static MessagePartSpecification ExtractMessageParts(string action,
ScopedMessagePartSpecification scopedParts, bool isForSignature)
{
MessagePartSpecification parts = null;
if (scopedParts.TryGetParts(action, out parts))
{
return(parts);
}
else if (scopedParts.TryGetParts(MessageHeaders.WildcardAction, out parts))
{
return(parts);
}
// send back a fault indication that the action is unknown
SecurityVersion wss = MessageSecurityVersion.Default.SecurityVersion;
FaultCode subCode = new FaultCode(wss.InvalidSecurityFaultCode.Value, wss.HeaderNamespace.Value);
FaultCode senderCode = FaultCode.CreateSenderFaultCode(subCode);
FaultReason reason = new FaultReason(SR.GetString(SR.InvalidOrUnrecognizedAction, action), System.Globalization.CultureInfo.CurrentCulture);
MessageFault fault = MessageFault.CreateFault(senderCode, reason);
if (isForSignature)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.NoSignaturePartsSpecified, action), null, fault));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.NoEncryptionPartsSpecified, action), null, fault));
}
}
public static MessageSecurityTokenVersion GetSecurityTokenVersion(SecurityVersion version, bool emitBspAttributes)
{
if (version == SecurityVersion.WSSecurity10)
{
if (emitBspAttributes)
{
return(MessageSecurityTokenVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
}
else if (version == SecurityVersion.WSSecurity11)
{
if (emitBspAttributes)
{
return(MessageSecurityTokenVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10);
}
else
{
return(MessageSecurityTokenVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005);
}
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
}
static Func<KeyInfoSerializer, IEnumerable<SecurityTokenSerializer.SerializerEntries>> CreateAdditionalEntries(SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
{
return (KeyInfoSerializer keyInfoSerializer) =>
{
List<SecurityTokenSerializer.SerializerEntries> serializerEntries = new List<SecurityTokenSerializer.SerializerEntries>();
if (securityVersion == SecurityVersion.WSSecurity10)
{
serializerEntries.Add(new System.IdentityModel.Tokens.WSSecurityJan2004(keyInfoSerializer));
}
else if (securityVersion == SecurityVersion.WSSecurity11)
{
serializerEntries.Add(new System.IdentityModel.Tokens.WSSecurityXXX2005(keyInfoSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SR.GetString(SR.MessageSecurityVersionOutOfRange)));
}
if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
serializerEntries.Add(new WSSecureConversationFeb2005(keyInfoSerializer));
}
else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
{
serializerEntries.Add(new WSSecureConversationDec2005(keyInfoSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
return serializerEntries;
};
}
/// <summary>
/// There is a
internal static SecurityVersion GetSecurityVersion(SecurityTokenVersion tokenVersion)
{
if (tokenVersion == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenVersion");
}
//
// Workaround for WCF
if (tokenVersion is MessageSecurityTokenVersion)
{
SecurityVersion sv = (tokenVersion as MessageSecurityTokenVersion).SecurityVersion;
if (sv != null)
{
return(sv);
}
}
else
{
if (tokenVersion.GetSecuritySpecifications().Contains(WSSecurity11Constants.Namespace))
{
return(SecurityVersion.WSSecurity11);
}
else if (tokenVersion.GetSecuritySpecifications().Contains(WSSecurity10Constants.Namespace))
{
return(SecurityVersion.WSSecurity10);
}
}
return(SecurityVersion.WSSecurity11);
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer1 samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes,
int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
#if !FEATURE_CORECLR
throw ExceptionHelper.PlatformNotSupported();
#endif
}
public WSSecurityTokenSerializer (
SecurityVersion securityVersion,
bool emitBspRequiredAttributes,
SamlSerializer samlSerializer)
: this (securityVersion, emitBspRequiredAttributes,
samlSerializer, null, null)
{
}
public override MessageSecurityVersion GetSupportedMessageSecurityVersion(SecurityVersion version)
{
if (version != SecurityVersion.WSSecurity10)
{
return MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
}
return MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
}
public override MessageSecurityVersion GetSupportedMessageSecurityVersion(SecurityVersion version)
{
if (version != SecurityVersion.WSSecurity10)
{
