public override XmlElement CreateWsspSecureConversationTokenAssertion(MetadataExporter exporter, SecureConversationSecurityTokenParameters parameters) { XmlElement tokenAssertion = this.CreateWsspAssertion("SecureConversationToken"); this.SetIncludeTokenValue(tokenAssertion, parameters.InclusionMode); tokenAssertion.AppendChild(this.CreateWspPolicyWrapper(exporter, new XmlElement[] { this.CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys), this.CreateWsspMustNotSendCancelAssertion(parameters.RequireCancellation), this.CreateWsspBootstrapPolicyAssertion(exporter, parameters.BootstrapSecurityBindingElement), this.CreateWsspMustNotSendAmendAssertion(), (!parameters.RequireCancellation || !parameters.CanRenewSession) ? this.CreateWsspMustNotSendRenewAssertion() : null })); return tokenAssertion; }
protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters source) : base(source) { this.element = (SecurityBindingElement)source.element.Clone(); this.cancellable = source.cancellable; this.requirements = new ChannelProtectionRequirements(default_channel_protection_requirements); }
void InitializeSecureConversationParameters(SecureConversationSecurityTokenParameters sc, bool initializeNestedBindings) { SetPropertyValueIfNotDefaultValue(ConfigurationStrings.RequireSecurityContextCancellation, sc.RequireCancellation); this.CanRenewSecurityContextToken = sc.CanRenewSession; // can't use default value optimization here because ApplyConfiguration relies on the runtime default instead, which is the opposite of the config default if (sc.BootstrapSecurityBindingElement != null) { this.SecureConversationBootstrap.InitializeFrom(sc.BootstrapSecurityBindingElement, initializeNestedBindings); } }
protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other) : base(other) { this.element = (SecurityBindingElement)other.element.Clone(); this.cancellable = other.cancellable; #if !MOBILE && !XAMMAC_4_5 this.requirements = new ChannelProtectionRequirements(default_channel_protection_requirements); #endif }
protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other) : base(other) { _requireCancellation = other._requireCancellation; _canRenewSession = other._canRenewSession; if (other._bootstrapSecurityBindingElement != null) _bootstrapSecurityBindingElement = (SecurityBindingElement)other._bootstrapSecurityBindingElement.Clone(); if (other._issuerBindingContext != null) _issuerBindingContext = other._issuerBindingContext.Clone(); }
protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other) : base(other) { this.requireCancellation = other.requireCancellation; this.canRenewSession = other.canRenewSession; if (other.bootstrapSecurityBindingElement != null) this.bootstrapSecurityBindingElement = (SecurityBindingElement)other.bootstrapSecurityBindingElement.Clone(); if (other.bootstrapProtectionRequirements != null) this.bootstrapProtectionRequirements = new ChannelProtectionRequirements(other.bootstrapProtectionRequirements); if (other.issuerBindingContext != null) this.issuerBindingContext = other.issuerBindingContext.Clone(); }
private void InitializeSecureConversationParameters(SecureConversationSecurityTokenParameters sc, bool initializeNestedBindings) { base.RequireSecurityContextCancellation = sc.RequireCancellation; if (!sc.CanRenewSession) { base.CanRenewSecurityContextToken = sc.CanRenewSession; } if (sc.BootstrapSecurityBindingElement != null) { this.SecureConversationBootstrap.InitializeFrom(sc.BootstrapSecurityBindingElement, initializeNestedBindings); } }
protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other) : base(other) { _requireCancellation = other._requireCancellation; _canRenewSession = other._canRenewSession; if (other._bootstrapSecurityBindingElement != null) { _bootstrapSecurityBindingElement = (SecurityBindingElement)other._bootstrapSecurityBindingElement.Clone(); } if (other._issuerBindingContext != null) { _issuerBindingContext = other._issuerBindingContext.Clone(); } }
protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other) : base(other) { this.requireCancellation = other.requireCancellation; this.canRenewSession = other.canRenewSession; if (other.bootstrapSecurityBindingElement != null) { this.bootstrapSecurityBindingElement = (SecurityBindingElement)other.bootstrapSecurityBindingElement.Clone(); } if (other.bootstrapProtectionRequirements != null) { this.bootstrapProtectionRequirements = new ChannelProtectionRequirements(other.bootstrapProtectionRequirements); } if (other.issuerBindingContext != null) { this.issuerBindingContext = other.issuerBindingContext.Clone(); } }
public virtual bool TryImportWsspSecureConversationTokenAssertion(MetadataImporter importer, XmlElement assertion, out SecurityTokenParameters parameters) { parameters = null; SecurityTokenInclusionMode inclusionMode; Collection<Collection<XmlElement>> alternatives; if (IsWsspAssertion(assertion, SecureConversationTokenName) && TryGetIncludeTokenValue(assertion, out inclusionMode)) { if (TryGetNestedPolicyAlternatives(importer, assertion, out alternatives)) { foreach (Collection<XmlElement> alternative in alternatives) { SecureConversationSecurityTokenParameters sc = new SecureConversationSecurityTokenParameters(); parameters = sc; bool requireCancellation; if (TryImportWsspRequireDerivedKeysAssertion(alternative, sc) && TryImportWsspMustNotSendCancelAssertion(alternative, out requireCancellation) && TryImportWsspBootstrapPolicyAssertion(importer, alternative, sc) && alternative.Count == 0) { sc.RequireCancellation = requireCancellation; sc.InclusionMode = inclusionMode; break; } else { parameters = null; } } } else { parameters = new SecureConversationSecurityTokenParameters(); parameters.InclusionMode = inclusionMode; parameters.RequireDerivedKeys = false; } } return parameters != null; }
public virtual XmlElement CreateWsspSecureConversationTokenAssertion(MetadataExporter exporter, SecureConversationSecurityTokenParameters parameters) { XmlElement result = CreateWsspAssertion(SecureConversationTokenName); SetIncludeTokenValue(result, parameters.InclusionMode); result.AppendChild( CreateWspPolicyWrapper( exporter, CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys), CreateWsspMustNotSendCancelAssertion(parameters.RequireCancellation), CreateWsspBootstrapPolicyAssertion(exporter, parameters.BootstrapSecurityBindingElement) )); return result; }
public virtual bool TryImportWsspBootstrapPolicyAssertion(MetadataImporter importer, ICollection<XmlElement> assertions, SecureConversationSecurityTokenParameters parameters) { bool result = false; XmlElement assertion; Collection<Collection<XmlElement>> alternatives; if (TryImportWsspAssertion(assertions, BootstrapPolicyName, out assertion) && TryGetNestedPolicyAlternatives(importer, assertion, out alternatives)) { BindingElementCollection bindingElements; importer.State[SecurityBindingElementImporter.InSecureConversationBootstrapBindingImportMode] = SecurityBindingElementImporter.InSecureConversationBootstrapBindingImportMode; try { bindingElements = importer.ImportPolicy(NullServiceEndpoint, alternatives); if (importer.State.ContainsKey(SecurityBindingElementImporter.SecureConversationBootstrapEncryptionRequirements)) { MessagePartSpecification encryption = (MessagePartSpecification)importer.State[SecurityBindingElementImporter.SecureConversationBootstrapEncryptionRequirements]; if (encryption.IsBodyIncluded != true) { importer.Errors.Add(new MetadataConversionError(SR.GetString(SR.UnsupportedSecureConversationBootstrapProtectionRequirements), false)); bindingElements = null; } } if (importer.State.ContainsKey(SecurityBindingElementImporter.SecureConversationBootstrapSignatureRequirements)) { MessagePartSpecification signature = (MessagePartSpecification)importer.State[SecurityBindingElementImporter.SecureConversationBootstrapSignatureRequirements]; if (signature.IsBodyIncluded != true) { importer.Errors.Add(new MetadataConversionError(SR.GetString(SR.UnsupportedSecureConversationBootstrapProtectionRequirements), false)); bindingElements = null; } } } finally { importer.State.Remove(SecurityBindingElementImporter.InSecureConversationBootstrapBindingImportMode); if (importer.State.ContainsKey(SecurityBindingElementImporter.SecureConversationBootstrapEncryptionRequirements)) importer.State.Remove(SecurityBindingElementImporter.SecureConversationBootstrapEncryptionRequirements); if (importer.State.ContainsKey(SecurityBindingElementImporter.SecureConversationBootstrapSignatureRequirements)) importer.State.Remove(SecurityBindingElementImporter.SecureConversationBootstrapSignatureRequirements); } if (bindingElements != null) { parameters.BootstrapSecurityBindingElement = bindingElements.Find<SecurityBindingElement>(); return true; } else { parameters.BootstrapSecurityBindingElement = null; return true; // Consider returning false here. } } return result; }
public MySecureConversationSecurityTokenParameters (SecureConversationSecurityTokenParameters clone) : base (clone) { }
public void GetPropertySecurityCapabilities () { ISecurityCapabilities c; RsaSecurityTokenParameters rsa = new RsaSecurityTokenParameters (); UserNameSecurityTokenParameters user = new UserNameSecurityTokenParameters (); X509SecurityTokenParameters x509 = new X509SecurityTokenParameters (); SecureConversationSecurityTokenParameters sc1 = new SecureConversationSecurityTokenParameters (); sc1.BootstrapSecurityBindingElement = new SymmetricSecurityBindingElement (); // empty SecureConversationSecurityTokenParameters sc2 = new SecureConversationSecurityTokenParameters (); sc2.BootstrapSecurityBindingElement = new SymmetricSecurityBindingElement (x509); SecureConversationSecurityTokenParameters sc3 = new SecureConversationSecurityTokenParameters (); sc3.BootstrapSecurityBindingElement = new AsymmetricSecurityBindingElement (null, x509); SecureConversationSecurityTokenParameters sc4 = new SecureConversationSecurityTokenParameters (); sc4.BootstrapSecurityBindingElement = new AsymmetricSecurityBindingElement (x509, null); // no parameters c = GetSecurityCapabilities ( new SymmetricSecurityBindingElement ()); AssertSecurityCapabilities ( ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign, false, false, false, c, "#1"); // x509 parameters for both c = GetSecurityCapabilities ( new SymmetricSecurityBindingElement (x509)); AssertSecurityCapabilities ( ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign, true, true, true, c, "#2"); // no initiator parameters c = GetSecurityCapabilities ( new AsymmetricSecurityBindingElement (x509, null)); AssertSecurityCapabilities ( ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign, false, false, true, c, "#3"); // no recipient parameters c = GetSecurityCapabilities ( new AsymmetricSecurityBindingElement (null, x509)); AssertSecurityCapabilities ( ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign, true, true, false, c, "#4"); // initiator does not support identity c = GetSecurityCapabilities ( new AsymmetricSecurityBindingElement (x509, rsa)); AssertSecurityCapabilities ( ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign, true, false, true, c, "#5"); // recipient does not support server auth c = GetSecurityCapabilities ( new AsymmetricSecurityBindingElement (user, x509)); AssertSecurityCapabilities ( ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign, true, true, false, c, "#6"); // secureconv with no symm. bootstrap params c = GetSecurityCapabilities ( new SymmetricSecurityBindingElement (sc1)); AssertSecurityCapabilities ( ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign, false, false, false, c, "#7"); // secureconv with x509 symm. bootstrap params c = GetSecurityCapabilities ( new SymmetricSecurityBindingElement (sc2)); AssertSecurityCapabilities ( ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign, true, true, true, c, "#8"); // secureconv with x509 initiator bootstrap params c = GetSecurityCapabilities ( new SymmetricSecurityBindingElement (sc3)); AssertSecurityCapabilities ( ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign, true, true, false, c, "#9"); // secureconv with x509 recipient bootstrap params c = GetSecurityCapabilities ( new SymmetricSecurityBindingElement (sc4)); AssertSecurityCapabilities ( ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign, false, false, true, c, "#10"); // FIXME: find out such cases that returns other ProtectionLevel values. }
