public DerivedKeySecurityToken (string id, string algorithm, SecurityKeyIdentifierClause reference, SymmetricSecurityKey referencedKey, string name, int? generation, int? offset, int? length, string label, byte [] nonce) { algorithm = algorithm ?? SecurityAlgorithms.Psha1KeyDerivation; this.id = id; this.algorithm = algorithm; this.reference = reference; this.generation = generation; this.offset = offset; this.length = length; this.nonce = nonce; this.name = name; this.label = label; SecurityKey key = new InMemorySymmetricSecurityKey ( referencedKey.GenerateDerivedKey ( algorithm, Encoding.UTF8.GetBytes (label ?? Constants.WsscDefaultLabel), nonce, (length ?? 32) * 8, offset ?? 0)); keys = new ReadOnlyCollection<SecurityKey> ( new SecurityKey [] {key}); }
internal DerivedKeySecurityToken(int generation, int offset, int length, string label, byte[] nonce, SecurityToken tokenToDerive, SecurityKeyIdentifierClause tokenToDeriveIdentifier, string derivationAlgorithm, string id) { this.length = -1; this.offset = -1; this.generation = -1; this.Initialize(id, generation, offset, length, label, nonce, tokenToDerive, tokenToDeriveIdentifier, derivationAlgorithm, false); }
/// <summary> /// Inherited from <see cref="SecurityTokenResolver"/>. /// </summary> protected override bool TryResolveSecurityKeyCore( SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key ) { if ( keyIdentifierClause == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "keyIdentifierClause" ); } key = null; X509RawDataKeyIdentifierClause rawDataClause = keyIdentifierClause as X509RawDataKeyIdentifierClause; if ( rawDataClause != null ) { key = rawDataClause.CreateKey(); return true; } RsaKeyIdentifierClause rsaClause = keyIdentifierClause as RsaKeyIdentifierClause; if ( rsaClause != null ) { key = rsaClause.CreateKey(); return true; } if ( _wrappedTokenResolver.TryResolveSecurityKey( keyIdentifierClause, out key ) ) { return true; } return false; }
public override bool Matches ( SecurityKeyIdentifierClause keyIdentifierClause) { SecurityContextKeyIdentifierClause other = keyIdentifierClause as SecurityContextKeyIdentifierClause; return other != null && Matches (other.context, other.generation); }
public override void WriteKeyIdentifierClauseCore(XmlDictionaryWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) { EncryptedKeyIdentifierClause clause = keyIdentifierClause as EncryptedKeyIdentifierClause; writer.WriteStartElement(XD.XmlEncryptionDictionary.Prefix.Value, XD.XmlEncryptionDictionary.EncryptedKey, this.NamespaceUri); if (clause.EncryptionMethod != null) { writer.WriteStartElement(XD.XmlEncryptionDictionary.Prefix.Value, XD.XmlEncryptionDictionary.EncryptionMethod, this.NamespaceUri); writer.WriteAttributeString(XD.XmlEncryptionDictionary.AlgorithmAttribute, null, clause.EncryptionMethod); if (clause.EncryptionMethod == XD.SecurityAlgorithmDictionary.RsaOaepKeyWrap.Value) { writer.WriteStartElement("", XD.XmlSignatureDictionary.DigestMethod, XD.XmlSignatureDictionary.Namespace); writer.WriteAttributeString(XD.XmlSignatureDictionary.Algorithm, null, "http://www.w3.org/2000/09/xmldsig#sha1"); writer.WriteEndElement(); } writer.WriteEndElement(); } if (clause.EncryptingKeyIdentifier != null) { this.tokenSerializer.WriteKeyIdentifier(writer, clause.EncryptingKeyIdentifier); } writer.WriteStartElement(XD.XmlEncryptionDictionary.Prefix.Value, XD.XmlEncryptionDictionary.CipherData, this.NamespaceUri); writer.WriteStartElement(XD.XmlEncryptionDictionary.Prefix.Value, XD.XmlEncryptionDictionary.CipherValue, this.NamespaceUri); byte[] encryptedKey = clause.GetEncryptedKey(); writer.WriteBase64(encryptedKey, 0, encryptedKey.Length); writer.WriteEndElement(); writer.WriteEndElement(); if (clause.CarriedKeyName != null) { writer.WriteElementString(XD.XmlEncryptionDictionary.Prefix.Value, XD.XmlEncryptionDictionary.CarriedKeyName, this.NamespaceUri, clause.CarriedKeyName); } writer.WriteEndElement(); }
public override bool Matches (SecurityKeyIdentifierClause keyIdentifierClause) { InternalEncryptedKeyIdentifierClause kic = keyIdentifierClause as InternalEncryptedKeyIdentifierClause; if (kic == null) return false; return Matches (kic.GetRawBuffer ()); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { GenericXmlSecurityKeyIdentifierClause that = keyIdentifierClause as GenericXmlSecurityKeyIdentifierClause; // PreSharp #pragma warning suppress 56506 return ReferenceEquals(this, that) || (that != null && that.Matches(this.ReferenceXml)); }
