WSTrust.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Security / WSTrust.cs / 1 / WSTrust.cs

                            //------------------------------------------------------------ 
// Copyright (c) Microsoft Corporation.  All rights reserved.
//-----------------------------------------------------------

namespace System.ServiceModel.Security 
{
    using System; 
    using System.ServiceModel; 
    using System.ServiceModel.Description;
    using System.ServiceModel.Dispatcher; 
    using System.Collections;
    using System.Collections.Generic;
    using System.Collections.ObjectModel;
    using System.Diagnostics; 
    using System.Globalization;
    using System.IO; 
    using System.Text; 
    using System.Threading;
    using System.Xml; 
    using System.Security.Cryptography;
    using System.IdentityModel.Claims;
    using System.IdentityModel.Policy;
    using System.IdentityModel.Selectors; 
    using System.IdentityModel.Tokens;
    using System.Security.Cryptography.X509Certificates; 
    using System.ServiceModel.Security.Tokens; 
    using HexBinary = System.Runtime.Remoting.Metadata.W3cXsd2001.SoapHexBinary;
    using System.ServiceModel.Channels; 
    using System.ServiceModel.Security;
    using System.Runtime.Serialization;

    using KeyIdentifierEntry = WSSecurityTokenSerializer.KeyIdentifierEntry; 
    using KeyIdentifierClauseEntry = WSSecurityTokenSerializer.KeyIdentifierClauseEntry;
    using TokenEntry = WSSecurityTokenSerializer.TokenEntry; 
    using StrEntry = WSSecurityTokenSerializer.StrEntry; 
    using Psha1DerivedKeyGenerator = System.IdentityModel.Psha1DerivedKeyGenerator;
 
    abstract class WSTrust : WSSecurityTokenSerializer.SerializerEntries
    {
        WSSecurityTokenSerializer tokenSerializer;
 
        public WSTrust(WSSecurityTokenSerializer tokenSerializer)
        { 
            this.tokenSerializer = tokenSerializer; 
        }
 
        public WSSecurityTokenSerializer WSSecurityTokenSerializer
        {
            get { return this.tokenSerializer; }
        } 

        public abstract TrustDictionary SerializerDictionary 
        { 
            get;
        } 

        public override void PopulateTokenEntries(IList tokenEntryList)
        {
            tokenEntryList.Add(new BinarySecretTokenEntry(this)); 
        }
 
        public override void PopulateKeyIdentifierClauseEntries(IList keyIdentifierClauseEntries) 
        {
            keyIdentifierClauseEntries.Add(new BinarySecretClauseEntry(this)); 
        }

        class BinarySecretTokenEntry : TokenEntry
        { 
            WSTrust parent;
            TrustDictionary otherDictionary; 
 
            public BinarySecretTokenEntry(WSTrust parent)
            { 
                this.parent = parent;
                this.otherDictionary = null;

                if (parent.SerializerDictionary is TrustDec2005Dictionary) 
                {
                    this.otherDictionary = XD.TrustFeb2005Dictionary; 
                } 

                if (parent.SerializerDictionary is TrustFeb2005Dictionary) 
                {
                    this.otherDictionary = DXD.TrustDec2005Dictionary;
                }
 
                // always set it, so we don't have to worry about null
                if (this.otherDictionary == null) 
                    this.otherDictionary = this.parent.SerializerDictionary; 
            }
 
            protected override XmlDictionaryString LocalName { get { return parent.SerializerDictionary.BinarySecret; } }
            protected override XmlDictionaryString NamespaceUri { get { return parent.SerializerDictionary.Namespace; } }
            protected override Type[] GetTokenTypesCore() { return new Type[] { typeof(BinarySecretSecurityToken) }; }
            public override string TokenTypeUri { get { return null; } } 
            protected override string ValueTypeUri { get { return null; } }
 
            public override bool CanReadTokenCore(XmlElement element) 
            {
                string valueTypeUri = null; 

                if (element.HasAttribute(SecurityJan2004Strings.ValueType, null))
                {
                    valueTypeUri = element.GetAttribute(SecurityJan2004Strings.ValueType, null); 
                }
 
                return element.LocalName == LocalName.Value && (element.NamespaceURI == NamespaceUri.Value || element.NamespaceURI == this.otherDictionary.Namespace.Value) && valueTypeUri == this.ValueTypeUri; 
            }
 
            public override bool CanReadTokenCore(XmlDictionaryReader reader)
            {
                return (reader.IsStartElement(this.LocalName, this.NamespaceUri) || reader.IsStartElement(this.LocalName, this.otherDictionary.Namespace)) &&
                       reader.GetAttribute(XD.SecurityJan2004Dictionary.ValueType, null) == this.ValueTypeUri; 
            }
 
 
            public override SecurityKeyIdentifierClause CreateKeyIdentifierClauseFromTokenXmlCore(XmlElement issuedTokenXml,
                SecurityTokenReferenceStyle tokenReferenceStyle) 
            {
                TokenReferenceStyleHelper.Validate(tokenReferenceStyle);

                switch (tokenReferenceStyle) 
                {
                    case SecurityTokenReferenceStyle.Internal: 
                        return CreateDirectReference(issuedTokenXml, UtilityStrings.IdAttribute, UtilityStrings.Namespace, typeof(GenericXmlSecurityToken)); 
                    case SecurityTokenReferenceStyle.External:
                        // Binary Secret tokens aren't referred to externally 
                        return null;
                    default:
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("tokenReferenceStyle"));
                } 
            }
 
            public override SecurityToken ReadTokenCore(XmlDictionaryReader reader, SecurityTokenResolver tokenResolver) 
            {
                string secretType = reader.GetAttribute(XD.SecurityJan2004Dictionary.TypeAttribute, null); 
                string id = reader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace);
                bool isNonce = false;

                if (secretType != null && secretType.Length > 0) 
                {
                    if (secretType == parent.SerializerDictionary.NonceBinarySecret.Value || secretType == otherDictionary.NonceBinarySecret.Value) 
                    { 
                        isNonce = true;
                    } 
                    else if (secretType != parent.SerializerDictionary.SymmetricKeyBinarySecret.Value && secretType != otherDictionary.SymmetricKeyBinarySecret.Value)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.UnexpectedBinarySecretType, parent.SerializerDictionary.SymmetricKeyBinarySecret.Value, secretType)));
                    } 
                }
 
                byte[] secret = reader.ReadElementContentAsBase64(); 
                if (isNonce)
                { 
                    return new NonceToken(id, secret);
                }
                else
                { 
                    return new BinarySecretSecurityToken(id, secret);
                } 
            } 

