protected override SecurityToken VerifySignature(SignedXml signedXml, bool isPrimarySignature, SecurityHeaderTokenResolver resolver, object signatureTarget, string id) { if (TD.SignatureVerificationStartIsEnabled()) { TD.SignatureVerificationStart(this.EventTraceActivity); } SecurityToken token = ResolveSignatureToken(signedXml.Signature.KeyIdentifier, resolver, isPrimarySignature); if (isPrimarySignature) { RecordSignatureToken(token); } ReadOnlyCollection <SecurityKey> keys = token.SecurityKeys; SecurityKey securityKey = (keys != null && keys.Count > 0) ? keys[0] : null; if (securityKey == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException( SR.GetString(SR.UnableToCreateICryptoFromTokenForSignatureVerification, token))); } this.AlgorithmSuite.EnsureAcceptableSignatureKeySize(securityKey, token); this.AlgorithmSuite.EnsureAcceptableSignatureAlgorithm(securityKey, signedXml.Signature.SignedInfo.SignatureMethod); signedXml.StartSignatureVerification(securityKey); StandardSignedInfo signedInfo = (StandardSignedInfo)signedXml.Signature.SignedInfo; ValidateDigestsOfTargetsInSecurityHeader(signedInfo, this.Timestamp, isPrimarySignature, signatureTarget, id); if (!isPrimarySignature) { if ((!this.RequireMessageProtection) && (securityKey is AsymmetricSecurityKey) && (this.Version.Addressing != AddressingVersion.None)) { // For Transport Security using Asymmetric Keys verify that // the 'To' header is signed. int headerIndex = this.Message.Headers.FindHeader(XD.AddressingDictionary.To.Value, this.Message.Version.Addressing.Namespace); if (headerIndex == -1) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.TransportSecuredMessageMissingToHeader))); } XmlDictionaryReader toHeaderReader = this.Message.Headers.GetReaderAtHeader(headerIndex); id = toHeaderReader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace); if (id == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.UnsignedToHeaderInTransportSecuredMessage))); } signedXml.EnsureDigestValidity(id, toHeaderReader); } signedXml.CompleteSignatureVerification(); return(token); } this.pendingSignature = signedXml; if (TD.SignatureVerificationSuccessIsEnabled()) { TD.SignatureVerificationSuccess(this.EventTraceActivity); } return(token); }
public AggregateTokenResolver(SecurityHeaderTokenResolver tokenResolver, ReadOnlyCollection <SecurityTokenResolver> outOfBandTokenResolvers) { if (tokenResolver == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenResolver"); } if (outOfBandTokenResolvers == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("outOfBandTokenResolvers"); } this.tokenResolver = tokenResolver; this.outOfBandTokenResolvers = outOfBandTokenResolvers; }
public AggregateTokenResolver(SecurityHeaderTokenResolver tokenResolver, ReadOnlyCollection<SecurityTokenResolver> outOfBandTokenResolvers) { if (tokenResolver == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenResolver"); } if (outOfBandTokenResolvers == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("outOfBandTokenResolvers"); } this.tokenResolver = tokenResolver; this.outOfBandTokenResolvers = outOfBandTokenResolvers; }
protected override SecurityToken VerifySignature(SignedXml signedXml, bool isPrimarySignature, SecurityHeaderTokenResolver resolver, object signatureTarget, string id) { SecurityToken token = this.ResolveSignatureToken(signedXml.Signature.KeyIdentifier, resolver, isPrimarySignature); if (isPrimarySignature) { base.RecordSignatureToken(token); } ReadOnlyCollection <SecurityKey> securityKeys = token.SecurityKeys; SecurityKey securityKey = ((securityKeys != null) && (securityKeys.Count > 0)) ? securityKeys[0] : null; if (securityKey == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("UnableToCreateICryptoFromTokenForSignatureVerification", new object[] { token }))); } base.AlgorithmSuite.EnsureAcceptableSignatureKeySize(securityKey, token); base.AlgorithmSuite.EnsureAcceptableSignatureAlgorithm(securityKey, signedXml.Signature.SignedInfo.SignatureMethod); signedXml.StartSignatureVerification(securityKey); StandardSignedInfo signedInfo = (StandardSignedInfo)signedXml.Signature.SignedInfo; this.ValidateDigestsOfTargetsInSecurityHeader(signedInfo, base.Timestamp, isPrimarySignature, signatureTarget, id); if (!isPrimarySignature) { if ((!base.RequireMessageProtection && (securityKey is AsymmetricSecurityKey)) && (base.Version.Addressing != AddressingVersion.None)) { int headerIndex = base.Message.Headers.FindHeader(System.ServiceModel.XD.AddressingDictionary.To.Value, base.Message.Version.Addressing.Namespace); if (headerIndex == -1) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("TransportSecuredMessageMissingToHeader"))); } XmlDictionaryReader readerAtHeader = base.Message.Headers.GetReaderAtHeader(headerIndex); id = readerAtHeader.GetAttribute(System.ServiceModel.XD.UtilityDictionary.IdAttribute, System.ServiceModel.XD.UtilityDictionary.Namespace); if (id == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("UnsignedToHeaderInTransportSecuredMessage"))); } signedXml.EnsureDigestValidity(id, readerAtHeader); } signedXml.CompleteSignatureVerification(); return(token); } this.pendingSignature = signedXml; return(token); }
protected override SecurityToken VerifySignature(SignedXml signedXml, bool isPrimarySignature, SecurityHeaderTokenResolver resolver, object signatureTarget, string id) { if (TD.SignatureVerificationStartIsEnabled()) { TD.SignatureVerificationStart(this.EventTraceActivity); } SecurityToken token = ResolveSignatureToken(signedXml.Signature.KeyIdentifier, resolver, isPrimarySignature); if (isPrimarySignature) { RecordSignatureToken(token); } ReadOnlyCollection<SecurityKey> keys = token.SecurityKeys; SecurityKey securityKey = (keys != null && keys.Count > 0) ? keys[0] : null; if (securityKey == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException( SR.GetString(SR.UnableToCreateICryptoFromTokenForSignatureVerification, token))); } this.AlgorithmSuite.EnsureAcceptableSignatureKeySize(securityKey, token); this.AlgorithmSuite.EnsureAcceptableSignatureAlgorithm(securityKey, signedXml.Signature.SignedInfo.SignatureMethod); signedXml.StartSignatureVerification(securityKey); StandardSignedInfo signedInfo = (StandardSignedInfo)signedXml.Signature.SignedInfo; ValidateDigestsOfTargetsInSecurityHeader(signedInfo, this.Timestamp, isPrimarySignature, signatureTarget, id); if (!isPrimarySignature) { if ((!this.RequireMessageProtection) && (securityKey is AsymmetricSecurityKey) && (this.Version.Addressing != AddressingVersion.None)) { // For Transport Security using Asymmetric Keys verify that // the 'To' header is signed. int headerIndex = this.Message.Headers.FindHeader(XD.AddressingDictionary.To.Value, this.Message.Version.Addressing.Namespace); if (headerIndex == -1) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.TransportSecuredMessageMissingToHeader))); XmlDictionaryReader toHeaderReader = this.Message.Headers.GetReaderAtHeader(headerIndex); id = toHeaderReader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace); if (id == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.UnsignedToHeaderInTransportSecuredMessage))); signedXml.EnsureDigestValidity(id, toHeaderReader); } signedXml.CompleteSignatureVerification(); return token; } this.pendingSignature = signedXml; if (TD.SignatureVerificationSuccessIsEnabled()) { TD.SignatureVerificationSuccess(this.EventTraceActivity); } return token; }
protected override SecurityToken VerifySignature(SignedXml signedXml, bool isPrimarySignature, SecurityHeaderTokenResolver resolver, object signatureTarget, string id) { SecurityToken token = this.ResolveSignatureToken(signedXml.Signature.KeyIdentifier, resolver, isPrimarySignature); if (isPrimarySignature) { base.RecordSignatureToken(token); } ReadOnlyCollection<SecurityKey> securityKeys = token.SecurityKeys; SecurityKey securityKey = ((securityKeys != null) && (securityKeys.Count > 0)) ? securityKeys[0] : null; if (securityKey == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("UnableToCreateICryptoFromTokenForSignatureVerification", new object[] { token }))); } base.AlgorithmSuite.EnsureAcceptableSignatureKeySize(securityKey, token); base.AlgorithmSuite.EnsureAcceptableSignatureAlgorithm(securityKey, signedXml.Signature.SignedInfo.SignatureMethod); signedXml.StartSignatureVerification(securityKey); StandardSignedInfo signedInfo = (StandardSignedInfo) signedXml.Signature.SignedInfo; this.ValidateDigestsOfTargetsInSecurityHeader(signedInfo, base.Timestamp, isPrimarySignature, signatureTarget, id); if (!isPrimarySignature) { if ((!base.RequireMessageProtection && (securityKey is AsymmetricSecurityKey)) && (base.Version.Addressing != AddressingVersion.None)) { int headerIndex = base.Message.Headers.FindHeader(System.ServiceModel.XD.AddressingDictionary.To.Value, base.Message.Version.Addressing.Namespace); if (headerIndex == -1) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("TransportSecuredMessageMissingToHeader"))); } XmlDictionaryReader readerAtHeader = base.Message.Headers.GetReaderAtHeader(headerIndex); id = readerAtHeader.GetAttribute(System.ServiceModel.XD.UtilityDictionary.IdAttribute, System.ServiceModel.XD.UtilityDictionary.Namespace); if (id == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("UnsignedToHeaderInTransportSecuredMessage"))); } signedXml.EnsureDigestValidity(id, readerAtHeader); } signedXml.CompleteSignatureVerification(); return token; } this.pendingSignature = signedXml; return token; }
public void Process(TimeSpan timeout, ChannelBinding channelBinding, ExtendedProtectionPolicy extendedProtectionPolicy) { Fx.Assert(ReaderQuotas != null, "Reader quotas must be set before processing"); MessageProtectionOrder actualProtectionOrder = _protectionOrder; bool wasProtectionOrderDowngraded = false; if (_protectionOrder == MessageProtectionOrder.SignBeforeEncryptAndEncryptSignature) { throw ExceptionHelper.PlatformNotSupported(); // No support for message encryption } _channelBinding = channelBinding; _extendedProtectionPolicy = extendedProtectionPolicy; _orderTracker.SetRequiredProtectionOrder(actualProtectionOrder); SetProcessingStarted(); _timeoutHelper = new TimeoutHelper(timeout); Message = SecurityVerifiedMessage = new SecurityVerifiedMessage(Message, this); XmlDictionaryReader reader = CreateSecurityHeaderReader(); reader.MoveToStartElement(); if (reader.IsEmptyElement) { throw TraceUtility.ThrowHelperError(new MessageSecurityException(SR.SecurityHeaderIsEmpty), Message); } if (RequireMessageProtection) { _securityElementAttributes = XmlAttributeHolder.ReadAttributes(reader); } else { _securityElementAttributes = XmlAttributeHolder.emptyArray; } reader.ReadStartElement(); if (_primaryTokenParameters != null) { _primaryTokenTracker = new TokenTracker(null, _outOfBandPrimaryToken, _allowFirstTokenMismatch); } // universalTokenResolver is used for resolving tokens _universalTokenResolver = new SecurityHeaderTokenResolver(this); // primary token resolver is used for resolving primary signature and decryption _primaryTokenResolver = new SecurityHeaderTokenResolver(this); if (_outOfBandPrimaryToken != null) { _universalTokenResolver.Add(_outOfBandPrimaryToken, SecurityTokenReferenceStyle.External, _primaryTokenParameters); _primaryTokenResolver.Add(_outOfBandPrimaryToken, SecurityTokenReferenceStyle.External, _primaryTokenParameters); } else if (_outOfBandPrimaryTokenCollection != null) { for (int i = 0; i < _outOfBandPrimaryTokenCollection.Count; ++i) { _universalTokenResolver.Add(_outOfBandPrimaryTokenCollection[i], SecurityTokenReferenceStyle.External, _primaryTokenParameters); _primaryTokenResolver.Add(_outOfBandPrimaryTokenCollection[i], SecurityTokenReferenceStyle.External, _primaryTokenParameters); } } if (_wrappingToken != null) { _universalTokenResolver.ExpectedWrapper = _wrappingToken; _universalTokenResolver.ExpectedWrapperTokenParameters = _wrappingTokenParameters; _primaryTokenResolver.ExpectedWrapper = _wrappingToken; _primaryTokenResolver.ExpectedWrapperTokenParameters = _wrappingTokenParameters; } if (_outOfBandTokenResolver == null) { CombinedUniversalTokenResolver = _universalTokenResolver; _combinedPrimaryTokenResolver = _primaryTokenResolver; } else { CombinedUniversalTokenResolver = new AggregateSecurityHeaderTokenResolver(_universalTokenResolver, _outOfBandTokenResolver); _combinedPrimaryTokenResolver = new AggregateSecurityHeaderTokenResolver(_primaryTokenResolver, _outOfBandTokenResolver); } _allowedAuthenticators = new List <SecurityTokenAuthenticator>(); if (_primaryTokenAuthenticator != null) { _allowedAuthenticators.Add(_primaryTokenAuthenticator); } if (DerivedTokenAuthenticator != null) { _allowedAuthenticators.Add(DerivedTokenAuthenticator); } _pendingSupportingTokenAuthenticator = null; int numSupportingTokensRequiringDerivation = 0; if (_supportingTokenAuthenticators != null && _supportingTokenAuthenticators.Count > 0) { _supportingTokenTrackers = new List <TokenTracker>(_supportingTokenAuthenticators.Count); for (int i = 0; i < _supportingTokenAuthenticators.Count; ++i) { SupportingTokenAuthenticatorSpecification spec = _supportingTokenAuthenticators[i]; switch (spec.SecurityTokenAttachmentMode) { case SecurityTokenAttachmentMode.Endorsing: _hasEndorsingOrSignedEndorsingSupportingTokens = true; break; case SecurityTokenAttachmentMode.Signed: break; case SecurityTokenAttachmentMode.SignedEndorsing: _hasEndorsingOrSignedEndorsingSupportingTokens = true; break; case SecurityTokenAttachmentMode.SignedEncrypted: break; } if ((_primaryTokenAuthenticator != null) && (_primaryTokenAuthenticator.GetType().Equals(spec.TokenAuthenticator.GetType()))) { _pendingSupportingTokenAuthenticator = spec.TokenAuthenticator; } else { _allowedAuthenticators.Add(spec.TokenAuthenticator); } if (spec.TokenParameters.RequireDerivedKeys && !spec.TokenParameters.HasAsymmetricKey && (spec.SecurityTokenAttachmentMode == SecurityTokenAttachmentMode.Endorsing || spec.SecurityTokenAttachmentMode == SecurityTokenAttachmentMode.SignedEndorsing)) { ++numSupportingTokensRequiringDerivation; } _supportingTokenTrackers.Add(new TokenTracker(spec)); } } if (DerivedTokenAuthenticator != null) { // we expect key derivation. Compute quotas for derived keys int maxKeyDerivationLengthInBits = AlgorithmSuite.DefaultEncryptionKeyDerivationLength >= AlgorithmSuite.DefaultSignatureKeyDerivationLength ? AlgorithmSuite.DefaultEncryptionKeyDerivationLength : AlgorithmSuite.DefaultSignatureKeyDerivationLength; MaxDerivedKeyLength = maxKeyDerivationLengthInBits / 8; // the upper bound of derived keys is (1 for primary signature + 1 for encryption + supporting token signatures requiring derivation)*2 // the multiplication by 2 is to take care of interop scenarios that may arise that require more derived keys than the lower bound. _maxDerivedKeys = (1 + 1 + numSupportingTokensRequiringDerivation) * 2; } SecurityHeaderElementInferenceEngine engine = SecurityHeaderElementInferenceEngine.GetInferenceEngine(Layout); engine.ExecuteProcessingPasses(this, reader); if (RequireMessageProtection) { throw ExceptionHelper.PlatformNotSupported(); } EnsureDecryptionComplete(); _signatureTracker.SetDerivationSourceIfRequired(); _encryptionTracker.SetDerivationSourceIfRequired(); if (EncryptionToken != null) { throw ExceptionHelper.PlatformNotSupported(); } // ensure that the primary signature was signed with derived keys if required if (EnforceDerivedKeyRequirement) { if (SignatureToken != null) { if (_primaryTokenParameters != null) { if (_primaryTokenParameters.RequireDerivedKeys && !_primaryTokenParameters.HasAsymmetricKey && !_primaryTokenTracker.IsDerivedFrom) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.Format(SR.PrimarySignatureWasNotSignedByDerivedKey, _primaryTokenParameters))); } } else if (_wrappingTokenParameters != null && _wrappingTokenParameters.RequireDerivedKeys) { if (!_signatureTracker.IsDerivedToken) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.Format(SR.PrimarySignatureWasNotSignedByDerivedWrappedKey, _wrappingTokenParameters))); } } } // verify that the encryption is using key derivation if (EncryptionToken != null) { throw ExceptionHelper.PlatformNotSupported(); } } if (wasProtectionOrderDowngraded && (BasicSupportingTokens != null) && (BasicSupportingTokens.Count > 0)) { throw ExceptionHelper.PlatformNotSupported(); } // verify all supporting token parameters have their requirements met if (_supportingTokenTrackers != null && _supportingTokenTrackers.Count > 0) { throw ExceptionHelper.PlatformNotSupported(); } if (_replayDetectionEnabled) { throw ExceptionHelper.PlatformNotSupported(); } if (ExpectSignatureConfirmation) { throw ExceptionHelper.PlatformNotSupported(); } MarkHeaderAsUnderstood(); }