return(MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10);
}
return(MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10);
}
public WSSecurityTokenSerializer(
SecurityVersion securityVersion,
bool emitBspRequiredAttributes,
SamlSerializer samlSerializer)
: this(securityVersion, emitBspRequiredAttributes,
samlSerializer, null, null)
{
}
MessageSecurityTokenVersion(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, string toString, bool emitBspRequiredAttributes, params string[] supportedSpecs)
: base()
{
this.emitBspRequiredAttributes = emitBspRequiredAttributes;
this.supportedSpecs = new ReadOnlyCollection <string>(supportedSpecs);
this.toString = toString;
this.securityVersion = securityVersion;
this.trustVersion = trustVersion;
this.secureConversationVersion = secureConversationVersion;
}
public WSSecurityTokenSerializer (
SecurityVersion securityVersion,
bool emitBspRequiredAttributes,
SamlSerializer samlSerializer,
SecurityStateEncoder securityStateEncoder,
IEnumerable<Type> knownTypes)
: this (securityVersion, emitBspRequiredAttributes,
samlSerializer, securityStateEncoder,
knownTypes, defaultOffset, defaultLabelLength,
defaultNonceLength)
{
}
public WSSecurityTokenSerializer(
SecurityVersion securityVersion,
bool emitBspRequiredAttributes,
SamlSerializer samlSerializer,
SecurityStateEncoder securityStateEncoder,
IEnumerable <Type> knownTypes)
: this(securityVersion, emitBspRequiredAttributes,
samlSerializer, securityStateEncoder,
knownTypes, defaultOffset, defaultLabelLength,
defaultNonceLength)
{
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
bool bsp = version.GetSecuritySpecifications().Contains(Constants.WSBasicSecurityProfileCore1);
SecurityVersion ver =
version.GetSecuritySpecifications().Contains(Constants.Wss11Namespace) ?
SecurityVersion.WSSecurity11 :
SecurityVersion.WSSecurity10;
// FIXME: pass correct arguments.
return(new WSSecurityTokenSerializer(ver, bsp, null,
ServiceCredentials.SecureConversationAuthentication.SecurityStateEncoder,
Type.EmptyTypes,
int.MaxValue, int.MaxValue, int.MaxValue));
}
public SignatureConfirmationElement(string id, byte[] signatureValue, SecurityVersion version)
{
if (id == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("id");
}
if (signatureValue == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("signatureValue");
}
this.id = id;
this.signatureValue = signatureValue;
this.version = version;
}
public SignatureConfirmationElement(string id, byte[] signatureValue, SecurityVersion version)
{
if (id == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("id");
}
if (signatureValue == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("signatureValue");
}
this.id = id;
this.signatureValue = signatureValue;
this.version = version;
}
public SignatureConfirmationElement(string id, byte[] signatureValue, SecurityVersion version)
{
if (id == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("id");
}
if (signatureValue == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("signatureValue");
}
_id = id;
_signatureValue = signatureValue;
_version = version;
}
private static MessagePartSpecification ExtractMessageParts(string action, ScopedMessagePartSpecification scopedParts, bool isForSignature)
{
MessagePartSpecification parts = (MessagePartSpecification)null;
if (scopedParts.TryGetParts(action, out parts) || scopedParts.TryGetParts("*", out parts))
{
return(parts);
}
SecurityVersion securityVersion = MessageSecurityVersion.Default.SecurityVersion;
MessageFault fault = MessageFault.CreateFault(FaultCode.CreateSenderFaultCode(new FaultCode(securityVersion.InvalidSecurityFaultCode.Value, securityVersion.HeaderNamespace.Value)), new FaultReason(SR.GetString("InvalidOrUnrecognizedAction", new object[1] {
(object)action
}), CultureInfo.CurrentCulture));
if (isForSignature)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError((Exception) new MessageSecurityException(SR.GetString("NoSignaturePartsSpecified", new object[1] {
(object)action
}), (Exception)null, fault));
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError((Exception) new MessageSecurityException(SR.GetString("NoEncryptionPartsSpecified", new object[1] {
(object)action
}), (Exception)null, fault));
}
/// <summary>
/// There is a bug in WCF where the version obtained from the public SecurityTokenVersion strings is wrong.
