mono/linux-packaging-mono
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
acceptance-tests
data
docs
external
ikvm-native
libgc
llvm
m4
man
mcs
build
class
Accessibility
Commons.Xml.Relaxng
Cscompmgd
CustomMarshalers
Facades
I18N
IBM.Data.DB2
ICSharpCode.SharpZipLib
Microsoft.Build
Microsoft.Build.Engine
Microsoft.Build.Framework
Microsoft.Build.Tasks
Microsoft.Build.Utilities
Microsoft.CSharp
Microsoft.NuGet.Build.Tasks
Microsoft.VisualC
Microsoft.Web.Infrastructure
MicrosoftAjaxLibrary
Mono.Btls.Interface
Mono.C5
Mono.CSharp
Mono.Cairo
Mono.Cecil
Mono.Cecil.Mdb
Mono.CodeContracts
Mono.CompilerServices.SymbolWriter
Mono.Data.Sqlite
Mono.Data.Tds
Mono.Debugger.Soft
Mono.Http
Mono.Management
Mono.Messaging
Mono.Messaging.RabbitMQ
Mono.Options
Mono.Parallel
Mono.Posix
Mono.Profiler.Log
Mono.Runtime.Tests
Mono.Security
Mono.Security.Win32
Mono.Simd
Mono.Tasklets
Mono.WebBrowser
Mono.XBuild.Tasks
Novell.Directory.Ldap
PEAPI
RabbitMQ.Client
SMDiagnostics
System
System.ComponentModel.Composition.4.5
System.ComponentModel.DataAnnotations
System.Configuration
System.Configuration.Install
System.Core
System.Data
System.Data.DataSetExtensions
System.Data.Entity
System.Data.Linq
System.Data.OracleClient
System.Data.Services
System.Data.Services.Client
System.Deployment
System.Design
System.DirectoryServices
System.DirectoryServices.Protocols
System.Drawing
System.Drawing.Design
System.Dynamic
System.EnterpriseServices
System.IO.Compression
System.IO.Compression.FileSystem
System.IdentityModel
System.IdentityModel.Selectors
System.Json
System.Json.Microsoft
System.Management
System.Messaging
System.Net
System.Net.Http
System.Net.Http.Formatting
System.Net.Http.WebRequest
System.Net.Http.WinHttpHandler
System.Numerics
System.Numerics.Vectors
System.Reactive.Core
System.Reactive.Debugger
System.Reactive.Experimental
System.Reactive.Interfaces
System.Reactive.Linq
System.Reactive.Observable.Aliases
System.Reactive.PlatformServices
System.Reactive.Providers
System.Reactive.Runtime.Remoting
System.Reactive.Windows.Forms
System.Reactive.Windows.Threading
System.Reflection.Context
System.Runtime.Caching
System.Runtime.CompilerServices.Unsafe
System.Runtime.DurableInstancing
System.Runtime.Remoting
System.Runtime.Serialization
System.Runtime.Serialization.Formatters.Soap
System.Security
System.ServiceModel
System.ServiceModel.Activation
System.ServiceModel.Discovery
System.ServiceModel.Internals
System.ServiceModel.Routing
System.ServiceModel.Web
System.ServiceProcess
System.Threading.Tasks.Dataflow
System.Transactions
System.Web
System.Web.Abstractions
System.Web.ApplicationServices
System.Web.DynamicData
System.Web.Extensions
System.Web.Extensions.Design
System.Web.Http
System.Web.Http.SelfHost
System.Web.Http.WebHost
System.Web.Mobile
System.Web.Mvc3
System.Web.Razor
System.Web.RegularExpressions
System.Web.Routing
System.Web.Services
System.Web.WebPages
System.Web.WebPages.Deployment
System.Web.WebPages.Razor
System.Windows
System.Windows.Forms
System.Windows.Forms.DataVisualization
System.Workflow.Activities
System.Workflow.ComponentModel
System.Workflow.Runtime
System.XML
System.Xaml
System.Xml.Linq
System.Xml.Serialization
SystemWebTestShim
WebMatrix.Data
WindowsBase
aot-compiler
corlib
dlr
doc
legacy
lib
monodoc
notes
reference-assemblies
referencesource
SMDiagnostics
System
System.Activities
System.Activities.Core.Presentation
System.Activities.DurableInstancing
System.Activities.Presentation
System.ComponentModel.DataAnnotations
System.Configuration
System.Core
System.Data
System.Data.DataSetExtensions
System.Data.Entity
System.Data.Entity.Design
System.Data.Linq
System.Data.SqlXml
System.IdentityModel
System.IdentityModel.Selectors
System.Net
System.Numerics
System.Runtime.Caching
System.Runtime.DurableInstancing
System.Runtime.Serialization
System.ServiceModel
InternalApis
Serialization
System
Collections
ServiceModel
Activation
Administration
Channels
ComIntegration
Configuration
Description
Diagnostics
Dispatcher
MsmqIntegration
PeerResolvers
Security
Tokens
AcceleratedTokenAuthenticator.cs
AcceleratedTokenProvider.cs
AcceleratedTokenProviderState.cs
AcceptorSessionSymmetricMessageSecurityProtocol.cs
AcceptorSessionSymmetricTransportSecurityProtocol.cs
ApplySecurityAndSendAsyncResult.cs
AsymmetricSecurityProtocol.cs
AsymmetricSecurityProtocolFactory.cs
BasicSecurityProfileVersion.cs
BinaryNegotiation.cs
ChannelProtectionRequirements.cs
ClientCredentialsSecurityTokenManager.cs
CryptoHelper.cs
DataProtectionSecurityStateEncoder.cs
DecryptedHeader.cs
DelegatingHeader.cs
DerivedKeyCachingSecurityTokenSerializer.cs
DispatchContext.cs
DuplexSecurityProtocolFactory.cs
EncryptedData.cs
EncryptedHeader.cs
EncryptedHeaderXml.cs
