internal static bool TryCreate(SecurityBindingElement sbe, UnifiedSecurityMode mode, HttpTransportSecurity transportSecurity, out BasicHttpSecurity security)
{
security = null;
BasicHttpMessageSecurity messageSecurity = null;
if (sbe != null)
{
mode &= UnifiedSecurityMode.Message | UnifiedSecurityMode.TransportWithMessageCredential;
bool isSecureTransportMode;
if (!BasicHttpMessageSecurity.TryCreate(sbe, out messageSecurity, out isSecureTransportMode))
{
return(false);
}
}
else
{
mode &= ~(UnifiedSecurityMode.Message | UnifiedSecurityMode.TransportWithMessageCredential);
}
BasicHttpSecurityMode basicHttpSecurityMode = BasicHttpSecurityModeHelper.ToSecurityMode(mode);
Fx.Assert(BasicHttpSecurityModeHelper.IsDefined(basicHttpSecurityMode), string.Format("Invalid BasicHttpSecurityMode value: {0}.", basicHttpSecurityMode.ToString()));
security = new BasicHttpSecurity(basicHttpSecurityMode, transportSecurity, messageSecurity);
return(System.ServiceModel.Configuration.SecurityElement.AreBindingsMatching(security.CreateMessageSecurity(), sbe));
}
private BasicHttpSecurity(BasicHttpSecurityMode mode, HttpTransportSecurity transportSecurity, BasicHttpMessageSecurity messageSecurity)
{
Fx.Assert(BasicHttpSecurityModeHelper.IsDefined(mode), string.Format("Invalid BasicHttpSecurityMode value: {0}.", mode.ToString()));
Mode = mode;
_transportSecurity = transportSecurity == null ? new HttpTransportSecurity() : transportSecurity;
_messageSecurity = messageSecurity == null ? new BasicHttpMessageSecurity() : messageSecurity;
}
internal static bool TryCreate(SecurityBindingElement sbe, UnifiedSecurityMode mode, HttpTransportSecurity transportSecurity, out BasicHttpSecurity security)
{
security = null;
BasicHttpMessageSecurity messageSecurity = null;
if (sbe != null)
{
mode &= UnifiedSecurityMode.Message | UnifiedSecurityMode.TransportWithMessageCredential;
bool isSecureTransportMode;
if (!BasicHttpMessageSecurity.TryCreate(sbe, out messageSecurity, out isSecureTransportMode))
{
return(false);
}
}
else
{
mode &= ~(UnifiedSecurityMode.Message | UnifiedSecurityMode.TransportWithMessageCredential);
}
BasicHttpSecurityMode basicHttpSecurityMode = BasicHttpSecurityModeHelper.ToSecurityMode(mode);
Fx.Assert(BasicHttpSecurityModeHelper.IsDefined(basicHttpSecurityMode), string.Format("Invalid BasicHttpSecurityMode value: {0}.", basicHttpSecurityMode.ToString()));
security = new BasicHttpSecurity(basicHttpSecurityMode, transportSecurity, messageSecurity);
throw ExceptionHelper.PlatformNotSupported("BasicHttpSecurity MessageSecurity is not supported");
}
BasicHttpSecurity(BasicHttpSecurityMode mode, HttpTransportSecurity transportSecurity, BasicHttpMessageSecurity messageSecurity)
{
Fx.Assert(BasicHttpSecurityModeHelper.IsDefined(mode), string.Format("Invalid BasicHttpSecurityMode value: {0}.", mode.ToString()));
this.Mode = mode;
this.transportSecurity = transportSecurity == null ? new HttpTransportSecurity() : transportSecurity;
this.messageSecurity = messageSecurity == null ? new BasicHttpMessageSecurity() : messageSecurity;
}
internal void InitializeFrom(BasicHttpMessageSecurity security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
this.ClientCredentialType = security.ClientCredentialType;
this.AlgorithmSuite = security.AlgorithmSuite;
}
internal void InitializeFrom(BasicHttpMessageSecurity security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.ClientCredentialType, security.ClientCredentialType);
SetPropertyValueIfNotDefaultValue(ConfigurationStrings.AlgorithmSuite, security.AlgorithmSuite);
}
internal void ApplyConfiguration(BasicHttpMessageSecurity security)
{
if (security == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("security");
}
security.ClientCredentialType = this.ClientCredentialType;
if (PropertyValueOrigin.Default != this.ElementInformation.Properties[ConfigurationStrings.AlgorithmSuite].ValueOrigin)
{
security.AlgorithmSuite = this.AlgorithmSuite;
}
}
// This method reverses the CreateMessageSecurity(bool) method
internal static bool TryCreate(SecurityBindingElement sbe, out BasicHttpMessageSecurity security, out bool isSecureTransportMode)
{
Fx.Assert(null != sbe, string.Empty);
security = null;
isSecureTransportMode = false;
if (sbe.DoNotEmitTrust == false)
{
return(false);
}
if (!sbe.IsSetKeyDerivation(false))
{
return(false);
}
