public WSSecurityOneDotOneReceiveSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
int headerIndex, MessageDirection direction)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, headerIndex, direction)
{
}
internal SecurityProtocolFactory(SecurityProtocolFactory factory)
: this()
{
if (factory == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("factory");
}
_actAsInitiator = factory._actAsInitiator;
_addTimestamp = factory._addTimestamp;
_detectReplays = factory._detectReplays;
_incomingAlgorithmSuite = factory._incomingAlgorithmSuite;
_maxCachedNonces = factory._maxCachedNonces;
_maxClockSkew = factory._maxClockSkew;
_outgoingAlgorithmSuite = factory._outgoingAlgorithmSuite;
_replayWindow = factory._replayWindow;
_channelSupportingTokenAuthenticatorSpecification = new Collection <SupportingTokenAuthenticatorSpecification>(new List <SupportingTokenAuthenticatorSpecification>(factory._channelSupportingTokenAuthenticatorSpecification));
_scopedSupportingTokenAuthenticatorSpecification = new Dictionary <string, ICollection <SupportingTokenAuthenticatorSpecification> >(factory._scopedSupportingTokenAuthenticatorSpecification);
_standardsManager = factory._standardsManager;
_timestampValidityDuration = factory._timestampValidityDuration;
_auditLogLocation = factory._auditLogLocation;
_suppressAuditFailure = factory._suppressAuditFailure;
_serviceAuthorizationAuditLevel = factory._serviceAuthorizationAuditLevel;
_messageAuthenticationAuditLevel = factory._messageAuthenticationAuditLevel;
if (factory._securityBindingElement != null)
{
_securityBindingElement = (SecurityBindingElement)factory._securityBindingElement.Clone();
}
_securityTokenManager = factory._securityTokenManager;
_privacyNoticeUri = factory._privacyNoticeUri;
_privacyNoticeVersion = factory._privacyNoticeVersion;
_extendedProtectionPolicy = factory._extendedProtectionPolicy;
_nonceCache = factory._nonceCache;
}
internal RequestSecurityTokenResponse(SecurityStandardsManager standardsManager,
XmlElement rstrXml,
string context,
string tokenType,
int keySize,
SecurityKeyIdentifierClause requestedAttachedReference,
SecurityKeyIdentifierClause requestedUnattachedReference,
bool computeKey,
DateTime validFrom,
DateTime validTo,
bool isRequestedTokenClosed,
XmlBuffer issuedTokenBuffer)
: base(true)
{
_standardsManager = standardsManager ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException(nameof(standardsManager)));
_rstrXml = rstrXml ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(rstrXml));
_context = context;
_tokenType = tokenType;
_keySize = keySize;
_requestedAttachedReference = requestedAttachedReference;
_requestedUnattachedReference = requestedUnattachedReference;
_computeKey = computeKey;
ValidFrom = validFrom.ToUniversalTime();
_expirationTime = validTo.ToUniversalTime();
_isLifetimeSet = true;
_isRequestedTokenClosed = isRequestedTokenClosed;
_issuedTokenBuffer = issuedTokenBuffer;
IsReceiver = true;
_isReadOnly = true;
}
internal SecurityProtocolFactory(SecurityProtocolFactory factory)
: this()
{
if (factory == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("factory");
}
this.actAsInitiator = factory.actAsInitiator;
this.addTimestamp = factory.addTimestamp;
this.detectReplays = factory.detectReplays;
this.incomingAlgorithmSuite = factory.incomingAlgorithmSuite;
this.maxCachedNonces = factory.maxCachedNonces;
this.maxClockSkew = factory.maxClockSkew;
this.outgoingAlgorithmSuite = factory.outgoingAlgorithmSuite;
this.replayWindow = factory.replayWindow;
// this.channelSupportingTokenAuthenticatorSpecification = (ICollection<SupportingTokenAuthenticatorSpecification>) new Collection<SupportingTokenAuthenticatorSpecification>((IList<SupportingTokenAuthenticatorSpecification>) new List<SupportingTokenAuthenticatorSpecification>((IEnumerable<SupportingTokenAuthenticatorSpecification>) factory.channelSupportingTokenAuthenticatorSpecification));
// this.scopedSupportingTokenAuthenticatorSpecification = new Dictionary<string, ICollection<SupportingTokenAuthenticatorSpecification>>((IDictionary<string, ICollection<SupportingTokenAuthenticatorSpecification>>) factory.scopedSupportingTokenAuthenticatorSpecification);
this.standardsManager = factory.standardsManager;
// this.timestampValidityDuration = factory.timestampValidityDuration;
// this.auditLogLocation = factory.auditLogLocation;
// this.suppressAuditFailure = factory.suppressAuditFailure;
// this.serviceAuthorizationAuditLevel = factory.serviceAuthorizationAuditLevel;
// this.messageAuthenticationAuditLevel = factory.messageAuthenticationAuditLevel;
if (factory.securityBindingElement != null)
{
this.securityBindingElement = (SecurityBindingElement)factory.securityBindingElement.Clone();
}
this.securityTokenManager = factory.securityTokenManager;
this.privacyNoticeUri = factory.privacyNoticeUri;
this.privacyNoticeVersion = factory.privacyNoticeVersion;
// this.endpointFilterTable = factory.endpointFilterTable;
this.extendedProtectionPolicy = factory.extendedProtectionPolicy;
this.nonceCache = factory.nonceCache;
}
public SecurityHeader(Message message,
string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager, SecurityAlgorithmSuite algorithmSuite,
MessageDirection transferDirection)
{
if (message == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("message");
}
if (actor == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("actor");
}
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("standardsManager");
}
if (algorithmSuite == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("algorithmSuite");
}
_message = message;
_actor = actor;
_mustUnderstand = mustUnderstand;
_relay = relay;
_standardsManager = standardsManager;
_algorithmSuite = algorithmSuite;
_transferDirection = transferDirection;
}
public SecurityHeader(Message message,
string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager, SecurityAlgorithmSuite algorithmSuite,