ExpiredSecurityTokenException.cs
FederatedSecurityTokenManager.cs
HttpDigestClientCredential.cs
IAcceptorSecuritySessionProtocol.cs
IChannelSecureConversationSessionSettings.cs
IEndpointIdentityProvider.cs
IInitiatorSecuritySessionProtocol.cs
IListenerSecureConversationSessionSettings.cs
ISecureConversationSession.cs
ISecurityCommunicationObject.cs
ISecuritySession.cs
IWSTrust13AsyncContract.cs
IWSTrust13SyncContract.cs
IWSTrustChannelContract.cs
IWSTrustContract.cs
IWSTrustFeb2005AsyncContract.cs
IWSTrustFeb2005SyncContract.cs
IdentityModelServiceAuthorizationManager.cs
IdentityVerifier.cs
ImpersonateOnSerializingReplyMessageProperty.cs
ImpersonatingMessage.cs
InMemoryNonceCache.cs
InfoCardChannelParameter.cs
InfoCardHelper.cs
InfocardInteractiveChannelInitializer.cs
InitiatorSessionSymmetricMessageSecurityProtocol.cs
InitiatorSessionSymmetricTransportSecurityProtocol.cs
IssuanceTokenProviderBase.cs
IssuanceTokenProviderState.cs
IssuedTokenClientCredential.cs
IssuedTokenServiceCredential.cs
IssuedTokensHeader.cs
LaxModeSecurityHeaderElementInferenceEngine.cs
LaxTimestampFirstModeSecurityHeaderElementInferenceEngine.cs
LaxTimestampLastModeSecurityHeaderElementInferenceEngine.cs
MessagePartProtectionMode.cs
MessagePartSpecification.cs
MessageProtectionOrder.cs
MessageSecurityException.cs
MessageSecurityProtocol.cs
MessageSecurityProtocolFactory.cs
MessageSecurityTokenVersion.cs
Namespaces.cs
NegotiationTokenAuthenticator.cs
NegotiationTokenAuthenticatorState.cs
NegotiationTokenAuthenticatorStateCache.cs
NegotiationTokenProvider.cs
NonceCache.cs
NonceToken.cs
PeerCredential.cs
Psha1DerivedKeyGeneratorHelper.cs
ReceiveMessageAndVerifySecurityAsyncResultBase.cs
ReceiveSecurityHeader.cs
ReceiveSecurityHeaderBindingModes.cs
ReceiveSecurityHeaderElementCategory.cs
ReceiveSecurityHeaderElementManager.cs
ReceiveSecurityHeaderEntry.cs
RequestSecurityToken.cs
RequestSecurityTokenResponse.cs
RequestSecurityTokenResponseCollection.cs
RoleProviderPrincipal.cs
ScopedMessagePartSpecification.cs
SctClaimDictionary.cs
SctClaimSerializer.cs
SctClaimsHandler.cs
SecureConversationDriver.cs
SecureConversationServiceCredential.cs
SecureConversationVersion.cs
SecurityAccessDeniedException.cs
SecurityAlgorithmSuite.cs
SecurityAppliedMessage.cs
SecurityChannel.cs
SecurityContextTokenCache.cs
SecurityCredentialsManager.cs
SecurityHeader.cs
SecurityHeaderElementInferenceEngine.cs
SecurityHeaderTokenResolver.cs
SecurityKeyEntropyMode.cs
SecurityListenerSettingsLifetimeManager.cs
SecurityMessageProperty.cs
SecurityNegotiationConstants.cs
SecurityNegotiationException.cs
SecurityPolicyVersion.cs
SecurityProtocol.cs
SecurityProtocolCorrelationState.cs
SecurityProtocolFactory.cs
SecuritySessionClientSettings.cs.REMOVED.git-id
SecuritySessionFilter.cs
SecuritySessionOperation.cs
SecuritySessionSecurityTokenAuthenticator.cs
SecuritySessionSecurityTokenProvider.cs
SecuritySessionServerSettings.cs.REMOVED.git-id
SecurityStandardsManager.cs
SecurityStateEncoder.cs
SecurityTimestamp.cs
SecurityTokenAttachmentMode.cs
SecurityTokenAuthenticatorAdapter.cs
SecurityTokenParametersEnumerable.cs
SecurityTokenSpecification.cs
SecurityUtils.cs.REMOVED.git-id
SecurityUtilsEx.cs
SecurityVerifiedMessage.cs
SecurityVersion.cs
SendSecurityHeader.cs
SendSecurityHeaderElement.cs
SendSecurityHeaderElementContainer.cs
ServiceCredentialsSecurityTokenManager.cs
SessionKeyExpiredException.cs
SessionSymmetricMessageSecurityProtocolFactory.cs
SessionSymmetricTransportSecurityProtocolFactory.cs
SignatureConfirmationElement.cs
SignatureConfirmations.cs
SignatureTargetIdManager.cs
SimpleSecurityTokenProvider.cs
SpnegoTokenAuthenticator.cs
SpnegoTokenProvider.cs
SspiNegotiationTokenAuthenticator.cs
SspiNegotiationTokenAuthenticatorState.cs
SspiNegotiationTokenProvider.cs
SspiNegotiationTokenProviderState.cs
SspiSecurityTokenProvider.cs
StrictModeSecurityHeaderElementInferenceEngine.cs
SupportingTokenAuthenticatorSpecification.cs
SupportingTokenProviderSpecification.cs
SupportingTokenSpecification.cs
SymmetricSecurityProtocol.cs
SymmetricSecurityProtocolFactory.cs
TimeBoundedCache.cs
TlsSspiNegotiation.cs
TlsnegoTokenAuthenticator.cs
TlsnegoTokenProvider.cs
TransportSecurityProtocol.cs
TransportSecurityProtocolFactory.cs
TrustDriver.cs
TrustVersion.cs
UserNamePasswordClientCredential.cs
UserNamePasswordServiceCredential.cs
UserNamePasswordValidationMode.cs
WSSecureConversation.cs
WSSecureConversationDec2005.cs
WSSecureConversationFeb2005.cs
WSSecurityJan2004.cs
WSSecurityOneDotOneReceiveSecurityHeader.cs
WSSecurityOneDotOneSendSecurityHeader.cs
WSSecurityOneDotZeroReceiveSecurityHeader.cs
WSSecurityOneDotZeroSendSecurityHeader.cs
WSSecurityPolicy.cs.REMOVED.git-id
WSSecurityPolicy11.cs
WSSecurityPolicy12.cs