public AggregateSecurityHeaderTokenResolver(SecurityHeaderTokenResolver tokenResolver, ReadOnlyCollection <SecurityTokenResolver> outOfBandTokenResolvers) : base(outOfBandTokenResolvers) { _tokenResolver = tokenResolver ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(tokenResolver)); }
protected override SecurityToken VerifySignature(SignedXml signedXml, bool isPrimarySignature, SecurityHeaderTokenResolver resolver, object signatureTarget, string id) { if (TD.SignatureVerificationStartIsEnabled()) { TD.SignatureVerificationStart(this.EventTraceActivity); } SecurityToken token = ResolveSignatureToken(signedXml.Signature.KeyIdentifier, resolver, isPrimarySignature); if (isPrimarySignature) { RecordSignatureToken(token); } ReadOnlyCollection <SecurityKey> keys = token.SecurityKeys; SecurityKey securityKey = (keys != null && keys.Count > 0) ? keys[0] : null; if (securityKey == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException( SR.GetString(SR.UnableToCreateICryptoFromTokenForSignatureVerification, token))); } this.AlgorithmSuite.EnsureAcceptableSignatureKeySize(securityKey, token); this.AlgorithmSuite.EnsureAcceptableSignatureAlgorithm(securityKey, signedXml.Signature.SignedInfo.SignatureMethod); signedXml.StartSignatureVerification(securityKey); StandardSignedInfo signedInfo = (StandardSignedInfo)signedXml.Signature.SignedInfo; ValidateDigestsOfTargetsInSecurityHeader(signedInfo, this.Timestamp, isPrimarySignature, signatureTarget, id); if (!isPrimarySignature) { if ((!this.RequireMessageProtection) && (securityKey is AsymmetricSecurityKey) && (this.Version.Addressing != AddressingVersion.None)) { // For Transport Security using Asymmetric Keys verify that // the 'To' header is signed. int headerIndex = this.Message.Headers.FindHeader(XD.AddressingDictionary.To.Value, this.Message.Version.Addressing.Namespace); if (headerIndex == -1) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.TransportSecuredMessageMissingToHeader))); } XmlDictionaryReader toHeaderReader = this.Message.Headers.GetReaderAtHeader(headerIndex); id = toHeaderReader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace); // DevDiv:938534 - We added a flag that allow unsigned headers. If this is set, we do not throw an Exception but move on to CompleteSignatureVerification() if (LocalAppContextSwitches.AllowUnsignedToHeader) { // The lack of an id indicates that the sender did not wish to sign the header. We can safely assume that null indicates this header is not signed. // If id is not null, then we need to validate the Digest and ensure signature is valid. The exception is thrown deeper in the System.IdentityModel stack. if (id != null) { signedXml.EnsureDigestValidityIfIdMatches(id, toHeaderReader); } } else { // default behavior for all platforms if (id == null) { // throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.UnsignedToHeaderInTransportSecuredMessage))); } signedXml.EnsureDigestValidity(id, toHeaderReader); } } signedXml.CompleteSignatureVerification(); return(token); } this.pendingSignature = signedXml; if (TD.SignatureVerificationSuccessIsEnabled()) { TD.SignatureVerificationSuccess(this.EventTraceActivity); } return(token); }
protected override SecurityToken VerifySignature(SignedXml signedXml, bool isPrimarySignature, SecurityHeaderTokenResolver resolver, object signatureTarget, string id) { if (TD.SignatureVerificationStartIsEnabled()) { TD.SignatureVerificationStart(this.EventTraceActivity); } SecurityToken token = ResolveSignatureToken(signedXml.Signature.KeyIdentifier, resolver, isPrimarySignature); if (isPrimarySignature) { RecordSignatureToken(token); } ReadOnlyCollection<SecurityKey> keys = token.SecurityKeys; SecurityKey securityKey = (keys != null && keys.Count > 0) ? keys[0] : null; if (securityKey == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException( SR.GetString(SR.UnableToCreateICryptoFromTokenForSignatureVerification, token))); } this.AlgorithmSuite.EnsureAcceptableSignatureKeySize(securityKey, token); this.AlgorithmSuite.EnsureAcceptableSignatureAlgorithm(securityKey, signedXml.Signature.SignedInfo.SignatureMethod); signedXml.StartSignatureVerification(securityKey); StandardSignedInfo signedInfo = (StandardSignedInfo)signedXml.Signature.SignedInfo; ValidateDigestsOfTargetsInSecurityHeader(signedInfo, this.Timestamp, isPrimarySignature, signatureTarget, id); if (!isPrimarySignature) { if ((!this.RequireMessageProtection) && (securityKey is AsymmetricSecurityKey) && (this.Version.Addressing != AddressingVersion.None)) { // For Transport Security using Asymmetric Keys verify that // the 'To' header is signed. int headerIndex = this.Message.Headers.FindHeader(XD.AddressingDictionary.To.Value, this.Message.Version.Addressing.Namespace); if (headerIndex == -1) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.TransportSecuredMessageMissingToHeader))); XmlDictionaryReader toHeaderReader = this.Message.Headers.GetReaderAtHeader(headerIndex); id = toHeaderReader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace); // DevDiv:938534 - We added a flag that allow unsigned headers. If this is set, we do not throw an Exception but move on to CompleteSignatureVerification() if (LocalAppContextSwitches.AllowUnsignedToHeader) { // The lack of an id indicates that the sender did not wish to sign the header. We can safely assume that null indicates this header is not signed. // If id is not null, then we need to validate the Digest and ensure signature is valid. The exception is thrown deeper in the System.IdentityModel stack. if (id != null) { signedXml.EnsureDigestValidityIfIdMatches(id, toHeaderReader); } } else { // default behavior for all platforms if (id == null) { // throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.UnsignedToHeaderInTransportSecuredMessage))); } signedXml.EnsureDigestValidity(id, toHeaderReader); } } signedXml.CompleteSignatureVerification(); return token; } this.pendingSignature = signedXml; if (TD.SignatureVerificationSuccessIsEnabled()) { TD.SignatureVerificationSuccess(this.EventTraceActivity); } return token; }
WrappedKeySecurityToken CreateWrappedKeyToken(string id, string encryptionMethod, string carriedKeyName, SecurityKeyIdentifier unwrappingTokenIdentifier, byte[] wrappedKey, SecurityTokenResolver tokenResolver) { ISspiNegotiationInfo sspiResolver = tokenResolver as ISspiNegotiationInfo; if (sspiResolver != null) { ISspiNegotiation unwrappingSspiContext = sspiResolver.SspiNegotiation; // ensure that the encryption algorithm is compatible if (encryptionMethod != unwrappingSspiContext.KeyEncryptionAlgorithm) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.BadKeyEncryptionAlgorithm, encryptionMethod))); } byte[] unwrappedKey = unwrappingSspiContext.Decrypt(wrappedKey); return(new WrappedKeySecurityToken(id, unwrappedKey, encryptionMethod, unwrappingSspiContext, unwrappedKey)); } else { if (tokenResolver == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("tokenResolver")); } if (unwrappingTokenIdentifier == null || unwrappingTokenIdentifier.Count == 0) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.MissingKeyInfoInEncryptedKey))); } SecurityToken unwrappingToken; SecurityHeaderTokenResolver resolver = tokenResolver as SecurityHeaderTokenResolver; if (resolver != null) { unwrappingToken = resolver.ExpectedWrapper; if (unwrappingToken != null) { if (!resolver.CheckExternalWrapperMatch(unwrappingTokenIdentifier)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException( SR.GetString(SR.EncryptedKeyWasNotEncryptedWithTheRequiredEncryptingToken, unwrappingToken))); } } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException( SR.GetString(SR.UnableToResolveKeyInfoForUnwrappingToken, unwrappingTokenIdentifier, resolver))); } } else { try { unwrappingToken = tokenResolver.ResolveToken(unwrappingTokenIdentifier); } catch (Exception exception) { if (exception is MessageSecurityException) { throw; } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException( SR.GetString(SR.UnableToResolveKeyInfoForUnwrappingToken, unwrappingTokenIdentifier, tokenResolver), exception)); } } SecurityKey unwrappingSecurityKey; byte[] unwrappedKey = SecurityUtils.DecryptKey(unwrappingToken, encryptionMethod, wrappedKey, out unwrappingSecurityKey); return(new WrappedKeySecurityToken(id, unwrappedKey, encryptionMethod, unwrappingToken, unwrappingTokenIdentifier, wrappedKey, unwrappingSecurityKey)); } }