MessageDirection transferDirection)
{
if (message == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("message");
}
if (actor == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("actor");
}
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("standardsManager");
}
if (algorithmSuite == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("algorithmSuite");
}
_message = message;
_actor = actor;
_mustUnderstand = mustUnderstand;
_relay = relay;
_standardsManager = standardsManager;
_algorithmSuite = algorithmSuite;
_transferDirection = transferDirection;
}
internal override SendSecurityHeader CreateSendSecurityHeader(Message message,
string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite, MessageDirection direction)
{
return(new WSSecurityOneDotOneSendSecurityHeader(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, direction));
}
public IssuedTokensHeader(XmlReader xmlReader, MessageVersion version, SecurityStandardsManager standardsManager)
{
if (xmlReader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("xmlReader");
}
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("standardsManager"));
}
this.standardsManager = standardsManager;
XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader(xmlReader);
MessageHeader.GetHeaderAttributes(reader, version, out this.actor, out this.mustUnderstand, out this.relay, out this.isRefParam);
reader.ReadStartElement(this.Name, this.Namespace);
Collection <RequestSecurityTokenResponse> list = new Collection <RequestSecurityTokenResponse>();
if (this.standardsManager.TrustDriver.IsAtRequestSecurityTokenResponseCollection(reader))
{
foreach (RequestSecurityTokenResponse response in this.standardsManager.TrustDriver.CreateRequestSecurityTokenResponseCollection(reader).RstrCollection)
{
list.Add(response);
}
}
else
{
RequestSecurityTokenResponse item = this.standardsManager.TrustDriver.CreateRequestSecurityTokenResponse(reader);
list.Add(item);
}
this.tokenIssuances = new ReadOnlyCollection <RequestSecurityTokenResponse>(list);
reader.ReadEndElement();
}
public SecuritySessionSecurityTokenProvider(SafeFreeCredentials credentialsHandle)
: base()
{
this.credentialsHandle = credentialsHandle;
this.standardsManager = SecurityStandardsManager.DefaultInstance;
this.keyEntropyMode = AcceleratedTokenProvider.defaultKeyEntropyMode;
}
public WSSecurityOneDotOneReceiveSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
int headerIndex, MessageDirection direction)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, headerIndex, direction)
{
}
public RequestSecurityTokenResponseCollection(IEnumerable <RequestSecurityTokenResponse> rstrCollection, SecurityStandardsManager standardsManager) : base(true)
{
if (rstrCollection == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstrCollection");
}
int num = 0;
using (IEnumerator <RequestSecurityTokenResponse> enumerator = rstrCollection.GetEnumerator())
{
while (enumerator.MoveNext())
{
if (enumerator.Current == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(string.Format(CultureInfo.InvariantCulture, "rstrCollection[{0}]", new object[] { num }));
}
num++;
}
}
this.rstrCollection = rstrCollection;
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("standardsManager"));
}
this.standardsManager = standardsManager;
}
internal RequestSecurityToken(SecurityStandardsManager standardsManager,
XmlElement rstXml,
string context,
string tokenType,
string requestType,
int keySize,
SecurityKeyIdentifierClause renewTarget,
SecurityKeyIdentifierClause closeTarget)
: base(true)
{
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("standardsManager"));
}
this.standardsManager = standardsManager;
if (rstXml == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstXml");
}
this.rstXml = rstXml;
this.context = context;
this.tokenType = tokenType;
this.keySize = keySize;
this.requestType = requestType;
this.renewTarget = renewTarget;
this.closeTarget = closeTarget;
this.isReceiver = true;
this.isReadOnly = true;
}
internal RequestSecurityTokenResponse(SecurityStandardsManager standardsManager, XmlElement rstrXml, string context, string tokenType, int keySize, SecurityKeyIdentifierClause requestedAttachedReference, SecurityKeyIdentifierClause requestedUnattachedReference, bool computeKey, DateTime validFrom, DateTime validTo, bool isRequestedTokenClosed, XmlBuffer issuedTokenBuffer) : base(true)
{
this.thisLock = new object();
if (standardsManager == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("standardsManager"));
}
this.standardsManager = standardsManager;
if (rstrXml == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstrXml");
}
this.rstrXml = rstrXml;
this.context = context;
this.tokenType = tokenType;
this.keySize = keySize;
this.requestedAttachedReference = requestedAttachedReference;
this.requestedUnattachedReference = requestedUnattachedReference;
this.computeKey = computeKey;
this.effectiveTime = validFrom.ToUniversalTime();
this.expirationTime = validTo.ToUniversalTime();
this.isLifetimeSet = true;
this.isRequestedTokenClosed = isRequestedTokenClosed;
this.issuedTokenBuffer = issuedTokenBuffer;
this.isReceiver = true;
this.isReadOnly = true;
}
public SecurityHeader(System.ServiceModel.Channels.Message message, string actor, bool mustUnderstand, bool relay, SecurityStandardsManager standardsManager, SecurityAlgorithmSuite algorithmSuite, System.ServiceModel.Description.MessageDirection transferDirection)
{
if (message == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("message");
}
if (actor == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("actor");
}
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("standardsManager");
}
if (algorithmSuite == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("algorithmSuite");
}
this.message = message;
this.actor = actor;
