protected override DecryptedHeader DecryptHeader(XmlDictionaryReader reader, WrappedKeySecurityToken wrappedKeyToken) { SecurityToken token; EncryptedHeaderXml xml = new EncryptedHeaderXml(base.Version) { SecurityTokenSerializer = base.StandardsManager.SecurityTokenSerializer }; xml.ReadFrom(reader, base.MaxReceivedMessageSize); if (xml.MustUnderstand != this.MustUnderstand) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("EncryptedHeaderAttributeMismatch", new object[] { XD.MessageDictionary.MustUnderstand.Value, xml.MustUnderstand, this.MustUnderstand }))); } if (xml.Relay != this.Relay) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("EncryptedHeaderAttributeMismatch", new object[] { XD.Message12Dictionary.Relay.Value, xml.Relay, this.Relay }))); } if (xml.Actor != this.Actor) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("EncryptedHeaderAttributeMismatch", new object[] { base.Version.Envelope.DictionaryActor, xml.Actor, this.Actor }))); } if (wrappedKeyToken == null) { token = WSSecurityOneDotZeroReceiveSecurityHeader.ResolveKeyIdentifier(xml.KeyIdentifier, base.CombinedPrimaryTokenResolver, false); } else { token = wrappedKeyToken; } base.RecordEncryptionToken(token); using (SymmetricAlgorithm algorithm = WSSecurityOneDotZeroReceiveSecurityHeader.CreateDecryptionAlgorithm(token, xml.EncryptionMethod, base.AlgorithmSuite)) { xml.SetUpDecryption(algorithm); return new DecryptedHeader(xml.GetDecryptedBuffer(), base.SecurityVerifiedMessage.GetEnvelopeAttributes(), base.SecurityVerifiedMessage.GetHeaderAttributes(), base.Version, base.StandardsManager.IdManager, base.ReaderQuotas); } }
public EncryptedHeader(MessageHeader plainTextHeader, EncryptedHeaderXml headerXml, string name, string namespaceUri, MessageVersion version) : base(plainTextHeader) { if (!headerXml.HasId || (headerXml.Id == null)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("EncryptedHeaderXmlMustHaveId"))); } this.headerXml = headerXml; this.name = name; this.namespaceUri = namespaceUri; this.version = version; }
public EncryptedHeader(MessageHeader plainTextHeader, EncryptedHeaderXml headerXml, string name, string namespaceUri, MessageVersion version) : base(plainTextHeader) { if (!headerXml.HasId || headerXml.Id == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.EncryptedHeaderXmlMustHaveId))); } this.headerXml = headerXml; this.name = name; this.namespaceUri = namespaceUri; this.version = version; }
protected override EncryptedHeader EncryptHeader(MessageHeader plainTextHeader, SymmetricAlgorithm algorithm, SecurityKeyIdentifier keyIdentifier, MessageVersion version, string id, MemoryStream stream) { EncryptedHeaderXml headerXml = new EncryptedHeaderXml(version) { SecurityTokenSerializer = base.StandardsManager.SecurityTokenSerializer, EncryptionMethod = base.EncryptionAlgorithm, EncryptionMethodDictionaryString = base.EncryptionAlgorithmDictionaryString, KeyIdentifier = keyIdentifier, Id = id, MustUnderstand = this.MustUnderstand, Relay = this.Relay, Actor = this.Actor }; headerXml.SetUpEncryption(algorithm, stream); return(new EncryptedHeader(plainTextHeader, headerXml, EncryptedHeaderXml.ElementName.Value, EncryptedHeaderXml.NamespaceUri.Value, version)); }