            public override void WriteTokenCore(XmlDictionaryWriter writer, SecurityToken token) 
            {
                BinarySecretSecurityToken simpleToken = token as BinarySecretSecurityToken;
                byte[] secret = simpleToken.GetKeyBytes();
                writer.WriteStartElement(parent.SerializerDictionary.Prefix.Value, parent.SerializerDictionary.BinarySecret, parent.SerializerDictionary.Namespace); 
                if (simpleToken.Id != null)
                { 
                    writer.WriteAttributeString(XD.UtilityDictionary.Prefix.Value, XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace, simpleToken.Id); 
                }
                if (token is NonceToken) 
                {
                    writer.WriteAttributeString(XD.SecurityJan2004Dictionary.TypeAttribute, null, parent.SerializerDictionary.NonceBinarySecret.Value);
                }
                writer.WriteBase64(secret, 0, secret.Length); 
                writer.WriteEndElement();
            } 
 

        } 

        internal class BinarySecretClauseEntry : KeyIdentifierClauseEntry
        {
            WSTrust parent; 
            TrustDictionary otherDictionary = null;
 
            public BinarySecretClauseEntry(WSTrust parent) 
            {
                this.parent = parent; 

                this.otherDictionary = null;

                if (parent.SerializerDictionary is TrustDec2005Dictionary) 
                {
                    this.otherDictionary = XD.TrustFeb2005Dictionary; 
                } 

                if (parent.SerializerDictionary is TrustFeb2005Dictionary) 
                {
                    this.otherDictionary = DXD.TrustDec2005Dictionary;
                }
 
                // always set it, so we don't have to worry about null
                if (this.otherDictionary == null) 
                    this.otherDictionary = this.parent.SerializerDictionary; 
            }
 
            protected override XmlDictionaryString LocalName
            {
                get { return this.parent.SerializerDictionary.BinarySecret; }
            } 

            protected override XmlDictionaryString NamespaceUri 
            { 
                get { return this.parent.SerializerDictionary.Namespace; }
            } 

            public override SecurityKeyIdentifierClause ReadKeyIdentifierClauseCore(XmlDictionaryReader reader)
            {
                byte[] secret = reader.ReadElementContentAsBase64(); 
                return new BinarySecretKeyIdentifierClause(secret, false);
            } 
 
            public override bool SupportsCore(SecurityKeyIdentifierClause keyIdentifierClause)
            { 
                return keyIdentifierClause is BinarySecretKeyIdentifierClause;
            }

            public override bool CanReadKeyIdentifierClauseCore(XmlDictionaryReader reader) 
            {
                return (reader.IsStartElement(this.LocalName, this.NamespaceUri) || reader.IsStartElement(this.LocalName, this.otherDictionary.Namespace)); 
            } 

            public override void WriteKeyIdentifierClauseCore(XmlDictionaryWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) 
            {
                BinarySecretKeyIdentifierClause skic = keyIdentifierClause as BinarySecretKeyIdentifierClause;
                byte[] secret = skic.GetKeyBytes();
                writer.WriteStartElement(this.parent.SerializerDictionary.Prefix.Value, this.parent.SerializerDictionary.BinarySecret, this.parent.SerializerDictionary.Namespace); 
                writer.WriteBase64(secret, 0, secret.Length);
                writer.WriteEndElement(); 
            } 
        }
 
        public abstract class Driver : TrustDriver
        {
            static readonly string base64Uri = SecurityJan2004Strings.EncodingTypeValueBase64Binary;
            static readonly string hexBinaryUri = SecurityJan2004Strings.EncodingTypeValueHexBinary; 

 
            SecurityStandardsManager standardsManager; 
            List entropyAuthenticators;
 
            public Driver(SecurityStandardsManager standardsManager)
            {
                this.standardsManager = standardsManager;
                this.entropyAuthenticators = new List(2); 
            }
 
            public abstract TrustDictionary DriverDictionary 
            {
                get; 
            }

            public override XmlDictionaryString RequestSecurityTokenAction
            { 
                get
                { 
                    return DriverDictionary.RequestSecurityTokenIssuance; 
                }
            } 

            public override XmlDictionaryString RequestSecurityTokenResponseAction
            {
                get 
                {
                    return DriverDictionary.RequestSecurityTokenIssuanceResponse; 
                } 
            }
 
            public override string RequestTypeIssue
            {
                get
                { 
                    return DriverDictionary.RequestTypeIssue.Value;
                } 
            } 

            public override string ComputedKeyAlgorithm 
            {
                get { return DriverDictionary.Psha1ComputedKeyUri.Value; }
            }
 
            public override SecurityStandardsManager StandardsManager
            { 
                get 
                {
                    return this.standardsManager; 
                }
            }

            public override XmlDictionaryString Namespace 
            {
                get { return DriverDictionary.Namespace; } 
            } 

            public override RequestSecurityToken CreateRequestSecurityToken(XmlReader xmlReader) 
            {
                XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader(xmlReader);
                reader.MoveToStartElement(DriverDictionary.RequestSecurityToken, DriverDictionary.Namespace);
                string context = null; 
                string tokenTypeUri = null;
                string requestType = null; 
                int keySize = 0; 
                XmlDocument doc = new XmlDocument();
                XmlElement rstXml = (doc.ReadNode(reader) as XmlElement); 
                SecurityKeyIdentifierClause renewTarget = null;
                SecurityKeyIdentifierClause closeTarget = null;
                for (int i = 0; i < rstXml.Attributes.Count; ++i)
                { 
                    XmlAttribute attr = rstXml.Attributes[i];
                    if (attr.LocalName == DriverDictionary.Context.Value) 
                    { 
                        context = attr.Value;
                    } 
                }
                for (int i = 0; i < rstXml.ChildNodes.Count; ++i)
                {
                    XmlElement child = (rstXml.ChildNodes[i] as XmlElement); 
                    if (child != null)
                    { 
                        if (child.LocalName == DriverDictionary.TokenType.Value && child.NamespaceURI == DriverDictionary.Namespace.Value) 
                            tokenTypeUri = XmlHelper.ReadTextElementAsTrimmedString(child);
                        else if (child.LocalName == DriverDictionary.RequestType.Value && child.NamespaceURI == DriverDictionary.Namespace.Value) 
                            requestType = XmlHelper.ReadTextElementAsTrimmedString(child);
                        else if (child.LocalName == DriverDictionary.KeySize.Value && child.NamespaceURI == DriverDictionary.Namespace.Value)
                            keySize = Int32.Parse(XmlHelper.ReadTextElementAsTrimmedString(child), NumberFormatInfo.InvariantInfo);
                    } 
                }
 
