internal SecurityBindingElement(SecurityBindingElement elementToBeCloned)
: base(elementToBeCloned)
{
if (elementToBeCloned == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(elementToBeCloned));
}
_defaultAlgorithmSuite = elementToBeCloned._defaultAlgorithmSuite;
IncludeTimestamp = elementToBeCloned.IncludeTimestamp;
_keyEntropyMode = elementToBeCloned._keyEntropyMode;
_messageSecurityVersion = elementToBeCloned._messageSecurityVersion;
_securityHeaderLayout = elementToBeCloned._securityHeaderLayout;
EndpointSupportingTokenParameters = elementToBeCloned.EndpointSupportingTokenParameters.Clone();
OptionalEndpointSupportingTokenParameters = elementToBeCloned.OptionalEndpointSupportingTokenParameters.Clone();
_operationSupportingTokenParameters = new Dictionary <string, SupportingTokenParameters>();
foreach (string key in elementToBeCloned._operationSupportingTokenParameters.Keys)
{
_operationSupportingTokenParameters[key] = elementToBeCloned._operationSupportingTokenParameters[key].Clone();
}
_optionalOperationSupportingTokenParameters = new Dictionary <string, SupportingTokenParameters>();
foreach (string key in elementToBeCloned._optionalOperationSupportingTokenParameters.Keys)
{
_optionalOperationSupportingTokenParameters[key] = elementToBeCloned._optionalOperationSupportingTokenParameters[key].Clone();
}
LocalClientSettings = elementToBeCloned.LocalClientSettings.Clone();
MaxReceivedMessageSize = elementToBeCloned.MaxReceivedMessageSize;
ReaderQuotas = elementToBeCloned.ReaderQuotas;
EnableUnsecuredResponse = elementToBeCloned.EnableUnsecuredResponse;
}
public static void Validate(SecurityHeaderLayout value)
{
if (!IsDefined(value))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidEnumArgumentException("value", (int)value, typeof(SecurityHeaderLayout)));
}
}
internal SecurityBindingElement(SecurityBindingElement elementToBeCloned)
: base(elementToBeCloned)
{
if (elementToBeCloned == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("elementToBeCloned");
}
this.defaultAlgorithmSuite = elementToBeCloned.defaultAlgorithmSuite;
this.includeTimestamp = elementToBeCloned.includeTimestamp;
this.keyEntropyMode = elementToBeCloned.keyEntropyMode;
this.messageSecurityVersion = elementToBeCloned.messageSecurityVersion;
this.securityHeaderLayout = elementToBeCloned.securityHeaderLayout;
this.endpointSupportingTokenParameters = (SupportingTokenParameters)elementToBeCloned.endpointSupportingTokenParameters.Clone();
this.optionalEndpointSupportingTokenParameters = (SupportingTokenParameters)elementToBeCloned.optionalEndpointSupportingTokenParameters.Clone();
this.operationSupportingTokenParameters = new Dictionary <string, SupportingTokenParameters>();
foreach (string key in elementToBeCloned.operationSupportingTokenParameters.Keys)
{
this.operationSupportingTokenParameters[key] = (SupportingTokenParameters)elementToBeCloned.operationSupportingTokenParameters[key].Clone();
}
this.optionalOperationSupportingTokenParameters = new Dictionary <string, SupportingTokenParameters>();
foreach (string key in elementToBeCloned.optionalOperationSupportingTokenParameters.Keys)
{
this.optionalOperationSupportingTokenParameters[key] = (SupportingTokenParameters)elementToBeCloned.optionalOperationSupportingTokenParameters[key].Clone();
}
this.localServiceSettings = (LocalServiceSecuritySettings)elementToBeCloned.localServiceSettings.Clone();
// this.internalDuplexBindingElement = elementToBeCloned.internalDuplexBindingElement;