WSSecurityTokenSerializer.cs
WSSecurityXXX2005.cs
WSTrust.cs
WSTrustChannel.cs
WSTrustChannelFactory.cs
WSTrustDec2005.cs
WSTrustFeb2005.cs
WSTrustRequestBodyWriter.cs
WSTrustRequestProcessingErrorEventArgs.cs
WSTrustResponseBodyWriter.cs
WSTrustServiceContract.cs.REMOVED.git-id
WSTrustServiceContractConstants.cs
WSTrustServiceHost.cs
WSUtilitySpecificationVersion.cs
WindowsClientCredential.cs
WindowsServiceCredential.cs
WindowsSspiNegotiation.cs
WrappedRsaSecurityTokenAuthenticator.cs
WrappedSaml11SecurityTokenAuthenticator.cs
WrappedSaml2SecurityTokenAuthenticator.cs
WrappedSamlSecurityTokenAuthenticator.cs
WrappedSessionSecurityTokenAuthenticator.cs
WrappedTokenCache.cs
WrappedUserNameSecurityTokenAuthenticator.cs
WrappedX509SecurityTokenAuthenticator.cs
WrapperSecurityCommunicationObject.cs
WsKeyInfoSerializer.cs
WsSecurityTokenSerializerAdapter.cs
X509CertificateInitiatorClientCredential.cs
X509CertificateInitiatorServiceCredential.cs
X509CertificateRecipientClientCredential.cs
X509CertificateRecipientServiceCredential.cs
X509CertificateValidationMode.cs
X509ClientCertificateAuthentication.cs
X509PeerCertificateAuthentication.cs
X509ServiceCertificateAuthentication.cs
XmlHelper.cs
Syndication
Transactions
XamlIntegration
ActionMismatchAddressingException.cs
ActionNotSupportedException.cs
AddressAccessDeniedException.cs
AddressAlreadyInUseException.cs
AddressFilterMode.cs
AppContextDefaultValues.Default.cs
AuditLevel.cs
AuditLogLocation.cs
BasicHttpBinding.cs
BasicHttpContextBinding.cs
BasicHttpMessageCredentialType.cs
BasicHttpMessageSecurity.cs
BasicHttpSecurity.cs
BasicHttpSecurityMode.cs
BasicHttpsBinding.cs
BasicHttpsSecurity.cs
BasicHttpsSecurityMode.cs
CacheSetting.cs
CallbackBehaviorAttribute.cs
ChannelFactory.cs
ChannelFactoryRefCache.cs
ChannelTerminatedException.cs
ClientBase.cs
CommunicationException.cs
CommunicationObjectAbortedException.cs
CommunicationObjectFaultedException.cs
CommunicationState.cs
ConcurrencyMode.cs
ConfigurationEndpointTrait.cs
DXD.cs
DataContractFormatAttribute.cs
DeadLetterQueue.cs
DeliveryRequirementsAttribute.cs
DnsEndpointIdentity.cs
DuplexChannelFactory.cs
DuplexClientBase.cs
EmptyArray.cs
EndpointAddress.cs
EndpointAddress10.cs
EndpointAddressAugust2004.cs
EndpointIdentity.cs
EndpointNotFoundException.cs
EndpointTrait.cs
EnvelopeVersion.cs
ExceptionDetail.cs
ExceptionMapper.cs
ExtensionCollection.cs
FaultCode.cs
FaultCodeConstants.cs
FaultContractAttribute.cs
FaultException.cs
FaultImportOptions.cs
FaultReason.cs
FaultReasonText.cs
FederatedMessageSecurityOverHttp.cs
GeneralEndpointIdentity.cs
HostnameComparisonMode.cs
HttpBindingBase.cs
HttpClientCredentialType.cs
HttpProxyCredentialType.cs
HttpTransportSecurity.cs
IChannelBaseProxy.cs
IClientChannel.cs
ICommunicationObject.cs
IContextChannel.cs
IContextSessionProvider.cs
IDefaultCommunicationTimeouts.cs
IDuplexContextChannel.cs
IExtensibleObject.cs
IExtension.cs
IExtensionCollection.cs
IOnlineStatus.cs
IOperationContractAttributeProvider.cs
IServiceChannel.cs
ImpersonationOption.cs
InstanceContext.cs
InstanceContextMode.cs
InvalidMessageContractException.cs
KeyedByTypeCollection.cs
LocalAppContextSwitches.cs
MessageBodyMemberAttribute.cs
MessageContractAttribute.cs
MessageContractMemberAttribute.cs
MessageCredentialType.cs
MessageHeaderArrayAttribute.cs
MessageHeaderAttribute.cs
MessageHeaderException.cs
MessageHeaderT.cs
MessageParameterAttribute.cs
MessagePropertyAttribute.cs
MessageSecurityOverHttp.cs
MessageSecurityOverMsmq.cs
MessageSecurityOverTcp.cs
MessageSecurityVersion.cs
MostlySingletonList.cs
MsmqAuthenticationMode.cs
MsmqBindingBase.cs
MsmqEncryptionAlgorithm.cs
MsmqException.cs
MsmqPoisonMessageException.cs
MsmqSecureHashAlgorithm.cs
MsmqTransportSecurity.cs
MustUnderstandSoapException.cs
NamedPipeTransportSecurity.cs
NetHttpBinding.cs
NetHttpMessageEncoding.cs
NetHttpMessageEncodingHelper.cs
NetHttpsBinding.cs
NetMsmqBinding.cs
NetMsmqSecurity.cs
NetMsmqSecurityMode.cs
NetNamedPipeBinding.cs
NetNamedPipeSecurity.cs
NetNamedPipeSecurityMode.cs
NetPeerTcpBinding.cs
NetTcpBinding.cs
NetTcpContextBinding.cs
NetTcpSecurity.cs
NonDualMessageSecurityOverHttp.cs
OSEnvironmentHelper.cs
OSVersion.cs
OperationBehaviorAttribute.cs
OperationContext.cs
OperationContextScope.cs
OperationContractAttribute.cs
OperationFormatStyle.cs
OperationFormatUse.cs
PeerHopCountAttribute.cs
PeerMessageOrigination.cs
PeerMessagePropagation.cs
PeerMessagePropagationFilter.cs
PeerNode.cs
PeerNodeAddress.cs
PeerResolver.cs
PeerSecuritySettings.cs
PeerTransportCredentialType.cs
PeerTransportSecuritySettings.cs
PoisonMessageException.cs
Pool.cs
ProgrammaticEndpointTrait.cs
ProtocolException.cs
QueueTransferProtocol.cs
QueuedDeliveryRequirementsMode.cs