if (sbe.SecurityHeaderLayout != SecurityHeaderLayout.Lax)
{
return(false);
}
if (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10)
{
return(false);
}
BasicHttpMessageCredentialType credentialType;
if (!SecurityBindingElement.IsMutualCertificateBinding(sbe, true))
{
isSecureTransportMode = true;
if (SecurityBindingElement.IsCertificateOverTransportBinding(sbe))
{
credentialType = BasicHttpMessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsUserNameOverTransportBinding(sbe))
{
credentialType = BasicHttpMessageCredentialType.UserName;
}
else
{
return(false);
}
}
else
{
credentialType = BasicHttpMessageCredentialType.Certificate;
}
security = new BasicHttpMessageSecurity();
security.ClientCredentialType = credentialType;
security.AlgorithmSuite = sbe.DefaultAlgorithmSuite;
return(true);
}
BasicHttpsSecurity(BasicHttpsSecurityMode mode, HttpTransportSecurity transportSecurity, BasicHttpMessageSecurity messageSecurity)
{
if (!BasicHttpsSecurityModeHelper.IsDefined(mode))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("mode"));
}
HttpTransportSecurity httpTransportSecurity = transportSecurity == null ? new HttpTransportSecurity() : transportSecurity;
BasicHttpMessageSecurity httpMessageSecurity = messageSecurity == null ? new BasicHttpMessageSecurity() : messageSecurity;
BasicHttpSecurityMode basicHttpSecurityMode = BasicHttpsSecurityModeHelper.ToBasicHttpSecurityMode(mode);
this.basicHttpSecurity = new BasicHttpSecurity()
{
Mode = basicHttpSecurityMode,
Transport = httpTransportSecurity,
Message = httpMessageSecurity
};
}
internal static bool TryCreate(SecurityBindingElement sbe, out BasicHttpMessageSecurity security, out bool isSecureTransportMode)
{
BasicHttpMessageCredentialType userName;
security = null;
isSecureTransportMode = false;
if (!sbe.DoNotEmitTrust)
{
return false;
}
if (!sbe.IsSetKeyDerivation(false))
{
return false;
}
if (sbe.SecurityHeaderLayout != SecurityHeaderLayout.Lax)
{
return false;
}
if (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10)
{
return false;
}
if (!SecurityBindingElement.IsMutualCertificateBinding(sbe, true))
{
isSecureTransportMode = true;
if (!SecurityBindingElement.IsCertificateOverTransportBinding(sbe))
{
if (!SecurityBindingElement.IsUserNameOverTransportBinding(sbe))
{
return false;
}
userName = BasicHttpMessageCredentialType.UserName;
}
else
{
userName = BasicHttpMessageCredentialType.Certificate;
}
}
else
{
userName = BasicHttpMessageCredentialType.Certificate;
}
security = new BasicHttpMessageSecurity();
security.ClientCredentialType = userName;
security.AlgorithmSuite = sbe.DefaultAlgorithmSuite;
return true;
}
BasicHttpsSecurity(BasicHttpsSecurityMode mode, HttpTransportSecurity transportSecurity, BasicHttpMessageSecurity messageSecurity)
{
if (!BasicHttpsSecurityModeHelper.IsDefined(mode))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("mode"));
}
HttpTransportSecurity httpTransportSecurity = transportSecurity == null ? new HttpTransportSecurity() : transportSecurity;
BasicHttpMessageSecurity httpMessageSecurity = messageSecurity == null ? new BasicHttpMessageSecurity() : messageSecurity;
BasicHttpSecurityMode basicHttpSecurityMode = BasicHttpsSecurityModeHelper.ToBasicHttpSecurityMode(mode);
this.basicHttpSecurity = new BasicHttpSecurity()
{
Mode = basicHttpSecurityMode,
Transport = httpTransportSecurity,
Message = httpMessageSecurity
};
}
// In the Win8 profile, some settings for the binding security are not supported.
internal virtual void CheckSettings()
{
if (!UnsafeNativeMethods.IsTailoredApplication.Value)
{
return;
}
BasicHttpSecurity security = this.BasicHttpSecurity;
if (security == null)
{
return;
}
BasicHttpSecurityMode mode = security.Mode;
if (mode == BasicHttpSecurityMode.None)
{
return;
}
else if (mode == BasicHttpSecurityMode.Message)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Mode", mode)));
}
// Message.ClientCredentialType = Certificate is not supported.
if (mode == BasicHttpSecurityMode.TransportWithMessageCredential)
{
BasicHttpMessageSecurity message = security.Message;
if ((message != null) && (message.ClientCredentialType == BasicHttpMessageCredentialType.Certificate))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Message.ClientCredentialType", message.ClientCredentialType)));
}
}
// Transport.ClientCredentialType = Certificate or InheritedFromHost are not supported.