this.maxReceivedMessageSize = elementToBeCloned.maxReceivedMessageSize;
this.readerQuotas = elementToBeCloned.readerQuotas;
this.doNotEmitTrust = elementToBeCloned.doNotEmitTrust;
this.allowInsecureTransport = elementToBeCloned.allowInsecureTransport;
this.enableUnsecuredResponse = elementToBeCloned.enableUnsecuredResponse;
this.supportsExtendedProtectionPolicy = elementToBeCloned.supportsExtendedProtectionPolicy;
this.protectTokens = elementToBeCloned.protectTokens;
}
public static bool IsDefined(SecurityHeaderLayout value)
{
return(value == SecurityHeaderLayout.Lax ||
value == SecurityHeaderLayout.LaxTimestampFirst ||
value == SecurityHeaderLayout.LaxTimestampLast ||
value == SecurityHeaderLayout.Strict);
}
public static bool IsDefined(SecurityHeaderLayout value)
{
return (value == SecurityHeaderLayout.Lax
|| value == SecurityHeaderLayout.LaxTimestampFirst
|| value == SecurityHeaderLayout.LaxTimestampLast
|| value == SecurityHeaderLayout.Strict);
}
internal SecurityBindingElement(SecurityBindingElement elementToBeCloned)
: base(elementToBeCloned)
{
if (elementToBeCloned == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(elementToBeCloned));
}
_defaultAlgorithmSuite = elementToBeCloned._defaultAlgorithmSuite;
IncludeTimestamp = elementToBeCloned.IncludeTimestamp;
_keyEntropyMode = elementToBeCloned._keyEntropyMode;
_messageSecurityVersion = elementToBeCloned._messageSecurityVersion;
_securityHeaderLayout = elementToBeCloned._securityHeaderLayout;
EndpointSupportingTokenParameters = (SupportingTokenParameters)elementToBeCloned.EndpointSupportingTokenParameters.Clone();
OptionalEndpointSupportingTokenParameters = (SupportingTokenParameters)elementToBeCloned.OptionalEndpointSupportingTokenParameters.Clone();
_operationSupportingTokenParameters = new Dictionary <string, SupportingTokenParameters>();
foreach (string key in elementToBeCloned._operationSupportingTokenParameters.Keys)
{
_operationSupportingTokenParameters[key] = (SupportingTokenParameters)elementToBeCloned._operationSupportingTokenParameters[key].Clone();
}
_optionalOperationSupportingTokenParameters = new Dictionary <string, SupportingTokenParameters>();
foreach (string key in elementToBeCloned._optionalOperationSupportingTokenParameters.Keys)
{
_optionalOperationSupportingTokenParameters[key] = (SupportingTokenParameters)elementToBeCloned._optionalOperationSupportingTokenParameters[key].Clone();
}
LocalServiceSettings = (LocalServiceSecuritySettings)elementToBeCloned.LocalServiceSettings.Clone();
// this.internalDuplexBindingElement = elementToBeCloned.internalDuplexBindingElement;
MaxReceivedMessageSize = elementToBeCloned.MaxReceivedMessageSize;
ReaderQuotas = elementToBeCloned.ReaderQuotas;
DoNotEmitTrust = elementToBeCloned.DoNotEmitTrust;
AllowInsecureTransport = elementToBeCloned.AllowInsecureTransport;
EnableUnsecuredResponse = elementToBeCloned.EnableUnsecuredResponse;
SupportsExtendedProtectionPolicy = elementToBeCloned.SupportsExtendedProtectionPolicy;
ProtectTokens = elementToBeCloned.ProtectTokens;
}
public static void Validate(SecurityHeaderLayout value)
{
if (!IsDefined(value))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidEnumArgumentException("value", (int)value,
typeof(SecurityHeaderLayout)));
}
}
public static bool IsDefined(SecurityHeaderLayout value)
{
if (((value != SecurityHeaderLayout.Lax) && (value != SecurityHeaderLayout.LaxTimestampFirst)) && (value != SecurityHeaderLayout.LaxTimestampLast))
{
return(value == SecurityHeaderLayout.Strict);