this.mustUnderstand = mustUnderstand;
this.relay = relay;
this.standardsManager = standardsManager;
this.algorithmSuite = algorithmSuite;
this.transferDirection = transferDirection;
}
public WSSecurityOneDotZeroSendSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
MessageDirection direction)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, direction)
{
}
public WSSecurityOneDotZeroSendSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
MessageDirection direction)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, direction)
{
}
public IssuedTokensHeader(XmlReader xmlReader, MessageVersion version, SecurityStandardsManager standardsManager)
: base()
{
if (xmlReader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("xmlReader");
}
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("standardsManager"));
}
this.standardsManager = standardsManager;
XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader(xmlReader);
MessageHeader.GetHeaderAttributes(reader, version, out this.actor, out this.mustUnderstand, out this.relay, out this.isRefParam);
reader.ReadStartElement(this.Name, this.Namespace);
Collection<RequestSecurityTokenResponse> coll = new Collection<RequestSecurityTokenResponse>();
if (this.standardsManager.TrustDriver.IsAtRequestSecurityTokenResponseCollection(reader))
{
RequestSecurityTokenResponseCollection rstrColl = this.standardsManager.TrustDriver.CreateRequestSecurityTokenResponseCollection(reader);
foreach (RequestSecurityTokenResponse rstr in rstrColl.RstrCollection)
{
coll.Add(rstr);
}
}
else
{
RequestSecurityTokenResponse rstr = this.standardsManager.TrustDriver.CreateRequestSecurityTokenResponse(reader);
coll.Add(rstr);
}
this.tokenIssuances = new ReadOnlyCollection<RequestSecurityTokenResponse>(coll);
reader.ReadEndElement();
}
public SecurityHeader(System.ServiceModel.Channels.Message message, string actor, bool mustUnderstand, bool relay, SecurityStandardsManager standardsManager, SecurityAlgorithmSuite algorithmSuite, System.ServiceModel.Description.MessageDirection transferDirection)
{
if (message == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("message");
}
if (actor == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("actor");
}
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("standardsManager");
}
if (algorithmSuite == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("algorithmSuite");
}
this.message = message;
this.actor = actor;
this.mustUnderstand = mustUnderstand;
this.relay = relay;
this.standardsManager = standardsManager;
this.algorithmSuite = algorithmSuite;
this.transferDirection = transferDirection;
}
protected SendSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
MessageDirection transferDirection)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, transferDirection)
{
ElementContainer = new SendSecurityHeaderElementContainer();
}
protected SendSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
MessageDirection transferDirection)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, transferDirection)
{
throw ExceptionHelper.PlatformNotSupported();
}
protected SendSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
MessageDirection transferDirection)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, transferDirection)
{
throw ExceptionHelper.PlatformNotSupported();
}
protected IssuanceTokenProviderBase()
: base()
{
_cacheServiceTokens = defaultClientCacheTokens;
_serviceTokenValidityThresholdPercentage = defaultServiceTokenValidityThresholdPercentage;
_maxServiceTokenCachingTime = DefaultClientMaxTokenCachingTime;
_standardsManager = null;
}
protected SendSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
MessageDirection transferDirection)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, transferDirection)
{
this.elementContainer = new SendSecurityHeaderElementContainer();
}
internal RequestSecurityToken(SecurityStandardsManager standardsManager, bool isBuffered)
: base(isBuffered)
{
_standardsManager = standardsManager ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException(nameof(standardsManager)));
_requestType = _standardsManager.TrustDriver.RequestTypeIssue;
_requestProperties = null;
IsReceiver = false;
_isReadOnly = false;
}
protected ReceiveSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
int headerIndex,
MessageDirection direction)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, direction)
{
throw ExceptionHelper.PlatformNotSupported();
}
protected ReceiveSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
int headerIndex,
MessageDirection direction)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, direction)
{
throw ExceptionHelper.PlatformNotSupported();
}
protected ReceiveSecurityHeader(Message message, string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
int headerIndex,
MessageDirection direction)
: base(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, direction)
{
HeaderIndex = headerIndex;
ElementManager = new ReceiveSecurityHeaderElementManager(this);
}
protected IssuanceTokenProviderBase()
{
this.cacheServiceTokens = true;
this.serviceTokenValidityThresholdPercentage = 60;
this.thisLock = new object();
this.cacheServiceTokens = true;
this.serviceTokenValidityThresholdPercentage = 60;
this.maxServiceTokenCachingTime = IssuanceTokenProviderBase <T> .DefaultClientMaxTokenCachingTime;
this.standardsManager = null;
}
protected static MemoryStream CaptureToken(SecurityToken token, SecurityStandardsManager serializer)
{
MemoryStream stream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(stream);
serializer.SecurityTokenSerializer.WriteToken(writer, token);
writer.Flush();
stream.Seek(0L, SeekOrigin.Begin);
return(stream);
}
public SecuritySessionFilter(UniqueId securityContextTokenId, SecurityStandardsManager standardsManager, bool isStrictMode, params string[] excludedActions)
{
