Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Security / AcceptorSessionSymmetricMessageSecurityProtocol.cs / 1 / AcceptorSessionSymmetricMessageSecurityProtocol.cs
//----------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.Collections.Generic;
using System.ServiceModel;
using System.Collections.ObjectModel;
using System.IO;
using System.IdentityModel.Selectors;
using System.IdentityModel.Claims;
using System.IdentityModel.Policy;
using System.IdentityModel.Tokens;
using System.Security.Cryptography;
using System.ServiceModel.Security.Tokens;
using System.ServiceModel.Channels;
using System.Text;
using System.Xml;
using System.Xml.Serialization;
sealed class AcceptorSessionSymmetricMessageSecurityProtocol : MessageSecurityProtocol, IAcceptorSecuritySessionProtocol
{
SecurityToken outgoingSessionToken;
SecurityTokenAuthenticator sessionTokenAuthenticator;
SecurityTokenResolver sessionTokenResolver;
ReadOnlyCollection sessionResolverList;
bool returnCorrelationState = false;
DerivedKeySecurityToken derivedSignatureToken;
DerivedKeySecurityToken derivedEncryptionToken;
UniqueId sessionId;
SecurityStandardsManager sessionStandardsManager;
Object thisLock = new Object();
bool requireDerivedKeys;
public AcceptorSessionSymmetricMessageSecurityProtocol(SessionSymmetricMessageSecurityProtocolFactory factory,
EndpointAddress target)
: base(factory, target, null)
{
if (factory.ActAsInitiator == true)
{
DiagnosticUtility.DebugAssert("This protocol can only be used at the recipient.");
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ProtocolMustBeRecipient, this.GetType().ToString())));
}
this.requireDerivedKeys = factory.SecurityTokenParameters.RequireDerivedKeys;
if (requireDerivedKeys)
{
SecurityTokenSerializer innerTokenSerializer = this.Factory.StandardsManager.SecurityTokenSerializer;
WSSecureConversation secureConversation = (innerTokenSerializer is WSSecurityTokenSerializer) ? ((WSSecurityTokenSerializer)innerTokenSerializer).SecureConversation : new WSSecurityTokenSerializer(this.Factory.MessageSecurityVersion.SecurityVersion).SecureConversation;
this.sessionStandardsManager = new SecurityStandardsManager(factory.MessageSecurityVersion, new DerivedKeyCachingSecurityTokenSerializer(2, false, secureConversation, innerTokenSerializer));
}
}
Object ThisLock
{
get
{
return thisLock;
}
}
public bool ReturnCorrelationState
{
get
{
return this.returnCorrelationState;
}
set
{
this.returnCorrelationState = value;
}
}
protected override bool PerformIncomingAndOutgoingMessageExpectationChecks
{
get { return false; }
}
SessionSymmetricMessageSecurityProtocolFactory Factory
{
get { return (SessionSymmetricMessageSecurityProtocolFactory)base.MessageSecurityProtocolFactory; }
}
public SecurityToken GetOutgoingSessionToken()
{
lock (ThisLock)
{
return this.outgoingSessionToken;
}
}
public void SetOutgoingSessionToken(SecurityToken token)
{
if (token == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token");
}
lock (ThisLock)
{
this.outgoingSessionToken = token;
if (this.requireDerivedKeys)
{
string derivationAlgorithm = SecurityUtils.GetKeyDerivationAlgorithm(this.sessionStandardsManager.MessageSecurityVersion.SecureConversationVersion);
this.derivedSignatureToken = new DerivedKeySecurityToken(-1, 0,
this.Factory.OutgoingAlgorithmSuite.GetSignatureKeyDerivationLength(token, this.sessionStandardsManager.MessageSecurityVersion.SecureConversationVersion), null,
DerivedKeySecurityToken.DefaultNonceLength, token, this.Factory.SecurityTokenParameters.CreateKeyIdentifierClause(token, SecurityTokenReferenceStyle.External), derivationAlgorithm, SecurityUtils.GenerateId());
this.derivedEncryptionToken = new DerivedKeySecurityToken(-1, 0,