public override bool Matches (SecurityKeyIdentifierClause clause) { BinaryKeyIdentifierClause other = clause as BinaryKeyIdentifierClause; if (other == null) return false; return Matches (other.GetRawBuffer ()); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { RsaKeyIdentifierClause that = keyIdentifierClause as RsaKeyIdentifierClause; // PreSharp Bug: Parameter 'that' to this public method must be validated: A null-dereference can occur here. #pragma warning suppress 56506 return ReferenceEquals(this, that) || (that != null && that.Matches(this.rsa)); }
public override bool Matches (SecurityKeyIdentifierClause clause) { if (clause == null) throw new ArgumentNullException ("clause"); LocalIdKeyIdentifierClause c = clause as LocalIdKeyIdentifierClause; return c != null && Matches (c.LocalId, c.OwnerType); }
public override bool Matches (SecurityKeyIdentifierClause clause) { if (clause == null) throw new ArgumentNullException ("clause"); KeyNameIdentifierClause knic = clause as KeyNameIdentifierClause; return knic != null && Matches (knic.KeyName); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { SecurityContextKeyIdentifierClause that = keyIdentifierClause as SecurityContextKeyIdentifierClause; // PreSharp #pragma warning suppress 56506 return ReferenceEquals(this, that) || (that != null && that.Matches(this.contextId, this.generation)); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { SamlAssertionKeyIdentifierClause that = keyIdentifierClause as SamlAssertionKeyIdentifierClause; // PreSharp #pragma warning suppress 56506 return ReferenceEquals(this, that) || (that != null && that.Matches(this.assertionId)); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { LocalIdKeyIdentifierClause that = keyIdentifierClause as LocalIdKeyIdentifierClause; // PreSharp #pragma warning suppress 56506 return ReferenceEquals(this, that) || (that != null && that.Matches(this.localId, this.OwnerType)); }
public override bool Matches (SecurityKeyIdentifierClause clause) { if (clause == null) throw new ArgumentNullException ("clause"); RsaKeyIdentifierClause rkic = clause as RsaKeyIdentifierClause; return rkic != null && Matches (rkic.Rsa); }
public static string GetKeyIdentifierClauseXml (SecurityTokenSerializer serializer, XmlWriterSettings settings, SecurityKeyIdentifierClause item) { StringWriter sw = new StringWriter (); using (XmlWriter xw = XmlWriter.Create (sw)) { serializer.WriteKeyIdentifierClause (xw, item); } return sw.ToString (); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { X509IssuerSerialKeyIdentifierClause that = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; // PreSharp #pragma warning suppress 56506 return ReferenceEquals(this, that) || (that != null && that.Matches(this.issuerName, this.issuerSerialNumber)); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { EncryptedKeyIdentifierClause that = keyIdentifierClause as EncryptedKeyIdentifierClause; // PreSharp Bug: Parameter 'that' to this public method must be validated: A null-dereference can occur here. #pragma warning suppress 56506 return ReferenceEquals(this, that) || (that != null && that.Matches(this.GetRawBuffer(), this.encryptionMethod, this.carriedKeyName)); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { EncryptedKeyIdentifierClause that = keyIdentifierClause as EncryptedKeyIdentifierClause; // PreSharp #pragma warning suppress 56506 return ReferenceEquals(this, that) || (that != null && that.Matches(this.GetRawBuffer(), this.encryptionMethod, this.carriedKeyName)); }
public bool TryResolveSecurityKey(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key) { if (keyIdentifierClause == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyIdentifierClause"); } return this.TryResolveSecurityKeyCore(keyIdentifierClause, out key); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { BinaryKeyIdentifierClause that = keyIdentifierClause as BinaryKeyIdentifierClause; // PreSharp #pragma warning suppress 56506 return ReferenceEquals(this, that) || (that != null && that.Matches(this.identificationData)); }