}
return(true);
}
internal SecurityBindingElement()
: base()
{
_messageSecurityVersion = MessageSecurityVersion.Default;
_includeTimestamp = defaultIncludeTimestamp;
_localClientSettings = new LocalClientSecuritySettings();
_endpointSupportingTokenParameters = new SupportingTokenParameters();
_securityHeaderLayout = SecurityProtocolFactory.defaultSecurityHeaderLayout;
}
internal SecurityBindingElement()
: base()
{
_messageSecurityVersion = MessageSecurityVersion.Default;
_includeTimestamp = defaultIncludeTimestamp;
_localClientSettings = new LocalClientSecuritySettings();
_endpointSupportingTokenParameters = new SupportingTokenParameters();
_securityHeaderLayout = SecurityProtocolFactory.defaultSecurityHeaderLayout;
throw ExceptionHelper.PlatformNotSupported("SecurityBindingElement is not supported");
}
public static SecurityHeaderElementInferenceEngine GetInferenceEngine(SecurityHeaderLayout layout)
{
SecurityHeaderLayoutHelper.Validate(layout);
switch (layout)
{
case SecurityHeaderLayout.Strict:
return(StrictModeSecurityHeaderElementInferenceEngine.Instance);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException(nameof(layout)));
}
}
public static void AssertSymmetricSecurityBindingElement(
SecurityAlgorithmSuite algorithm,
bool includeTimestamp,
SecurityKeyEntropyMode keyEntropyMode,
MessageProtectionOrder messageProtectionOrder,
MessageSecurityVersion messageSecurityVersion,
bool requireSignatureConfirmation,
SecurityHeaderLayout securityHeaderLayout,
// EndpointSupportingTokenParameters
int endorsing, int signed, int signedEncrypted, int signedEndorsing,
// ProtectionTokenParameters
bool hasProtectionTokenParameters,
SecurityTokenInclusionMode protectionTokenInclusionMode,
SecurityTokenReferenceStyle protectionTokenReferenceStyle,
bool protectionTokenRequireDerivedKeys,
// LocalClientSettings
bool cacheCookies,
int renewalThresholdPercentage,
bool detectReplays,
SymmetricSecurityBindingElement be, string label)
{
AssertSecurityBindingElement(
algorithm,
includeTimestamp,
keyEntropyMode,
messageSecurityVersion,
securityHeaderLayout,
// EndpointSupportingTokenParameters
endorsing, signed, signedEncrypted, signedEndorsing,
// LocalClientSettings
cacheCookies,
renewalThresholdPercentage,
detectReplays,
be, label);
Assert.AreEqual(messageProtectionOrder, be.MessageProtectionOrder, label + ".MessageProtectionOrder");
Assert.AreEqual(requireSignatureConfirmation, be.RequireSignatureConfirmation, label + ".RequireSignatureConfirmation");
if (!hasProtectionTokenParameters)
{
Assert.IsNull(be.ProtectionTokenParameters, label + ".ProtectionTokenParameters (null)");
}
else
{
AssertSecurityTokenParameters(
protectionTokenInclusionMode,
protectionTokenReferenceStyle,
protectionTokenRequireDerivedKeys,
be.ProtectionTokenParameters, label + ".ProtectionTokenParameters");
}
}
internal SecurityBindingElement()
: base()
{
_messageSecurityVersion = MessageSecurityVersion.Default;
_keyEntropyMode = AcceleratedTokenProvider.defaultKeyEntropyMode;
IncludeTimestamp = defaultIncludeTimestamp;
_defaultAlgorithmSuite = defaultDefaultAlgorithmSuite;
LocalClientSettings = new LocalClientSecuritySettings();
EndpointSupportingTokenParameters = new SupportingTokenParameters();
OptionalEndpointSupportingTokenParameters = new SupportingTokenParameters();
_operationSupportingTokenParameters = new Dictionary <string, SupportingTokenParameters>();
_optionalOperationSupportingTokenParameters = new Dictionary <string, SupportingTokenParameters>();