QuotaExceededException.cs
ReceiveContextEnabledAttribute.cs
ReceiveErrorHandling.cs
ReleaseInstanceMode.cs
ReliableMessagingVersion.cs
ReliableSession.cs
RsaEndpointIdentity.cs
SecurityMode.cs
ServerTooBusyException.cs
ServiceActivationException.cs
ServiceAuthenticationManager.cs
ServiceAuthorizationManager.cs
ServiceBehaviorAttribute.cs
ServiceChannelManager.cs
ServiceConfiguration.cs
ServiceContractAttribute.cs
ServiceDefaults.cs
ServiceEndpointTrait.cs
ServiceHost.cs
ServiceKnownTypeAttribute.cs
ServiceModelAppSettings.cs
ServiceModelAttributeTargets.cs
ServiceModelDictionary.cs
ServiceModelStrings.cs
ServiceModelStringsVersion1.cs
ServiceSecurityContext.cs
SessionMode.cs
SpnEndpointIdentity.cs
StringUtil.cs
SynchronizedCollection.cs
SynchronizedDisposablePool.cs
SynchronizedKeyedCollection.cs
SynchronizedReadOnlyCollection.cs
TcpClientCredentialType.cs
TcpTransportSecurity.cs
ThreadTrace.cs
TimeSpanHelper.cs
TransactionFlowAttribute.cs
TransactionFlowOption.cs
TransactionProtocol.cs
TransferMode.cs
UnifiedSecurityMode.cs
UnknownMessageReceivedEventArgs.cs
UpnEndpointIdentity.cs
UriSchemeKeyedCollection.cs
WS2007FederationHttpBinding.cs
WS2007HttpBinding.cs
WSAddressing10ProblemHeaderQNameFault.cs
WSDualHttpBinding.cs
WSDualHttpSecurity.cs
WSDualHttpSecurityMode.cs
WSFederationHttpBinding.cs
WSFederationHttpSecurity.cs
WSFederationHttpSecurityMode.cs
WSHttpBinding.cs
WSHttpBindingBase.cs
WSHttpContextBinding.cs
WSHttpSecurity.cs
WSMessageEncoding.cs
WrappedDispatcherException.cs
X509CertificateEndpointIdentity.cs
XD.cs.REMOVED.git-id
XPathMessageQuery.cs
XmlBuffer.cs
XmlSerializerFormatAttribute.cs
XmlUtil.cs
UriTemplate.cs
UriTemplateCompoundPathSegment.cs
UriTemplateEquivalenceComparer.cs
UriTemplateHelpers.cs
UriTemplateLiteralPathSegment.cs
UriTemplateLiteralQueryValue.cs
UriTemplateMatch.cs
UriTemplateMatchException.cs
UriTemplatePartType.cs
UriTemplatePathPartiallyEquivalentSet.cs
UriTemplatePathSegment.cs
UriTemplateQueryValue.cs
UriTemplateTable.cs
UriTemplateTableMatchCandidate.cs
UriTemplateTrieIntraNodeLocation.cs
UriTemplateTrieLocation.cs
UriTemplateTrieNode.cs
UriTemplateVariablePathSegment.cs
UriTemplateVariableQueryValue.cs
AssemblyInfo.cs
System.ServiceModel.txt.REMOVED.git-id
TD.Designer.cs.REMOVED.git-id
System.ServiceModel.Activation
System.ServiceModel.Activities
System.ServiceModel.Channels
System.ServiceModel.Discovery
System.ServiceModel.Internals
System.ServiceModel.Routing
System.ServiceModel.WasHosting
System.ServiceModel.Web
System.Web
System.Web.ApplicationServices
System.Web.DataVisualization
System.Web.DynamicData
System.Web.Entity
System.Web.Entity.Design
System.Web.Extensions
System.Web.Mobile
System.Web.Routing
System.Web.Services
System.Workflow.Activities
System.Workflow.ComponentModel
System.Workflow.Runtime
System.WorkflowServices
System.Xaml.Hosting
System.Xml
System.Xml.Linq
XamlBuildTask
mscorlib
LICENSE.txt
PATENTS.TXT
README.Mono.md
README.md
test-helpers
LICENSE
Makefile
Open.snk
README
ecma.pub
mono.pub
mono.snk
msfinal.pub
reactive.pub
silverlight.pub
winfx.pub
winfx3.pub
docs
errors
ilasm
jay
mcs
nunit24
packages
tests
tools
AUTHORS
COPYING
INSTALL.txt
Makefile
MonoIcon.png
README
ScalableMonoIcon.svg
mkinstalldirs
mono
msvc
po
runtime
samples
scripts
support
tools
COPYING.LIB
LICENSE
Makefile.am
Makefile.in
NEWS
README.md
acinclude.m4
aclocal.m4
autogen.sh
code_of_conduct.md
compile
config.guess
config.h.in
config.rpath
config.sub
configure.REMOVED.git-id
configure.ac.REMOVED.git-id
depcomp
install-sh
ltmain.sh.REMOVED.git-id
missing
mkinstalldirs
mono-uninstalled.pc.in
test-driver
winconfig.h
ae9e3615480f8ed28c89d41abe2e01e2994f2d16
linux-packaging-mono/mcs/class/referencesource/System.ServiceModel/System/ServiceModel/Security/WSSecureConversation.cs
Xamarin Public Jenkins (auto-signing) e79aa3c0ed Imported Upstream version 4.6.0.125 
Former-commit-id: a2155e9bd80020e49e72e86c44da02a8ac0e57a4
2016-08-03 10:59:49 +00:00

587 lines
29 KiB
C#
Raw Blame History

//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System;
using System.Collections.Generic;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Runtime;
using System.ServiceModel;
using System.ServiceModel.Security.Tokens;
using System.Xml;
using StrEntry = WSSecurityTokenSerializer.StrEntry;
using TokenEntry = WSSecurityTokenSerializer.TokenEntry;
abstract class WSSecureConversation : WSSecurityTokenSerializer.SerializerEntries
{
WSSecurityTokenSerializer tokenSerializer;
DerivedKeyTokenEntry derivedKeyEntry;
protected WSSecureConversation(WSSecurityTokenSerializer tokenSerializer, int maxKeyDerivationOffset, int maxKeyDerivationLabelLength, int maxKeyDerivationNonceLength)
{
