public override XmlElement CreateWsspSecureConversationTokenAssertion(MetadataExporter exporter, SecureConversationSecurityTokenParameters parameters)
 {
     XmlElement tokenAssertion = this.CreateWsspAssertion("SecureConversationToken");
     this.SetIncludeTokenValue(tokenAssertion, parameters.InclusionMode);
     tokenAssertion.AppendChild(this.CreateWspPolicyWrapper(exporter, new XmlElement[] { this.CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys), this.CreateWsspMustNotSendCancelAssertion(parameters.RequireCancellation), this.CreateWsspBootstrapPolicyAssertion(exporter, parameters.BootstrapSecurityBindingElement), this.CreateWsspMustNotSendAmendAssertion(), (!parameters.RequireCancellation || !parameters.CanRenewSession) ? this.CreateWsspMustNotSendRenewAssertion() : null }));
     return tokenAssertion;
 }
Exemplo n.º 2
0
 protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters source)
     : base(source)
 {
     this.element      = (SecurityBindingElement)source.element.Clone();
     this.cancellable  = source.cancellable;
     this.requirements = new ChannelProtectionRequirements(default_channel_protection_requirements);
 }
 void InitializeSecureConversationParameters(SecureConversationSecurityTokenParameters sc, bool initializeNestedBindings)
 {
     SetPropertyValueIfNotDefaultValue(ConfigurationStrings.RequireSecurityContextCancellation, sc.RequireCancellation);
     this.CanRenewSecurityContextToken = sc.CanRenewSession; // can't use default value optimization here because ApplyConfiguration relies on the runtime default instead, which is the opposite of the config default
     if (sc.BootstrapSecurityBindingElement != null)
     {
         this.SecureConversationBootstrap.InitializeFrom(sc.BootstrapSecurityBindingElement, initializeNestedBindings);
     }
 }
Exemplo n.º 4
0
        protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other)
            : base(other)
        {
            this.element     = (SecurityBindingElement)other.element.Clone();
            this.cancellable = other.cancellable;
#if !MOBILE && !XAMMAC_4_5
            this.requirements = new ChannelProtectionRequirements(default_channel_protection_requirements);
#endif
        }
        protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other)
            : base(other)
        {
            _requireCancellation = other._requireCancellation;
            _canRenewSession = other._canRenewSession;
            if (other._bootstrapSecurityBindingElement != null)
                _bootstrapSecurityBindingElement = (SecurityBindingElement)other._bootstrapSecurityBindingElement.Clone();

            if (other._issuerBindingContext != null)
                _issuerBindingContext = other._issuerBindingContext.Clone();
        }
 protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other)
     : base(other)
 {
     this.requireCancellation = other.requireCancellation;
     this.canRenewSession = other.canRenewSession;
     if (other.bootstrapSecurityBindingElement != null)
         this.bootstrapSecurityBindingElement = (SecurityBindingElement)other.bootstrapSecurityBindingElement.Clone();
     if (other.bootstrapProtectionRequirements != null)
         this.bootstrapProtectionRequirements = new ChannelProtectionRequirements(other.bootstrapProtectionRequirements);
     if (other.issuerBindingContext != null)
         this.issuerBindingContext = other.issuerBindingContext.Clone();
 }
 private void InitializeSecureConversationParameters(SecureConversationSecurityTokenParameters sc, bool initializeNestedBindings)
 {
     base.RequireSecurityContextCancellation = sc.RequireCancellation;
     if (!sc.CanRenewSession)
     {
         base.CanRenewSecurityContextToken = sc.CanRenewSession;
     }
     if (sc.BootstrapSecurityBindingElement != null)
     {
         this.SecureConversationBootstrap.InitializeFrom(sc.BootstrapSecurityBindingElement, initializeNestedBindings);
     }
 }
Exemplo n.º 8
0
        protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other)
            : base(other)
        {
            _requireCancellation = other._requireCancellation;
            _canRenewSession     = other._canRenewSession;
            if (other._bootstrapSecurityBindingElement != null)
            {
                _bootstrapSecurityBindingElement = (SecurityBindingElement)other._bootstrapSecurityBindingElement.Clone();
            }