/// The internal MessageSecurityTokenVersion has the right version.
/// </summary>
internal static SecurityVersion GetSecurityVersion(SecurityTokenVersion tokenVersion)
{
if (tokenVersion == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenVersion");
}
//
// Workaround for WCF bug.
// In .NET 3.5 WCF returns the wrong Token Specification. We need to reflect on the
// internal code so we can access the SecurityVersion directly instead of depending
// on the security specification.
//
if (tokenVersion is MessageSecurityTokenVersion)
{
SecurityVersion sv = (tokenVersion as MessageSecurityTokenVersion).SecurityVersion;
if (sv != null)
{
return(sv);
}
}
else
{
if (tokenVersion.GetSecuritySpecifications().Contains(WSSecurity11Constants.Namespace))
{
return(SecurityVersion.WSSecurity11);
}
else if (tokenVersion.GetSecuritySpecifications().Contains(WSSecurity10Constants.Namespace))
{
return(SecurityVersion.WSSecurity10);
}
}
return(SecurityVersion.WSSecurity11);
}
public WSSecurityTokenSerializer(
SecurityVersion securityVersion,
bool emitBspRequiredAttributes,
SamlSerializer samlSerializer,
SecurityStateEncoder securityStateEncoder,
IEnumerable <Type> knownTypes,
int maximumKeyDerivationOffset,
int maximumKeyDerivationLabelLength,
int maximumKeyDerivationNonceLength)
{
security_version = securityVersion;
emit_bsp = emitBspRequiredAttributes;
saml_serializer = samlSerializer;
encoder = securityStateEncoder;
known_types = new List <Type> (knownTypes ?? Type.EmptyTypes);
max_offset = maximumKeyDerivationOffset;
max_label_length = maximumKeyDerivationLabelLength;
max_nonce_length = maximumKeyDerivationNonceLength;
if (encoder == null)
{
encoder = new DataProtectionSecurityStateEncoder();
}
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, System.IdentityModel.Tokens.SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes)
{
}
public override MessageSecurityVersion GetSupportedMessageSecurityVersion(SecurityVersion version)
{
return((version == SecurityVersion.WSSecurity10) ? MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10 : MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10);
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes)
{
}
/// <summary>
/// Initializes an instance of <see cref="WsSecurityTokenSerializerAdapter"/>
/// </summary>
/// <param name="securityTokenHandlerCollection">
/// The <see cref="SecurityTokenHandlerCollection" /> containing the set of <see cref="SecurityTokenHandler" />
/// objects used for serializing and validating tokens found in WS-Trust messages.