if (tokenSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenSerializer");
}
this.tokenSerializer = tokenSerializer;
this.derivedKeyEntry = new DerivedKeyTokenEntry(this, maxKeyDerivationOffset, maxKeyDerivationLabelLength, maxKeyDerivationNonceLength);
}
public abstract SecureConversationDictionary SerializerDictionary
{
get;
}
public WSSecurityTokenSerializer WSSecurityTokenSerializer
{
get { return this.tokenSerializer; }
}
public override void PopulateTokenEntries(IList<TokenEntry> tokenEntryList)
{
if (tokenEntryList == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenEntryList");
}
tokenEntryList.Add(this.derivedKeyEntry);
}
public virtual bool IsAtDerivedKeyToken(XmlDictionaryReader reader)
{
return this.derivedKeyEntry.CanReadTokenCore(reader);
}
public virtual void ReadDerivedKeyTokenParameters(XmlDictionaryReader reader, SecurityTokenResolver tokenResolver, out string id, out string derivationAlgorithm, out string label, out int length, out byte[] nonce, out int offset, out int generation, out SecurityKeyIdentifierClause tokenToDeriveIdentifier, out SecurityToken tokenToDerive)
{
this.derivedKeyEntry.ReadDerivedKeyTokenParameters(reader, tokenResolver, out id, out derivationAlgorithm, out label,
out length, out nonce, out offset, out generation, out tokenToDeriveIdentifier, out tokenToDerive);
}
public virtual SecurityToken CreateDerivedKeyToken(string id, string derivationAlgorithm, string label, int length, byte[] nonce, int offset, int generation, SecurityKeyIdentifierClause tokenToDeriveIdentifier, SecurityToken tokenToDerive)
{
return this.derivedKeyEntry.CreateDerivedKeyToken(id, derivationAlgorithm, label, length, nonce, offset, generation,
tokenToDeriveIdentifier, tokenToDerive);
}
public virtual string DerivationAlgorithm
{
get { return SecurityAlgorithms.Psha1KeyDerivation; }
}
protected class DerivedKeyTokenEntry : WSSecurityTokenSerializer.TokenEntry
{
public const string DefaultLabel = "WS-SecureConversation";
WSSecureConversation parent;
int maxKeyDerivationOffset;
int maxKeyDerivationLabelLength;
int maxKeyDerivationNonceLength;
public DerivedKeyTokenEntry(WSSecureConversation parent, int maxKeyDerivationOffset, int maxKeyDerivationLabelLength, int maxKeyDerivationNonceLength)
{
if (parent == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("parent");
}
this.parent = parent;
this.maxKeyDerivationOffset = maxKeyDerivationOffset;
this.maxKeyDerivationLabelLength = maxKeyDerivationLabelLength;
this.maxKeyDerivationNonceLength = maxKeyDerivationNonceLength;
}
protected override XmlDictionaryString LocalName { get { return parent.SerializerDictionary.DerivedKeyToken; } }
protected override XmlDictionaryString NamespaceUri { get { return parent.SerializerDictionary.Namespace; } }
protected override Type[] GetTokenTypesCore() { return new Type[] { typeof(DerivedKeySecurityToken) }; }
public override string TokenTypeUri { get { return parent.SerializerDictionary.DerivedKeyTokenType.Value; } }
protected override string ValueTypeUri { get { return null; } }
public override SecurityKeyIdentifierClause CreateKeyIdentifierClauseFromTokenXmlCore(XmlElement issuedTokenXml,
SecurityTokenReferenceStyle tokenReferenceStyle)
{
TokenReferenceStyleHelper.Validate(tokenReferenceStyle);
switch (tokenReferenceStyle)
{
case SecurityTokenReferenceStyle.Internal:
return CreateDirectReference(issuedTokenXml, UtilityStrings.IdAttribute, UtilityStrings.Namespace, typeof(DerivedKeySecurityToken));
case SecurityTokenReferenceStyle.External:
// DerivedKeys aren't referred to externally
return null;
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("tokenReferenceStyle"));
}
}
// xml format
//<DerivedKeyToken wsu:Id="..." wsse:Algorithm="..."> id required, alg optional (curr disallowed)
// <SecurityTokenReference>...</SecurityTokenReference> - required
// <Properties>...</Properties> - disallowed (optional in spec, but we disallow it)
// choice begin - (schema requires a choice - we allow neither on read - we always write one)
// <Generation>...</Generation> - optional
// <Offset>...</Offset> - optional
// choice end
// <Length>...</Length> - optional - default 32 on read (default specified in spec, not in schema - we always write it)
// <Label>...</Label> - optional
// <Nonce>...</Nonce> - required (optional in spec, but we require it)
//</DerivedKeyToken>
public virtual void ReadDerivedKeyTokenParameters(XmlDictionaryReader reader, SecurityTokenResolver tokenResolver, out string id, out string derivationAlgorithm, out string label, out int length, out byte[] nonce, out int offset, out int generation, out SecurityKeyIdentifierClause tokenToDeriveIdentifier, out SecurityToken tokenToDerive)
{
if (tokenResolver == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenResolver");