this.Factory.OutgoingAlgorithmSuite.GetEncryptionKeyDerivationLength(token, this.sessionStandardsManager.MessageSecurityVersion.SecureConversationVersion), null,
DerivedKeySecurityToken.DefaultNonceLength, token, this.Factory.SecurityTokenParameters.CreateKeyIdentifierClause(token, SecurityTokenReferenceStyle.External), derivationAlgorithm, SecurityUtils.GenerateId());
}
}
}
public void SetSessionTokenAuthenticator(UniqueId sessionId, SecurityTokenAuthenticator sessionTokenAuthenticator, SecurityTokenResolver sessionTokenResolver)
{
this.CommunicationObject.ThrowIfDisposedOrImmutable();
lock (ThisLock)
{
this.sessionId = sessionId;
this.sessionTokenAuthenticator = sessionTokenAuthenticator;
this.sessionTokenResolver = sessionTokenResolver;
List tmp = new List(1);
tmp.Add(this.sessionTokenResolver);
this.sessionResolverList = new ReadOnlyCollection(tmp);
}
}
void GetTokensForOutgoingMessages(out SecurityToken signingToken, out SecurityToken encryptionToken, out SecurityTokenParameters tokenParameters)
{
lock (ThisLock)
{
if (requireDerivedKeys)
{
signingToken = this.derivedSignatureToken;
encryptionToken = this.derivedEncryptionToken;
}
else
{
signingToken = encryptionToken = this.outgoingSessionToken;
}
}
tokenParameters = this.Factory.GetTokenParameters();
}
protected override IAsyncResult BeginSecureOutgoingMessageCore(Message message, TimeSpan timeout, SecurityProtocolCorrelationState correlationState, AsyncCallback callback, object state)
{
SecurityToken signingToken;
SecurityToken encryptionToken;
SecurityTokenParameters tokenParameters;
this.GetTokensForOutgoingMessages(out signingToken, out encryptionToken, out tokenParameters);
SetUpDelayedSecurityExecution(ref message, signingToken, encryptionToken, tokenParameters, correlationState);
return new TypedCompletedAsyncResult(message, callback, state);
}
protected override SecurityProtocolCorrelationState SecureOutgoingMessageCore(ref Message message, TimeSpan timeout, SecurityProtocolCorrelationState correlationState)
{
SecurityToken signingToken;
SecurityToken encryptionToken;
SecurityTokenParameters tokenParameters;
this.GetTokensForOutgoingMessages(out signingToken, out encryptionToken, out tokenParameters);
SetUpDelayedSecurityExecution(ref message, signingToken, encryptionToken, tokenParameters, correlationState);
return null;
}
protected override void EndSecureOutgoingMessageCore(IAsyncResult result, out Message message, out SecurityProtocolCorrelationState newCorrelationState)
{
message = TypedCompletedAsyncResult.End(result);
newCorrelationState = null;
}
void SetUpDelayedSecurityExecution(ref Message message, SecurityToken signingToken, SecurityToken encryptionToken,
SecurityTokenParameters tokenParameters, SecurityProtocolCorrelationState correlationState)
{
string actor = string.Empty;
SendSecurityHeader securityHeader = ConfigureSendSecurityHeader(message, actor, null, correlationState);
if (this.Factory.ApplyIntegrity)
{
securityHeader.SetSigningToken(signingToken, tokenParameters);
}
if (Factory.ApplyConfidentiality)
{
securityHeader.SetEncryptionToken(encryptionToken, tokenParameters);
}
message = securityHeader.SetupExecution();
}
protected override SecurityProtocolCorrelationState VerifyIncomingMessageCore(ref Message message, string actor, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates)
{
SessionSymmetricMessageSecurityProtocolFactory factory = this.Factory;
IList supportingAuthenticators;
ReceiveSecurityHeader securityHeader = ConfigureReceiveSecurityHeader(message, string.Empty, correlationStates, (this.requireDerivedKeys) ? this.sessionStandardsManager : null, out supportingAuthenticators);