/// </param>
/// <param name="securityVersion">The SecurityTokenVersion of the base WSSecurityTokenSerializer.</param>
public WsSecurityTokenSerializerAdapter( SecurityTokenHandlerCollection securityTokenHandlerCollection, SecurityVersion securityVersion )
: this( securityTokenHandlerCollection, securityVersion, true, new SamlSerializer(), null, null )
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion)
: this(securityVersion, false)
{
}
internal ReceiveSecurityHeader TryCreateReceiveSecurityHeader(Message message,
string actor,
SecurityAlgorithmSuite algorithmSuite, MessageDirection direction)
{
return(SecurityVersion.TryCreateReceiveSecurityHeader(message, actor, this, algorithmSuite, direction));
}
public WSKeyInfoSerializer(bool emitBspRequiredAttributes, DictionaryManager dictionaryManager, System.IdentityModel.TrustDictionary trustDictionary, SecurityTokenSerializer innerSecurityTokenSerializer, SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
: base(emitBspRequiredAttributes, dictionaryManager, trustDictionary, innerSecurityTokenSerializer, CreateAdditionalEntries(securityVersion, secureConversationVersion))
{
}
static Func <KeyInfoSerializer, IEnumerable <SecurityTokenSerializer.SerializerEntries> > CreateAdditionalEntries(SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
{
return((KeyInfoSerializer keyInfoSerializer) =>
{
List <SecurityTokenSerializer.SerializerEntries> serializerEntries = new List <SecurityTokenSerializer.SerializerEntries>();
if (securityVersion == SecurityVersion.WSSecurity10)
{
serializerEntries.Add(new System.IdentityModel.Tokens.WSSecurityJan2004(keyInfoSerializer));
}
else if (securityVersion == SecurityVersion.WSSecurity11)
{
serializerEntries.Add(new System.IdentityModel.Tokens.WSSecurityXXX2005(keyInfoSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SR.GetString(SR.MessageSecurityVersionOutOfRange)));
}
if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
serializerEntries.Add(new WSSecureConversationFeb2005(keyInfoSerializer));
}
else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
{
serializerEntries.Add(new WSSecureConversationDec2005(keyInfoSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
return serializerEntries;
});
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes,
int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
if (securityVersion == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("securityVersion"));
if (maximumKeyDerivationOffset < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationOffset", SR.GetString(SR.ValueMustBeNonNegative)));
}
if (maximumKeyDerivationLabelLength < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationLabelLength", SR.GetString(SR.ValueMustBeNonNegative)));
}
if (maximumKeyDerivationNonceLength <= 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationNonceLength", SR.GetString(SR.ValueMustBeGreaterThanZero)));
}
this.securityVersion = securityVersion;
this.emitBspRequiredAttributes = emitBspRequiredAttributes;
this.maximumKeyDerivationOffset = maximumKeyDerivationOffset;
this.maximumKeyDerivationNonceLength = maximumKeyDerivationNonceLength;
this.maximumKeyDerivationLabelLength = maximumKeyDerivationLabelLength;
this.serializerEntries = new List<SerializerEntries>();
if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
this.secureConversation = new WSSecureConversationFeb2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
{
this.secureConversation = new WSSecureConversationDec2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
if (securityVersion == SecurityVersion.WSSecurity10)
{
this.serializerEntries.Add(new WSSecurityJan2004(this, samlSerializer));
}
else if (securityVersion == SecurityVersion.WSSecurity11)
{
this.serializerEntries.Add(new WSSecurityXXX2005(this, samlSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SR.GetString(SR.MessageSecurityVersionOutOfRange)));
}
this.serializerEntries.Add(this.secureConversation);
IdentityModel.TrustDictionary trustDictionary;
if (trustVersion == TrustVersion.WSTrustFeb2005)
{
this.serializerEntries.Add(new WSTrustFeb2005(this));
trustDictionary = new IdentityModel.TrustFeb2005Dictionary(new CollectionDictionary(DXD.TrustDec2005Dictionary.Feb2005DictionaryStrings));
}
else if (trustVersion == TrustVersion.WSTrust13)
{
this.serializerEntries.Add(new WSTrustDec2005(this));
trustDictionary = new IdentityModel.TrustDec2005Dictionary(new CollectionDictionary(DXD.TrustDec2005Dictionary.Dec2005DictionaryString));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
this.tokenEntries = new List<TokenEntry>();
for (int i = 0; i < this.serializerEntries.Count; ++i)
{
SerializerEntries serializerEntry = this.serializerEntries[i];
serializerEntry.PopulateTokenEntries(this.tokenEntries);
}
IdentityModel.DictionaryManager dictionaryManager = new IdentityModel.DictionaryManager(ServiceModelDictionary.CurrentVersion);
dictionaryManager.SecureConversationDec2005Dictionary = new IdentityModel.SecureConversationDec2005Dictionary(new CollectionDictionary(DXD.SecureConversationDec2005Dictionary.SecureConversationDictionaryStrings));
dictionaryManager.SecurityAlgorithmDec2005Dictionary = new IdentityModel.SecurityAlgorithmDec2005Dictionary(new CollectionDictionary(DXD.SecurityAlgorithmDec2005Dictionary.SecurityAlgorithmDictionaryStrings));
this.keyInfoSerializer = new WSKeyInfoSerializer(this.emitBspRequiredAttributes, dictionaryManager, trustDictionary, this, securityVersion, secureConversationVersion);
}
public override MessageSecurityVersion GetSupportedMessageSecurityVersion(SecurityVersion version)
{
return (version == SecurityVersion.WSSecurity10) ? MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10 : MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;
}
/// <summary>
/// Initializes an instance of <see cref="WsSecurityTokenSerializerAdapter"/>
/// </summary>
/// <param name="securityTokenHandlerCollection">
/// The <see cref="SecurityTokenHandlerCollection" /> containing the set of <see cref="SecurityTokenHandler" />
/// objects used for serializing and validating tokens found in WS-Trust messages.
/// </param>
/// <param name="securityVersion">The SecurityVersion of the base WSSecurityTokenSerializer.</param>
/// <param name="trustVersion">The TrustVersion of the serializer uses.</param>
/// <param name="secureConversationVersion">The SecureConversationVersion of the serializer.</param>
/// <param name="emitBspAttributes">Flag that determines if the serailization shoudl be BSP compliant.</param>
/// <param name="samlSerializer">Serializer for SAML 1.1 tokens.</param>
/// <param name="stateEncoder">SecurityStateEncoder used for resolving SCT.</param>
/// <param name="knownTypes">The collection of known claim types.</param>
public WsSecurityTokenSerializerAdapter( SecurityTokenHandlerCollection securityTokenHandlerCollection, SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspAttributes, SamlSerializer samlSerializer, SecurityStateEncoder stateEncoder, IEnumerable<Type> knownTypes )
: base( securityVersion, trustVersion, secureConversationVersion, emitBspAttributes, samlSerializer, stateEncoder, knownTypes )
{
if ( securityTokenHandlerCollection == null )
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "securityTokenHandlerCollection" );
}
_scVersion = secureConversationVersion;
_securityTokenHandlers = securityTokenHandlerCollection;
}
/// <summary>
/// Initializes an instance of <see cref="WsSecurityTokenSerializerAdapter"/>
/// </summary>
/// <param name="securityTokenHandlerCollection">
/// The <see cref="SecurityTokenHandlerCollection" /> containing the set of <see cref="SecurityTokenHandler" />
/// objects used for serializing and validating tokens found in WS-Trust messages.
/// </param>
/// <param name="securityVersion">The SecurityVersion of the base WSSecurityTokenSerializer.</param>
/// <param name="emitBspAttributes">Flag that determines if the serailization shoudl be BSP compliant.</param>
/// <param name="samlSerializer">Serializer for SAML 1.1 tokens.</param>
/// <param name="stateEncoder">SecurityStateEncoder used for resolving SCT.</param>
/// <param name="knownTypes">The collection of known claim types.</param>
public WsSecurityTokenSerializerAdapter( SecurityTokenHandlerCollection securityTokenHandlerCollection, SecurityVersion securityVersion, bool emitBspAttributes, SamlSerializer samlSerializer, SecurityStateEncoder stateEncoder, IEnumerable<Type> knownTypes )
: this( securityTokenHandlerCollection, securityVersion, TrustVersion.WSTrust13, SecureConversationVersion.WSSecureConversation13, emitBspAttributes, samlSerializer, stateEncoder, knownTypes )
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, System.IdentityModel.Tokens.SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes, int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
}
public MsCredentials(SecurityVersion securityVersion)
{
_securityVersion = securityVersion;
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes,
int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
: this(securityVersion, TrustVersion.Default, SecureConversationVersion.Default, emitBspRequiredAttributes, samlSerializer, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer1 samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes,
int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
: this(securityVersion, TrustVersion.Default, SecureConversationVersion.Default, emitBspRequiredAttributes, samlSerializer, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes,
int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
throw ExceptionHelper.PlatformNotSupported();
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, System.IdentityModel.Tokens.SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes, int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
}
internal SendSecurityHeader CreateSendSecurityHeader(Message message,
string actor, bool mustUnderstand, bool relay,
SecurityAlgorithmSuite algorithmSuite, MessageDirection direction)
{