}
id = reader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace);
derivationAlgorithm = reader.GetAttribute(XD.XmlSignatureDictionary.Algorithm, null);
if (derivationAlgorithm == null)
{
derivationAlgorithm = parent.DerivationAlgorithm;
}
reader.ReadStartElement();
tokenToDeriveIdentifier = null;
tokenToDerive = null;
if (reader.IsStartElement(XD.SecurityJan2004Dictionary.SecurityTokenReference, XD.SecurityJan2004Dictionary.Namespace))
{
tokenToDeriveIdentifier = parent.WSSecurityTokenSerializer.ReadKeyIdentifierClause(reader);
tokenResolver.TryResolveToken(tokenToDeriveIdentifier, out tokenToDerive);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.DerivedKeyTokenRequiresTokenReference)));
}
// no support for properties
generation = -1;
if (reader.IsStartElement(parent.SerializerDictionary.Generation, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
generation = reader.ReadContentAsInt();
reader.ReadEndElement();
if (generation < 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.DerivedKeyInvalidGenerationSpecified, generation)));
}
offset = -1;
if (reader.IsStartElement(parent.SerializerDictionary.Offset, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
offset = reader.ReadContentAsInt();
reader.ReadEndElement();
if (offset < 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.DerivedKeyInvalidOffsetSpecified, offset)));
}
length = DerivedKeySecurityToken.DefaultDerivedKeyLength;
if (reader.IsStartElement(parent.SerializerDictionary.Length, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
length = reader.ReadContentAsInt();
reader.ReadEndElement();
}
if ((offset == -1) && (generation == -1))
offset = 0;
// verify that the offset is not larger than the max allowed
DerivedKeySecurityToken.EnsureAcceptableOffset(offset, generation, length, this.maxKeyDerivationOffset);
label = null;
if (reader.IsStartElement(parent.SerializerDictionary.Label, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
label = reader.ReadString();
reader.ReadEndElement();
}
if (label != null && label.Length > this.maxKeyDerivationLabelLength)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.DerivedKeyTokenLabelTooLong, label.Length, this.maxKeyDerivationLabelLength)));
}
nonce = null;
reader.ReadStartElement(parent.SerializerDictionary.Nonce, parent.SerializerDictionary.Namespace);
nonce = reader.ReadContentAsBase64();
reader.ReadEndElement();
if (nonce != null && nonce.Length > this.maxKeyDerivationNonceLength)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.DerivedKeyTokenNonceTooLong, nonce.Length, this.maxKeyDerivationNonceLength)));
}
reader.ReadEndElement();
}
public virtual SecurityToken CreateDerivedKeyToken(string id, string derivationAlgorithm, string label, int length, byte[] nonce, int offset, int generation, SecurityKeyIdentifierClause tokenToDeriveIdentifier, SecurityToken tokenToDerive)
{
if (tokenToDerive == null)
{
return new DerivedKeySecurityTokenStub(generation, offset, length,
label, nonce, tokenToDeriveIdentifier, derivationAlgorithm, id);
}
else
{
return new DerivedKeySecurityToken(generation, offset, length,
label, nonce, tokenToDerive, tokenToDeriveIdentifier, derivationAlgorithm, id);
}
}
public override SecurityToken ReadTokenCore(XmlDictionaryReader reader, SecurityTokenResolver tokenResolver)
{
string id;
string derivationAlgorithm;
string label;
int length;
byte[] nonce;
int offset;
int generation;
SecurityKeyIdentifierClause tokenToDeriveIdentifier;
SecurityToken tokenToDerive;
this.ReadDerivedKeyTokenParameters(reader, tokenResolver, out id, out derivationAlgorithm, out label, out length,
out nonce, out offset, out generation, out tokenToDeriveIdentifier, out tokenToDerive);
return CreateDerivedKeyToken(id, derivationAlgorithm, label, length, nonce, offset, generation,
tokenToDeriveIdentifier, tokenToDerive);
}
public override void WriteTokenCore(XmlDictionaryWriter writer, SecurityToken token)
{
DerivedKeySecurityToken derivedKeyToken = token as DerivedKeySecurityToken;
string serializerPrefix = parent.SerializerDictionary.Prefix.Value;
writer.WriteStartElement(serializerPrefix, parent.SerializerDictionary.DerivedKeyToken, parent.SerializerDictionary.Namespace);
if (derivedKeyToken.Id != null)
{
writer.WriteAttributeString(XD.UtilityDictionary.Prefix.Value, XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace, derivedKeyToken.Id);
}
if (derivedKeyToken.KeyDerivationAlgorithm != parent.DerivationAlgorithm)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.UnsupportedKeyDerivationAlgorithm, derivedKeyToken.KeyDerivationAlgorithm)));
}
parent.WSSecurityTokenSerializer.WriteKeyIdentifierClause(writer, derivedKeyToken.TokenToDeriveIdentifier);
