = null;

            if (scopedParts.TryGetParts(action, out parts))
            {
                return(parts);
            }
            else if (scopedParts.TryGetParts(MessageHeaders.WildcardAction, out parts))
            {
                return(parts);
            }

            // send back a fault indication that the action is unknown
            SecurityVersion wss        = MessageSecurityVersion.Default.SecurityVersion;
            FaultCode       subCode    = new FaultCode(wss.InvalidSecurityFaultCode.Value, wss.HeaderNamespace.Value);
            FaultCode       senderCode = FaultCode.CreateSenderFaultCode(subCode);
            FaultReason     reason     = new FaultReason(SR.Format(SR.InvalidOrUnrecognizedAction, action), System.Globalization.CultureInfo.CurrentCulture);
            MessageFault    fault      = MessageFault.CreateFault(senderCode, reason);

            if (isForSignature)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.Format(SR.NoSignaturePartsSpecified, action), null, fault));
            }
            else
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.Format(SR.NoEncryptionPartsSpecified, action), null, fault));
            }
        }
 public static MessageSecurityTokenVersion GetSecurityTokenVersion(SecurityVersion version, bool emitBspAttributes)
 {
     if (version == SecurityVersion.WSSecurity10)
     {
         if (emitBspAttributes)
         {
             return(WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10);
         }
         else
         {
             throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
         }
     }
     else if (version == SecurityVersion.WSSecurity11)
     {
         if (emitBspAttributes)
         {
             return(WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10);
         }
         else
         {
             return(WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005);
         }
     }
     else
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
     }
 }
 MessageSecurityTokenVersion(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, string toString, bool emitBspRequiredAttributes, params string[] supportedSpecs)
     : base()
 {
     this.emitBspRequiredAttributes = emitBspRequiredAttributes;
     this.supportedSpecs = new ReadOnlyCollection<string>(supportedSpecs);
     this.toString = toString;
     this.securityVersion = securityVersion;
     this.trustVersion = trustVersion;
     this.secureConversationVersion = secureConversationVersion;
 }
Esempio n. 4
0
 public SignatureConfirmationElement(string id, byte[] signatureValue, SecurityVersion version)
 {
     if (id == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(id));
     }
     if (signatureValue == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(signatureValue));
     }
     this.id             = id;
     this.signatureValue = signatureValue;
     this.version        = version;
 }
Esempio n. 5
0
        internal bool TryGetSecurityContextIds(Message message, string[] actors, bool isStrictMode, ICollection <UniqueId> results)
        {
            if (results == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(results));
            }
            SecureConversationDriver driver = SecureConversationDriver;
            int securityHeaderIndex         = SecurityVersion.FindIndexOfSecurityHeader(message, actors);

            if (securityHeaderIndex < 0)
            {
                return(false);
            }
            bool addedContextIds = false;

            using (XmlDictionaryReader reader = message.Headers.GetReaderAtHeader(securityHeaderIndex))
            {
                if (!reader.IsStartElement())
                {
                    return(false);
                }
                if (reader.IsEmptyElement)
                {
                    return(false);
                }
                reader.ReadStartElement();
                while (reader.IsStartElement())
                {
                    if (driver.IsAtSecurityContextToken(reader))
                    {
                        results.Add(driver.GetSecurityContextTokenId(reader));
                        addedContextIds = true;
                        if (isStrictMode)
                        {
                            break;
                        }
                    }
                    else
                    {
                        reader.Skip();
                    }
                }
            }
            return(addedContextIds);
        }
Esempio n. 6
0
 public SignatureConfirmationElement(string id, byte[] signatureValue, SecurityVersion version)
 {
     Id = id ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(id));
     _signatureValue = signatureValue ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(signatureValue));
     _version        = version;
 }
Esempio n. 7
0
 public WSKeyInfoSerializer(bool emitBspRequiredAttributes, DictionaryManager dictionaryManager, TrustDictionary trustDictionary, SecurityTokenSerializer innerSecurityTokenSerializer, SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
     : base(emitBspRequiredAttributes, dictionaryManager, trustDictionary, innerSecurityTokenSerializer, CreateAdditionalEntries(securityVersion, secureConversationVersion))
 {
 }
Esempio n. 8
0
        static Func <KeyInfoSerializer, IEnumerable <SecurityTokenSerializer.SerializerEntries> > CreateAdditionalEntries(SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
        {
            return((KeyInfoSerializer keyInfoSerializer) =>
            {
                List <SecurityTokenSerializer.SerializerEntries> serializerEntries = new List <SecurityTokenSerializer.SerializerEntries>();

                if (securityVersion == SecurityVersion.WSSecurity10)
                {
                    serializerEntries.Add(new CoreWCF.IdentityModel.Tokens.WSSecurityJan2004(keyInfoSerializer));
                }
                else if (securityVersion == SecurityVersion.WSSecurity11)
                {
                    serializerEntries.Add(new CoreWCF.IdentityModel.Tokens.WSSecurityXXX2005(keyInfoSerializer));
                }
                else
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SR.Format(SR.MessageSecurityVersionOutOfRange)));
                }