_securityHeaderLayout = SecurityProtocolFactory.defaultSecurityHeaderLayout;
}
internal SecurityBindingElement(SecurityBindingElement elementToBeCloned)
: base(elementToBeCloned)
{
if (elementToBeCloned == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("elementToBeCloned");
}
_includeTimestamp = elementToBeCloned._includeTimestamp;
_messageSecurityVersion = elementToBeCloned._messageSecurityVersion;
_securityHeaderLayout = elementToBeCloned._securityHeaderLayout;
_endpointSupportingTokenParameters = elementToBeCloned._endpointSupportingTokenParameters.Clone();
_localClientSettings = elementToBeCloned._localClientSettings.Clone();
throw ExceptionHelper.PlatformNotSupported("SecurityBindingElement cloning not supported.");
}
internal SecurityBindingElement(SecurityBindingElement elementToBeCloned)
: base(elementToBeCloned)
{
if (elementToBeCloned == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("elementToBeCloned");
}
_includeTimestamp = elementToBeCloned._includeTimestamp;
_messageSecurityVersion = elementToBeCloned._messageSecurityVersion;
_securityHeaderLayout = elementToBeCloned._securityHeaderLayout;
_endpointSupportingTokenParameters = elementToBeCloned._endpointSupportingTokenParameters.Clone();
_localClientSettings = elementToBeCloned._localClientSettings.Clone();
_maxReceivedMessageSize = elementToBeCloned._maxReceivedMessageSize;
_readerQuotas = elementToBeCloned._readerQuotas;
}
internal SecurityBindingElement()
: base()
{
_messageSecurityVersion = MessageSecurityVersion.Default;
_keyEntropyMode = SecurityKeyEntropyMode.CombinedEntropy; // AcceleratedTokenProvider.defaultKeyEntropyMode;
IncludeTimestamp = DefaultIncludeTimestamp;
_defaultAlgorithmSuite = s_defaultDefaultAlgorithmSuite;
LocalServiceSettings = new LocalServiceSecuritySettings();
EndpointSupportingTokenParameters = new SupportingTokenParameters();
OptionalEndpointSupportingTokenParameters = new SupportingTokenParameters();
_operationSupportingTokenParameters = new Dictionary <string, SupportingTokenParameters>();
_optionalOperationSupportingTokenParameters = new Dictionary <string, SupportingTokenParameters>();
_securityHeaderLayout = SecurityHeaderLayout.Strict; // SecurityProtocolFactory.defaultSecurityHeaderLayout;
AllowInsecureTransport = DefaultAllowInsecureTransport;
EnableUnsecuredResponse = DefaultEnableUnsecuredResponse;
ProtectTokens = DefaultProtectTokens;
}
public static SecurityHeaderElementInferenceEngine GetInferenceEngine(SecurityHeaderLayout layout)
{
SecurityHeaderLayoutHelper.Validate(layout);
switch (layout)
{
case SecurityHeaderLayout.Strict:
return StrictModeSecurityHeaderElementInferenceEngine.Instance;
case SecurityHeaderLayout.Lax:
return LaxModeSecurityHeaderElementInferenceEngine.Instance;
case SecurityHeaderLayout.LaxTimestampFirst:
return LaxTimestampFirstModeSecurityHeaderElementInferenceEngine.Instance;
case SecurityHeaderLayout.LaxTimestampLast:
return LaxTimestampLastModeSecurityHeaderElementInferenceEngine.Instance;
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("layout"));
}
}
public static SecurityHeaderElementInferenceEngine GetInferenceEngine(SecurityHeaderLayout layout)
{
SecurityHeaderLayoutHelper.Validate(layout);
switch (layout)
{
case SecurityHeaderLayout.Strict:
return(StrictModeSecurityHeaderElementInferenceEngine.Instance);
case SecurityHeaderLayout.Lax:
return(LaxModeSecurityHeaderElementInferenceEngine.Instance);
case SecurityHeaderLayout.LaxTimestampFirst:
return(LaxTimestampFirstModeSecurityHeaderElementInferenceEngine.Instance);
case SecurityHeaderLayout.LaxTimestampLast:
return(LaxTimestampLastModeSecurityHeaderElementInferenceEngine.Instance);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("layout"));
}
public virtual XmlElement CreateLayoutAssertion(SecurityHeaderLayout layout)
{
switch (layout)
{
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("layout"));
case SecurityHeaderLayout.Lax:
return CreateWsspAssertion(LaxName);
case SecurityHeaderLayout.LaxTimestampFirst:
return CreateWsspAssertion(LaxTsFirstName);
case SecurityHeaderLayout.LaxTimestampLast:
return CreateWsspAssertion(LaxTsLastName);
case SecurityHeaderLayout.Strict:
return CreateWsspAssertion(StrictName);
}
}
public static void AssertSecurityBindingElement(
SecurityAlgorithmSuite algorithm,
bool includeTimestamp,
SecurityKeyEntropyMode keyEntropyMode,
MessageSecurityVersion messageSecurityVersion,
SecurityHeaderLayout securityHeaderLayout,
// EndpointSupportingTokenParameters
int endorsing, int signed, int signedEncrypted, int signedEndorsing,
// LocalClientSettings
bool cacheCookies,
int renewalThresholdPercentage,
bool detectReplays,
SecurityBindingElement be, string label)
{
Assert.AreEqual(algorithm, be.DefaultAlgorithmSuite, label + ".DefaultAlgorithmSuite");
Assert.AreEqual(includeTimestamp, be.IncludeTimestamp, label + ".KeyEntropyMode");
Assert.AreEqual(keyEntropyMode,
be.KeyEntropyMode, label + "#3");
Assert.AreEqual(messageSecurityVersion,
be.MessageSecurityVersion, label + ".MessageSecurityVersion");
Assert.AreEqual(securityHeaderLayout,
be.SecurityHeaderLayout, label + ".SecurityHeaderLayout");
// FIXME: they should be extracted step by step...
// EndpointSupportingTokenParameters
SupportingTokenParameters tp = be.EndpointSupportingTokenParameters;
AssertSupportingTokenParameters(
endorsing, signed, signedEncrypted, signedEndorsing,
tp, label + ".Endpoint");
// OptionalEndpointSupportingTokenParameters
tp = be.OptionalEndpointSupportingTokenParameters;
Assert.IsNotNull(tp, label + "#3-0");
Assert.AreEqual(0, tp.Endorsing.Count, label + "#3-1");
Assert.AreEqual(0, tp.Signed.Count, label + "#3-2");
Assert.AreEqual(0, tp.SignedEncrypted.Count, label + "#3-3");
Assert.AreEqual(0, tp.SignedEndorsing.Count, label + "#3-4");
// OperationSupportingTokenParameters
IDictionary <string, SupportingTokenParameters> oper = be.OperationSupportingTokenParameters;
Assert.IsNotNull(oper, label + "#4-1");
Assert.AreEqual(0, oper.Count, label + "#4-2");
// OptionalOperationSupportingTokenParameters
oper = be.OptionalOperationSupportingTokenParameters;
Assert.IsNotNull(oper, label + "#5-1");
Assert.AreEqual(0, oper.Count, label + "#5-2");
// LocalClientSettings
LocalClientSecuritySettings lc =
be.LocalClientSettings;
AssertLocalClientSecuritySettings(
cacheCookies,
renewalThresholdPercentage,
detectReplays,
lc, "");
// FIXME: IdentityVerifier
Assert.AreEqual(TimeSpan.FromMinutes(5), lc.MaxClockSkew, label + "#7-5");
Assert.AreEqual(TimeSpan.MaxValue, lc.MaxCookieCachingTime, label + "#7-6");
Assert.AreEqual(true, lc.ReconnectTransportOnFailure, label + "#7-7");
Assert.AreEqual(900000, lc.ReplayCacheSize, label + "#7-8");
Assert.AreEqual(TimeSpan.FromMinutes(5), lc.ReplayWindow, label + "#7-9");
Assert.AreEqual(TimeSpan.FromHours(10), lc.SessionKeyRenewalInterval, label + "#7-10");
Assert.AreEqual(TimeSpan.FromMinutes(5), lc.SessionKeyRolloverInterval, label + "#7-11");