protected override DecryptedHeader DecryptHeader(XmlDictionaryReader reader, WrappedKeySecurityToken wrappedKeyToken) { // If it is the client, then we may need to read the GenericXmlSecurityKeyIdentoifoer clause while reading EncryptedData. EncryptedHeaderXml headerXml = new EncryptedHeaderXml(this.Version, this.MessageDirection == MessageDirection.Output); headerXml.SecurityTokenSerializer = this.StandardsManager.SecurityTokenSerializer; headerXml.ReadFrom(reader, MaxReceivedMessageSize); // The Encrypted Headers MustUnderstand, Relay and Actor attributes should match the // Security Headers value. if (headerXml.MustUnderstand != this.MustUnderstand) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.EncryptedHeaderAttributeMismatch, XD.MessageDictionary.MustUnderstand.Value, headerXml.MustUnderstand, this.MustUnderstand))); } if (headerXml.Relay != this.Relay) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.EncryptedHeaderAttributeMismatch, XD.Message12Dictionary.Relay.Value, headerXml.Relay, this.Relay))); } if (headerXml.Actor != this.Actor) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.EncryptedHeaderAttributeMismatch, this.Version.Envelope.DictionaryActor, headerXml.Actor, this.Actor))); } SecurityToken token; if (wrappedKeyToken == null) { token = ResolveKeyIdentifier(headerXml.KeyIdentifier, this.CombinedPrimaryTokenResolver, false); } else { token = wrappedKeyToken; } RecordEncryptionToken(token); using (SymmetricAlgorithm algorithm = CreateDecryptionAlgorithm(token, headerXml.EncryptionMethod, this.AlgorithmSuite)) { headerXml.SetUpDecryption(algorithm); return(new DecryptedHeader( headerXml.GetDecryptedBuffer(), this.SecurityVerifiedMessage.GetEnvelopeAttributes(), this.SecurityVerifiedMessage.GetHeaderAttributes(), this.Version, this.StandardsManager.IdManager, this.ReaderQuotas)); } }
protected override EncryptedHeader EncryptHeader(MessageHeader plainTextHeader, SymmetricAlgorithm algorithm, SecurityKeyIdentifier keyIdentifier, MessageVersion version, string id, MemoryStream stream) { // We are not reading EncryptedData from the wire here, hence pass false. EncryptedHeaderXml encryptedHeaderXml = new EncryptedHeaderXml(version, false); encryptedHeaderXml.SecurityTokenSerializer = this.StandardsManager.SecurityTokenSerializer; encryptedHeaderXml.EncryptionMethod = this.EncryptionAlgorithm; encryptedHeaderXml.EncryptionMethodDictionaryString = this.EncryptionAlgorithmDictionaryString; encryptedHeaderXml.KeyIdentifier = keyIdentifier; encryptedHeaderXml.Id = id; // The Encrypted Headers MustUnderstand, Relay and Actor attributes will always match the // Security Headers value. The values for these on the Encrypted Header and its decrypted // form can be different. encryptedHeaderXml.MustUnderstand = this.MustUnderstand; encryptedHeaderXml.Relay = this.Relay; encryptedHeaderXml.Actor = this.Actor; encryptedHeaderXml.SetUpEncryption(algorithm, stream); return new EncryptedHeader(plainTextHeader, encryptedHeaderXml, EncryptedHeaderXml.ElementName.Value, EncryptedHeaderXml.NamespaceUri.Value, version); }
protected override EncryptedHeader EncryptHeader(MessageHeader plainTextHeader, SymmetricAlgorithm algorithm, SecurityKeyIdentifier keyIdentifier, MessageVersion version, string id, MemoryStream stream) { // We are not reading EncryptedData from the wire here, hence pass false. EncryptedHeaderXml encryptedHeaderXml = new EncryptedHeaderXml(version, false); encryptedHeaderXml.SecurityTokenSerializer = this.StandardsManager.SecurityTokenSerializer; encryptedHeaderXml.EncryptionMethod = this.EncryptionAlgorithm; encryptedHeaderXml.EncryptionMethodDictionaryString = this.EncryptionAlgorithmDictionaryString; encryptedHeaderXml.KeyIdentifier = keyIdentifier; encryptedHeaderXml.Id = id; // The Encrypted Headers MustUnderstand, Relay and Actor attributes will always match the // Security Headers value. The values for these on the Encrypted Header and its decrypted // form can be different. encryptedHeaderXml.MustUnderstand = this.MustUnderstand; encryptedHeaderXml.Relay = this.Relay; encryptedHeaderXml.Actor = this.Actor; encryptedHeaderXml.SetUpEncryption(algorithm, stream); return(new EncryptedHeader(plainTextHeader, encryptedHeaderXml, EncryptedHeaderXml.ElementName.Value, EncryptedHeaderXml.NamespaceUri.Value, version)); }
protected override DecryptedHeader DecryptHeader(XmlDictionaryReader reader, WrappedKeySecurityToken wrappedKeyToken) { // If it is the client, then we may need to read the GenericXmlSecurityKeyIdentoifoer clause while reading EncryptedData. EncryptedHeaderXml headerXml = new EncryptedHeaderXml(this.Version, this.MessageDirection == MessageDirection.Output); headerXml.SecurityTokenSerializer = this.StandardsManager.SecurityTokenSerializer; headerXml.ReadFrom(reader, MaxReceivedMessageSize); // The Encrypted Headers MustUnderstand, Relay and Actor attributes should match the // Security Headers value. if (headerXml.MustUnderstand != this.MustUnderstand) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.EncryptedHeaderAttributeMismatch, XD.MessageDictionary.MustUnderstand.Value, headerXml.MustUnderstand, this.MustUnderstand))); if (headerXml.Relay != this.Relay) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.EncryptedHeaderAttributeMismatch, XD.Message12Dictionary.Relay.Value, headerXml.Relay, this.Relay))); if (headerXml.Actor != this.Actor) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.EncryptedHeaderAttributeMismatch, this.Version.Envelope.DictionaryActor, headerXml.Actor, this.Actor))); SecurityToken token; if (wrappedKeyToken == null) { token = ResolveKeyIdentifier(headerXml.KeyIdentifier, this.CombinedPrimaryTokenResolver, false); } else { token = wrappedKeyToken; } RecordEncryptionToken(token); using (SymmetricAlgorithm algorithm = CreateDecryptionAlgorithm(token, headerXml.EncryptionMethod, this.AlgorithmSuite)) { headerXml.SetUpDecryption(algorithm); return new DecryptedHeader( headerXml.GetDecryptedBuffer(), this.SecurityVerifiedMessage.GetEnvelopeAttributes(), this.SecurityVerifiedMessage.GetHeaderAttributes(), this.Version, this.StandardsManager.IdManager, this.ReaderQuotas); } }
protected override DecryptedHeader DecryptHeader(XmlDictionaryReader reader, WrappedKeySecurityToken wrappedKeyToken) { SecurityToken token; EncryptedHeaderXml xml = new EncryptedHeaderXml(base.Version) { SecurityTokenSerializer = base.StandardsManager.SecurityTokenSerializer }; xml.ReadFrom(reader, base.MaxReceivedMessageSize); if (xml.MustUnderstand != this.MustUnderstand) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("EncryptedHeaderAttributeMismatch", new object[] { XD.MessageDictionary.MustUnderstand.Value, xml.MustUnderstand, this.MustUnderstand }))); } if (xml.Relay != this.Relay) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("EncryptedHeaderAttributeMismatch", new object[] { XD.Message12Dictionary.Relay.Value, xml.Relay, this.Relay }))); } if (xml.Actor != this.Actor) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("EncryptedHeaderAttributeMismatch", new object[] { base.Version.Envelope.DictionaryActor, xml.Actor, this.Actor }))); } if (wrappedKeyToken == null) { token = WSSecurityOneDotZeroReceiveSecurityHeader.ResolveKeyIdentifier(xml.KeyIdentifier, base.CombinedPrimaryTokenResolver, false); } else { token = wrappedKeyToken; } base.RecordEncryptionToken(token); using (SymmetricAlgorithm algorithm = WSSecurityOneDotZeroReceiveSecurityHeader.CreateDecryptionAlgorithm(token, xml.EncryptionMethod, base.AlgorithmSuite)) { xml.SetUpDecryption(algorithm); return(new DecryptedHeader(xml.GetDecryptedBuffer(), base.SecurityVerifiedMessage.GetEnvelopeAttributes(), base.SecurityVerifiedMessage.GetHeaderAttributes(), base.Version, base.StandardsManager.IdManager, base.ReaderQuotas)); } }