            if (other._issuerBindingContext != null)
            {
                _issuerBindingContext = other._issuerBindingContext.Clone();
            }
        }
Exemplo n.º 9
0
 protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other)
     : base(other)
 {
     this.requireCancellation = other.requireCancellation;
     this.canRenewSession     = other.canRenewSession;
     if (other.bootstrapSecurityBindingElement != null)
     {
         this.bootstrapSecurityBindingElement = (SecurityBindingElement)other.bootstrapSecurityBindingElement.Clone();
     }
     if (other.bootstrapProtectionRequirements != null)
     {
         this.bootstrapProtectionRequirements = new ChannelProtectionRequirements(other.bootstrapProtectionRequirements);
     }
     if (other.issuerBindingContext != null)
     {
         this.issuerBindingContext = other.issuerBindingContext.Clone();
     }
 }
        public virtual bool TryImportWsspSecureConversationTokenAssertion(MetadataImporter importer, XmlElement assertion, out SecurityTokenParameters parameters)
        {
            parameters = null;

            SecurityTokenInclusionMode inclusionMode;
            Collection<Collection<XmlElement>> alternatives;

            if (IsWsspAssertion(assertion, SecureConversationTokenName)
                && TryGetIncludeTokenValue(assertion, out inclusionMode))
            {
                if (TryGetNestedPolicyAlternatives(importer, assertion, out alternatives))
                {
                    foreach (Collection<XmlElement> alternative in alternatives)
                    {
                        SecureConversationSecurityTokenParameters sc = new SecureConversationSecurityTokenParameters();
                        parameters = sc;
                        bool requireCancellation;
                        if (TryImportWsspRequireDerivedKeysAssertion(alternative, sc)
                            && TryImportWsspMustNotSendCancelAssertion(alternative, out requireCancellation)
                            && TryImportWsspBootstrapPolicyAssertion(importer, alternative, sc)
                            && alternative.Count == 0)
                        {
                            sc.RequireCancellation = requireCancellation;
                            sc.InclusionMode = inclusionMode;
                            break;
                        }
                        else
                        {
                            parameters = null;
                        }
                    }
                }
                else
                {
                    parameters = new SecureConversationSecurityTokenParameters();
                    parameters.InclusionMode = inclusionMode;
                    parameters.RequireDerivedKeys = false;
                }
            }

            return parameters != null;
        }
 public virtual XmlElement CreateWsspSecureConversationTokenAssertion(MetadataExporter exporter, SecureConversationSecurityTokenParameters parameters)
 {
     XmlElement result = CreateWsspAssertion(SecureConversationTokenName);
     SetIncludeTokenValue(result, parameters.InclusionMode);
     result.AppendChild(
         CreateWspPolicyWrapper(
             exporter,
             CreateWsspRequireDerivedKeysAssertion(parameters.RequireDerivedKeys),
             CreateWsspMustNotSendCancelAssertion(parameters.RequireCancellation),
             CreateWsspBootstrapPolicyAssertion(exporter, parameters.BootstrapSecurityBindingElement)
     ));
     return result;
 }
        public virtual bool TryImportWsspBootstrapPolicyAssertion(MetadataImporter importer, ICollection<XmlElement> assertions, SecureConversationSecurityTokenParameters parameters)
        {
            bool result = false;

            XmlElement assertion;
            Collection<Collection<XmlElement>> alternatives;