                if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
                {
                    serializerEntries.Add(new WSSecureConversationFeb2005(keyInfoSerializer));
                }
                else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
                {
                    serializerEntries.Add(new WSSecureConversationDec2005(keyInfoSerializer));
                }
                else
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
                }

                return serializerEntries;
            });
        }
Esempio n. 9
0
        public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes,
                                         int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
        {
            if (maximumKeyDerivationOffset < 0)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException(nameof(maximumKeyDerivationOffset), SR.ValueMustBeNonNegative));
            }
            if (maximumKeyDerivationLabelLength < 0)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException(nameof(maximumKeyDerivationLabelLength), SR.ValueMustBeNonNegative));
            }
            if (maximumKeyDerivationNonceLength <= 0)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException(nameof(maximumKeyDerivationNonceLength), SR.ValueMustBeGreaterThanZero));
            }

            SecurityVersion                 = securityVersion ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException(nameof(securityVersion)));
            EmitBspRequiredAttributes       = emitBspRequiredAttributes;
            MaximumKeyDerivationOffset      = maximumKeyDerivationOffset;
            MaximumKeyDerivationNonceLength = maximumKeyDerivationNonceLength;
            MaximumKeyDerivationLabelLength = maximumKeyDerivationLabelLength;

            _serializerEntries = new List <SerializerEntries>();

            if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
            {
                _secureConversation = new WSSecureConversationFeb2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
            }
            else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
            {
                _secureConversation = new WSSecureConversationDec2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
            }
            else
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
            }

            if (securityVersion == SecurityVersion.WSSecurity10)
            {
                _serializerEntries.Add(new WSSecurityJan2004(this, samlSerializer));
            }
            else if (securityVersion == SecurityVersion.WSSecurity11)
            {
                _serializerEntries.Add(new WSSecurityXXX2005(this, samlSerializer));
            }
            else
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException(nameof(securityVersion), SR.MessageSecurityVersionOutOfRange));
            }
            _serializerEntries.Add(_secureConversation);
            //TODO later
            TrustDictionary trustDictionary;

            if (trustVersion == TrustVersion.WSTrustFeb2005)
            {
                _serializerEntries.Add(new WSTrustFeb2005(this));
                trustDictionary = DXD.TrustDec2005Dictionary;
            }
            else if (trustVersion == TrustVersion.WSTrust13)
            {
                _serializerEntries.Add(new WSTrustDec2005(this));
                trustDictionary = DXD.TrustDec2005Dictionary;
            }
            else
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
            }

            _tokenEntries = new List <TokenEntry>();

            for (int i = 0; i < _serializerEntries.Count; ++i)
            {
                SerializerEntries serializerEntry = _serializerEntries[i];
                serializerEntry.PopulateTokenEntries(_tokenEntries);
            }

            DictionaryManager dictionaryManager = new DictionaryManager(ServiceModelDictionary.CurrentVersion)
            {
                SecureConversationDec2005Dictionary = DXD.SecureConversationDec2005Dictionary,
                SecurityAlgorithmDec2005Dictionary  = DXD.SecurityAlgorithmDec2005Dictionary
            };

            _keyInfoSerializer = new WSKeyInfoSerializer(EmitBspRequiredAttributes, dictionaryManager, trustDictionary, this, securityVersion, secureConversationVersion);
        }
Esempio n. 10
0
 public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes,
                                  int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
     : this(securityVersion, TrustVersion.Default, SecureConversationVersion.Default, emitBspRequiredAttributes, samlSerializer, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength)
 {
 }
Esempio n. 11
0
 public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer)
     : this(securityVersion, emitBspRequiredAttributes, samlSerializer, null, null)
 {
 }
Esempio n. 12
0
 public WSSecurityTokenSerializer(SecurityVersion securityVersion)
     : this(securityVersion, false)
 {
 }
Esempio n. 13
0
 internal bool DoesMessageContainSecurityHeader(Message message)
 {
     return(SecurityVersion.DoesMessageContainSecurityHeader(message));
 }
Esempio n. 14
0
 internal ReceiveSecurityHeader TryCreateReceiveSecurityHeader(Message message,
                                                               string actor,
                                                               SecurityAlgorithmSuite algorithmSuite, MessageDirection direction)
 {
     return(SecurityVersion.TryCreateReceiveSecurityHeader(message, actor, this, algorithmSuite, direction));
 }
Esempio n. 15
0
 internal SendSecurityHeader CreateSendSecurityHeader(Message message,
                                                      string actor, bool mustUnderstand, bool relay,
                                                      SecurityAlgorithmSuite algorithmSuite, MessageDirection direction)
 {
     return(SecurityVersion.CreateSendSecurityHeader(message, actor, mustUnderstand, relay, this, algorithmSuite, direction));
 }