Fx.Assert(
(mode == BasicHttpSecurityMode.Transport) || (mode == BasicHttpSecurityMode.TransportCredentialOnly) || (mode == BasicHttpSecurityMode.TransportWithMessageCredential),
"Unexpected BasicHttpSecurityMode value: " + mode);
HttpTransportSecurity transport = security.Transport;
if ((transport != null) && ((transport.ClientCredentialType == HttpClientCredentialType.Certificate) || (transport.ClientCredentialType == HttpClientCredentialType.InheritedFromHost)))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedSecuritySetting, "Transport.ClientCredentialType", transport.ClientCredentialType)));
}
}
// This method reverses the CreateMessageSecurity(bool) method
internal static bool TryCreate(SecurityBindingElement sbe, out BasicHttpMessageSecurity security, out bool isSecureTransportMode)
{
Fx.Assert(null != sbe, string.Empty);
security = null;
isSecureTransportMode = false;
if (!sbe.IsSetKeyDerivation(false))
return false;
if (sbe.SecurityHeaderLayout != SecurityHeaderLayout.Lax)
return false;
if (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10)
return false;
BasicHttpMessageCredentialType credentialType;
if (!SecurityBindingElement.IsMutualCertificateBinding(sbe, true))
{
isSecureTransportMode = true;
if (SecurityBindingElement.IsCertificateOverTransportBinding(sbe))
{
credentialType = BasicHttpMessageCredentialType.Certificate;
}
else if (SecurityBindingElement.IsUserNameOverTransportBinding(sbe))
{
credentialType = BasicHttpMessageCredentialType.UserName;
}
else
{
return false;
}
}
else
{
credentialType = BasicHttpMessageCredentialType.Certificate;
}
security = new BasicHttpMessageSecurity();
security.ClientCredentialType = credentialType;
return true;
}
internal static bool TryCreate(SecurityBindingElement sbe, UnifiedSecurityMode mode, HttpTransportSecurity transportSecurity, out BasicHttpSecurity security)
{
security = null;
BasicHttpMessageSecurity security2 = null;
if (sbe != null)
{
bool flag;
mode &= UnifiedSecurityMode.TransportWithMessageCredential | UnifiedSecurityMode.Message;
if (!BasicHttpMessageSecurity.TryCreate(sbe, out security2, out flag))
{
return(false);
}
}
else
{
mode &= ~(UnifiedSecurityMode.TransportWithMessageCredential | UnifiedSecurityMode.Message);
}
BasicHttpSecurityMode mode2 = BasicHttpSecurityModeHelper.ToSecurityMode(mode);
security = new BasicHttpSecurity(mode2, transportSecurity, security2);
return(SecurityElementBase.AreBindingsMatching(security.CreateMessageSecurity(), sbe));
}
private static BasicHttpBinding CreateDefaultBinding()
{
BasicHttpBinding binding = new BasicHttpBinding();
binding.CloseTimeout = new TimeSpan(0, 1, 0);
binding.OpenTimeout = new TimeSpan(0, 1, 0);
binding.SendTimeout = new TimeSpan(0, 10, 0);
binding.ReceiveTimeout = new TimeSpan(0, 10, 0);
binding.AllowCookies = false;
binding.BypassProxyOnLocal = false;
binding.HostNameComparisonMode = HostNameComparisonMode.StrongWildcard;
binding.MaxBufferSize = 65536;
binding.MaxReceivedMessageSize = 65536L;
binding.MaxBufferPoolSize = 524288L;
binding.MessageEncoding = WSMessageEncoding.Text;
binding.TextEncoding = Encoding.UTF8;
binding.TransferMode = TransferMode.Buffered;
binding.UseDefaultWebProxy = true;
XmlDictionaryReaderQuotas readerQuotas = new XmlDictionaryReaderQuotas();
readerQuotas.MaxDepth = 32;
readerQuotas.MaxStringContentLength = 8192;
readerQuotas.MaxArrayLength = 16384;
readerQuotas.MaxBytesPerRead = 4096;
readerQuotas.MaxNameTableCharCount = 16384;
binding.ReaderQuotas = readerQuotas;
BasicHttpSecurity security = new BasicHttpSecurity();
security.Mode = BasicHttpSecurityMode.Transport;
HttpTransportSecurity transport = new HttpTransportSecurity();
transport.ClientCredentialType = HttpClientCredentialType.None;
transport.ProxyCredentialType = HttpProxyCredentialType.None;
transport.Realm = string.Empty;
security.Transport = transport;
BasicHttpMessageSecurity message = new BasicHttpMessageSecurity();
message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
message.AlgorithmSuite = SecurityAlgorithmSuite.Default;
security.Message = message;
binding.Security = security;
return binding;
}
private BasicHttpSecurity(BasicHttpSecurityMode mode, HttpTransportSecurity transportSecurity, BasicHttpMessageSecurity messageSecurity)
{
this.Mode = mode;
this.transportSecurity = (transportSecurity == null) ? new HttpTransportSecurity() : transportSecurity;
this.messageSecurity = (messageSecurity == null) ? new BasicHttpMessageSecurity() : messageSecurity;
}
private BasicHttpSecurity(BasicHttpSecurityMode mode, HttpTransportSecurity transportSecurity, BasicHttpMessageSecurity messageSecurity)
{
this.Mode = mode;
this.transportSecurity = (transportSecurity == null) ? new HttpTransportSecurity() : transportSecurity;
this.messageSecurity = (messageSecurity == null) ? new BasicHttpMessageSecurity() : messageSecurity;
}
public static List<BasicHttpBinding> GetBasicHttpBindings(string exeConfigPath)
{
var svcSection = Read.Config.ExeConfig.GetServiceModelSection(exeConfigPath);
var configs = new List<BasicHttpBinding>();
foreach (
var section in
svcSection.Bindings.BasicHttpBinding.ConfiguredBindings
.Cast<BasicHttpBindingElement>())
{
var df = new BasicHttpBinding();
var binding = new BasicHttpBinding
{
Name = section.Name,
MaxBufferPoolSize = section.MaxBufferPoolSize > 0 ? section.MaxBufferPoolSize : df.MaxBufferPoolSize,
MaxReceivedMessageSize =
section.MaxReceivedMessageSize > 0 ? section.MaxReceivedMessageSize : df.MaxReceivedMessageSize,
CloseTimeout = section.CloseTimeout != TimeSpan.Zero ? section.CloseTimeout : df.CloseTimeout,
OpenTimeout = section.OpenTimeout != TimeSpan.Zero ? section.OpenTimeout : df.OpenTimeout,
SendTimeout = section.SendTimeout != TimeSpan.Zero ? section.SendTimeout : df.SendTimeout,
ReceiveTimeout =
section.ReceiveTimeout != TimeSpan.Zero ? section.ReceiveTimeout : df.ReceiveTimeout,
TextEncoding = section.TextEncoding ?? df.TextEncoding,
MessageEncoding = section.MessageEncoding,
AllowCookies = section.AllowCookies,
BypassProxyOnLocal = section.BypassProxyOnLocal,
HostNameComparisonMode = section.HostNameComparisonMode,
UseDefaultWebProxy = section.UseDefaultWebProxy,
};
var readerQuotasSection = section.ReaderQuotas;
var readerQuotas = new System.Xml.XmlDictionaryReaderQuotas();
if (readerQuotasSection != null && readerQuotasSection.MaxDepth > 0)
{
readerQuotas.MaxDepth = readerQuotasSection.MaxDepth;
readerQuotas.MaxStringContentLength = readerQuotasSection.MaxStringContentLength;
readerQuotas.MaxArrayLength = readerQuotasSection.MaxArrayLength;
readerQuotas.MaxBytesPerRead = readerQuotasSection.MaxBytesPerRead;
readerQuotas.MaxNameTableCharCount = readerQuotasSection.MaxNameTableCharCount;
}
else
{
readerQuotas = null;
}
var messageSection = section.Security.Message;
var message = new BasicHttpMessageSecurity
{
ClientCredentialType = messageSection.ClientCredentialType,
AlgorithmSuite = messageSection.AlgorithmSuite,
};
var transportSection = section.Security.Transport;
var transport = new HttpTransportSecurity
{
ClientCredentialType = transportSection.ClientCredentialType,
ProxyCredentialType = transportSection.ProxyCredentialType
};
var basicHttpSecurity = new BasicHttpSecurity()
{
Message = message,
Mode = section.Security.Mode,
Transport = transport
};
binding.Security = basicHttpSecurity;
if (readerQuotas != null)
{
binding.ReaderQuotas = readerQuotas;
}
configs.Add(binding);
}
return configs;
}