                ReadTargets(rstXml, out renewTarget, out closeTarget); 

                RequestSecurityToken rst = new RequestSecurityToken(standardsManager, rstXml, context, tokenTypeUri, requestType, keySize, renewTarget, closeTarget); 
                return rst;
            }

            XmlBuffer GetIssuedTokenBuffer(XmlBuffer rstrBuffer) 
            {
                XmlBuffer issuedTokenBuffer = null; 
                using (XmlDictionaryReader reader = rstrBuffer.GetReader(0)) 
                {
                    reader.ReadFullStartElement(); 
                    while (reader.IsStartElement())
                    {
                        if (reader.IsStartElement(this.DriverDictionary.RequestedSecurityToken, this.DriverDictionary.Namespace))
                        { 
                            reader.ReadStartElement();
                            reader.MoveToContent(); 
                            issuedTokenBuffer = new XmlBuffer(Int32.MaxValue); 
                            using (XmlDictionaryWriter writer = issuedTokenBuffer.OpenSection(reader.Quotas))
                            { 
                                writer.WriteNode(reader, false);
                                issuedTokenBuffer.CloseSection();
                                issuedTokenBuffer.Close();
                            } 
                            reader.ReadEndElement();
                            break; 
                        } 
                        else
                        { 
                            reader.Skip();
                        }
                    }
                } 
                return issuedTokenBuffer;
            } 
 
            public override RequestSecurityTokenResponse CreateRequestSecurityTokenResponse(XmlReader xmlReader)
            { 
                if (xmlReader == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("xmlReader");
                } 
                XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader(xmlReader);
                if (reader.IsStartElement(DriverDictionary.RequestSecurityTokenResponse, DriverDictionary.Namespace) == false) 
                { 
                    XmlHelper.OnRequiredElementMissing(DriverDictionary.RequestSecurityTokenResponse.Value, DriverDictionary.Namespace.Value);
                } 

                XmlBuffer rstrBuffer = new XmlBuffer(Int32.MaxValue);
                using (XmlDictionaryWriter writer = rstrBuffer.OpenSection(reader.Quotas))
                { 
                    writer.WriteNode(reader, false);
                    rstrBuffer.CloseSection(); 
                    rstrBuffer.Close(); 
                }
                XmlDocument doc = new XmlDocument(); 
                XmlElement rstrXml;
                using (XmlReader reader2 = rstrBuffer.GetReader(0))
                {
                    rstrXml = (doc.ReadNode(reader2) as XmlElement); 
                }
 
                XmlBuffer issuedTokenBuffer = GetIssuedTokenBuffer(rstrBuffer); 
                string context = null;
                string tokenTypeUri = null; 
                int keySize = 0;
                SecurityKeyIdentifierClause requestedAttachedReference = null;
                SecurityKeyIdentifierClause requestedUnattachedReference = null;
                bool computeKey = false; 
                DateTime created = DateTime.UtcNow;
                DateTime expires = SecurityUtils.MaxUtcDateTime; 
                bool isRequestedTokenClosed = false; 
                for (int i = 0; i < rstrXml.Attributes.Count; ++i)
                { 
                    XmlAttribute attr = rstrXml.Attributes[i];
                    if (attr.LocalName == DriverDictionary.Context.Value)
                    {
                       context = attr.Value; 
                    }
                } 
 
                for (int i = 0; i < rstrXml.ChildNodes.Count; ++i)
                { 
                    XmlElement child = (rstrXml.ChildNodes[i] as XmlElement);
                    if (child != null)
                    {
                        if (child.LocalName == DriverDictionary.TokenType.Value && child.NamespaceURI == DriverDictionary.Namespace.Value) 
                            tokenTypeUri = XmlHelper.ReadTextElementAsTrimmedString(child);
                        else if (child.LocalName == DriverDictionary.KeySize.Value && child.NamespaceURI == DriverDictionary.Namespace.Value) 
                            keySize = Int32.Parse(XmlHelper.ReadTextElementAsTrimmedString(child), NumberFormatInfo.InvariantInfo); 
                        else if (child.LocalName == DriverDictionary.RequestedProofToken.Value && child.NamespaceURI == DriverDictionary.Namespace.Value)
                        { 
                            XmlElement proofXml = XmlHelper.GetChildElement(child);
                            if (proofXml.LocalName == DriverDictionary.ComputedKey.Value && proofXml.NamespaceURI == DriverDictionary.Namespace.Value)
                            {
                                string computedKeyAlgorithm = XmlHelper.ReadTextElementAsTrimmedString(proofXml); 
                                if (computedKeyAlgorithm != this.DriverDictionary.Psha1ComputedKeyUri.Value)
                                { 
                                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new SecurityNegotiationException(SR.GetString(SR.UnknownComputedKeyAlgorithm, computedKeyAlgorithm))); 
                                }
                                computeKey = true; 
                            }
                        }
                        else if (child.LocalName == DriverDictionary.Lifetime.Value && child.NamespaceURI == DriverDictionary.Namespace.Value)
                        { 
                            XmlElement createdXml = XmlHelper.GetChildElement(child, UtilityStrings.CreatedElement, UtilityStrings.Namespace);
                            if (createdXml != null) 
                            { 
                                created = DateTime.ParseExact(XmlHelper.ReadTextElementAsTrimmedString(createdXml),
                                    WSUtilitySpecificationVersion.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime(); 
                            }
                            XmlElement expiresXml = XmlHelper.GetChildElement(child, UtilityStrings.ExpiresElement, UtilityStrings.Namespace);
                            if (expiresXml != null)
                            { 
                                expires = DateTime.ParseExact(XmlHelper.ReadTextElementAsTrimmedString(expiresXml),
                                    WSUtilitySpecificationVersion.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime(); 
                            } 
                        }
                    } 
                }

                isRequestedTokenClosed = ReadRequestedTokenClosed(rstrXml);
                ReadReferences(rstrXml, out requestedAttachedReference, out requestedUnattachedReference); 

                return new RequestSecurityTokenResponse(standardsManager, rstrXml, context, tokenTypeUri, keySize, requestedAttachedReference, requestedUnattachedReference, 
                                                        computeKey, created, expires, isRequestedTokenClosed, issuedTokenBuffer); 
            }
 
            public override RequestSecurityTokenResponseCollection CreateRequestSecurityTokenResponseCollection(XmlReader xmlReader)
            {
                XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader(xmlReader);
                List rstrCollection = new List(2); 
                string rootName = reader.Name;
                reader.ReadStartElement(DriverDictionary.RequestSecurityTokenResponseCollection, DriverDictionary.Namespace); 
                while (reader.IsStartElement(DriverDictionary.RequestSecurityTokenResponse.Value, DriverDictionary.Namespace.Value)) 
                {
                    RequestSecurityTokenResponse rstr = this.CreateRequestSecurityTokenResponse(reader); 
                    rstrCollection.Add(rstr);
                }
                reader.ReadEndElement();
                if (rstrCollection.Count == 0) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.NoRequestSecurityTokenResponseElements)));
                return new RequestSecurityTokenResponseCollection(rstrCollection.AsReadOnly(), this.StandardsManager); 
            } 

