static EncryptingCredentials GetWrappingCredentialsFromProtectedKey( ProtectedKey protectedKey ) { if ( protectedKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "protectedKey" ); } return protectedKey.WrappingCredentials; }
/// <summary> /// Constructs a requested proof token instance with the protected key. /// </summary> /// <param name="protectedKey">The protected key which can be either binary secret or encrypted key.</param> public RequestedProofToken(ProtectedKey protectedKey) { if (protectedKey == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("protectedKey"); } _keys = protectedKey; }
static byte[] GetKeyBytesFromProtectedKey( ProtectedKey protectedKey ) { if ( protectedKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "protectedKey" ); } return protectedKey.GetKeyBytes(); }
public RequestedProofToken (Byte[] secret) { ProtectedKey = new ProtectedKey (secret); }
public RequestedProofToken (ProtectedKey protectedKey) { ProtectedKey = protectedKey; }
public Entropy (ProtectedKey protectedKey) : base (protectedKey.GetKeyBytes (), protectedKey.WrappingCredentials) { }
/// <summary> /// Constructs an entropy instance with the protected key. /// </summary> /// <param name="protectedKey">The protected key which can be either binary secret or encrypted key.</param> public Entropy( ProtectedKey protectedKey ) : base( GetKeyBytesFromProtectedKey( protectedKey ), GetWrappingCredentialsFromProtectedKey( protectedKey ) ) { }
public RequestedProofToken(Byte[] secret) { ProtectedKey = new ProtectedKey(secret); }
// This method reads the binary secret or encrypted key public static ProtectedKey ReadProtectedKey(XmlReader reader, WSTrustSerializationContext context, WSTrustConstantsAdapter trustConstants) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); } if (trustConstants == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants"); } ProtectedKey protectedKey = null; if (!reader.IsEmptyElement) { if (reader.IsStartElement(trustConstants.Elements.BinarySecret, trustConstants.NamespaceURI)) { // BinarySecret case BinarySecretSecurityToken token = ReadBinarySecretSecurityToken(reader, trustConstants); byte[] secret = token.GetKeyBytes(); protectedKey = new ProtectedKey(secret); } else if (context.SecurityTokenHandlers.CanReadKeyIdentifierClause(reader)) { // EncryptedKey case EncryptedKeyIdentifierClause encryptedKeyClause = context.SecurityTokenHandlers.ReadKeyIdentifierClause(reader) as EncryptedKeyIdentifierClause; if (encryptedKeyClause != null) { SecurityKey wrappingKey = null; byte[] secret; foreach (SecurityKeyIdentifierClause wrappingKeyClause in encryptedKeyClause.EncryptingKeyIdentifier) { if (context.TokenResolver.TryResolveSecurityKey(wrappingKeyClause, out wrappingKey)) { break; } } if (wrappingKey == null) { // We can't resolve the ski, throw throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3027, "the SecurityHeaderTokenResolver or OutOfBandTokenResolver"))); } secret = wrappingKey.DecryptKey(encryptedKeyClause.EncryptionMethod, encryptedKeyClause.GetEncryptedKey()); EncryptingCredentials wrappingCredentials = new EncryptingCredentials(wrappingKey, encryptedKeyClause.EncryptingKeyIdentifier, encryptedKeyClause.EncryptionMethod); protectedKey = new ProtectedKey(secret, wrappingCredentials); } } } return protectedKey; }
/// <summary> /// Constructs an entropy instance with the protected key. /// </summary> /// <param name="protectedKey">The protected key which can be either binary secret or encrypted key.</param> public Entropy(ProtectedKey protectedKey) : base(GetKeyBytesFromProtectedKey(protectedKey), GetWrappingCredentialsFromProtectedKey(protectedKey)) { }
/// <summary> /// When the requested proof token contains real key encrypted. /// </summary> /// <param name="secret">The key material.</param> /// <param name="wrappingCredentials">The encrypting credentials to encrypt the key material.</param> public RequestedProofToken(byte[] secret, EncryptingCredentials wrappingCredentials) { _keys = new ProtectedKey(secret, wrappingCredentials); }
/// <summary> /// When the requested proof token contains real key in plain text. /// </summary> /// <param name="secret">The key material.</param> public RequestedProofToken(byte[] secret) { _keys = new ProtectedKey(secret); }
public RequestedProofToken (Byte[] secret, EncryptingCredentials wrappingCredentials) { ProtectedKey = new ProtectedKey (secret, wrappingCredentials); }
public static void WriteProtectedKey(XmlWriter writer, ProtectedKey protectedKey, WSTrustSerializationContext context, WSTrustConstantsAdapter trustConstants) { if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer"); } if (protectedKey == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("protectedKey"); } if (trustConstants == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants"); } if (protectedKey.WrappingCredentials != null) { byte[] encryptedKey = protectedKey.WrappingCredentials.SecurityKey.EncryptKey(protectedKey.WrappingCredentials.Algorithm, protectedKey.GetKeyBytes()); EncryptedKeyIdentifierClause clause = new EncryptedKeyIdentifierClause(encryptedKey, protectedKey.WrappingCredentials.Algorithm, protectedKey.WrappingCredentials.SecurityKeyIdentifier); context.SecurityTokenHandlers.WriteKeyIdentifierClause(writer, clause); } else { BinarySecretSecurityToken entropyToken = new BinarySecretSecurityToken(protectedKey.GetKeyBytes()); WriteBinarySecretSecurityToken(writer, entropyToken, trustConstants); } }
public Entropy(ProtectedKey protectedKey) : base(protectedKey.GetKeyBytes(), protectedKey.WrappingCredentials) { }
public RequestedProofToken(ProtectedKey protectedKey) { ProtectedKey = protectedKey; }