// Don't support Properties element
if (derivedKeyToken.Generation > 0 || derivedKeyToken.Offset > 0 || derivedKeyToken.Length != 32)
{
// this means they're both specified (offset must be gen * length) - we'll write generation
if (derivedKeyToken.Generation >= 0 && derivedKeyToken.Offset >= 0)
{
writer.WriteStartElement(serializerPrefix, parent.SerializerDictionary.Generation, parent.SerializerDictionary.Namespace);
writer.WriteValue(derivedKeyToken.Generation);
writer.WriteEndElement();
}
else if (derivedKeyToken.Generation != -1)
{
writer.WriteStartElement(serializerPrefix, parent.SerializerDictionary.Generation, parent.SerializerDictionary.Namespace);
writer.WriteValue(derivedKeyToken.Generation);
writer.WriteEndElement();
}
else if (derivedKeyToken.Offset != -1)
{
writer.WriteStartElement(serializerPrefix, parent.SerializerDictionary.Offset, parent.SerializerDictionary.Namespace);
writer.WriteValue(derivedKeyToken.Offset);
writer.WriteEndElement();
}
if (derivedKeyToken.Length != 32)
{
writer.WriteStartElement(serializerPrefix, parent.SerializerDictionary.Length, parent.SerializerDictionary.Namespace);
writer.WriteValue(derivedKeyToken.Length);
writer.WriteEndElement();
}
}
if (derivedKeyToken.Label != null)
{
writer.WriteStartElement(serializerPrefix, parent.SerializerDictionary.Generation, parent.SerializerDictionary.Namespace);
writer.WriteString(derivedKeyToken.Label);
writer.WriteEndElement();
}
writer.WriteStartElement(serializerPrefix, parent.SerializerDictionary.Nonce, parent.SerializerDictionary.Namespace);
writer.WriteBase64(derivedKeyToken.Nonce, 0, derivedKeyToken.Nonce.Length);
writer.WriteEndElement();
writer.WriteEndElement();
}
}
protected abstract class SecurityContextTokenEntry : WSSecurityTokenSerializer.TokenEntry
{
WSSecureConversation parent;
SecurityContextCookieSerializer cookieSerializer;
public SecurityContextTokenEntry(WSSecureConversation parent, SecurityStateEncoder securityStateEncoder, IList<Type> knownClaimTypes)
{
this.parent = parent;
this.cookieSerializer = new SecurityContextCookieSerializer(securityStateEncoder, knownClaimTypes);
}
protected WSSecureConversation Parent
{
get { return this.parent; }
}
protected override XmlDictionaryString LocalName { get { return parent.SerializerDictionary.SecurityContextToken; } }
protected override XmlDictionaryString NamespaceUri { get { return parent.SerializerDictionary.Namespace; } }
protected override Type[] GetTokenTypesCore() { return new Type[] { typeof(SecurityContextSecurityToken) }; }
public override string TokenTypeUri { get { return parent.SerializerDictionary.SecurityContextTokenType.Value; } }
protected override string ValueTypeUri { get { return null; } }
public override SecurityKeyIdentifierClause CreateKeyIdentifierClauseFromTokenXmlCore(XmlElement issuedTokenXml,
SecurityTokenReferenceStyle tokenReferenceStyle)
{
TokenReferenceStyleHelper.Validate(tokenReferenceStyle);
switch (tokenReferenceStyle)
{
case SecurityTokenReferenceStyle.Internal:
return CreateDirectReference(issuedTokenXml, UtilityStrings.IdAttribute, UtilityStrings.Namespace, typeof(SecurityContextSecurityToken));
case SecurityTokenReferenceStyle.External:
UniqueId contextId = null;
UniqueId generation = null;
foreach (XmlNode node in issuedTokenXml.ChildNodes)
{
XmlElement element = node as XmlElement;
if (element != null)
{
if (element.LocalName == parent.SerializerDictionary.Identifier.Value && element.NamespaceURI == parent.SerializerDictionary.Namespace.Value)
{
contextId = XmlHelper.ReadTextElementAsUniqueId(element);
}
else if (CanReadGeneration(element))
{
generation = ReadGeneration(element);
}
}
}
return new SecurityContextKeyIdentifierClause(contextId, generation);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("tokenReferenceStyle"));
}
}
protected abstract bool CanReadGeneration(XmlDictionaryReader reader);
protected abstract bool CanReadGeneration(XmlElement element);
protected abstract UniqueId ReadGeneration(XmlDictionaryReader reader);
protected abstract UniqueId ReadGeneration(XmlElement element);
SecurityContextSecurityToken TryResolveSecurityContextToken(UniqueId contextId, UniqueId generation, string id, SecurityTokenResolver tokenResolver, out ISecurityContextSecurityTokenCache sctCache)
{
SecurityContextSecurityToken cachedSct = null;
sctCache = null;
if (tokenResolver is ISecurityContextSecurityTokenCache)
{
sctCache = ((ISecurityContextSecurityTokenCache)tokenResolver);
cachedSct = sctCache.GetContext(contextId, generation);
}
else if (tokenResolver is AggregateSecurityHeaderTokenResolver)
{
// We will see if we have a ISecurityContextSecurityTokenCache in the
// AggregateTokenResolver. We will hold the reference to the first sctCache
// we find.