            XmlElement GetAppliesToElement(XmlElement rootElement) 
            {
                if (rootElement == null)
                {
                    return null; 
                }
                for (int i = 0; i < rootElement.ChildNodes.Count; ++i) 
                { 
                    XmlElement elem = (rootElement.ChildNodes[i] as XmlElement);
                    if (elem != null) 
                    {
                        if (elem.LocalName == DriverDictionary.AppliesTo.Value && elem.NamespaceURI == Namespaces.WSPolicy)
                        {
                            return elem; 
                        }
                    } 
                } 
                return null;
            } 

            T GetAppliesTo(XmlElement rootXml, XmlObjectSerializer serializer)
            {
                XmlElement appliesToElement = GetAppliesToElement(rootXml); 
                if (appliesToElement != null)
                { 
                    using (XmlReader reader = new XmlNodeReader(appliesToElement)) 
                    {
                        reader.ReadStartElement(); 
                        lock (serializer)
                        {
                            return (T)serializer.ReadObject(reader);
                        } 
                    }
                } 
                else 
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.NoAppliesToPresent))); 
                }
            }

            public override T GetAppliesTo(RequestSecurityToken rst, XmlObjectSerializer serializer) 
            {
                if (rst == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst"); 

                return GetAppliesTo(rst.RequestSecurityTokenXml, serializer); 
            }

            public override T GetAppliesTo(RequestSecurityTokenResponse rstr, XmlObjectSerializer serializer)
            { 
                if (rstr == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr"); 
 
                return GetAppliesTo(rstr.RequestSecurityTokenResponseXml, serializer);
            } 

            public override bool IsAppliesTo(string localName, string namespaceUri)
            {
                return (localName == DriverDictionary.AppliesTo.Value && namespaceUri == Namespaces.WSPolicy); 
            }
 
            void GetAppliesToQName(XmlElement rootElement, out string localName, out string namespaceUri) 
            {
                localName = namespaceUri = null; 
                XmlElement appliesToElement = GetAppliesToElement(rootElement);
                if (appliesToElement != null)
                {
                    using (XmlReader reader = new XmlNodeReader(appliesToElement)) 
                    {
                        reader.ReadStartElement(); 
                        reader.MoveToContent(); 
                        localName = reader.LocalName;
                        namespaceUri = reader.NamespaceURI; 
                    }
                }
            }
 
            public override void GetAppliesToQName(RequestSecurityToken rst, out string localName, out string namespaceUri)
            { 
                if (rst == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
 
                GetAppliesToQName(rst.RequestSecurityTokenXml, out localName, out namespaceUri);
            }

            public override void GetAppliesToQName(RequestSecurityTokenResponse rstr, out string localName, out string namespaceUri) 
            {
                if (rstr == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr"); 

                GetAppliesToQName(rstr.RequestSecurityTokenResponseXml, out localName, out namespaceUri); 
            }

            public override byte[] GetAuthenticator(RequestSecurityTokenResponse rstr)
            { 
                if (rstr != null && rstr.RequestSecurityTokenResponseXml != null && rstr.RequestSecurityTokenResponseXml.ChildNodes != null)
                { 
                    for (int i = 0; i < rstr.RequestSecurityTokenResponseXml.ChildNodes.Count; ++i) 
                    {
                        XmlElement element = rstr.RequestSecurityTokenResponseXml.ChildNodes[i] as XmlElement; 
                        if (element != null)
                        {
                            if (element.LocalName == DriverDictionary.Authenticator.Value && element.NamespaceURI == DriverDictionary.Namespace.Value)
                            { 
                                XmlElement combinedHashElement = XmlHelper.GetChildElement(element);
                                if (combinedHashElement.LocalName == DriverDictionary.CombinedHash.Value && combinedHashElement.NamespaceURI == DriverDictionary.Namespace.Value) 
                                { 
                                    string authenticatorString = XmlHelper.ReadTextElementAsTrimmedString(combinedHashElement);
                                    return Convert.FromBase64String(authenticatorString); 
                                }
                            }
                        }
                    } 
                }
                return null; 
            } 

            public override BinaryNegotiation GetBinaryNegotiation(RequestSecurityTokenResponse rstr) 
            {
                if (rstr == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");
 
                return GetBinaryNegotiation(rstr.RequestSecurityTokenResponseXml);
            } 
 
            public override BinaryNegotiation GetBinaryNegotiation(RequestSecurityToken rst)
            { 
                if (rst == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");

                return GetBinaryNegotiation(rst.RequestSecurityTokenXml); 
            }
 
            BinaryNegotiation GetBinaryNegotiation(XmlElement rootElement) 
            {
                if (rootElement == null) 
                {
                    return null;
                }
                for (int i=0; i < rootElement.ChildNodes.Count; ++i) 
                {
                    XmlElement elem = rootElement.ChildNodes[i] as XmlElement; 
                    if (elem != null) 
                    {
                        if (elem.LocalName == DriverDictionary.BinaryExchange.Value && elem.NamespaceURI == DriverDictionary.Namespace.Value) 
                        {
                            return ReadBinaryNegotiation(elem);
                        }
                    } 
                }
                return null; 
            } 

            public override SecurityToken GetEntropy(RequestSecurityToken rst, SecurityTokenResolver resolver) 
            {
                if (rst == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
 
                return GetEntropy(rst.RequestSecurityTokenXml, resolver);
            } 
 
            public override SecurityToken GetEntropy(RequestSecurityTokenResponse rstr, SecurityTokenResolver resolver)
            { 
                if (rstr == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");

                return GetEntropy(rstr.RequestSecurityTokenResponseXml, resolver); 
            }
 