if (securityContextTokenId == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("securityContextTokenId"));
}
this.excludedActions = excludedActions;
this.securityContextTokenId = securityContextTokenId;
this.standardsManager = standardsManager;
this.isStrictMode = isStrictMode;
}
internal RequestSecurityTokenResponse(SecurityStandardsManager standardsManager)
: base(true)
{
_standardsManager = standardsManager ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException(nameof(standardsManager)));
ValidFrom = SecurityUtils.MinUtcDateTime;
_expirationTime = SecurityUtils.MaxUtcDateTime;
_isRequestedTokenClosed = false;
_isLifetimeSet = false;
IsReceiver = false;
_isReadOnly = false;
}
public IssuedTokensHeader(RequestSecurityTokenResponse tokenIssuance, SecurityStandardsManager standardsManager)
: base()
{
if (tokenIssuance == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenIssuance");
}
Collection<RequestSecurityTokenResponse> coll = new Collection<RequestSecurityTokenResponse>();
coll.Add(tokenIssuance);
Initialize(coll, standardsManager);
}
public IssuedTokensHeader(RequestSecurityTokenResponse tokenIssuance, SecurityStandardsManager standardsManager)
{
if (tokenIssuance == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenIssuance");
}
Collection <RequestSecurityTokenResponse> coll = new Collection <RequestSecurityTokenResponse> {
tokenIssuance
};
this.Initialize(coll, standardsManager);
}
private void Initialize(Collection <RequestSecurityTokenResponse> coll, SecurityStandardsManager standardsManager)
{
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("standardsManager"));
}
this.standardsManager = standardsManager;
this.tokenIssuances = new ReadOnlyCollection <RequestSecurityTokenResponse>(coll);
this.actor = base.Actor;
this.mustUnderstand = base.MustUnderstand;
this.relay = base.Relay;
}
private void InitializeDefaults()
{
this.encryptStateInServiceToken = false;
this.serviceTokenLifetime = NegotiationTokenAuthenticator <T> .defaultServerIssuedTokenLifetime;
this.maximumCachedNegotiationState = 0x80;
this.negotiationTimeout = NegotiationTokenAuthenticator <T> .defaultServerMaxNegotiationLifetime;
this.isClientAnonymous = false;
this.standardsManager = NegotiationTokenAuthenticator <T> .defaultStandardsManager;
this.securityStateEncoder = NegotiationTokenAuthenticator <T> .defaultSecurityStateEncoder;
this.maximumConcurrentNegotiations = 0x80;
this.maxMessageSize = 0x7fffffff;
}
void Initialize(Collection<RequestSecurityTokenResponse> coll, SecurityStandardsManager standardsManager)
{
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("standardsManager"));
}
this.standardsManager = standardsManager;
this.tokenIssuances = new ReadOnlyCollection<RequestSecurityTokenResponse>(coll);
this.actor = base.Actor;
this.mustUnderstand = base.MustUnderstand;
this.relay = base.Relay;
}
internal override ReceiveSecurityHeader CreateReceiveSecurityHeader(Message message,
string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
MessageDirection direction,
int headerIndex)
{
return(new WSSecurityOneDotZeroReceiveSecurityHeader(
message,
actor, mustUnderstand, relay,
standardsManager,
algorithmSuite, headerIndex, direction));
}
public SecurityHeader(Message message,
string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager, SecurityAlgorithmSuite algorithmSuite,
MessageDirection transferDirection)
{
Message = message ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(message));
_actor = actor ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(actor));
_mustUnderstand = mustUnderstand;
_relay = relay;
StandardsManager = standardsManager ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(standardsManager));
AlgorithmSuite = algorithmSuite ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(algorithmSuite));
MessageDirection = transferDirection;
}
internal RequestSecurityToken(SecurityStandardsManager standardsManager, bool isBuffered)
: base(isBuffered)
{
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("standardsManager"));
}
this.standardsManager = standardsManager;
this.requestType = this.standardsManager.TrustDriver.RequestTypeIssue;
this.requestProperties = null;
this.isReceiver = false;
this.isReadOnly = false;
}
internal ReceiveSecurityHeader TryCreateReceiveSecurityHeader(Message message, string actor, SecurityStandardsManager standardsManager, SecurityAlgorithmSuite algorithmSuite, MessageDirection direction)
{
int headerIndex = message.Headers.FindHeader(this.HeaderName.Value, this.HeaderNamespace.Value, new string[] { actor });
if ((headerIndex < 0) && string.IsNullOrEmpty(actor))
{
headerIndex = message.Headers.FindHeader(this.HeaderName.Value, this.HeaderNamespace.Value, message.Version.Envelope.UltimateDestinationActorValues);
}
if (headerIndex < 0)
{
return null;
}
MessageHeaderInfo info = message.Headers[headerIndex];
return this.CreateReceiveSecurityHeader(message, info.Actor, info.MustUnderstand, info.Relay, standardsManager, algorithmSuite, direction, headerIndex);
}
public InitiatorSessionSymmetricMessageSecurityProtocol(SessionSymmetricMessageSecurityProtocolFactory factory, EndpointAddress target, Uri via) : base(factory, target, via)
{
this.thisLock = new object();
if (!factory.ActAsInitiator)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(System.ServiceModel.SR.GetString("ProtocolMustBeInitiator", new object[] { "InitiatorSessionSymmetricMessageSecurityProtocol" })));
}
this.requireDerivedKeys = factory.SecurityTokenParameters.RequireDerivedKeys;
if (this.requireDerivedKeys)
{
SecurityTokenSerializer securityTokenSerializer = this.Factory.StandardsManager.SecurityTokenSerializer;
WSSecureConversation secureConversation = (securityTokenSerializer is WSSecurityTokenSerializer) ? ((WSSecurityTokenSerializer) securityTokenSerializer).SecureConversation : new WSSecurityTokenSerializer(this.Factory.MessageSecurityVersion.SecurityVersion).SecureConversation;