securityHeader.ConfigureSymmetricBindingServerReceiveHeader(this.sessionTokenAuthenticator, this.Factory.SecurityTokenParameters, supportingAuthenticators);
securityHeader.ConfigureOutOfBandTokenResolver(MergeOutOfBandResolvers(supportingAuthenticators, this.sessionResolverList));
// do not enforce key derivation requirement for Cancel messages due to WSE interop
securityHeader.EnforceDerivedKeyRequirement = (message.Headers.Action != factory.StandardsManager.SecureConversationDriver.CloseAction.Value);
ProcessSecurityHeader(securityHeader, ref message, null, timeout, correlationStates);
SecurityToken signingToken = securityHeader.SignatureToken;
SecurityContextSecurityToken signingSct = (signingToken as SecurityContextSecurityToken);
if (signingSct == null || signingSct.ContextId != sessionId)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.NoSessionTokenPresentInMessage)));
}
AttachRecipientSecurityProperty(message, signingToken, false, securityHeader.BasicSupportingTokens, securityHeader.EndorsingSupportingTokens, securityHeader.SignedEndorsingSupportingTokens,
securityHeader.SignedSupportingTokens, securityHeader.SecurityTokenAuthorizationPoliciesMapping);
return GetCorrelationState(null, securityHeader);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- DataListItemCollection.cs
- WebDisplayNameAttribute.cs
- OdbcTransaction.cs
- PublisherIdentityPermission.cs
- PixelShader.cs
- Guid.cs
- WebPartAddingEventArgs.cs
- Window.cs
- PeerNameRegistration.cs
- WebExceptionStatus.cs
- BlurEffect.cs
- DeobfuscatingStream.cs
- XmlAggregates.cs
- StopRoutingHandler.cs
- DataGridRow.cs
- TrackingRecordPreFilter.cs
- WindowClosedEventArgs.cs
- UserControlDocumentDesigner.cs
- HtmlContainerControl.cs
- UpdateManifestForBrowserApplication.cs
- GetIndexBinder.cs
- JapaneseCalendar.cs
- ParameterModifier.cs
- IdentityHolder.cs
- DesignerMetadata.cs
- TextDecorationUnitValidation.cs
- PeerNameResolver.cs
- RSAPKCS1SignatureDeformatter.cs
- TextEditorTables.cs
- SerializationObjectManager.cs
- Evaluator.cs
- XmlReaderSettings.cs
- DataGridViewRowHeightInfoNeededEventArgs.cs
- ContentPlaceHolder.cs
- RSAPKCS1KeyExchangeFormatter.cs
- WebPartAuthorizationEventArgs.cs
- FixedLineResult.cs
- ISCIIEncoding.cs
- HtmlLink.cs
- Authorization.cs
- ChineseLunisolarCalendar.cs
- TextSelectionHelper.cs
- RowToParametersTransformer.cs
- EdmFunctionAttribute.cs
- AttributeUsageAttribute.cs
- ContainerControl.cs
- ImageListImageEditor.cs
- LocatorManager.cs
- Literal.cs
- GeometryCombineModeValidation.cs
- PolyBezierSegmentFigureLogic.cs
- ScrollChrome.cs
- ElementsClipboardData.cs
- FontSource.cs
- Stream.cs
- MetadataItemCollectionFactory.cs
- SessionStateModule.cs
- AuthenticatingEventArgs.cs
- VisualBrush.cs
- EntityDataSourceStatementEditorForm.cs
- storepermissionattribute.cs
- DBSchemaRow.cs
- LowerCaseStringConverter.cs
- DbConnectionOptions.cs
- QueryOptionExpression.cs
- SamlDoNotCacheCondition.cs
- TriggerActionCollection.cs
- HttpDictionary.cs
- SqlInternalConnectionTds.cs
- coordinator.cs
- Int32Collection.cs
- autovalidator.cs
- RequestCacheEntry.cs
- Matrix3D.cs
- ApplicationGesture.cs
- CounterCreationDataCollection.cs
- FontDifferentiator.cs
- ValidationRuleCollection.cs
- ControlValuePropertyAttribute.cs
- xdrvalidator.cs
- XPathScanner.cs
- InheritanceContextChangedEventManager.cs
- XmlWhitespace.cs
- Menu.cs
- ChildTable.cs
- ConstraintCollection.cs
- DependencyPropertyKey.cs
- EntityDataReader.cs
- ListDictionaryInternal.cs
- SystemMulticastIPAddressInformation.cs
- TeredoHelper.cs
- TimeoutValidationAttribute.cs
- WebConvert.cs
- basevalidator.cs
- FixedDSBuilder.cs
- ArraySet.cs
- SqlReferenceCollection.cs
- InvalidEnumArgumentException.cs
- RequiredFieldValidator.cs
- StyleCollection.cs