            SecurityToken GetEntropy(XmlElement rootElement, SecurityTokenResolver resolver) 
            {
                if (rootElement == null || rootElement.ChildNodes == null) 
                {
                    return null;
                }
                for (int i = 0; i < rootElement.ChildNodes.Count; ++i) 
                {
                    XmlElement element = rootElement.ChildNodes[i] as XmlElement; 
                    if (element != null) 
                    {
                        if (element.LocalName == DriverDictionary.Entropy.Value && element.NamespaceURI == DriverDictionary.Namespace.Value) 
                        {
                            XmlElement tokenXml = XmlHelper.GetChildElement(element);
                            string valueTypeUri = element.GetAttribute(SecurityJan2004Strings.ValueType);
                            if (valueTypeUri.Length == 0) 
                                valueTypeUri = null;
                            return standardsManager.SecurityTokenSerializer.ReadToken(new XmlNodeReader(tokenXml), resolver); 
                        } 
                    }
                } 
                return null;
            }

            void GetIssuedAndProofXml(RequestSecurityTokenResponse rstr, out XmlElement issuedTokenXml, out XmlElement proofTokenXml) 
            {
                issuedTokenXml = null; 
                proofTokenXml = null; 
                if ((rstr.RequestSecurityTokenResponseXml != null) && (rstr.RequestSecurityTokenResponseXml.ChildNodes != null))
                { 
                    for (int i = 0; i < rstr.RequestSecurityTokenResponseXml.ChildNodes.Count; ++i)
                    {
                        XmlElement elem = rstr.RequestSecurityTokenResponseXml.ChildNodes[i] as XmlElement;
                        if (elem != null) 
                        {
                            if (elem.LocalName == DriverDictionary.RequestedSecurityToken.Value && elem.NamespaceURI == DriverDictionary.Namespace.Value) 
                            { 
                                if (issuedTokenXml != null)
                                { 
                                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.RstrHasMultipleIssuedTokens)));
                                }
                                issuedTokenXml = XmlHelper.GetChildElement(elem);
                            } 
                            else if (elem.LocalName == DriverDictionary.RequestedProofToken.Value && elem.NamespaceURI == DriverDictionary.Namespace.Value)
                            { 
                                if (proofTokenXml != null) 
                                {
                                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.RstrHasMultipleProofTokens))); 
                                }
                                proofTokenXml = XmlHelper.GetChildElement(elem);
                            }
                        } 
                    }
                } 
            } 

            ///  
            /// The algorithm for computing the key is:
            /// 1. If there is requestorEntropy:
            ///    a. If there is no  use the requestorEntropy as the key
            ///    b. If there is a  with a ComputedKeyUri, combine the client and server entropies 
            ///    c. Anything else, throw
            /// 2. If there is no requestorEntropy: 
            ///    a. THere has to be a  that contains the proof key 
            /// 
            public override GenericXmlSecurityToken GetIssuedToken(RequestSecurityTokenResponse rstr, SecurityTokenResolver resolver, IList allowedAuthenticators, SecurityKeyEntropyMode keyEntropyMode, byte[] requestorEntropy, string expectedTokenType, 
                ReadOnlyCollection authorizationPolicies, int defaultKeySize, bool isBearerKeyType)
            {

                SecurityKeyEntropyModeHelper.Validate(keyEntropyMode); 

                if (defaultKeySize < 0) 
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("defaultKeySize", SR.GetString(SR.ValueMustBeNonNegative)));
                } 

                if (rstr == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");
 
                string tokenType;
                if (rstr.TokenType != null) 
                { 
                    if (expectedTokenType != null && expectedTokenType != rstr.TokenType)
                    { 
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.BadIssuedTokenType, rstr.TokenType, expectedTokenType)));
                    }
                    tokenType = rstr.TokenType;
                } 
                else
                { 
                    tokenType = expectedTokenType; 
                }
 
                // search the response elements for licenseXml, proofXml, and lifetime
                DateTime created = rstr.ValidFrom;
                DateTime expires = rstr.ValidTo;
                XmlElement proofXml; 
                XmlElement issuedTokenXml;
                GetIssuedAndProofXml(rstr, out issuedTokenXml, out proofXml); 
 
                if (issuedTokenXml == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.NoLicenseXml))); 

                if (isBearerKeyType)
                {
                    if (proofXml != null) 
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.BearerKeyTypeCannotHaveProofKey)));
 
                    return new GenericXmlSecurityToken(issuedTokenXml, null, created, expires, rstr.RequestedAttachedReference, rstr.RequestedUnattachedReference, authorizationPolicies); 
                }
 
                SecurityToken proofToken;
                SecurityToken entropyToken = GetEntropy(rstr, resolver);
                if (keyEntropyMode == SecurityKeyEntropyMode.ClientEntropy)
                { 
                    if (requestorEntropy == null)
                    { 
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EntropyModeRequiresRequestorEntropy, keyEntropyMode))); 
                    }
                    // enforce that there is no entropy or proof token in the RSTR 
                    if (proofXml != null || entropyToken != null)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EntropyModeCannotHaveProofTokenOrIssuerEntropy, keyEntropyMode)));
                    } 
                    proofToken = new BinarySecretSecurityToken(requestorEntropy);
                } 
                else if (keyEntropyMode == SecurityKeyEntropyMode.ServerEntropy) 
                {
                    if (requestorEntropy != null) 
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EntropyModeCannotHaveRequestorEntropy, keyEntropyMode)));
                    }
                    if (rstr.ComputeKey || entropyToken != null) 
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EntropyModeCannotHaveComputedKey, keyEntropyMode))); 
                    } 
                    if (proofXml == null)
                    { 
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EntropyModeRequiresProofToken, keyEntropyMode)));
                    }
                    string valueTypeUri = proofXml.GetAttribute(SecurityJan2004Strings.ValueType);
                    if (valueTypeUri.Length == 0) 
                        valueTypeUri = null;
                    proofToken = standardsManager.SecurityTokenSerializer.ReadToken(new XmlNodeReader(proofXml), resolver); 
                } 
                else
                { 
                    if (!rstr.ComputeKey)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EntropyModeRequiresComputedKey, keyEntropyMode)));
                    } 
                    if (entropyToken == null)
                    { 
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EntropyModeRequiresIssuerEntropy, keyEntropyMode))); 
                    }
                    if (requestorEntropy == null) 
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EntropyModeRequiresRequestorEntropy, keyEntropyMode)));
                    }
                    if (rstr.KeySize == 0 && defaultKeySize == 0) 
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.RstrKeySizeNotProvided))); 
                    } 
                    int issuedKeySize = (rstr.KeySize != 0) ? rstr.KeySize : defaultKeySize;
                    byte[] issuerEntropy; 
                    if (entropyToken is BinarySecretSecurityToken)
                        issuerEntropy = ((BinarySecretSecurityToken)entropyToken).GetKeyBytes();
                    else if (entropyToken is WrappedKeySecurityToken)
                        issuerEntropy = ((WrappedKeySecurityToken)entropyToken).GetWrappedKey(); 
                    else
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedIssuerEntropyType))); 
                    // compute the PSHA1 derived key 
                    byte[] issuedKey = RequestSecurityTokenResponse.ComputeCombinedKey(requestorEntropy, issuerEntropy, issuedKeySize);
                    proofToken = new BinarySecretSecurityToken(issuedKey); 
                }

                SecurityKeyIdentifierClause internalReference = rstr.RequestedAttachedReference;
                SecurityKeyIdentifierClause externalReference = rstr.RequestedUnattachedReference; 

                return new BufferedGenericXmlSecurityToken(issuedTokenXml, proofToken, created, expires, internalReference, externalReference, authorizationPolicies, rstr.IssuedTokenBuffer); 
            } 

            public override GenericXmlSecurityToken GetIssuedToken(RequestSecurityTokenResponse rstr, string expectedTokenType, 
                ReadOnlyCollection authorizationPolicies, RSA clientKey)
            {
                if (rstr == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("rstr")); 

                string tokenType; 
                if (rstr.TokenType != null) 
                {
                    if (expectedTokenType != null && expectedTokenType != rstr.TokenType) 
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.BadIssuedTokenType, rstr.TokenType, expectedTokenType)));
                    }
                    tokenType = rstr.TokenType; 
                }
                else 
                { 
                    tokenType = expectedTokenType;
                } 

                // search the response elements for licenseXml, proofXml, and lifetime
                DateTime created = rstr.ValidFrom;
                DateTime expires = rstr.ValidTo; 
                XmlElement proofXml;
                XmlElement issuedTokenXml; 
                GetIssuedAndProofXml(rstr, out issuedTokenXml, out proofXml); 

                if (issuedTokenXml == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.NoLicenseXml)));

                // enforce that there is no proof token in the RSTR
                if (proofXml != null) 
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ProofTokenXmlUnexpectedInRstr))); 
                } 
                SecurityKeyIdentifierClause internalReference = rstr.RequestedAttachedReference;
                SecurityKeyIdentifierClause externalReference = rstr.RequestedUnattachedReference; 

                SecurityToken proofToken = new RsaSecurityToken(clientKey);
                return new BufferedGenericXmlSecurityToken(issuedTokenXml, proofToken, created, expires, internalReference, externalReference, authorizationPolicies, rstr.IssuedTokenBuffer);
            } 

            public override bool IsAtRequestSecurityTokenResponse(XmlReader reader) 
            { 
                if (reader == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); 

                return reader.IsStartElement(DriverDictionary.RequestSecurityTokenResponse.Value, DriverDictionary.Namespace.Value);
            }
 
            public override bool IsAtRequestSecurityTokenResponseCollection(XmlReader reader)
            { 
                if (reader == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
 
                return reader.IsStartElement(DriverDictionary.RequestSecurityTokenResponseCollection.Value, DriverDictionary.Namespace.Value);
            }

            public override bool IsRequestedSecurityTokenElement(string name, string nameSpace) 
            {
                return (name == DriverDictionary.RequestedSecurityToken.Value && nameSpace == DriverDictionary.Namespace.Value); 
            } 

            public override bool IsRequestedProofTokenElement(string name, string nameSpace) 
            {
                return (name == DriverDictionary.RequestedProofToken.Value && nameSpace == DriverDictionary.Namespace.Value);
            }
 
            public static BinaryNegotiation ReadBinaryNegotiation(XmlElement elem)
            { 
                if (elem == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("elem");
 
                // get the encoding and valueType attributes
                string encodingUri = null;
                string valueTypeUri = null;
                byte[] negotiationData = null; 
                if (elem.Attributes != null)
                { 
                    for (int i = 0; i < elem.Attributes.Count; ++i) 
                    {
                        XmlAttribute attr = elem.Attributes[i]; 
                        if (attr.LocalName == SecurityJan2004Strings.EncodingType && attr.NamespaceURI.Length == 0)
                        {
                            encodingUri = attr.Value;
                            if (encodingUri != base64Uri && encodingUri != hexBinaryUri) 
                            {
                                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.UnsupportedBinaryEncoding, encodingUri))); 
                            } 
                        }
                        else if (attr.LocalName == SecurityJan2004Strings.ValueType && attr.NamespaceURI.Length == 0) 
                        {
                            valueTypeUri = attr.Value;
                        }
                        // ignore all other attributes 
                    }
                } 
                if (encodingUri == null) 
                {
                    XmlHelper.OnRequiredAttributeMissing("EncodingType", elem.Name); 
                }
                if (valueTypeUri == null)
                {
                    XmlHelper.OnRequiredAttributeMissing("ValueType", elem.Name); 
                }
                string encodedBlob = XmlHelper.ReadTextElementAsTrimmedString(elem); 
                if (encodingUri == base64Uri) 
                {
                    negotiationData = Convert.FromBase64String(encodedBlob); 
                }
                else
                {
                    negotiationData = HexBinary.Parse(encodedBlob).Value; 
                }
                return new BinaryNegotiation(valueTypeUri, negotiationData); 
            } 

            // Note in Apr2004, internal & external references aren't supported - 
            // our strategy is to see if there's a token reference (and use it for external ref) and backup is to scan the token xml to compute reference
            protected virtual void ReadReferences(XmlElement rstrXml, out SecurityKeyIdentifierClause requestedAttachedReference,
                    out SecurityKeyIdentifierClause requestedUnattachedReference)
            { 
                XmlElement issuedTokenXml = null;
                requestedAttachedReference = null; 
                requestedUnattachedReference = null; 
                for (int i = 0; i < rstrXml.ChildNodes.Count; ++i)
                { 
                    XmlElement child = rstrXml.ChildNodes[i] as XmlElement;
                    if (child != null)
                    {
                        if (child.LocalName == DriverDictionary.RequestedSecurityToken.Value && child.NamespaceURI == DriverDictionary.Namespace.Value) 
                        {
                            issuedTokenXml = XmlHelper.GetChildElement(child); 
                        } 
                        else if (child.LocalName == DriverDictionary.RequestedTokenReference.Value && child.NamespaceURI == DriverDictionary.Namespace.Value)
                        { 
                            requestedUnattachedReference = standardsManager.SecurityTokenSerializer.ReadKeyIdentifierClause(new XmlNodeReader(XmlHelper.GetChildElement(child)));
                        }
                    }
                } 