this.sessionStandardsManager = new SecurityStandardsManager(factory.MessageSecurityVersion, new DerivedKeyCachingSecurityTokenSerializer(2, true, secureConversation, securityTokenSerializer));
}
}
internal RequestSecurityTokenResponse(SecurityStandardsManager standardsManager)
: base(true)
{
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("standardsManager"));
}
this.standardsManager = standardsManager;
effectiveTime = SecurityUtils.MinUtcDateTime;
expirationTime = SecurityUtils.MaxUtcDateTime;
isRequestedTokenClosed = false;
this.isLifetimeSet = false;
this.isReceiver = false;
this.isReadOnly = false;
}
public AcceptorSessionSymmetricMessageSecurityProtocol(SessionSymmetricMessageSecurityProtocolFactory factory, EndpointAddress target) : base(factory, target, null)
{
this.thisLock = new object();
if (factory.ActAsInitiator)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("ProtocolMustBeRecipient", new object[] { base.GetType().ToString() })));
}
this.requireDerivedKeys = factory.SecurityTokenParameters.RequireDerivedKeys;
if (this.requireDerivedKeys)
{
SecurityTokenSerializer securityTokenSerializer = this.Factory.StandardsManager.SecurityTokenSerializer;
WSSecureConversation secureConversation = (securityTokenSerializer is WSSecurityTokenSerializer) ? ((WSSecurityTokenSerializer) securityTokenSerializer).SecureConversation : new WSSecurityTokenSerializer(this.Factory.MessageSecurityVersion.SecurityVersion).SecureConversation;
this.sessionStandardsManager = new SecurityStandardsManager(factory.MessageSecurityVersion, new DerivedKeyCachingSecurityTokenSerializer(2, false, secureConversation, securityTokenSerializer));
}
}
public AcceptorSessionSymmetricMessageSecurityProtocol(SessionSymmetricMessageSecurityProtocolFactory factory,
EndpointAddress target)
: base(factory, target, null)
{
if (factory.ActAsInitiator == true)
{
Fx.Assert("This protocol can only be used at the recipient.");
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ProtocolMustBeRecipient, this.GetType().ToString())));
}
this.requireDerivedKeys = factory.SecurityTokenParameters.RequireDerivedKeys;
if (requireDerivedKeys)
{
SecurityTokenSerializer innerTokenSerializer = this.Factory.StandardsManager.SecurityTokenSerializer;
WSSecureConversation secureConversation = (innerTokenSerializer is WSSecurityTokenSerializer) ? ((WSSecurityTokenSerializer)innerTokenSerializer).SecureConversation : new WSSecurityTokenSerializer(this.Factory.MessageSecurityVersion.SecurityVersion).SecureConversation;
this.sessionStandardsManager = new SecurityStandardsManager(factory.MessageSecurityVersion, new DerivedKeyCachingSecurityTokenSerializer(2, false, secureConversation, innerTokenSerializer));
}
}
public InitiatorSessionSymmetricMessageSecurityProtocol(SessionSymmetricMessageSecurityProtocolFactory factory,
EndpointAddress target, Uri via)
: base(factory, target, via)
{
if (factory.ActAsInitiator != true)
{
Fx.Assert("This protocol can only be used at the initiator.");
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.ProtocolMustBeInitiator, "InitiatorSessionSymmetricMessageSecurityProtocol")));
}
this.requireDerivedKeys = factory.SecurityTokenParameters.RequireDerivedKeys;
if (requireDerivedKeys)
{
SecurityTokenSerializer innerTokenSerializer = this.Factory.StandardsManager.SecurityTokenSerializer;
WSSecureConversation secureConversation = (innerTokenSerializer is WSSecurityTokenSerializer) ? ((WSSecurityTokenSerializer)innerTokenSerializer).SecureConversation : new WSSecurityTokenSerializer(this.Factory.MessageSecurityVersion.SecurityVersion).SecureConversation;
this.sessionStandardsManager = new SecurityStandardsManager(factory.MessageSecurityVersion, new DerivedKeyCachingSecurityTokenSerializer(2, true, secureConversation, innerTokenSerializer));
}
}
public IssuedTokensHeader(IEnumerable<RequestSecurityTokenResponse> tokenIssuances, SecurityStandardsManager standardsManager)
{
if (tokenIssuances == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenIssuances");
}
int num = 0;
Collection<RequestSecurityTokenResponse> coll = new Collection<RequestSecurityTokenResponse>();
foreach (RequestSecurityTokenResponse response in tokenIssuances)
{
if (response == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(string.Format(CultureInfo.InvariantCulture, "tokenIssuances[{0}]", new object[] { num }));
}
coll.Add(response);
num++;
}
this.Initialize(coll, standardsManager);
}
public RequestSecurityTokenResponseCollection(IEnumerable<RequestSecurityTokenResponse> rstrCollection, SecurityStandardsManager standardsManager)
: base(true)
{
if (rstrCollection == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstrCollection");
int index = 0;
foreach (RequestSecurityTokenResponse rstr in rstrCollection)
{
if (rstr == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(String.Format(CultureInfo.InvariantCulture, "rstrCollection[{0}]", index));
++index;
}
this.rstrCollection = rstrCollection;
if (standardsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("standardsManager"));
}
this.standardsManager = standardsManager;
}
public IssuedTokensHeader(IEnumerable<RequestSecurityTokenResponse> tokenIssuances, SecurityStandardsManager standardsManager)
: base()
{
if (tokenIssuances == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenIssuances");
}
int index = 0;
Collection<RequestSecurityTokenResponse> coll = new Collection<RequestSecurityTokenResponse>();
foreach (RequestSecurityTokenResponse rstr in tokenIssuances)
{
if (rstr == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(String.Format(CultureInfo.InvariantCulture, "tokenIssuances[{0}]", index));
}
coll.Add(rstr);
++index;
}
Initialize(coll, standardsManager);
}
internal void AddAlgorithmParameters(SecurityAlgorithmSuite algorithmSuite, SecurityStandardsManager standardsManager, SecurityKeyType issuedKeyType)
