mono/linux-packaging-mono
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Imported Upstream version 4.6.0.125

Browse Source 
Former-commit-id: a2155e9bd80020e49e72e86c44da02a8ac0e57a4
This commit is contained in:
Xamarin Public Jenkins (auto-signing)
2016-08-03 10:59:49 +00:00
parent a569aebcfd
commit e79aa3c0ed
17047 changed files with 3137615 additions and 392334 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/BinarySecretKeyIdentifierClause.cs Normal file
View File

@@ -0,0 +1,58 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.IdentityModel;
using System.IdentityModel.Tokens;
using System.Runtime.CompilerServices;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
public class BinarySecretKeyIdentifierClause : BinaryKeyIdentifierClause
{
InMemorySymmetricSecurityKey symmetricKey;
public BinarySecretKeyIdentifierClause(byte[] key)
: this(key, true)
{
}
public BinarySecretKeyIdentifierClause(byte[] key, bool cloneBuffer)
: this(key, cloneBuffer, null, 0)
{
}
public BinarySecretKeyIdentifierClause(byte[] key, bool cloneBuffer, byte[] derivationNonce, int derivationLength)
: base(XD.TrustFeb2005Dictionary.BinarySecretClauseType.Value, key, cloneBuffer, derivationNonce, derivationLength)
{
}
public byte[] GetKeyBytes()
{
return GetBuffer();
}
public override bool CanCreateKey
{
get { return true; }
}
public override SecurityKey CreateKey()
{
if (this.symmetricKey == null)
this.symmetricKey = new InMemorySymmetricSecurityKey(GetBuffer(), false);
return this.symmetricKey;
}
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause)
{
BinarySecretKeyIdentifierClause that = keyIdentifierClause as BinarySecretKeyIdentifierClause;
// PreSharp Bug: Parameter 'that' to this public method must be validated: A null-dereference can occur here.
#pragma warning suppress 56506
return ReferenceEquals(this, that) || (that != null && that.Matches(this.GetRawBuffer()));
}
}
}

131
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/EncryptedKey.cs Normal file
View File

@@ -0,0 +1,131 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.IdentityModel;
using System.Runtime.CompilerServices;
using System.Xml;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
sealed class EncryptedKey : EncryptedType
{
internal static readonly XmlDictionaryString CarriedKeyElementName = XD.XmlEncryptionDictionary.CarriedKeyName;
internal static readonly XmlDictionaryString ElementName = XD.XmlEncryptionDictionary.EncryptedKey;
internal static readonly XmlDictionaryString RecipientAttribute = XD.XmlEncryptionDictionary.Recipient;
string carriedKeyName;
string recipient;
ReferenceList referenceList;
byte[] wrappedKey;
public string CarriedKeyName
{
get { return this.carriedKeyName; }
set { this.carriedKeyName = value; }
}
public string Recipient
{
get { return this.recipient; }
set { this.recipient = value; }
}
public ReferenceList ReferenceList
{
get { return this.referenceList; }
set { this.referenceList = value; }
}
protected override XmlDictionaryString OpeningElementName
{
get { return ElementName; }
}
protected override void ForceEncryption()
{
// no work to be done here since, unlike bulk encryption, key wrapping is done eagerly
}
public byte[] GetWrappedKey()
{
if (this.State == EncryptionState.New)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.BadEncryptionState)));
}
return this.wrappedKey;
}
public void SetUpKeyWrap(byte[] wrappedKey)
{
if (this.State != EncryptionState.New)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.BadEncryptionState)));
}
if (wrappedKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("wrappedKey");
}
this.wrappedKey = wrappedKey;
this.State = EncryptionState.Encrypted;
}
protected override void ReadAdditionalAttributes(XmlDictionaryReader reader)
{
this.recipient = reader.GetAttribute(RecipientAttribute, null);
}
protected override void ReadAdditionalElements(XmlDictionaryReader reader)
{
if (reader.IsStartElement(ReferenceList.ElementName, EncryptedType.NamespaceUri))
{
this.referenceList = new ReferenceList();
this.referenceList.ReadFrom(reader);
}
if (reader.IsStartElement(CarriedKeyElementName, EncryptedType.NamespaceUri))
{
reader.ReadStartElement(CarriedKeyElementName, EncryptedType.NamespaceUri);
this.carriedKeyName = reader.ReadString();
reader.ReadEndElement();
}
}
protected override void ReadCipherData(XmlDictionaryReader reader)
{
this.wrappedKey = reader.ReadContentAsBase64();
}
protected override void ReadCipherData(XmlDictionaryReader reader, long maxBufferSize)
{
this.wrappedKey = SecurityUtils.ReadContentAsBase64(reader, maxBufferSize);
}
protected override void WriteAdditionalAttributes(XmlDictionaryWriter writer, DictionaryManager dictionaryManager)
{
if (this.recipient != null)
{
writer.WriteAttributeString(RecipientAttribute, null, this.recipient);
}
}
protected override void WriteAdditionalElements(XmlDictionaryWriter writer, DictionaryManager dictionaryManager)
{
if (this.carriedKeyName != null)
{
writer.WriteStartElement(CarriedKeyElementName, EncryptedType.NamespaceUri);
writer.WriteString(this.carriedKeyName);
writer.WriteEndElement(); // CarriedKeyName
}
if (this.referenceList != null)
{
this.referenceList.WriteTo(writer, dictionaryManager);
}
}
protected override void WriteCipherData(XmlDictionaryWriter writer)
{
writer.WriteBase64(this.wrappedKey, 0, this.wrappedKey.Length);
}
}
}