                if (issuedTokenXml != null) 
                { 
                    requestedAttachedReference = standardsManager.CreateKeyIdentifierClauseFromTokenXml(issuedTokenXml, SecurityTokenReferenceStyle.Internal);
                    if (requestedUnattachedReference == null) 
                    {
                        try
                        {
                            requestedUnattachedReference = standardsManager.CreateKeyIdentifierClauseFromTokenXml(issuedTokenXml, SecurityTokenReferenceStyle.External); 
                        }
                        catch (XmlException) 
                        { 
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.TrustApr2004DoesNotSupportCertainIssuedTokens)));
                        } 
                    }
                }
            }
 
            protected virtual bool ReadRequestedTokenClosed(XmlElement rstrXml)
            { 
                return false; 
            }
 
            protected virtual void ReadTargets(XmlElement rstXml, out SecurityKeyIdentifierClause renewTarget, out SecurityKeyIdentifierClause closeTarget)
            {
                renewTarget = null;
                closeTarget = null; 
            }
 
            public override void OnRSTRorRSTRCMissingException() 
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.ExpectedOneOfTwoElementsFromNamespace, 
                    DriverDictionary.RequestSecurityTokenResponse, DriverDictionary.RequestSecurityTokenResponseCollection,
                    DriverDictionary.Namespace)));
            }
 
            void WriteAppliesTo(object appliesTo, Type appliesToType, XmlObjectSerializer serializer, XmlWriter xmlWriter)
            { 
                XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter(xmlWriter); 
                writer.WriteStartElement(Namespaces.WSPolicyPrefix, DriverDictionary.AppliesTo.Value, Namespaces.WSPolicy);
                lock (serializer) 
                {
                    serializer.WriteObject(writer, appliesTo);
                }
                writer.WriteEndElement(); 
            }
 
            public void WriteBinaryNegotiation(BinaryNegotiation negotiation, XmlWriter xmlWriter) 
            {
                if (negotiation == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("negotiation");

                XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter(xmlWriter);
                negotiation.WriteTo(writer, this.DriverDictionary.Prefix.Value, 
                                            this.DriverDictionary.BinaryExchange, this.DriverDictionary.Namespace,
                                            XD.SecurityJan2004Dictionary.ValueType, null); 
            } 

            public override void WriteRequestSecurityToken(RequestSecurityToken rst, XmlWriter xmlWriter) 
            {
                if (rst == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst"); 
                }
                if (xmlWriter == null) 
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("xmlWriter");
                } 
                XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter(xmlWriter);
                if (rst.IsReceiver)
                {
                    rst.WriteTo(writer); 
                    return;
                } 
                writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.RequestSecurityToken, DriverDictionary.Namespace); 
                XmlHelper.AddNamespaceDeclaration(writer, DriverDictionary.Prefix.Value, DriverDictionary.Namespace);
                if (rst.Context != null) 
                    writer.WriteAttributeString(DriverDictionary.Context, null, rst.Context);

                rst.OnWriteCustomAttributes(writer);
                if (rst.TokenType != null) 
                {
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.TokenType, DriverDictionary.Namespace); 
                    writer.WriteString(rst.TokenType); 
                    writer.WriteEndElement();
                } 
                if (rst.RequestType != null)
                {
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.RequestType, DriverDictionary.Namespace);
                    writer.WriteString(rst.RequestType); 
                    writer.WriteEndElement();
                } 
 
                if (rst.AppliesTo != null)
                { 
                    WriteAppliesTo(rst.AppliesTo, rst.AppliesToType, rst.AppliesToSerializer, writer);
                }

                SecurityToken entropyToken = rst.GetRequestorEntropy(); 
                if (entropyToken != null)
                { 
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.Entropy, DriverDictionary.Namespace); 
                    standardsManager.SecurityTokenSerializer.WriteToken(writer, entropyToken);
                    writer.WriteEndElement(); 
                }

                if (rst.KeySize != 0)
                { 
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.KeySize, DriverDictionary.Namespace);
                    writer.WriteValue(rst.KeySize); 
                    writer.WriteEndElement(); 
                }
 
                BinaryNegotiation negotiationData = rst.GetBinaryNegotiation();
                if (negotiationData != null)
                    WriteBinaryNegotiation(negotiationData, writer);
 
                WriteTargets(rst, writer);
 
                if (rst.RequestProperties != null) 
                {
                    foreach (XmlElement property in rst.RequestProperties) 
                    {
                        property.WriteTo(writer);
                    }
                } 

                rst.OnWriteCustomElements(writer); 
                writer.WriteEndElement(); 
            }
 
            protected virtual void WriteTargets(RequestSecurityToken rst, XmlDictionaryWriter writer)
            {
            }
 
            // Note in Apr2004, internal & external references aren't supported - our strategy is to generate the external ref as the TokenReference.
            protected virtual void WriteReferences(RequestSecurityTokenResponse rstr, XmlDictionaryWriter writer) 
            { 
                if (rstr.RequestedUnattachedReference != null)
                { 
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.RequestedTokenReference, DriverDictionary.Namespace);
                    standardsManager.SecurityTokenSerializer.WriteKeyIdentifierClause(writer, rstr.RequestedUnattachedReference);
                    writer.WriteEndElement();
                } 
            }
 
            protected virtual void WriteRequestedTokenClosed(RequestSecurityTokenResponse rstr, XmlDictionaryWriter writer) 
            {
            } 

            public override void WriteRequestSecurityTokenResponse(RequestSecurityTokenResponse rstr, XmlWriter xmlWriter)
            {
                if (rstr == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");
                if (xmlWriter == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("xmlWriter"); 
                XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter(xmlWriter);
                if (rstr.IsReceiver) 
                {
                    rstr.WriteTo(writer);
                    return;
                } 
                writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.RequestSecurityTokenResponse, DriverDictionary.Namespace);
                if (rstr.Context != null) 
                { 
                    writer.WriteAttributeString(DriverDictionary.Context, null, rstr.Context);
                } 
                // define WSUtility at the top level to avoid multiple definitions below
                XmlHelper.AddNamespaceDeclaration(writer, UtilityStrings.Prefix, XD.UtilityDictionary.Namespace);
                rstr.OnWriteCustomAttributes(writer);
 
                if (rstr.TokenType != null)
                    writer.WriteElementString(DriverDictionary.Prefix.Value, DriverDictionary.TokenType, DriverDictionary.Namespace, rstr.TokenType); 
 
                if (rstr.RequestedSecurityToken != null)
                { 
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.RequestedSecurityToken, DriverDictionary.Namespace);
                    standardsManager.SecurityTokenSerializer.WriteToken(writer, rstr.RequestedSecurityToken);
                    writer.WriteEndElement();
                } 

                if (rstr.AppliesTo != null) 
                { 
                    WriteAppliesTo(rstr.AppliesTo, rstr.AppliesToType, rstr.AppliesToSerializer, writer);
                } 