return(SecurityVersion.CreateSendSecurityHeader(message, actor, mustUnderstand, relay, this, algorithmSuite, direction));
}
public WSKeyInfoSerializer(bool emitBspRequiredAttributes, DictionaryManager dictionaryManager, System.IdentityModel.TrustDictionary trustDictionary, SecurityTokenSerializer innerSecurityTokenSerializer, SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
: base(emitBspRequiredAttributes, dictionaryManager, trustDictionary, innerSecurityTokenSerializer, CreateAdditionalEntries(securityVersion, secureConversationVersion))
{
}
MessageSecurityTokenVersion(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, string toString, bool emitBspRequiredAttributes, params string[] supportedSpecs)
: base()
{
this.emitBspRequiredAttributes = emitBspRequiredAttributes;
this.supportedSpecs = new ReadOnlyCollection<string>(supportedSpecs);
this.toString = toString;
this.securityVersion = securityVersion;
this.trustVersion = trustVersion;
this.secureConversationVersion = secureConversationVersion;
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes)
: this(securityVersion, emitBspRequiredAttributes, new SamlSerializer())
{
}
public WSSecurityTokenSerializer (SecurityVersion securityVersion)
: this (securityVersion, false)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes,
int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength)
{
if (securityVersion == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("securityVersion"));
}
if (maximumKeyDerivationOffset < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationOffset", SRServiceModel.ValueMustBeNonNegative));
}
if (maximumKeyDerivationLabelLength < 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationLabelLength", SRServiceModel.ValueMustBeNonNegative));
}
if (maximumKeyDerivationNonceLength <= 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("maximumKeyDerivationNonceLength", SRServiceModel.ValueMustBeGreaterThanZero));
}
_securityVersion = securityVersion;
_emitBspRequiredAttributes = emitBspRequiredAttributes;
_maximumKeyDerivationOffset = maximumKeyDerivationOffset;
_maximumKeyDerivationNonceLength = maximumKeyDerivationNonceLength;
_maximumKeyDerivationLabelLength = maximumKeyDerivationLabelLength;
_serializerEntries = new List <SerializerEntries>();
if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
_secureConversation = new WSSecureConversationFeb2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
{
_secureConversation = new WSSecureConversationDec2005(this, securityStateEncoder, knownTypes, maximumKeyDerivationOffset, maximumKeyDerivationLabelLength, maximumKeyDerivationNonceLength);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
if (securityVersion == SecurityVersion.WSSecurity10)
{
_serializerEntries.Add(new WSSecurityJan2004(this, samlSerializer));
}
else if (securityVersion == SecurityVersion.WSSecurity11)
{
_serializerEntries.Add(new WSSecurityXXX2005(this, samlSerializer));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SRServiceModel.MessageSecurityVersionOutOfRange));
}
_serializerEntries.Add(_secureConversation);
IdentityModel.TrustDictionary trustDictionary;
if (trustVersion == TrustVersion.WSTrustFeb2005)
{
_serializerEntries.Add(new WSTrustFeb2005(this));
trustDictionary = new IdentityModel.TrustFeb2005Dictionary(new CollectionDictionary(DXD.TrustDec2005Dictionary.Feb2005DictionaryStrings));
}
else if (trustVersion == TrustVersion.WSTrust13)
{
_serializerEntries.Add(new WSTrustDec2005(this));
trustDictionary = new IdentityModel.TrustDec2005Dictionary(new CollectionDictionary(DXD.TrustDec2005Dictionary.Dec2005DictionaryString));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
_tokenEntries = new List <TokenEntry>();
for (int i = 0; i < _serializerEntries.Count; ++i)
{
SerializerEntries serializerEntry = _serializerEntries[i];
serializerEntry.PopulateTokenEntries(_tokenEntries);
}