{
this.additionalRequestParameters.Insert(0, standardsManager.TrustDriver.CreateEncryptionAlgorithmElement(algorithmSuite.DefaultEncryptionAlgorithm));
this.additionalRequestParameters.Insert(0, standardsManager.TrustDriver.CreateCanonicalizationAlgorithmElement(algorithmSuite.DefaultCanonicalizationAlgorithm));
if (this.keyType != SecurityKeyType.BearerKey)
{
string defaultEncryptionAlgorithm;
string signatureAlgorithm = (this.keyType == SecurityKeyType.SymmetricKey) ? algorithmSuite.DefaultSymmetricSignatureAlgorithm : algorithmSuite.DefaultAsymmetricSignatureAlgorithm;
this.additionalRequestParameters.Insert(0, standardsManager.TrustDriver.CreateSignWithElement(signatureAlgorithm));
if (issuedKeyType == SecurityKeyType.SymmetricKey)
{
defaultEncryptionAlgorithm = algorithmSuite.DefaultEncryptionAlgorithm;
}
else
{
defaultEncryptionAlgorithm = algorithmSuite.DefaultAsymmetricKeyWrapAlgorithm;
}
this.additionalRequestParameters.Insert(0, standardsManager.TrustDriver.CreateEncryptWithElement(defaultEncryptionAlgorithm));
if (standardsManager.TrustVersion != TrustVersion.WSTrustFeb2005)
{
this.additionalRequestParameters.Insert(0, ((WSTrustDec2005.DriverDec2005) standardsManager.TrustDriver).CreateKeyWrapAlgorithmElement(algorithmSuite.DefaultAsymmetricKeyWrapAlgorithm));
}
}
}
internal override ReceiveSecurityHeader CreateReceiveSecurityHeader(Message message,
string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
MessageDirection direction,
int headerIndex)
{
return new WSSecurityOneDotZeroReceiveSecurityHeader(
message,
actor, mustUnderstand, relay,
standardsManager,
algorithmSuite, headerIndex, direction);
}
internal abstract SendSecurityHeader CreateSendSecurityHeader(Message message,
string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite,
MessageDirection direction);
protected static MemoryStream CaptureToken(SecurityToken token, SecurityStandardsManager serializer)
{
MemoryStream stream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(stream);
serializer.SecurityTokenSerializer.WriteToken(writer, token);
writer.Flush();
stream.Seek(0, SeekOrigin.Begin);
return stream;
}
internal static IssuedSecurityTokenParameters CreateInfoCardParameters(SecurityStandardsManager standardsManager, SecurityAlgorithmSuite algorithm)
{
IssuedSecurityTokenParameters parameters = new IssuedSecurityTokenParameters("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1") {
KeyType = SecurityKeyType.AsymmetricKey
};
parameters.ClaimTypeRequirements.Add(new ClaimTypeRequirement(wsidPPIClaim));
parameters.IssuerAddress = null;
parameters.AddAlgorithmParameters(algorithm, standardsManager, parameters.KeyType);
return parameters;
}
protected ReceiveSecurityHeader ConfigureReceiveSecurityHeader(Message message, string actor, SecurityProtocolCorrelationState[] correlationStates, SecurityStandardsManager standardsManager, out IList<SupportingTokenAuthenticatorSpecification> supportingAuthenticators)
{
MessageSecurityProtocolFactory factory = this.MessageSecurityProtocolFactory;
MessageDirection direction = factory.ActAsInitiator ? MessageDirection.Output : MessageDirection.Input;
ReceiveSecurityHeader securityHeader = CreateSecurityHeader(message, actor, direction, standardsManager);
string action = message.Headers.Action;
supportingAuthenticators = GetSupportingTokenAuthenticatorsAndSetExpectationFlags(this.factory, message, securityHeader);
if (factory.RequireIntegrity || securityHeader.ExpectSignedTokens)
{
securityHeader.RequiredSignatureParts = factory.GetIncomingSignatureParts(action);
}
if (factory.RequireConfidentiality || securityHeader.ExpectBasicTokens)
{
securityHeader.RequiredEncryptionParts = factory.GetIncomingEncryptionParts(action);
}
securityHeader.ExpectEncryption = factory.RequireConfidentiality || securityHeader.ExpectBasicTokens;
securityHeader.ExpectSignature = factory.RequireIntegrity || securityHeader.ExpectSignedTokens;
securityHeader.SetRequiredProtectionOrder(factory.MessageProtectionOrder);
// On the receiving side if protectTokens is enabled
// 1. If we are service, we make sure that the client always signs the primary token( can be any token type)else we throw.
// But currently the service can sign the primary token in reply only if the primary token is an issued token
// 2. If we are client, we do not care if the service signs the primary token or not. Otherwise it will be impossible to have a wcf client /service talk to each other unless we
// either use a symmetric binding with issued tokens or asymmetric bindings with both the intiator and recipient parameters being issued tokens( later one is rare).
securityHeader.RequireSignedPrimaryToken = !factory.ActAsInitiator && factory.SecurityBindingElement.ProtectTokens;
if (factory.ActAsInitiator && factory.DoRequestSignatureConfirmation && HasCorrelationState(correlationStates))
{
securityHeader.MaintainSignatureConfirmationState = true;
securityHeader.ExpectSignatureConfirmation = true;
}
else if (!factory.ActAsInitiator && factory.DoRequestSignatureConfirmation)
{
securityHeader.MaintainSignatureConfirmationState = true;
}
else
{
securityHeader.MaintainSignatureConfirmationState = false;
}
return securityHeader;
}
protected ReceiveSecurityHeader CreateSecurityHeader(Message message, string actor, MessageDirection transferDirection, SecurityStandardsManager standardsManager)
{
standardsManager = standardsManager ?? this.factory.StandardsManager;
ReceiveSecurityHeader securityHeader = standardsManager.CreateReceiveSecurityHeader(message, actor,
this.factory.IncomingAlgorithmSuite, transferDirection);
securityHeader.Layout = this.factory.SecurityHeaderLayout;
securityHeader.MaxReceivedMessageSize = factory.SecurityBindingElement.MaxReceivedMessageSize;
securityHeader.ReaderQuotas = factory.SecurityBindingElement.ReaderQuotas;
if (this.factory.ExpectKeyDerivation)
{