38
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/EncryptedKeyHashIdentifierClause.cs Normal file
View File

@@ -0,0 +1,38 @@
//-----------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.Globalization;
using System.IdentityModel.Tokens;
using System.Runtime.CompilerServices;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
sealed class EncryptedKeyHashIdentifierClause : BinaryKeyIdentifierClause
{
public EncryptedKeyHashIdentifierClause(byte[] encryptedKeyHash)
: this(encryptedKeyHash, true)
{
}
internal EncryptedKeyHashIdentifierClause(byte[] encryptedKeyHash, bool cloneBuffer)
: this(encryptedKeyHash, cloneBuffer, null, 0)
{
}
internal EncryptedKeyHashIdentifierClause(byte[] encryptedKeyHash, bool cloneBuffer, byte[] derivationNonce, int derivationLength)
: base(null, encryptedKeyHash, cloneBuffer, derivationNonce, derivationLength)
{
}
public byte[] GetEncryptedKeyHash()
{
return GetBuffer();
}
public override string ToString()
{
return string.Format(CultureInfo.InvariantCulture, "EncryptedKeyHashIdentifierClause(Hash = {0})", Convert.ToBase64String(GetRawBuffer()));
}
}
}

457
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/EncryptedType.cs Normal file
View File

@@ -0,0 +1,457 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.IdentityModel;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Runtime;
using System.Runtime.CompilerServices;
using System.Xml;
using DictionaryManager = System.IdentityModel.DictionaryManager;
using ISecurityElement = System.IdentityModel.ISecurityElement;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
abstract class EncryptedType : ISecurityElement
{
internal static readonly XmlDictionaryString NamespaceUri = XD.XmlEncryptionDictionary.Namespace;
internal static readonly XmlDictionaryString EncodingAttribute = XD.XmlEncryptionDictionary.Encoding;
internal static readonly XmlDictionaryString MimeTypeAttribute = XD.XmlEncryptionDictionary.MimeType;
internal static readonly XmlDictionaryString TypeAttribute = XD.XmlEncryptionDictionary.Type;
internal static readonly XmlDictionaryString CipherDataElementName = XD.XmlEncryptionDictionary.CipherData;
internal static readonly XmlDictionaryString CipherValueElementName = XD.XmlEncryptionDictionary.CipherValue;
string encoding;
EncryptionMethodElement encryptionMethod;
string id;
string wsuId;
SecurityKeyIdentifier keyIdentifier;
string mimeType;
EncryptionState state;
string type;
SecurityTokenSerializer tokenSerializer;
bool shouldReadXmlReferenceKeyInfoClause;
protected EncryptedType()
{
this.encryptionMethod.Init();
this.state = EncryptionState.New;
this.tokenSerializer = new KeyInfoSerializer(false);
}
public string Encoding
{
get
{
return this.encoding;
}
set
{
this.encoding = value;
}
}
public string EncryptionMethod
{
get
{
return this.encryptionMethod.algorithm;
}
set
{
this.encryptionMethod.algorithm = value;
}
}
public XmlDictionaryString EncryptionMethodDictionaryString
{
get
{
return this.encryptionMethod.algorithmDictionaryString;
}
set
{
this.encryptionMethod.algorithmDictionaryString = value;
}
}
public bool HasId
{
get
{
return true;
}
}
public string Id
{
get
{
return this.id;
}
set
{
this.id = value;
}
}
// This is set to true on the client side. And this means that when this knob is set to true and the default serializers on the client side fail
// to read the KeyInfo clause from the incoming response message from a service; then the ckient should
// try to read the keyInfo clause as GenericXmlSecurityKeyIdentifierClause before throwing.
public bool ShouldReadXmlReferenceKeyInfoClause
{
get
{
return this.shouldReadXmlReferenceKeyInfoClause;
}
set
{
this.shouldReadXmlReferenceKeyInfoClause = value;
}
}
public string WsuId
{
get
{
return this.wsuId;
}
set
{
this.wsuId = value;
}
}
public SecurityKeyIdentifier KeyIdentifier
{
get
{
return this.keyIdentifier;
}
set
{
this.keyIdentifier = value;
}
}
public string MimeType
{
get
{
return this.mimeType;
}
set
{
this.mimeType = value;
}
}
public string Type
{
get
{
return this.type;
}
set
{
this.type = value;
}
}
protected abstract XmlDictionaryString OpeningElementName
{
get;
}
protected EncryptionState State
{
get
{
return this.state;
}
set
{
this.state = value;
}
}
public SecurityTokenSerializer SecurityTokenSerializer
{
get
{
return this.tokenSerializer;
}
set
{
this.tokenSerializer = value ?? new KeyInfoSerializer(false);
}
}
protected abstract void ForceEncryption();
protected virtual void ReadAdditionalAttributes(XmlDictionaryReader reader)
{
}
protected virtual void ReadAdditionalElements(XmlDictionaryReader reader)
{
}
protected abstract void ReadCipherData(XmlDictionaryReader reader);
protected abstract void ReadCipherData(XmlDictionaryReader reader, long maxBufferSize);
public void ReadFrom(XmlReader reader)
{
ReadFrom(reader, 0);
}
public void ReadFrom(XmlDictionaryReader reader)
{
ReadFrom(reader, 0);
}
public void ReadFrom(XmlReader reader, long maxBufferSize)
{
ReadFrom(XmlDictionaryReader.CreateDictionaryReader(reader), maxBufferSize);
}
public void ReadFrom(XmlDictionaryReader reader, long maxBufferSize)
{
ValidateReadState();
reader.MoveToStartElement(OpeningElementName, NamespaceUri);
this.encoding = reader.GetAttribute(EncodingAttribute, null);
this.id = reader.GetAttribute(XD.XmlEncryptionDictionary.Id, null) ?? SecurityUniqueId.Create().Value;
this.wsuId = reader.GetAttribute(XD.XmlEncryptionDictionary.Id, XD.UtilityDictionary.Namespace) ?? SecurityUniqueId.Create().Value;
this.mimeType = reader.GetAttribute(MimeTypeAttribute, null);
this.type = reader.GetAttribute(TypeAttribute, null);
ReadAdditionalAttributes(reader);
reader.Read();
if (reader.IsStartElement(EncryptionMethodElement.ElementName, NamespaceUri))
{
this.encryptionMethod.ReadFrom(reader);
}
if (this.tokenSerializer.CanReadKeyIdentifier(reader))
{
XmlElement xml = null;
XmlDictionaryReader localReader;
if (this.ShouldReadXmlReferenceKeyInfoClause)
{
// We create the dom only when needed to not affect perf.
XmlDocument doc = new XmlDocument();
xml = (doc.ReadNode(reader) as XmlElement);
localReader = XmlDictionaryReader.CreateDictionaryReader(new XmlNodeReader(xml));
}
else
{
localReader = reader;
}
try
{
this.KeyIdentifier = this.tokenSerializer.ReadKeyIdentifier(localReader);
}
catch (Exception e)
{
// In case when the issued token ( custom token) is used as an initiator token; we will fail
// to read the keyIdentifierClause using the plugged in default serializer. So We need to try to read it as an XmlReferencekeyIdentifierClause
// if it is the client side.
if (Fx.IsFatal(e) || !this.ShouldReadXmlReferenceKeyInfoClause)
{
throw;
}
this.keyIdentifier = ReadGenericXmlSecurityKeyIdentifier( XmlDictionaryReader.CreateDictionaryReader( new XmlNodeReader(xml)), e);
}
}
reader.ReadStartElement(CipherDataElementName, EncryptedType.NamespaceUri);
reader.ReadStartElement(CipherValueElementName, EncryptedType.NamespaceUri);
if (maxBufferSize == 0)
ReadCipherData(reader);
else
ReadCipherData(reader, maxBufferSize);
reader.ReadEndElement(); // CipherValue
reader.ReadEndElement(); // CipherData
ReadAdditionalElements(reader);
reader.ReadEndElement(); // OpeningElementName
this.State = EncryptionState.Read;
}
private SecurityKeyIdentifier ReadGenericXmlSecurityKeyIdentifier(XmlDictionaryReader localReader, Exception previousException)
{
if (!localReader.IsStartElement(XD.XmlSignatureDictionary.KeyInfo, XD.XmlSignatureDictionary.Namespace))
{
return null;
}
localReader.ReadStartElement(XD.XmlSignatureDictionary.KeyInfo, XD.XmlSignatureDictionary.Namespace);
SecurityKeyIdentifier keyIdentifier = new SecurityKeyIdentifier();
if (localReader.IsStartElement())
{
SecurityKeyIdentifierClause clause = null;
string strId = localReader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace);
XmlDocument doc = new XmlDocument();
XmlElement keyIdentifierReferenceXml = (doc.ReadNode(localReader) as XmlElement);
clause = new GenericXmlSecurityKeyIdentifierClause(keyIdentifierReferenceXml);
if (!string.IsNullOrEmpty(strId))
clause.Id = strId;
keyIdentifier.Add(clause);
}
if (keyIdentifier.Count == 0)
throw previousException;
localReader.ReadEndElement();
return keyIdentifier;
}
protected virtual void WriteAdditionalAttributes(XmlDictionaryWriter writer, DictionaryManager dictionaryManager)
{
}
protected virtual void WriteAdditionalElements(XmlDictionaryWriter writer, DictionaryManager dictionaryManager)
{
}
protected abstract void WriteCipherData(XmlDictionaryWriter writer);
public void WriteTo(XmlDictionaryWriter writer, DictionaryManager dictionaryManager)
{
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
}
ValidateWriteState();
writer.WriteStartElement(XmlEncryptionStrings.Prefix, this.OpeningElementName, NamespaceUri);
if (this.id != null && this.id.Length != 0)
{
writer.WriteAttributeString(XD.XmlEncryptionDictionary.Id, null, this.Id);
}
if (this.type != null)
{
writer.WriteAttributeString(TypeAttribute, null, this.Type);
}
if (this.mimeType != null)
{
writer.WriteAttributeString(MimeTypeAttribute, null, this.MimeType);
}
if (this.encoding != null)
{
writer.WriteAttributeString(EncodingAttribute, null, this.Encoding);
}
WriteAdditionalAttributes(writer, dictionaryManager);
if (this.encryptionMethod.algorithm != null)
{
this.encryptionMethod.WriteTo(writer);
}
if (this.KeyIdentifier != null)
{
this.tokenSerializer.WriteKeyIdentifier(writer, this.KeyIdentifier);
}
writer.WriteStartElement(CipherDataElementName, NamespaceUri);
writer.WriteStartElement(CipherValueElementName, NamespaceUri);
WriteCipherData(writer);
writer.WriteEndElement(); // CipherValue
writer.WriteEndElement(); // CipherData
WriteAdditionalElements(writer, dictionaryManager);
writer.WriteEndElement(); // OpeningElementName
}
void ValidateReadState()
{
if (this.State != EncryptionState.New)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityMessageSerializationException(SR.GetString(SR.BadEncryptionState)));
}
}
void ValidateWriteState()
{
if (this.State == EncryptionState.EncryptionSetup)
{
ForceEncryption();
}
else if (this.State == EncryptionState.New)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityMessageSerializationException(SR.GetString(SR.BadEncryptionState)));
}
}
protected enum EncryptionState
{
New,
Read,
DecryptionSetup,
Decrypted,
EncryptionSetup,
Encrypted
}
struct EncryptionMethodElement
{
internal string algorithm;
internal XmlDictionaryString algorithmDictionaryString;
internal static readonly XmlDictionaryString ElementName = XD.XmlEncryptionDictionary.EncryptionMethod;
public void Init()
{
this.algorithm = null;
}
public void ReadFrom(XmlDictionaryReader reader)
{
reader.MoveToStartElement(ElementName, XD.XmlEncryptionDictionary.Namespace);
bool isEmptyElement = reader.IsEmptyElement;
this.algorithm = reader.GetAttribute(XD.XmlSignatureDictionary.Algorithm, null);
if (this.algorithm == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityMessageSerializationException(
SR.GetString(SR.RequiredAttributeMissing, XD.XmlSignatureDictionary.Algorithm.Value, ElementName.Value)));
}
reader.Read();
if (!isEmptyElement)
{
while (reader.IsStartElement())
{
reader.Skip();
}
reader.ReadEndElement();
}
}
public void WriteTo(XmlDictionaryWriter writer)
{
writer.WriteStartElement(XmlEncryptionStrings.Prefix, ElementName, XD.XmlEncryptionDictionary.Namespace);
if (this.algorithmDictionaryString != null)
{
writer.WriteStartAttribute(XD.XmlSignatureDictionary.Algorithm, null);
writer.WriteString(this.algorithmDictionaryString);
writer.WriteEndAttribute();
}
else
{
writer.WriteAttributeString(XD.XmlSignatureDictionary.Algorithm, null, this.algorithm);
}
if (this.algorithm == XD.SecurityAlgorithmDictionary.RsaOaepKeyWrap.Value)
{
writer.WriteStartElement(XmlSignatureStrings.Prefix, XD.XmlSignatureDictionary.DigestMethod, XD.XmlSignatureDictionary.Namespace);
writer.WriteStartAttribute(XD.XmlSignatureDictionary.Algorithm, null);
writer.WriteString(XD.SecurityAlgorithmDictionary.Sha1Digest);
writer.WriteEndAttribute();
writer.WriteEndElement();
}
writer.WriteEndElement(); // EncryptionMethod
}
}
}
}

53
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/ISspiNegotiation.cs Normal file
View File

@@ -0,0 +1,53 @@
//-----------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System;
using System.Runtime.CompilerServices;
using System.Security.Authentication.ExtendedProtection;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
interface ISspiNegotiation : IDisposable
{
DateTime ExpirationTimeUtc
{
get;
}
/// <summary>
/// This indicates if the handshake is complete or not.
/// Note that the IsValidContext flag indicates if the handshake ended in
/// success or failure
/// </summary>
bool IsCompleted
{
get;
}
bool IsValidContext
{
get;
}
string KeyEncryptionAlgorithm
{
get;
}
byte[] Decrypt(byte[] encryptedData);
byte[] Encrypt(byte[] data);
byte[] GetOutgoingBlob(byte[] incomingBlob, ChannelBinding channelbinding, ExtendedProtectionPolicy protectionPolicy);
string GetRemoteIdentityName();
}
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
interface ISspiNegotiationInfo
{
ISspiNegotiation SspiNegotiation { get; }
}
}

50
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/KeyNameIdentifierClause.cs Normal file
View File

@@ -0,0 +1,50 @@
//-----------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.Globalization;
using System.IdentityModel;
using System.IdentityModel.Tokens;
using System.Runtime.CompilerServices;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
public class KeyNameIdentifierClause : SecurityKeyIdentifierClause
{
string keyName;
public KeyNameIdentifierClause(string keyName)
: base(null)
{
if (keyName == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyName");
}
this.keyName = keyName;
}
public string KeyName
{
get { return this.keyName; }
}
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause)
{
KeyNameIdentifierClause that = keyIdentifierClause as KeyNameIdentifierClause;
// PreSharp Bug: Parameter 'that' to this public method must be validated: A null-dereference can occur here.
#pragma warning suppress 56506
return ReferenceEquals(this, that) || (that != null && that.Matches(this.keyName));
}
public bool Matches(string keyName)
{
return this.keyName == keyName;
}
public override string ToString()
{
return string.Format(CultureInfo.InvariantCulture, "KeyNameIdentifierClause(KeyName = '{0}')", this.KeyName);
}
}
}