IdentityModel.DictionaryManager dictionaryManager = new IdentityModel.DictionaryManager(ServiceModelDictionary.CurrentVersion);
dictionaryManager.SecureConversationDec2005Dictionary = new IdentityModel.SecureConversationDec2005Dictionary(new CollectionDictionary(DXD.SecureConversationDec2005Dictionary.SecureConversationDictionaryStrings));
dictionaryManager.SecurityAlgorithmDec2005Dictionary = new IdentityModel.SecurityAlgorithmDec2005Dictionary(new CollectionDictionary(DXD.SecurityAlgorithmDec2005Dictionary.SecurityAlgorithmDictionaryStrings));
_keyInfoSerializer = new WSKeyInfoSerializer(_emitBspRequiredAttributes, dictionaryManager, trustDictionary, this, securityVersion, secureConversationVersion);
}
public WSSecurityTokenSerializer (SecurityVersion securityVersion, bool emitBspRequiredAttributes)
: this (securityVersion, emitBspRequiredAttributes, new SamlSerializer ())
{
}
protected SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("version"));
}
return this.CreateSecurityTokenSerializer(MessageSecurityTokenVersion.GetSecurityTokenVersion(version, true));
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, System.IdentityModel.Tokens.SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes)
{
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, System.IdentityModel.Tokens.SamlSerializer samlSerializer)
{
}
public WSSecurityTokenSerializer (
SecurityVersion securityVersion,
bool emitBspRequiredAttributes,
SamlSerializer samlSerializer,
SecurityStateEncoder securityStateEncoder,
IEnumerable<Type> knownTypes,
int maximumKeyDerivationOffset,
int maximumKeyDerivationLabelLength,
int maximumKeyDerivationNonceLength)
{
security_version = securityVersion;
emit_bsp = emitBspRequiredAttributes;
saml_serializer = samlSerializer;
encoder = securityStateEncoder;
known_types = new List<Type> (knownTypes ?? Type.EmptyTypes);
max_offset = maximumKeyDerivationOffset;
max_label_length = maximumKeyDerivationLabelLength;
max_nonce_length = maximumKeyDerivationNonceLength;
if (encoder == null)
encoder = new DataProtectionSecurityStateEncoder ();
}
protected SecurityTokenSerializer CreateSecurityTokenSerializer (SecurityVersion version)
{
return new WSSecurityTokenSerializer (version);
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, System.IdentityModel.Tokens.SamlSerializer samlSerializer)
{
}
public abstract MessageSecurityVersion GetSupportedMessageSecurityVersion(SecurityVersion version);
public SignatureConfirmationElement(string id, byte[] signatureValue, SecurityVersion version)
{
Id = id ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(id));
_signatureValue = signatureValue ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(signatureValue));
_version = version;
}
public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer1 samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable <Type> knownTypes)
: this(securityVersion, emitBspRequiredAttributes, samlSerializer, securityStateEncoder, knownTypes, DefaultMaximumKeyDerivationOffset, DefaultMaximumKeyDerivationLabelLength, DefaultMaximumKeyDerivationNonceLength)
{
}
public CustomTokenSerializer(System.ServiceModel.Security.SecurityVersion sv)
: base(sv)
{
}
public static MessageSecurityTokenVersion GetSecurityTokenVersion(SecurityVersion version, bool emitBspAttributes)
{
if (version == SecurityVersion.WSSecurity10)
{
if (emitBspAttributes)
return MessageSecurityTokenVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10;
else
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
else if (version == SecurityVersion.WSSecurity11)
{
if (emitBspAttributes)
return MessageSecurityTokenVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10;
else
return MessageSecurityTokenVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005;
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
}
internal bool DoesMessageContainSecurityHeader(Message message)
{
return(SecurityVersion.DoesMessageContainSecurityHeader(message));
}