securityHeader.DerivedTokenAuthenticator = this.factory.DerivedKeyTokenAuthenticator;
}
return securityHeader;
}
internal bool DoAlgorithmsMatch(SecurityAlgorithmSuite algorithmSuite, SecurityStandardsManager standardsManager, out Collection<XmlElement> otherRequestParameters)
{
Collection<XmlElement> additionalRequestParameters;
bool flag = false;
bool flag2 = false;
bool flag3 = false;
bool flag4 = false;
bool flag5 = false;
otherRequestParameters = new Collection<XmlElement>();
bool flag6 = false;
if (((standardsManager.TrustVersion == TrustVersion.WSTrust13) && (this.AdditionalRequestParameters.Count == 1)) && ((WSTrustDec2005.DriverDec2005) standardsManager.TrustDriver).IsSecondaryParametersElement(this.AdditionalRequestParameters[0]))
{
flag6 = true;
additionalRequestParameters = new Collection<XmlElement>();
foreach (XmlElement element in this.AdditionalRequestParameters[0])
{
additionalRequestParameters.Add(element);
}
}
else
{
additionalRequestParameters = this.AdditionalRequestParameters;
}
for (int i = 0; i < additionalRequestParameters.Count; i++)
{
string str;
XmlElement element2 = additionalRequestParameters[i];
if (standardsManager.TrustDriver.IsCanonicalizationAlgorithmElement(element2, out str))
{
if (algorithmSuite.DefaultCanonicalizationAlgorithm != str)
{
return false;
}
flag4 = true;
}
else if (standardsManager.TrustDriver.IsSignWithElement(element2, out str))
{
if (((this.keyType == SecurityKeyType.SymmetricKey) && (str != algorithmSuite.DefaultSymmetricSignatureAlgorithm)) || ((this.keyType == SecurityKeyType.AsymmetricKey) && (str != algorithmSuite.DefaultAsymmetricSignatureAlgorithm)))
{
return false;
}
flag = true;
}
else if (standardsManager.TrustDriver.IsEncryptWithElement(element2, out str))
{
if (((this.keyType == SecurityKeyType.SymmetricKey) && (str != algorithmSuite.DefaultEncryptionAlgorithm)) || ((this.keyType == SecurityKeyType.AsymmetricKey) && (str != algorithmSuite.DefaultAsymmetricKeyWrapAlgorithm)))
{
return false;
}
flag2 = true;
}
else if (standardsManager.TrustDriver.IsEncryptionAlgorithmElement(element2, out str))
{
if (str != algorithmSuite.DefaultEncryptionAlgorithm)
{
return false;
}
flag3 = true;
}
else if (standardsManager.TrustDriver.IsKeyWrapAlgorithmElement(element2, out str))
{
if (str != algorithmSuite.DefaultAsymmetricKeyWrapAlgorithm)
{
return false;
}
flag5 = true;
}
else
{
otherRequestParameters.Add(element2);
}
}
if (flag6)
{
otherRequestParameters = this.AdditionalRequestParameters;
}
if (this.keyType == SecurityKeyType.BearerKey)
{
return true;
}
if (standardsManager.TrustVersion == TrustVersion.WSTrustFeb2005)
{
return (((flag && flag4) && flag3) && flag2);
}
return (((flag && flag4) && (flag3 && flag2)) && flag5);
}
internal static XmlElement GetClaimTypeRequirement(Collection<XmlElement> additionalRequestParameters, SecurityStandardsManager standardsManager)
{
foreach (XmlElement element in additionalRequestParameters)
{
if ((element.LocalName == ((WSTrust.Driver) standardsManager.TrustDriver).DriverDictionary.Claims.Value) && (element.NamespaceURI == ((WSTrust.Driver) standardsManager.TrustDriver).DriverDictionary.Namespace.Value))
{
return element;
}
if ((element.LocalName == DXD.TrustDec2005Dictionary.SecondaryParameters.Value) && (element.NamespaceURI == DXD.TrustDec2005Dictionary.Namespace.Value))
{
Collection<XmlElement> collection = new Collection<XmlElement>();
foreach (System.Xml.XmlNode node in element.ChildNodes)
{
XmlElement item = node as XmlElement;
if (item != null)
{
collection.Add(item);
}
}
XmlElement claimTypeRequirement = GetClaimTypeRequirement(collection, standardsManager);
if (claimTypeRequirement != null)
{
return claimTypeRequirement;
}
}
}
return null;
}
internal static bool IsInfoCardParameters(IssuedSecurityTokenParameters parameters, SecurityStandardsManager standardsManager)
{
if (parameters == null)
{
return false;
}
if (parameters.TokenType != "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1")
{
return false;
}
if (parameters.KeyType != SecurityKeyType.AsymmetricKey)
{
return false;
}
if (parameters.ClaimTypeRequirements.Count == 1)
{
ClaimTypeRequirement requirement = parameters.ClaimTypeRequirements[0];
if (requirement == null)
{
return false;
}
if (requirement.ClaimType != wsidPPIClaim)
{
return false;
}
}
else
{
if ((parameters.AdditionalRequestParameters == null) || (parameters.AdditionalRequestParameters.Count <= 0))
{
return false;
}
bool flag = false;
XmlElement claimTypeRequirement = GetClaimTypeRequirement(parameters.AdditionalRequestParameters, standardsManager);
if ((claimTypeRequirement != null) && (claimTypeRequirement.ChildNodes.Count == 1))
{
XmlElement element2 = claimTypeRequirement.ChildNodes[0] as XmlElement;
if (element2 != null)
{
System.Xml.XmlNode namedItem = element2.Attributes.GetNamedItem("Uri");
if ((namedItem != null) && (namedItem.Value == wsidPPIClaim))
{
flag = true;
}
}
}
if (!flag)
{
return false;
}
}
if (parameters.IssuerAddress != null)
{
return false;
}
if ((parameters.AlternativeIssuerEndpoints != null) && (parameters.AlternativeIssuerEndpoints.Count > 0))
{
return false;
}
return true;
}
private Collection<XmlElement> NormalizeAdditionalParameters(Collection<XmlElement> additionalParameters, TrustDriver driver, bool clientSideClaimTypeRequirementsSpecified)
{
Collection<XmlElement> collection = new Collection<XmlElement>();
foreach (XmlElement element in additionalParameters)
{
collection.Add(element);
}
if (driver.StandardsManager.TrustVersion == TrustVersion.WSTrust13)
{
XmlElement item = null;
XmlElement element3 = null;
XmlElement element4 = null;
XmlElement element5 = null;
for (int i = 0; i < collection.Count; i++)
{
string str;
if (driver.IsEncryptionAlgorithmElement(collection[i], out str))
{
item = collection[i];
}
else if (driver.IsCanonicalizationAlgorithmElement(collection[i], out str))
{
element3 = collection[i];
}
else if (driver.IsKeyWrapAlgorithmElement(collection[i], out str))
{
element4 = collection[i];
}
else if (((WSTrustDec2005.DriverDec2005) driver).IsSecondaryParametersElement(collection[i]))
{
element5 = collection[i];
}
}
if (element5 != null)
{
foreach (System.Xml.XmlNode node in element5.ChildNodes)
{
XmlElement element6 = node as XmlElement;
if (element6 != null)
{
string encryptionAlgorithm = null;
if (driver.IsEncryptionAlgorithmElement(element6, out encryptionAlgorithm) && (item != null))
{
collection.Remove(item);
}
else if (driver.IsCanonicalizationAlgorithmElement(element6, out encryptionAlgorithm) && (element3 != null))
{
collection.Remove(element3);
}
else if (driver.IsKeyWrapAlgorithmElement(element6, out encryptionAlgorithm) && (element4 != null))
{
collection.Remove(element4);
}
}
}
}
}
if (((driver.StandardsManager.TrustVersion == TrustVersion.WSTrustFeb2005) && !this.CollectionContainsElementsWithTrustNamespace(additionalParameters, "http://schemas.xmlsoap.org/ws/2005/02/trust")) || ((driver.StandardsManager.TrustVersion == TrustVersion.WSTrust13) && !this.CollectionContainsElementsWithTrustNamespace(additionalParameters, "http://docs.oasis-open.org/ws-sx/ws-trust/200512")))
{
if (driver.StandardsManager.TrustVersion == TrustVersion.WSTrust13)
{
WSTrustFeb2005.DriverFeb2005 feb = (WSTrustFeb2005.DriverFeb2005) SecurityStandardsManager.DefaultInstance.TrustDriver;
for (int j = 0; j < collection.Count; j++)
{
string signatureAlgorithm = string.Empty;
if (feb.IsSignWithElement(collection[j], out signatureAlgorithm))
{
collection[j] = driver.CreateSignWithElement(signatureAlgorithm);
}
else if (feb.IsEncryptWithElement(collection[j], out signatureAlgorithm))
{
collection[j] = driver.CreateEncryptWithElement(signatureAlgorithm);
}
else if (feb.IsEncryptionAlgorithmElement(collection[j], out signatureAlgorithm))
{
collection[j] = driver.CreateEncryptionAlgorithmElement(signatureAlgorithm);
}
else if (feb.IsCanonicalizationAlgorithmElement(collection[j], out signatureAlgorithm))
{
collection[j] = driver.CreateCanonicalizationAlgorithmElement(signatureAlgorithm);
}
}
return collection;
}
Collection<XmlElement> collection2 = null;
WSSecurityTokenSerializer tokenSerializer = new WSSecurityTokenSerializer(SecurityVersion.WSSecurity11, TrustVersion.WSTrust13, SecureConversationVersion.WSSecureConversation13, true, null, null, null);
SecurityStandardsManager manager2 = new SecurityStandardsManager(MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12, tokenSerializer);
WSTrustDec2005.DriverDec2005 trustDriver = (WSTrustDec2005.DriverDec2005) manager2.TrustDriver;
foreach (XmlElement element7 in collection)
{
if (trustDriver.IsSecondaryParametersElement(element7))
{
collection2 = new Collection<XmlElement>();
foreach (System.Xml.XmlNode node2 in element7.ChildNodes)
{
XmlElement innerElement = node2 as XmlElement;
if ((innerElement != null) && this.CanPromoteToRoot(innerElement, trustDriver, clientSideClaimTypeRequirementsSpecified))
{
collection2.Add(innerElement);
}
}
collection.Remove(element7);
break;
}
}
if ((collection2 != null) && (collection2.Count > 0))
{
XmlElement element9 = null;
string str4 = string.Empty;
XmlElement element10 = null;
string canonicalizationAlgorithm = string.Empty;
XmlElement element11 = null;
Collection<XmlElement> requiredClaims = null;
Collection<XmlElement> collection4 = new Collection<XmlElement>();
foreach (XmlElement element12 in collection2)
{
if ((element9 == null) && trustDriver.IsEncryptionAlgorithmElement(element12, out str4))
{
element9 = driver.CreateEncryptionAlgorithmElement(str4);
collection4.Add(element12);
}
else if ((element10 == null) && trustDriver.IsCanonicalizationAlgorithmElement(element12, out canonicalizationAlgorithm))
{
element10 = driver.CreateCanonicalizationAlgorithmElement(canonicalizationAlgorithm);
collection4.Add(element12);
}
else if ((element11 == null) && trustDriver.TryParseRequiredClaimsElement(element12, out requiredClaims))
{
element11 = driver.CreateRequiredClaimsElement(requiredClaims);
collection4.Add(element12);
}
}
for (int k = 0; k < collection4.Count; k++)
{
collection2.Remove(collection4[k]);
}
XmlElement element13 = null;
for (int m = 0; m < collection.Count; m++)
{
string str6;
if (trustDriver.IsSignWithElement(collection[m], out str6))
{
collection[m] = driver.CreateSignWithElement(str6);
}
else if (trustDriver.IsEncryptWithElement(collection[m], out str6))
{
collection[m] = driver.CreateEncryptWithElement(str6);
}
else if (trustDriver.IsEncryptionAlgorithmElement(collection[m], out str6) && (element9 != null))
{
collection[m] = element9;
element9 = null;
}
else if (trustDriver.IsCanonicalizationAlgorithmElement(collection[m], out str6) && (element10 != null))
{
collection[m] = element10;
element10 = null;
}
else if (trustDriver.IsKeyWrapAlgorithmElement(collection[m], out str6) && (element13 == null))
{
element13 = collection[m];
}
else
{
Collection<XmlElement> collection5;
if (trustDriver.TryParseRequiredClaimsElement(collection[m], out collection5) && (element11 != null))
{
collection[m] = element11;
element11 = null;
}
}
}
if (element13 != null)
{
collection.Remove(element13);
}
if (element9 != null)
{
collection.Add(element9);
}
if (element10 != null)
{
collection.Add(element10);
}
if (element11 != null)
{
collection.Add(element11);
}
if (collection2.Count <= 0)
{
return collection;
}
for (int n = 0; n < collection2.Count; n++)
{
collection.Add(collection2[n]);
}
}
}
return collection;
}
internal override SendSecurityHeader CreateSendSecurityHeader(Message message,
string actor, bool mustUnderstand, bool relay,
SecurityStandardsManager standardsManager,
SecurityAlgorithmSuite algorithmSuite, MessageDirection direction)
{
return new WSSecurityOneDotOneSendSecurityHeader(message, actor, mustUnderstand, relay, standardsManager, algorithmSuite, direction);
}