            if (TryImportWsspAssertion(assertions, BootstrapPolicyName, out assertion)
                && TryGetNestedPolicyAlternatives(importer, assertion, out alternatives))
            {
                BindingElementCollection bindingElements;
                importer.State[SecurityBindingElementImporter.InSecureConversationBootstrapBindingImportMode] = SecurityBindingElementImporter.InSecureConversationBootstrapBindingImportMode;
                try
                {
                    bindingElements = importer.ImportPolicy(NullServiceEndpoint, alternatives);
                    if (importer.State.ContainsKey(SecurityBindingElementImporter.SecureConversationBootstrapEncryptionRequirements))
                    {
                        MessagePartSpecification encryption = (MessagePartSpecification)importer.State[SecurityBindingElementImporter.SecureConversationBootstrapEncryptionRequirements];
                        if (encryption.IsBodyIncluded != true)
                        {
                            importer.Errors.Add(new MetadataConversionError(SR.GetString(SR.UnsupportedSecureConversationBootstrapProtectionRequirements), false));
                            bindingElements = null;
                        }
                    }
                    if (importer.State.ContainsKey(SecurityBindingElementImporter.SecureConversationBootstrapSignatureRequirements))
                    {
                        MessagePartSpecification signature = (MessagePartSpecification)importer.State[SecurityBindingElementImporter.SecureConversationBootstrapSignatureRequirements];
                        if (signature.IsBodyIncluded != true)
                        {
                            importer.Errors.Add(new MetadataConversionError(SR.GetString(SR.UnsupportedSecureConversationBootstrapProtectionRequirements), false));
                            bindingElements = null;
                        }
                    }
                }
                finally
                {
                    importer.State.Remove(SecurityBindingElementImporter.InSecureConversationBootstrapBindingImportMode);
                    if (importer.State.ContainsKey(SecurityBindingElementImporter.SecureConversationBootstrapEncryptionRequirements))
                        importer.State.Remove(SecurityBindingElementImporter.SecureConversationBootstrapEncryptionRequirements);
                    if (importer.State.ContainsKey(SecurityBindingElementImporter.SecureConversationBootstrapSignatureRequirements))
                        importer.State.Remove(SecurityBindingElementImporter.SecureConversationBootstrapSignatureRequirements);
                }
                if (bindingElements != null)
                {
                    parameters.BootstrapSecurityBindingElement = bindingElements.Find<SecurityBindingElement>();
                    return true;
                }
                else
                {
                    parameters.BootstrapSecurityBindingElement = null;
                    return true; // Consider returning false here.
                }
            }

            return result;
        }
		public MySecureConversationSecurityTokenParameters (SecureConversationSecurityTokenParameters clone)
			: base (clone)
		{
		}
Exemplo n.º 14
0
		public void GetPropertySecurityCapabilities ()
		{
			ISecurityCapabilities c;
			RsaSecurityTokenParameters rsa =
				new RsaSecurityTokenParameters ();
			UserNameSecurityTokenParameters user =
				new UserNameSecurityTokenParameters ();
			X509SecurityTokenParameters x509 =
				new X509SecurityTokenParameters ();
			SecureConversationSecurityTokenParameters sc1 =
				new SecureConversationSecurityTokenParameters ();
			sc1.BootstrapSecurityBindingElement =
				new SymmetricSecurityBindingElement (); // empty
			SecureConversationSecurityTokenParameters sc2 =
				new SecureConversationSecurityTokenParameters ();
			sc2.BootstrapSecurityBindingElement =
				new SymmetricSecurityBindingElement (x509);
			SecureConversationSecurityTokenParameters sc3 =
				new SecureConversationSecurityTokenParameters ();
			sc3.BootstrapSecurityBindingElement =
				new AsymmetricSecurityBindingElement (null, x509);
			SecureConversationSecurityTokenParameters sc4 =
				new SecureConversationSecurityTokenParameters ();
			sc4.BootstrapSecurityBindingElement =
				new AsymmetricSecurityBindingElement (x509, null);

			// no parameters
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement ());
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				false, false, false, c, "#1");

			// x509 parameters for both
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement (x509));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, true, true, c, "#2");

			// no initiator parameters
			c = GetSecurityCapabilities (
				new AsymmetricSecurityBindingElement (x509, null));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				false, false, true, c, "#3");

			// no recipient parameters
			c = GetSecurityCapabilities (
				new AsymmetricSecurityBindingElement (null, x509));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, true, false, c, "#4");

			// initiator does not support identity
			c = GetSecurityCapabilities (
				new AsymmetricSecurityBindingElement (x509, rsa));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, false, true, c, "#5");

			// recipient does not support server auth
			c = GetSecurityCapabilities (
				new AsymmetricSecurityBindingElement (user, x509));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, true, false, c, "#6");

			// secureconv with no symm. bootstrap params
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement (sc1));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				false, false, false, c, "#7");

			// secureconv with x509 symm. bootstrap params
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement (sc2));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, true, true, c, "#8");

			// secureconv with x509 initiator bootstrap params
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement (sc3));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, true, false, c, "#9");

			// secureconv with x509 recipient bootstrap params
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement (sc4));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				false, false, true, c, "#10");