public bool CanWriteKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause) { if (keyIdentifierClause == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyIdentifierClause"); } return this.CanWriteKeyIdentifierClauseCore(keyIdentifierClause); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { SamlAssertionDirectKeyIdentifierClause that = keyIdentifierClause as SamlAssertionDirectKeyIdentifierClause; // PreSharp Bug: Parameter 'that' to this public method must be validated: A null-dereference can occur here. #pragma warning suppress 56506 return (ReferenceEquals(this, that) || (that != null && that.SamlUri == this.SamlUri)); }
/// <summary> /// Constructor to use when working with SecurityKeyIdentifierClauses /// </summary> /// <param name="securityKeyIdentifierClause">SecurityKeyIdentifierClause that represents a SecuriytKey</param> /// <param name="securityTokenResolver">SecurityTokenResolver that can be resolved to a SecurityKey</param> /// <exception cref="ArgumentNullException">Thrown if the 'clause' is null</exception> public SecurityKeyElement(SecurityKeyIdentifierClause securityKeyIdentifierClause, SecurityTokenResolver securityTokenResolver) { if (securityKeyIdentifierClause == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityKeyIdentifierClause"); } Initialize(new SecurityKeyIdentifier(securityKeyIdentifierClause), securityTokenResolver); }
internal DerivedKeySecurityToken(int generation, int offset, int length, string label, int minNonceLength, SecurityToken tokenToDerive, SecurityKeyIdentifierClause tokenToDeriveIdentifier, string derivationAlgorithm, string id) { this.length = -1; this.offset = -1; this.generation = -1; byte[] data = new byte[minNonceLength]; new RNGCryptoServiceProvider().GetBytes(data); this.Initialize(id, generation, offset, length, label, data, tokenToDerive, tokenToDeriveIdentifier, derivationAlgorithm); }
private bool MatchDirectReference(SecurityToken token, SecurityKeyIdentifierClause keyClause) { LocalIdKeyIdentifierClause keyIdentifierClause = keyClause as LocalIdKeyIdentifierClause; if (keyIdentifierClause == null) { return false; } return token.MatchesKeyIdentifierClause(keyIdentifierClause); }
public override SecurityKey ResolveKeyIdentifierClause( SecurityKeyIdentifierClause keyIdentifierClause ) { if( MatchesKeyIdentifierClause( keyIdentifierClause ) ) { return GetKey(); } return null; }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { if (keyIdentifierClause is CustomTokenKeyIdentifierClause) { return true; } return false; }
protected override bool TryResolveTokenCore ( SecurityKeyIdentifierClause keyIdentifierClause, out SecurityToken token) { token = null; foreach (SecurityTokenResolver r in resolvers) if (r != null && r.TryResolveToken (keyIdentifierClause, out token)) return true; return false; }
protected override bool TryResolveSecurityKeyCore ( SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key) { key = null; foreach (SecurityTokenResolver r in resolvers) if (r != null && r.TryResolveSecurityKey (keyIdentifierClause, out key)) return true; return false; }
public override Type GetTokenType(SecurityKeyIdentifierClause clause) { return(TokenType); }
public override bool SupportsCore(SecurityKeyIdentifierClause clause) { return(clause is LocalIdKeyIdentifierClause); }
public override bool SupportsCore(SecurityKeyIdentifierClause clause) { return(ClauseType.IsAssignableFrom(clause.GetType())); }
public override Type GetTokenType(SecurityKeyIdentifierClause clause) { return(typeof(X509SecurityToken)); }
/// <summary> /// Determines if this token matches the keyIdentifierClause. /// </summary> /// <param name="keyIdentifierClause"><see cref="SecurityKeyIdentifierClause"/> to match.</param> /// <returns>True if the keyIdentifierClause is matched. False otherwise.</returns> public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause) { return(Saml2AssertionKeyIdentifierClause.Matches(this.Id, keyIdentifierClause) || base.MatchesKeyIdentifierClause(keyIdentifierClause)); }
public void WriteKeyIdentifierClause(XmlWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) { throw new NotImplementedException(); }