Assert.AreEqual(TimeSpan.FromMinutes(5), lc.TimestampValidityDuration, label + "#7-12");
// FIXME: LocalServiceSettings
}
public virtual bool TryImportLayoutAssertion(ICollection<XmlElement> assertions, out SecurityHeaderLayout layout)
{
bool flag = true;
layout = SecurityHeaderLayout.Lax;
if (this.TryImportWsspAssertion(assertions, "Lax"))
{
layout = SecurityHeaderLayout.Lax;
return flag;
}
if (this.TryImportWsspAssertion(assertions, "LaxTsFirst"))
{
layout = SecurityHeaderLayout.LaxTimestampFirst;
return flag;
}
if (this.TryImportWsspAssertion(assertions, "LaxTsLast"))
{
layout = SecurityHeaderLayout.LaxTimestampLast;
return flag;
}
if (this.TryImportWsspAssertion(assertions, "Strict"))
{
layout = SecurityHeaderLayout.Strict;
return flag;
}
return false;
}
public virtual XmlElement CreateWsspLayoutAssertion(MetadataExporter exporter, SecurityHeaderLayout layout)
{
XmlElement element = this.CreateWsspAssertion("Layout");
element.AppendChild(this.CreateWspPolicyWrapper(exporter, new XmlElement[] { this.CreateLayoutAssertion(layout) }));
return element;
}
public virtual XmlElement CreateWsspLayoutAssertion(MetadataExporter exporter, SecurityHeaderLayout layout)
{
XmlElement result = CreateWsspAssertion(LayoutName);
result.AppendChild(
CreateWspPolicyWrapper(
exporter,
CreateLayoutAssertion(layout)
));
return result;
}
public static void AssertAsymmetricSecurityBindingElement (
SecurityAlgorithmSuite algorithm,
bool includeTimestamp,
SecurityKeyEntropyMode keyEntropyMode,
MessageProtectionOrder messageProtectionOrder,
MessageSecurityVersion messageSecurityVersion,
bool requireSignatureConfirmation,
SecurityHeaderLayout securityHeaderLayout,
// EndpointSupportingTokenParameters
int endorsing, int signed, int signedEncrypted, int signedEndorsing,
// InitiatorTokenParameters
bool hasInitiatorTokenParameters,
SecurityTokenInclusionMode initiatorTokenInclusionMode,
SecurityTokenReferenceStyle initiatorTokenReferenceStyle,
bool initiatorTokenRequireDerivedKeys,
// RecipientTokenParameters
bool hasRecipientTokenParameters,
SecurityTokenInclusionMode recipientTokenInclusionMode,
SecurityTokenReferenceStyle recipientTokenReferenceStyle,
bool recipientTokenRequireDerivedKeys,
// LocalClientSettings
bool cacheCookies,
int renewalThresholdPercentage,
bool detectReplays,
AsymmetricSecurityBindingElement be, string label)
{
AssertSecurityBindingElement (
algorithm,
includeTimestamp,
keyEntropyMode,
messageSecurityVersion,
securityHeaderLayout,
// EndpointSupportingTokenParameters
endorsing, signed, signedEncrypted, signedEndorsing,
// LocalClientSettings
cacheCookies,
renewalThresholdPercentage,
detectReplays,
be, label);
Assert.AreEqual (messageProtectionOrder, be.MessageProtectionOrder, label + ".MessageProtectionOrder");
Assert.AreEqual (requireSignatureConfirmation, be.RequireSignatureConfirmation, label + ".RequireSignatureConfirmation");
if (!hasInitiatorTokenParameters)
Assert.IsNull (be.InitiatorTokenParameters, label + ".InitiatorTokenParameters (null)");
else
AssertSecurityTokenParameters (
initiatorTokenInclusionMode,
initiatorTokenReferenceStyle,
initiatorTokenRequireDerivedKeys,
be.InitiatorTokenParameters, label + ".InitiatorTokenParameters");
if (!hasRecipientTokenParameters)
Assert.IsNull (be.RecipientTokenParameters, label + ".RecipientTokenParameters (null)");
else
AssertSecurityTokenParameters (
recipientTokenInclusionMode,
recipientTokenReferenceStyle,
recipientTokenRequireDerivedKeys,
be.RecipientTokenParameters, label + ".RecipientTokenParameters");