141
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/ReferenceList.cs Normal file
View File

@@ -0,0 +1,141 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.Collections.Generic;
using System.IdentityModel;
using System.Runtime.CompilerServices;
using System.Xml;
using DictionaryManager = System.IdentityModel.DictionaryManager;
using ISecurityElement = System.IdentityModel.ISecurityElement;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
sealed class ReferenceList : ISecurityElement
{
internal static readonly XmlDictionaryString ElementName = XD.XmlEncryptionDictionary.ReferenceList;
const string NamespacePrefix = XmlEncryptionStrings.Prefix;
internal static readonly XmlDictionaryString NamespaceUri = EncryptedType.NamespaceUri;
internal static readonly XmlDictionaryString UriAttribute = XD.XmlEncryptionDictionary.URI;
List<string> referredIds = new List<string>();
public ReferenceList()
{
}
public int DataReferenceCount
{
get { return this.referredIds.Count; }
}
public bool HasId
{
get { return false; }
}
public string Id
{
get
{
// PreSharp Bug: Property get methods should not throw exceptions.
#pragma warning suppress 56503
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
}
public void AddReferredId(string id)
{
if (id == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("id"));
}
this.referredIds.Add(id);
}
public bool ContainsReferredId(string id)
{
if (id == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("id"));
}
return this.referredIds.Contains(id);
}
public string GetReferredId(int index)
{
return this.referredIds[index];
}
public void ReadFrom(XmlDictionaryReader reader)
{
reader.ReadStartElement(ElementName, NamespaceUri);
while (reader.IsStartElement())
{
string id = DataReference.ReadFrom(reader);
if (this.referredIds.Contains(id))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new SecurityMessageSerializationException(SR.GetString(SR.InvalidDataReferenceInReferenceList, "#" + id)));
}
this.referredIds.Add(id);
}
reader.ReadEndElement(); // ReferenceList
if (this.DataReferenceCount == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityMessageSerializationException(SR.GetString(SR.ReferenceListCannotBeEmpty)));
}
}
public bool TryRemoveReferredId(string id)
{
if (id == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("id"));
}
return this.referredIds.Remove(id);
}
public void WriteTo(XmlDictionaryWriter writer, DictionaryManager dictionaryManager)
{
if (this.DataReferenceCount == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ReferenceListCannotBeEmpty)));
}
writer.WriteStartElement(NamespacePrefix, ElementName, NamespaceUri);
for (int i = 0; i < this.DataReferenceCount; i++)
{
DataReference.WriteTo(writer, this.referredIds[i]);
}
writer.WriteEndElement(); // ReferenceList
}
static class DataReference
{
internal static readonly XmlDictionaryString ElementName = XD.XmlEncryptionDictionary.DataReference;
internal static readonly XmlDictionaryString NamespaceUri = EncryptedType.NamespaceUri;
public static string ReadFrom(XmlDictionaryReader reader)
{
string prefix;
string uri = XmlHelper.ReadEmptyElementAndRequiredAttribute(reader, ElementName, NamespaceUri, ReferenceList.UriAttribute, out prefix);
if (uri.Length < 2 || uri[0] != '#')
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new SecurityMessageSerializationException(SR.GetString(SR.InvalidDataReferenceInReferenceList, uri)));
}
return uri.Substring(1);
}
public static void WriteTo(XmlDictionaryWriter writer, string referredId)
{
writer.WriteStartElement(XD.XmlEncryptionDictionary.Prefix.Value, ElementName, NamespaceUri);
writer.WriteStartAttribute(ReferenceList.UriAttribute, null);
writer.WriteString("#");
writer.WriteString(referredId);
writer.WriteEndAttribute();
writer.WriteEndElement();
}
}
}
}

40
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/RelAssertionDirectKeyIdentifierClause.cs Normal file
View File

@@ -0,0 +1,40 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.IdentityModel;
using System.IdentityModel.Tokens;
using System.Runtime.CompilerServices;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
class RelAssertionDirectKeyIdentifierClause : SecurityKeyIdentifierClause
{
string assertionId;
public RelAssertionDirectKeyIdentifierClause(string assertionId, byte[] derivationNonce, int derivationLength)
: base(null, derivationNonce, derivationLength)
{
if (string.IsNullOrEmpty(assertionId))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.AssertionIdCannotBeNullOrEmpty));
}
this.assertionId = assertionId;
}
public string AssertionId
{
get { return this.assertionId; }
}
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause)
{
RelAssertionDirectKeyIdentifierClause that = keyIdentifierClause as RelAssertionDirectKeyIdentifierClause;
// PreSharp Bug: Parameter 'that' to this public method must be validated: A null-dereference can occur here.
#pragma warning suppress 56506
return (ReferenceEquals(this, that) || (that != null && that.AssertionId == this.AssertionId));
}
}
}

40
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/SamlAssertionDirectKeyIdentifierClause.cs Normal file
View File

@@ -0,0 +1,40 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.IdentityModel;
using System.IdentityModel.Tokens;
using System.Runtime.CompilerServices;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
class SamlAssertionDirectKeyIdentifierClause : SecurityKeyIdentifierClause
{
string samlUri;
public SamlAssertionDirectKeyIdentifierClause(string samlUri, byte[] derivationNonce, int derivationLength)
: base(null, derivationNonce, derivationLength)
{
if (string.IsNullOrEmpty(samlUri))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.SamlUriCannotBeNullOrEmpty));
}
this.samlUri = samlUri;
}
public string SamlUri
{
get { return this.samlUri; }
}
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause)
{
SamlAssertionDirectKeyIdentifierClause that = keyIdentifierClause as SamlAssertionDirectKeyIdentifierClause;
// PreSharp Bug: Parameter 'that' to this public method must be validated: A null-dereference can occur here.
#pragma warning suppress 56506
return (ReferenceEquals(this, that) || (that != null && that.SamlUri == this.SamlUri));
}
}
}

69
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/SecurityContextKeyIdentifierClause.cs Normal file
View File

@@ -0,0 +1,69 @@
//-----------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.Globalization;
using System.IdentityModel.Tokens;
using System.Runtime.CompilerServices;
using System.Xml;
using DiagnosticUtility = System.IdentityModel.DiagnosticUtility;
[TypeForwardedFrom( "System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" )]
public class SecurityContextKeyIdentifierClause : SecurityKeyIdentifierClause
{
readonly UniqueId contextId;
readonly UniqueId generation;
public SecurityContextKeyIdentifierClause(UniqueId contextId)
: this(contextId, null)
{
}
public SecurityContextKeyIdentifierClause(UniqueId contextId, UniqueId generation)
: this(contextId, generation, null, 0)
{
}
public SecurityContextKeyIdentifierClause(UniqueId contextId, UniqueId generation, byte[] derivationNonce, int derivationLength)
: base(null, derivationNonce, derivationLength)
{
if (contextId == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("contextId");
}
this.contextId = contextId;
this.generation = generation;
}
public UniqueId ContextId
{
get { return this.contextId; }
}
public UniqueId Generation
{
get { return this.generation; }
}
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause)
{
SecurityContextKeyIdentifierClause that = keyIdentifierClause as SecurityContextKeyIdentifierClause;
// PreSharp Bug: Parameter 'that' to this public method must be validated: A null-dereference can occur here.
#pragma warning suppress 56506
return ReferenceEquals(this, that) || (that != null && that.Matches(this.contextId, this.generation));
}
public bool Matches(UniqueId contextId, UniqueId generation)
{
return contextId == this.contextId && generation == this.generation;
}
public override string ToString()
{
return string.Format(CultureInfo.InvariantCulture, "SecurityContextKeyIdentifierClause(ContextId = '{0}', Generation = '{1}')",
this.ContextId, this.Generation);
}
}
}

117
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/Tokens/BinarySecretSecurityToken.cs Normal file
View File

@@ -0,0 +1,117 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security.Tokens
{
using System.Collections.ObjectModel;
using System.IdentityModel;
using System.IdentityModel.Tokens;
using System.Runtime.CompilerServices;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
public class BinarySecretSecurityToken : SecurityToken
{
string id;
DateTime effectiveTime;
byte[] key;
ReadOnlyCollection<SecurityKey> securityKeys;
public BinarySecretSecurityToken(int keySizeInBits)
: this(SecurityUniqueId.Create().Value, keySizeInBits)
{
}
public BinarySecretSecurityToken(string id, int keySizeInBits)
: this(id, keySizeInBits, true)
{
}
public BinarySecretSecurityToken(byte[] key)
: this(SecurityUniqueId.Create().Value, key)
{
}
public BinarySecretSecurityToken(string id, byte[] key)
: this(id, key, true)
{
}
protected BinarySecretSecurityToken(string id, int keySizeInBits, bool allowCrypto)
{
if (keySizeInBits <= 0 || keySizeInBits >= 512)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("keySizeInBits", SR.GetString(SR.ValueMustBeInRange, 0, 512)));
}
if ((keySizeInBits % 8) != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("keySizeInBits", SR.GetString(SR.KeyLengthMustBeMultipleOfEight, keySizeInBits)));
}
this.id = id;
this.effectiveTime = DateTime.UtcNow;
this.key = new byte[keySizeInBits / 8];
CryptoHelper.FillRandomBytes(this.key);
if (allowCrypto)
{
this.securityKeys = SecurityUtils.CreateSymmetricSecurityKeys(this.key);
}
else
{
this.securityKeys = EmptyReadOnlyCollection<SecurityKey>.Instance;
}
}
protected BinarySecretSecurityToken(string id, byte[] key, bool allowCrypto)
{
if (key == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("key");
this.id = id;
this.effectiveTime = DateTime.UtcNow;
this.key = new byte[key.Length];
Buffer.BlockCopy(key, 0, this.key, 0, key.Length);
if (allowCrypto)
{
this.securityKeys = SecurityUtils.CreateSymmetricSecurityKeys(this.key);
}
else
{
this.securityKeys = EmptyReadOnlyCollection<SecurityKey>.Instance;
}
}
public override string Id
{
get { return this.id; }
}
public override DateTime ValidFrom
{
get { return this.effectiveTime; }
}
public override DateTime ValidTo
{
// Never expire
get { return DateTime.MaxValue; }
}
public int KeySize
{
get { return (this.key.Length * 8); }
}
public override ReadOnlyCollection<SecurityKey> SecurityKeys
{
get { return this.securityKeys; }
}
public byte[] GetKeyBytes()
{
return SecurityUtils.CloneBuffer(this.key);
}
}
}

40
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/Tokens/BufferedGenericXmlSecurityToken.cs Normal file
View File

@@ -0,0 +1,40 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security.Tokens
{
using System;
using System.Collections.ObjectModel;
using System.IdentityModel;
using System.IdentityModel.Policy;
using System.IdentityModel.Tokens;
using System.Runtime.CompilerServices;
using System.Xml;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
class BufferedGenericXmlSecurityToken : GenericXmlSecurityToken
{
XmlBuffer tokenXmlBuffer;
public BufferedGenericXmlSecurityToken(
XmlElement tokenXml,
SecurityToken proofToken,
DateTime effectiveTime,
DateTime expirationTime,
SecurityKeyIdentifierClause internalTokenReference,
SecurityKeyIdentifierClause externalTokenReference,
ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies,
XmlBuffer tokenXmlBuffer
)
: base(tokenXml, proofToken, effectiveTime, expirationTime, internalTokenReference, externalTokenReference, authorizationPolicies)
{
this.tokenXmlBuffer = tokenXmlBuffer;
}
public XmlBuffer TokenXmlBuffer
{
get { return this.tokenXmlBuffer; }
}
}
}

241
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/Tokens/WrappedKeySecurityToken.cs Normal file
View File

@@ -0,0 +1,241 @@
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security.Tokens
{
using System.Collections.ObjectModel;
using System.IdentityModel;
using System.IdentityModel.Tokens;
using System.Runtime.CompilerServices;
using System.Security.Cryptography;
using System.ServiceModel.Security;
using System.Xml;
[TypeForwardedFrom("System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")]
public class WrappedKeySecurityToken : SecurityToken
{
string id;
DateTime effectiveTime;
EncryptedKey encryptedKey;
ReadOnlyCollection<SecurityKey> securityKey;
byte[] wrappedKey;
string wrappingAlgorithm;
ISspiNegotiation wrappingSspiContext;
SecurityToken wrappingToken;
SecurityKey wrappingSecurityKey;
SecurityKeyIdentifier wrappingTokenReference;
bool serializeCarriedKeyName;
byte[] wrappedKeyHash;
XmlDictionaryString wrappingAlgorithmDictionaryString;
// sender use
internal WrappedKeySecurityToken(string id, byte[] keyToWrap, ISspiNegotiation wrappingSspiContext)
: this(id, keyToWrap, (wrappingSspiContext != null) ? (wrappingSspiContext.KeyEncryptionAlgorithm) : null, wrappingSspiContext, null)
{
}
// sender use
public WrappedKeySecurityToken(string id, byte[] keyToWrap, string wrappingAlgorithm, SecurityToken wrappingToken, SecurityKeyIdentifier wrappingTokenReference)
: this(id, keyToWrap, wrappingAlgorithm, null, wrappingToken, wrappingTokenReference)
{
}
internal WrappedKeySecurityToken(string id, byte[] keyToWrap, string wrappingAlgorithm, XmlDictionaryString wrappingAlgorithmDictionaryString, SecurityToken wrappingToken, SecurityKeyIdentifier wrappingTokenReference)
: this(id, keyToWrap, wrappingAlgorithm, wrappingAlgorithmDictionaryString, wrappingToken, wrappingTokenReference, null, null)
{
}
// direct receiver use, chained sender use
internal WrappedKeySecurityToken(string id, byte[] keyToWrap, string wrappingAlgorithm, ISspiNegotiation wrappingSspiContext, byte[] wrappedKey)
: this(id, keyToWrap, wrappingAlgorithm, null)
{
if (wrappingSspiContext == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("wrappingSspiContext");
}
this.wrappingSspiContext = wrappingSspiContext;
if (wrappedKey == null)
{
this.wrappedKey = wrappingSspiContext.Encrypt(keyToWrap);
}
else
{
this.wrappedKey = wrappedKey;
}
this.serializeCarriedKeyName = false;
}
// receiver use
internal WrappedKeySecurityToken(string id, byte[] keyToWrap, string wrappingAlgorithm, SecurityToken wrappingToken, SecurityKeyIdentifier wrappingTokenReference, byte[] wrappedKey, SecurityKey wrappingSecurityKey)
: this(id, keyToWrap, wrappingAlgorithm, null, wrappingToken, wrappingTokenReference, wrappedKey, wrappingSecurityKey)
{
}
WrappedKeySecurityToken(string id, byte[] keyToWrap, string wrappingAlgorithm, XmlDictionaryString wrappingAlgorithmDictionaryString, SecurityToken wrappingToken, SecurityKeyIdentifier wrappingTokenReference, byte[] wrappedKey, SecurityKey wrappingSecurityKey)
: this(id, keyToWrap, wrappingAlgorithm, wrappingAlgorithmDictionaryString)
{
if (wrappingToken == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("wrappingToken");
}
this.wrappingToken = wrappingToken;
this.wrappingTokenReference = wrappingTokenReference;
if (wrappedKey == null)
{
this.wrappedKey = SecurityUtils.EncryptKey(wrappingToken, wrappingAlgorithm, keyToWrap);
}
else
{
this.wrappedKey = wrappedKey;
}
this.wrappingSecurityKey = wrappingSecurityKey;
this.serializeCarriedKeyName = true;
}
WrappedKeySecurityToken(string id, byte[] keyToWrap, string wrappingAlgorithm, XmlDictionaryString wrappingAlgorithmDictionaryString)
{
if (id == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("id");
if (wrappingAlgorithm == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("wrappingAlgorithm");
if (keyToWrap == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityKeyToWrap");
this.id = id;
this.effectiveTime = DateTime.UtcNow;
this.securityKey = SecurityUtils.CreateSymmetricSecurityKeys(keyToWrap);
this.wrappingAlgorithm = wrappingAlgorithm;
this.wrappingAlgorithmDictionaryString = wrappingAlgorithmDictionaryString;
}
public override string Id
{
get { return this.id; }
}
public override DateTime ValidFrom
{
get { return this.effectiveTime; }
}
public override DateTime ValidTo
{
// Never expire
get { return DateTime.MaxValue; }
}
internal EncryptedKey EncryptedKey
{
get { return this.encryptedKey; }
set { this.encryptedKey = value; }
}
internal ReferenceList ReferenceList
{
get
{
return this.encryptedKey == null ? null : this.encryptedKey.ReferenceList;
}
}
public string WrappingAlgorithm
{
get { return this.wrappingAlgorithm; }
}
internal SecurityKey WrappingSecurityKey
{
get { return this.wrappingSecurityKey; }
}
public SecurityToken WrappingToken
{
get { return this.wrappingToken; }
}
public SecurityKeyIdentifier WrappingTokenReference
{
get { return this.wrappingTokenReference; }
}
internal string CarriedKeyName
{
get { return null; }
}
public override ReadOnlyCollection<SecurityKey> SecurityKeys
{
get { return this.securityKey; }
}
internal byte[] GetHash()
{
if (this.wrappedKeyHash == null)
{
EnsureEncryptedKeySetUp();
using (HashAlgorithm hash = CryptoHelper.NewSha1HashAlgorithm())
{
this.wrappedKeyHash = hash.ComputeHash(this.encryptedKey.GetWrappedKey());
}
}
return wrappedKeyHash;
}
public byte[] GetWrappedKey()
{
return SecurityUtils.CloneBuffer(this.wrappedKey);
}
internal void EnsureEncryptedKeySetUp()
{
if (this.encryptedKey == null)
{
EncryptedKey ek = new EncryptedKey();
ek.Id = this.Id;
if (this.serializeCarriedKeyName)
{
ek.CarriedKeyName = this.CarriedKeyName;
}
else
{
ek.CarriedKeyName = null;
}
ek.EncryptionMethod = this.WrappingAlgorithm;
ek.EncryptionMethodDictionaryString = this.wrappingAlgorithmDictionaryString;
ek.SetUpKeyWrap(this.wrappedKey);
if (this.WrappingTokenReference != null)
{
ek.KeyIdentifier = this.WrappingTokenReference;
}
this.encryptedKey = ek;
}
}
public override bool CanCreateKeyIdentifierClause<T>()
{
if (typeof(T) == typeof(EncryptedKeyHashIdentifierClause))
return true;
return base.CanCreateKeyIdentifierClause<T>();
}
public override T CreateKeyIdentifierClause<T>()
{
if (typeof(T) == typeof(EncryptedKeyHashIdentifierClause))
return new EncryptedKeyHashIdentifierClause(GetHash()) as T;
return base.CreateKeyIdentifierClause<T>();
}
public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause)
{
EncryptedKeyHashIdentifierClause encKeyIdentifierClause = keyIdentifierClause as EncryptedKeyHashIdentifierClause;
if (encKeyIdentifierClause != null)
return encKeyIdentifierClause.Matches(GetHash());
return base.MatchesKeyIdentifierClause(keyIdentifierClause);
}
}
}

42
mcs/class/referencesource/System.IdentityModel/System/ServiceModel/Security/X509CertificateValidationMode.cs Normal file
View File

@@ -0,0 +1,42 @@
//-----------------------------------------------------------------------
// <copyright file="X509CertificateValidationMode.cs" company="Microsoft">
// Copyright (c) Microsoft Corporation. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.Runtime.CompilerServices;
/// <summary>
/// An enumeration that lists the ways of validating a certificate.
/// </summary>
[TypeForwardedFrom( "System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" )]
public enum X509CertificateValidationMode
{
/// <summary>
/// No validation of the certificate is performed.
/// </summary>
None,
/// <summary>
/// The certificate is valid if it is in the trusted people store.
/// </summary>
PeerTrust,
/// <summary>
/// The certificate is valid if the chain builds to a certification authority in the trusted root store.
/// </summary>
ChainTrust,
/// <summary>
/// The certificate is valid if it is in the trusted people store, or if the chain builds to a certification authority in the trusted root store.
/// </summary>
PeerOrChainTrust,
/// <summary>
/// The user must plug in a custom <c>X509CertificateValidator</c> to validate the certificate.
/// </summary>
Custom
}
}