protected override SecurityProtocolCorrelationState VerifyIncomingMessageCore(ref Message message, string actor, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates)
{
IList <SupportingTokenAuthenticatorSpecification> list;
SymmetricSecurityProtocolFactory factory = this.Factory;
TimeoutHelper helper = new TimeoutHelper(timeout);
ReceiveSecurityHeader securityHeader = base.ConfigureReceiveSecurityHeader(message, string.Empty, correlationStates, out list);
SecurityToken requiredSigningToken = null;
if (this.Factory.ActAsInitiator)
{
SecurityTokenParameters parameters;
SecurityToken correlationToken = this.GetCorrelationToken(correlationStates, out parameters);
securityHeader.ConfigureSymmetricBindingClientReceiveHeader(correlationToken, parameters);
requiredSigningToken = correlationToken;
}
else
{
if (factory.RecipientSymmetricTokenAuthenticator != null)
{
securityHeader.ConfigureSymmetricBindingServerReceiveHeader(this.Factory.RecipientSymmetricTokenAuthenticator, this.Factory.SecurityTokenParameters, list);
}
else
{
securityHeader.ConfigureSymmetricBindingServerReceiveHeader(this.Factory.RecipientAsymmetricTokenProvider.GetToken(helper.RemainingTime()), this.Factory.SecurityTokenParameters, list);
securityHeader.WrappedKeySecurityTokenAuthenticator = this.Factory.WrappedKeySecurityTokenAuthenticator;
}
securityHeader.ConfigureOutOfBandTokenResolver(base.MergeOutOfBandResolvers(list, this.Factory.RecipientOutOfBandTokenResolverList));
}
base.ProcessSecurityHeader(securityHeader, ref message, requiredSigningToken, helper.RemainingTime(), correlationStates);
SecurityToken signatureToken = securityHeader.SignatureToken;
if (factory.RequireIntegrity)
{
if (factory.SecurityTokenParameters.HasAsymmetricKey)
{
this.EnsureWrappedToken(signatureToken, message);
}
else
{
MessageSecurityProtocol.EnsureNonWrappedToken(signatureToken, message);
}
if (factory.ActAsInitiator)
{
if (!factory.SecurityTokenParameters.HasAsymmetricKey)
{
ReadOnlyCollection <IAuthorizationPolicy> protectionTokenPolicies = this.initiatorTokenAuthenticator.ValidateToken(signatureToken);
base.DoIdentityCheckAndAttachInitiatorSecurityProperty(message, signatureToken, protectionTokenPolicies);
}
else
{
SecurityToken wrappingToken = (signatureToken as WrappedKeySecurityToken).WrappingToken;
ReadOnlyCollection <IAuthorizationPolicy> onlys2 = this.initiatorTokenAuthenticator.ValidateToken(wrappingToken);
base.DoIdentityCheckAndAttachInitiatorSecurityProperty(message, signatureToken, onlys2);
}
}
else
{
base.AttachRecipientSecurityProperty(message, signatureToken, this.Factory.SecurityTokenParameters.HasAsymmetricKey, securityHeader.BasicSupportingTokens, securityHeader.EndorsingSupportingTokens, securityHeader.SignedEndorsingSupportingTokens, securityHeader.SignedSupportingTokens, securityHeader.SecurityTokenAuthorizationPoliciesMapping);
}
}
return(base.GetCorrelationState(signatureToken, securityHeader));
}
protected override SecurityProtocolCorrelationState VerifyIncomingMessageCore(ref Message message, string actor, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates)
{
IList <SupportingTokenAuthenticatorSpecification> list;
AsymmetricSecurityProtocolFactory factory = this.Factory;
TimeoutHelper helper = new TimeoutHelper(timeout);
ReceiveSecurityHeader securityHeader = base.ConfigureReceiveSecurityHeader(message, string.Empty, correlationStates, out list);
SecurityToken requiredSigningToken = null;
if (factory.ActAsInitiator)
{
SecurityTokenAuthenticator initiatorAsymmetricTokenAuthenticator;
SecurityToken token = null;
SecurityToken primaryToken = null;
if (factory.RequireIntegrity)
{
primaryToken = SecurityProtocol.GetToken(this.initiatorAsymmetricTokenProvider, null, helper.RemainingTime());
requiredSigningToken = primaryToken;
}
if (factory.RequireConfidentiality)
{
token = base.GetCorrelationToken(correlationStates);
if (!System.ServiceModel.Security.SecurityUtils.HasSymmetricSecurityKey(token))
{
securityHeader.WrappedKeySecurityTokenAuthenticator = this.Factory.WrappedKeySecurityTokenAuthenticator;
}
}
if (factory.AllowSerializedSigningTokenOnReply)
{
initiatorAsymmetricTokenAuthenticator = this.initiatorAsymmetricTokenAuthenticator;
requiredSigningToken = null;
}
else
{
initiatorAsymmetricTokenAuthenticator = null;
}
securityHeader.ConfigureAsymmetricBindingClientReceiveHeader(primaryToken, factory.AsymmetricTokenParameters, token, factory.CryptoTokenParameters, initiatorAsymmetricTokenAuthenticator);
}
else
{
SecurityToken token4;
if ((this.Factory.RecipientAsymmetricTokenProvider != null) && this.Factory.RequireConfidentiality)
{
token4 = SecurityProtocol.GetToken(factory.RecipientAsymmetricTokenProvider, null, helper.RemainingTime());
}
else
{
token4 = null;
}
securityHeader.ConfigureAsymmetricBindingServerReceiveHeader(this.Factory.RecipientCryptoTokenAuthenticator, this.Factory.CryptoTokenParameters, token4, this.Factory.AsymmetricTokenParameters, list);
securityHeader.WrappedKeySecurityTokenAuthenticator = this.Factory.WrappedKeySecurityTokenAuthenticator;
securityHeader.ConfigureOutOfBandTokenResolver(base.MergeOutOfBandResolvers(list, this.Factory.RecipientOutOfBandTokenResolverList));
}
base.ProcessSecurityHeader(securityHeader, ref message, requiredSigningToken, helper.RemainingTime(), correlationStates);
SecurityToken signatureToken = securityHeader.SignatureToken;
SecurityToken encryptionToken = securityHeader.EncryptionToken;
if (factory.RequireIntegrity)
{
if (factory.ActAsInitiator)
{
ReadOnlyCollection <IAuthorizationPolicy> recipientTokenPolicies = this.initiatorAsymmetricTokenAuthenticator.ValidateToken(signatureToken);
MessageSecurityProtocol.EnsureNonWrappedToken(signatureToken, message);
this.DoIdentityCheckAndAttachInitiatorSecurityProperty(message, encryptionToken, signatureToken, recipientTokenPolicies);
}
else
{
MessageSecurityProtocol.EnsureNonWrappedToken(signatureToken, message);
this.AttachRecipientSecurityProperty(message, signatureToken, encryptionToken, securityHeader.BasicSupportingTokens, securityHeader.EndorsingSupportingTokens, securityHeader.SignedEndorsingSupportingTokens, securityHeader.SignedSupportingTokens, securityHeader.SecurityTokenAuthorizationPoliciesMapping);
}
}
return(base.GetCorrelationState(signatureToken, securityHeader));
}