			// FIXME: find out such cases that returns other ProtectionLevel values.
		}
		protected SecureConversationSecurityTokenParameters (SecureConversationSecurityTokenParameters source)
			: base (source)
		{
			this.element = (SecurityBindingElement) source.element.Clone ();
			this.cancellable = source.cancellable;
#if !MOBILE && !XAMMAC_4_5
			this.requirements = new ChannelProtectionRequirements (default_channel_protection_requirements);
#endif
		}
Exemplo n.º 16
0
 protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other)
 {
     Contract.Requires(other != null);
 }
 protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other)
 {
   Contract.Requires(other != null);
 }
 public virtual bool TryImportWsspSecureConversationTokenAssertion(MetadataImporter importer, XmlElement assertion, out SecurityTokenParameters parameters)
 {
     SecurityTokenInclusionMode mode;
     parameters = null;
     if (this.IsWsspAssertion(assertion, "SecureConversationToken") && this.TryGetIncludeTokenValue(assertion, out mode))
     {
         Collection<Collection<XmlElement>> collection;
         if (this.TryGetNestedPolicyAlternatives(importer, assertion, out collection))
         {
             foreach (Collection<XmlElement> collection2 in collection)
             {
                 bool flag;
                 SecureConversationSecurityTokenParameters parameters2 = new SecureConversationSecurityTokenParameters();
                 parameters = parameters2;
                 if ((this.TryImportWsspRequireDerivedKeysAssertion(collection2, parameters2) && this.TryImportWsspMustNotSendCancelAssertion(collection2, out flag)) && (this.TryImportWsspBootstrapPolicyAssertion(importer, collection2, parameters2) && (collection2.Count == 0)))
                 {
                     parameters2.RequireCancellation = flag;
                     parameters2.InclusionMode = mode;
                     break;
                 }
                 parameters = null;
             }
         }
         else
         {
             parameters = new SecureConversationSecurityTokenParameters();
             parameters.InclusionMode = mode;
             parameters.RequireDerivedKeys = false;
         }
     }
     return (parameters != null);
 }
 public virtual bool TryImportWsspBootstrapPolicyAssertion(MetadataImporter importer, ICollection<XmlElement> assertions, SecureConversationSecurityTokenParameters parameters)
 {
     XmlElement element;
     Collection<Collection<XmlElement>> collection;
     BindingElementCollection elements;
     bool flag = false;
     if (!this.TryImportWsspAssertion(assertions, "BootstrapPolicy", out element) || !this.TryGetNestedPolicyAlternatives(importer, element, out collection))
     {
         return flag;
     }
     importer.State["InSecureConversationBootstrapBindingImportMode"] = "InSecureConversationBootstrapBindingImportMode";
     try
     {
         elements = importer.ImportPolicy(NullServiceEndpoint, collection);
         if (importer.State.ContainsKey("SecureConversationBootstrapEncryptionRequirements"))
         {
             MessagePartSpecification specification = (MessagePartSpecification) importer.State["SecureConversationBootstrapEncryptionRequirements"];
             if (!specification.IsBodyIncluded)
             {
                 importer.Errors.Add(new MetadataConversionError(System.ServiceModel.SR.GetString("UnsupportedSecureConversationBootstrapProtectionRequirements"), false));
                 elements = null;
             }
         }
         if (importer.State.ContainsKey("SecureConversationBootstrapSignatureRequirements"))
         {
             MessagePartSpecification specification2 = (MessagePartSpecification) importer.State["SecureConversationBootstrapSignatureRequirements"];
             if (!specification2.IsBodyIncluded)
             {
                 importer.Errors.Add(new MetadataConversionError(System.ServiceModel.SR.GetString("UnsupportedSecureConversationBootstrapProtectionRequirements"), false));
                 elements = null;
             }
         }
     }
     finally
     {
         importer.State.Remove("InSecureConversationBootstrapBindingImportMode");
         if (importer.State.ContainsKey("SecureConversationBootstrapEncryptionRequirements"))
         {
             importer.State.Remove("SecureConversationBootstrapEncryptionRequirements");
         }
         if (importer.State.ContainsKey("SecureConversationBootstrapSignatureRequirements"))
         {
             importer.State.Remove("SecureConversationBootstrapSignatureRequirements");
         }
     }
     if (elements != null)
     {
         parameters.BootstrapSecurityBindingElement = elements.Find<SecurityBindingElement>();
         return true;
     }
     parameters.BootstrapSecurityBindingElement = null;
     return true;
 }