protected SecureConversationSecurityTokenParameters (SecureConversationSecurityTokenParameters source) : base (source) { this.element = (SecurityBindingElement) source.element.Clone (); this.cancellable = source.cancellable; #if !MOBILE && !XAMMAC_4_5 this.requirements = new ChannelProtectionRequirements (default_channel_protection_requirements); #endif }
protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other) { Contract.Requires(other != null); }
public virtual bool TryImportWsspSecureConversationTokenAssertion(MetadataImporter importer, XmlElement assertion, out SecurityTokenParameters parameters) { SecurityTokenInclusionMode mode; parameters = null; if (this.IsWsspAssertion(assertion, "SecureConversationToken") && this.TryGetIncludeTokenValue(assertion, out mode)) { Collection<Collection<XmlElement>> collection; if (this.TryGetNestedPolicyAlternatives(importer, assertion, out collection)) { foreach (Collection<XmlElement> collection2 in collection) { bool flag; SecureConversationSecurityTokenParameters parameters2 = new SecureConversationSecurityTokenParameters(); parameters = parameters2; if ((this.TryImportWsspRequireDerivedKeysAssertion(collection2, parameters2) && this.TryImportWsspMustNotSendCancelAssertion(collection2, out flag)) && (this.TryImportWsspBootstrapPolicyAssertion(importer, collection2, parameters2) && (collection2.Count == 0))) { parameters2.RequireCancellation = flag; parameters2.InclusionMode = mode; break; } parameters = null; } } else { parameters = new SecureConversationSecurityTokenParameters(); parameters.InclusionMode = mode; parameters.RequireDerivedKeys = false; } } return (parameters != null); }
public virtual bool TryImportWsspBootstrapPolicyAssertion(MetadataImporter importer, ICollection<XmlElement> assertions, SecureConversationSecurityTokenParameters parameters) { XmlElement element; Collection<Collection<XmlElement>> collection; BindingElementCollection elements; bool flag = false; if (!this.TryImportWsspAssertion(assertions, "BootstrapPolicy", out element) || !this.TryGetNestedPolicyAlternatives(importer, element, out collection)) { return flag; } importer.State["InSecureConversationBootstrapBindingImportMode"] = "InSecureConversationBootstrapBindingImportMode"; try { elements = importer.ImportPolicy(NullServiceEndpoint, collection); if (importer.State.ContainsKey("SecureConversationBootstrapEncryptionRequirements")) { MessagePartSpecification specification = (MessagePartSpecification) importer.State["SecureConversationBootstrapEncryptionRequirements"]; if (!specification.IsBodyIncluded) { importer.Errors.Add(new MetadataConversionError(System.ServiceModel.SR.GetString("UnsupportedSecureConversationBootstrapProtectionRequirements"), false)); elements = null; } } if (importer.State.ContainsKey("SecureConversationBootstrapSignatureRequirements")) { MessagePartSpecification specification2 = (MessagePartSpecification) importer.State["SecureConversationBootstrapSignatureRequirements"]; if (!specification2.IsBodyIncluded) { importer.Errors.Add(new MetadataConversionError(System.ServiceModel.SR.GetString("UnsupportedSecureConversationBootstrapProtectionRequirements"), false)); elements = null; } } } finally { importer.State.Remove("InSecureConversationBootstrapBindingImportMode"); if (importer.State.ContainsKey("SecureConversationBootstrapEncryptionRequirements")) { importer.State.Remove("SecureConversationBootstrapEncryptionRequirements"); } if (importer.State.ContainsKey("SecureConversationBootstrapSignatureRequirements")) { importer.State.Remove("SecureConversationBootstrapSignatureRequirements"); } } if (elements != null) { parameters.BootstrapSecurityBindingElement = elements.Find<SecurityBindingElement>(); return true; } parameters.BootstrapSecurityBindingElement = null; return true; }