}
public virtual bool TryImportLayoutAssertion(ICollection<XmlElement> assertions, out SecurityHeaderLayout layout)
{
bool result = true;
layout = SecurityHeaderLayout.Lax;
if (TryImportWsspAssertion(assertions, LaxName))
{
layout = SecurityHeaderLayout.Lax;
}
else if (TryImportWsspAssertion(assertions, LaxTsFirstName))
{
layout = SecurityHeaderLayout.LaxTimestampFirst;
}
else if (TryImportWsspAssertion(assertions, LaxTsLastName))
{
layout = SecurityHeaderLayout.LaxTimestampLast;
}
else if (TryImportWsspAssertion(assertions, StrictName))
{
layout = SecurityHeaderLayout.Strict;
}
else
{
result = false;
}
return result;
}
public static void AssertSecurityBindingElement (
SecurityAlgorithmSuite algorithm,
bool includeTimestamp,
SecurityKeyEntropyMode keyEntropyMode,
MessageSecurityVersion messageSecurityVersion,
SecurityHeaderLayout securityHeaderLayout,
// EndpointSupportingTokenParameters
int endorsing, int signed, int signedEncrypted, int signedEndorsing,
// LocalClientSettings
bool cacheCookies,
int renewalThresholdPercentage,
bool detectReplays,
SecurityBindingElement be, string label)
{
Assert.AreEqual (algorithm, be.DefaultAlgorithmSuite, label + ".DefaultAlgorithmSuite");
Assert.AreEqual (includeTimestamp, be.IncludeTimestamp, label + ".KeyEntropyMode");
Assert.AreEqual (keyEntropyMode,
be.KeyEntropyMode, label + "#3");
Assert.AreEqual (messageSecurityVersion,
be.MessageSecurityVersion, label + ".MessageSecurityVersion");
Assert.AreEqual (securityHeaderLayout,
be.SecurityHeaderLayout, label + ".SecurityHeaderLayout");
// FIXME: they should be extracted step by step...
// EndpointSupportingTokenParameters
SupportingTokenParameters tp = be.EndpointSupportingTokenParameters;
AssertSupportingTokenParameters (
endorsing, signed, signedEncrypted, signedEndorsing,
tp, label + ".Endpoint");
// OptionalEndpointSupportingTokenParameters
tp = be.OptionalEndpointSupportingTokenParameters;
Assert.IsNotNull (tp, label + "#3-0");
Assert.AreEqual (0, tp.Endorsing.Count, label + "#3-1");
Assert.AreEqual (0, tp.Signed.Count, label + "#3-2");
Assert.AreEqual (0, tp.SignedEncrypted.Count, label + "#3-3");
Assert.AreEqual (0, tp.SignedEndorsing.Count, label + "#3-4");
// OperationSupportingTokenParameters
IDictionary<string,SupportingTokenParameters> oper = be.OperationSupportingTokenParameters;
Assert.IsNotNull (oper, label + "#4-1");
Assert.AreEqual (0, oper.Count, label + "#4-2");
// OptionalOperationSupportingTokenParameters
oper = be.OptionalOperationSupportingTokenParameters;
Assert.IsNotNull (oper, label + "#5-1");
Assert.AreEqual (0, oper.Count, label + "#5-2");
// LocalClientSettings
LocalClientSecuritySettings lc =
be.LocalClientSettings;
AssertLocalClientSecuritySettings (
cacheCookies,
renewalThresholdPercentage,
detectReplays,
lc, "");
// FIXME: IdentityVerifier
Assert.AreEqual (TimeSpan.FromMinutes (5), lc.MaxClockSkew, label + "#7-5");
Assert.AreEqual (TimeSpan.MaxValue, lc.MaxCookieCachingTime, label + "#7-6");
Assert.AreEqual (true, lc.ReconnectTransportOnFailure, label + "#7-7");
Assert.AreEqual (900000, lc.ReplayCacheSize, label + "#7-8");
Assert.AreEqual (TimeSpan.FromMinutes (5), lc.ReplayWindow, label + "#7-9");
Assert.AreEqual (TimeSpan.FromHours (10), lc.SessionKeyRenewalInterval, label + "#7-10");
Assert.AreEqual (TimeSpan.FromMinutes (5), lc.SessionKeyRolloverInterval, label + "#7-11");
Assert.AreEqual (TimeSpan.FromMinutes (5), lc.TimestampValidityDuration, label + "#7-12");
// FIXME: LocalServiceSettings
}