AggregateSecurityHeaderTokenResolver aggregateTokenResolve = tokenResolver as AggregateSecurityHeaderTokenResolver;
for (int i = 0; i < aggregateTokenResolve.TokenResolvers.Count; ++i)
{
ISecurityContextSecurityTokenCache oobTokenResolver = aggregateTokenResolve.TokenResolvers[i] as ISecurityContextSecurityTokenCache;
if (oobTokenResolver == null)
{
continue;
}
if (sctCache == null)
{
sctCache = oobTokenResolver;
}
cachedSct = oobTokenResolver.GetContext(contextId, generation);
if (cachedSct != null)
{
break;
}
}
}
if (cachedSct == null)
{
return null;
}
else if (cachedSct.Id == id)
{
return cachedSct;
}
else
{
return new SecurityContextSecurityToken(cachedSct, id);
}
}
public override SecurityToken ReadTokenCore(XmlDictionaryReader reader, SecurityTokenResolver tokenResolver)
{
UniqueId contextId = null;
byte[] encodedCookie = null;
UniqueId generation = null;
bool isCookieMode = false;
Fx.Assert(reader.NodeType == XmlNodeType.Element, "");
// check if there is an id
string id = reader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace);
SecurityContextSecurityToken sct = null;
// There needs to be at least a contextId in here.
reader.ReadFullStartElement();
reader.MoveToStartElement(parent.SerializerDictionary.Identifier, parent.SerializerDictionary.Namespace);
contextId = reader.ReadElementContentAsUniqueId();
if (CanReadGeneration(reader))
{
generation = ReadGeneration(reader);
}
if (reader.IsStartElement(parent.SerializerDictionary.Cookie, XD.DotNetSecurityDictionary.Namespace))
{
isCookieMode = true;
ISecurityContextSecurityTokenCache sctCache;
sct = TryResolveSecurityContextToken(contextId, generation, id, tokenResolver, out sctCache);
if (sct == null)
{
encodedCookie = reader.ReadElementContentAsBase64();
if (encodedCookie != null)
{
sct = cookieSerializer.CreateSecurityContextFromCookie(encodedCookie, contextId, generation, id, reader.Quotas);
if (sctCache != null)
{
sctCache.AddContext(sct);
}
}
}
else
{
reader.Skip();
}
}
reader.ReadEndElement();
if (contextId == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.NoSecurityContextIdentifier)));
}
if (sct == null && !isCookieMode)
{
ISecurityContextSecurityTokenCache sctCache;
sct = TryResolveSecurityContextToken(contextId, generation, id, tokenResolver, out sctCache);
}
if (sct == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new SecurityContextTokenValidationException(SR.GetString(SR.SecurityContextNotRegistered, contextId, generation)));
}
return sct;
}
protected virtual void WriteGeneration(XmlDictionaryWriter writer, SecurityContextSecurityToken sct)
{
}
public override void WriteTokenCore(XmlDictionaryWriter writer, SecurityToken token)
{
SecurityContextSecurityToken sct = (token as SecurityContextSecurityToken);
// serialize the name and any wsu:Id attribute
writer.WriteStartElement(parent.SerializerDictionary.Prefix.Value, parent.SerializerDictionary.SecurityContextToken, parent.SerializerDictionary.Namespace);
if (sct.Id != null)
{
writer.WriteAttributeString(XD.UtilityDictionary.Prefix.Value, XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace, sct.Id);
}
// serialize the context id
writer.WriteStartElement(parent.SerializerDictionary.Prefix.Value, parent.SerializerDictionary.Identifier, parent.SerializerDictionary.Namespace);
XmlHelper.WriteStringAsUniqueId(writer, sct.ContextId);
writer.WriteEndElement();
WriteGeneration(writer, sct);
// if cookie-mode, then it must have a cookie
if (sct.IsCookieMode)
{
if (sct.CookieBlob == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.NoCookieInSct)));
}
// if the token has a cookie, write it out
writer.WriteStartElement(XD.DotNetSecurityDictionary.Prefix.Value, parent.SerializerDictionary.Cookie, XD.DotNetSecurityDictionary.Namespace);
writer.WriteBase64(sct.CookieBlob, 0, sct.CookieBlob.Length);
writer.WriteEndElement();
}
writer.WriteEndElement();
}
}
public abstract class Driver : SecureConversationDriver
{
public Driver()
{
}
protected abstract SecureConversationDictionary DriverDictionary
{
get;
}
public override XmlDictionaryString IssueAction
{
get
{
return DriverDictionary.RequestSecurityContextIssuance;
}
}
public override XmlDictionaryString IssueResponseAction
{
get
{
return DriverDictionary.RequestSecurityContextIssuanceResponse;
}
}
public override XmlDictionaryString RenewNeededFaultCode
{
get { return DriverDictionary.RenewNeededFaultCode; }
}
public override XmlDictionaryString BadContextTokenFaultCode
{
get { return DriverDictionary.BadContextTokenFaultCode; }
}
public override UniqueId GetSecurityContextTokenId(XmlDictionaryReader reader)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
reader.ReadStartElement(DriverDictionary.SecurityContextToken, DriverDictionary.Namespace);
UniqueId contextId = XmlHelper.ReadElementStringAsUniqueId(reader, DriverDictionary.Identifier, DriverDictionary.Namespace);
while (reader.IsStartElement())
{
reader.Skip();
}
reader.ReadEndElement();
return contextId;
}
public override bool IsAtSecurityContextToken(XmlDictionaryReader reader)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
return reader.IsStartElement(DriverDictionary.SecurityContextToken, DriverDictionary.Namespace);
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink