private static byte[] GetSessionKey(RequestSecurityTokenWSTrust13 rst, RequestSecurityTokenResponseWSTrust13 rstr) { // If rst is null, an exception is thrown. if (rst == null) { throw new ArgumentNullException("rst"); } // If rstr is null, an exception is thrown. if (rstr == null) { throw new ArgumentNullException("rstr"); } // Figure out the keySize int keySize = 256; if (rst.KeySize != 0) { keySize = rst.KeySize; } Console.WriteLine("Proof key size {0}", keySize); // Figure out whether Combined or Issuer entropy is being used. byte[] sessionKey = null; byte[] senderEntropy = GetSenderEntropy(rst); byte[] issuerEntropy = GetIssuerEntropy(keySize); if (senderEntropy != null) { // Combined entropy. Console.WriteLine("Combined Entropy"); sessionKey = RequestSecurityTokenResponseWSTrust13.ComputeCombinedKey(senderEntropy, issuerEntropy, keySize); rstr.IssuerEntropy = new BinarySecretSecurityToken(issuerEntropy); rstr.ComputeKey = true; } else { // Issuer-only entropy. Console.WriteLine("Issuer-only entropy"); sessionKey = issuerEntropy; rstr.RequestedProofToken = new BinarySecretSecurityToken(sessionKey); } rstr.KeySize = keySize; return(sessionKey); }