/// <summary> /// Inherited from <see cref="SecurityToken"/>. /// </summary> public override SecurityKey ResolveKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause) { return(_realToken.ResolveKeyIdentifierClause(keyIdentifierClause)); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { LocalIdKeyIdentifierClause that = keyIdentifierClause as LocalIdKeyIdentifierClause; return(ReferenceEquals(this, that) || (that != null && that.Matches(_localId, this.OwnerType))); }
public override bool Matches(SecurityKeyIdentifierClause clause) { throw new NotImplementedException(); }
/// <summary> /// Serializes the given SecurityKeyIdentifierClause in a XmlWriter. /// </summary> /// <param name="writer">XmlWriter to write into.</param> /// <param name="keyIdentifierClause">SecurityKeyIdentifierClause to be written.</param> protected override void WriteKeyIdentifierClauseCore(XmlWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) { _securityTokenHandlers.WriteKeyIdentifierClause(writer, keyIdentifierClause); }
public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause) { return(((this.internalTokenReference != null) && this.internalTokenReference.Matches(keyIdentifierClause)) || ((this.externalTokenReference != null) && this.externalTokenReference.Matches(keyIdentifierClause))); }
public GenericXmlSecurityToken(XmlElement tokenXml, SecurityToken proofToken, DateTime effectiveTime, DateTime expirationTime, SecurityKeyIdentifierClause internalTokenReference, SecurityKeyIdentifierClause externalTokenReference, ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies) { if (tokenXml == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenXml"); } this.id = GetId(tokenXml); this.tokenXml = tokenXml; this.proofToken = proofToken; this.effectiveTime = effectiveTime.ToUniversalTime(); this.expirationTime = expirationTime.ToUniversalTime(); this.internalTokenReference = internalTokenReference; this.externalTokenReference = externalTokenReference; this.authorizationPolicies = authorizationPolicies ?? EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance; }
public override void WriteKeyIdentifierClauseCore(XmlDictionaryWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) { for (int i = 0; i < StrEntries.Count; ++i) { if (StrEntries[i].SupportsCore(keyIdentifierClause)) { writer.WriteStartElement(XD.SecurityJan2004Dictionary.Prefix.Value, XD.SecurityJan2004Dictionary.SecurityTokenReference, XD.SecurityJan2004Dictionary.Namespace); StrEntries[i].WriteContent(writer, keyIdentifierClause); writer.WriteEndElement(); return; } } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.Format(SR.StandardsManagerCannotWriteObject, keyIdentifierClause.GetType()))); }
protected virtual void WriteKeyIdentifierClauseCore(XmlWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) { throw new NotImplementedException(); }
/// <summary> /// Returns a value that indicates whether the key identifier for this instance /// is equivalent to the specified key identifier clause. /// </summary> /// <param name="keyIdentifierClause">A <see cref="SecurityKeyIdentifierClause"/> to compare to.</param> /// <returns>'True' if keyIdentifierClause matches this. 'False' otherwise.</returns> public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { return(this.clause.Matches(keyIdentifierClause)); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { X509IssuerSerialKeyIdentifierClause objB = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; return(object.ReferenceEquals(this, objB) || ((objB != null) && objB.Matches(this.issuerName, this.issuerSerialNumber))); }
public override bool SupportsCore(SecurityKeyIdentifierClause clause) { return(clause is X509IssuerSerialKeyIdentifierClause); }
protected override bool TryResolveTokenCore(System.IdentityModel.Tokens.SecurityKeyIdentifierClause keyIdentifierClause, out System.IdentityModel.Tokens.SecurityToken token) { throw new NotImplementedException(); }
/// <summary> /// Inherited from <see cref="SecurityToken"/>. /// </summary> public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause) { return(_realToken.MatchesKeyIdentifierClause(keyIdentifierClause)); }
public virtual bool CanWriteKeyIdentifierClause(SecurityKeyIdentifierClause securityKeyIdentifierClause) { return(false); }
public virtual bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { return(ReferenceEquals(this, keyIdentifierClause)); }
protected override void WriteKeyIdentifierClauseCore(System.Xml.XmlWriter writer, System.IdentityModel.Tokens.SecurityKeyIdentifierClause keyIdentifierClause) { throw new NotImplementedException(); }
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause) { EncryptedKeyIdentifierClause that = keyIdentifierClause as EncryptedKeyIdentifierClause; return(ReferenceEquals(this, that) || (that != null && that.Matches(GetRawBuffer(), _encryptionMethod, CarriedKeyName))); }
public override Type GetTokenType(SecurityKeyIdentifierClause clause) { LocalIdKeyIdentifierClause localClause = clause as LocalIdKeyIdentifierClause; return(localClause.OwnerType); }
public virtual bool MatchesKeyIdentifierClause( SecurityKeyIdentifierClause skiClause) { return(false); }
/// <summary> /// When implemented in the derived class, the method checks if the given /// SecurityKeyIdentifierClause can be serialized. /// </summary> /// <param name="securityKeyIdentifierClause">SecurityKeyIdentifierClause to be serialized.</param> /// <returns>True if the SecurityKeyIdentifierClause can be serialized.</returns> public abstract bool CanWriteKeyIdentifierClause(SecurityKeyIdentifierClause securityKeyIdentifierClause);
protected override bool CanWriteKeyIdentifierClauseCore(System.IdentityModel.Tokens.SecurityKeyIdentifierClause keyIdentifierClause) { throw new NotImplementedException(); }
/// <summary> /// When implemented in the derived class will serialize the given SecurityKeyIdentifierClause /// to the XmlWriter. /// </summary> /// <param name="writer">XmlWriter to serialize the SecurityKeyIdenfierClause.</param> /// <param name="securityKeyIdentifierClause">SecurityKeyIdentifierClause to be serialized.</param> public abstract void WriteKeyIdentifierClause(XmlWriter writer, SecurityKeyIdentifierClause securityKeyIdentifierClause);
/// <summary> /// Resolves the given SecurityKeyIdentifierClause to a SecurityToken. /// </summary> /// <param name="keyIdentifierClause">SecurityKeyIdentifierClause to resolve.</param> /// <param name="token">The resolved SecurityToken.</param> /// <returns>True if successfully resolved.</returns> /// <exception cref="ArgumentNullException">The input argument 'keyIdentifierClause' is null.</exception> protected override bool TryResolveTokenCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityToken token) { if (keyIdentifierClause == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyIdentifierClause"); } token = null; X509Store store = null; X509Certificate2Collection certs = null; try { store = new X509Store(this.storeName, this.storeLocation); store.Open(OpenFlags.ReadOnly); certs = store.Certificates; foreach (X509Certificate2 cert in certs) { X509ThumbprintKeyIdentifierClause thumbprintKeyIdentifierClause = keyIdentifierClause as X509ThumbprintKeyIdentifierClause; if (thumbprintKeyIdentifierClause != null && thumbprintKeyIdentifierClause.Matches(cert)) { token = new X509SecurityToken(cert); return(true); } X509IssuerSerialKeyIdentifierClause issuerSerialKeyIdentifierClause = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; if (issuerSerialKeyIdentifierClause != null && issuerSerialKeyIdentifierClause.Matches(cert)) { token = new X509SecurityToken(cert); return(true); } X509SubjectKeyIdentifierClause subjectKeyIdentifierClause = keyIdentifierClause as X509SubjectKeyIdentifierClause; if (subjectKeyIdentifierClause != null && subjectKeyIdentifierClause.Matches(cert)) { token = new X509SecurityToken(cert); return(true); } X509RawDataKeyIdentifierClause rawDataKeyIdentifierClause = keyIdentifierClause as X509RawDataKeyIdentifierClause; if (rawDataKeyIdentifierClause != null && rawDataKeyIdentifierClause.Matches(cert)) { token = new X509SecurityToken(cert); return(true); } } } finally { if (certs != null) { for (int i = 0; i < certs.Count; i++) { certs[i].Reset(); } } if (store != null) { store.Close(); } } return(false); }
public string GetLocalTokenTypeUri(SecurityKeyIdentifierClause clause) { Type tokenType = GetTokenType(clause); return(_tokenSerializer.GetTokenTypeUri(tokenType)); }