                WriteReferences(rstr, writer);

                if (rstr.ComputeKey || rstr.RequestedProofToken != null) 
                {
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.RequestedProofToken, DriverDictionary.Namespace); 
                    if (rstr.ComputeKey) 
                    {
                        writer.WriteElementString(DriverDictionary.Prefix.Value, DriverDictionary.ComputedKey, DriverDictionary.Namespace, DriverDictionary.Psha1ComputedKeyUri.Value); 
                    }
                    else
                    {
                        standardsManager.SecurityTokenSerializer.WriteToken(writer, rstr.RequestedProofToken); 
                    }
                    writer.WriteEndElement(); 
                } 

                SecurityToken entropyToken = rstr.GetIssuerEntropy(); 
                if (entropyToken != null)
                {
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.Entropy, DriverDictionary.Namespace);
                    standardsManager.SecurityTokenSerializer.WriteToken(writer, entropyToken); 
                    writer.WriteEndElement();
                } 
 
                // To write out the lifetime, the following algorithm is used
                //   1. If the lifetime is explicitly set, write it out. 
                //   2. Else, if a token/tokenbuilder has been set, use the lifetime in that.
                //   3. Else do not serialize lifetime
                if (rstr.IsLifetimeSet || rstr.RequestedSecurityToken != null)
                { 
                    DateTime effectiveTime = SecurityUtils.MinUtcDateTime;
                    DateTime expirationTime = SecurityUtils.MaxUtcDateTime; 
 
                    if (rstr.IsLifetimeSet)
                    { 
                        effectiveTime = rstr.ValidFrom.ToUniversalTime();
                        expirationTime = rstr.ValidTo.ToUniversalTime();
                    }
                    else if (rstr.RequestedSecurityToken != null) 
                    {
                        effectiveTime = rstr.RequestedSecurityToken.ValidFrom.ToUniversalTime(); 
                        expirationTime = rstr.RequestedSecurityToken.ValidTo.ToUniversalTime(); 
                    }
 
                    // write out the lifetime
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.Lifetime, DriverDictionary.Namespace);
                    // write out Created
                    writer.WriteStartElement(XD.UtilityDictionary.Prefix.Value, XD.UtilityDictionary.CreatedElement, XD.UtilityDictionary.Namespace); 
                    writer.WriteString(effectiveTime.ToString("yyyy-MM-ddTHH:mm:ss.fffZ", CultureInfo.InvariantCulture.DateTimeFormat));
                    writer.WriteEndElement(); // wsu:Created 
                    // write out Expires 
                    writer.WriteStartElement(XD.UtilityDictionary.Prefix.Value, XD.UtilityDictionary.ExpiresElement, XD.UtilityDictionary.Namespace);
                    writer.WriteString(expirationTime.ToString("yyyy-MM-ddTHH:mm:ss.fffZ", CultureInfo.InvariantCulture.DateTimeFormat)); 
                    writer.WriteEndElement(); // wsu:Expires
                    writer.WriteEndElement(); // wsse:Lifetime
                }
 
                byte[] authenticator = rstr.GetAuthenticator();
                if (authenticator != null) 
                { 
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.Authenticator, DriverDictionary.Namespace);
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.CombinedHash, DriverDictionary.Namespace); 
                    writer.WriteBase64(authenticator, 0, authenticator.Length);
                    writer.WriteEndElement();
                    writer.WriteEndElement();
                } 

                if (rstr.KeySize > 0) 
                { 
                    writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.KeySize, DriverDictionary.Namespace);
                    writer.WriteValue(rstr.KeySize); 
                    writer.WriteEndElement();
                }

                WriteRequestedTokenClosed(rstr, writer); 

                BinaryNegotiation negotiationData = rstr.GetBinaryNegotiation(); 
                if (negotiationData != null) 
                    WriteBinaryNegotiation(negotiationData, writer);
 
                rstr.OnWriteCustomElements(writer);
                writer.WriteEndElement();
            }
 
            public override void WriteRequestSecurityTokenResponseCollection(RequestSecurityTokenResponseCollection rstrCollection, XmlWriter xmlWriter)
            { 
                if (rstrCollection == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstrCollection");
 
                XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter(xmlWriter);
                writer.WriteStartElement(DriverDictionary.Prefix.Value, DriverDictionary.RequestSecurityTokenResponseCollection, DriverDictionary.Namespace);
                foreach (RequestSecurityTokenResponse rstr in rstrCollection.RstrCollection)
                { 
                    rstr.WriteTo(writer);
                } 
                writer.WriteEndElement(); 
            }
 
            protected void SetProtectionLevelForFederation(OperationDescriptionCollection operations)
            {
                foreach (OperationDescription operation in operations)
                { 
                    foreach (MessageDescription message in operation.Messages)
                    { 
                        if (message.Body.Parts.Count > 0) 
                        {
                            foreach (MessagePartDescription part in message.Body.Parts) 
                            {
                                part.ProtectionLevel = System.Net.Security.ProtectionLevel.EncryptAndSign;
                            }
                        } 
                        if (OperationFormatter.IsValidReturnValue(message.Body.ReturnValue))
                        { 
                            message.Body.ReturnValue.ProtectionLevel = System.Net.Security.ProtectionLevel.EncryptAndSign; 
                        }
                    } 
                }
            }

            public override bool TryParseKeySizeElement(XmlElement element, out int keySize) 
            {
                if (element == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("element"); 

                if (element.LocalName == this.DriverDictionary.KeySize.Value 
                    && element.NamespaceURI == this.DriverDictionary.Namespace.Value)
                {
                    keySize = Int32.Parse(XmlHelper.ReadTextElementAsTrimmedString(element), NumberFormatInfo.InvariantInfo);
                    return true; 
                }
 
                keySize = 0; 
                return false;
            } 

            public override XmlElement CreateKeySizeElement(int keySize)
            {
                if (keySize < 0) 
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("keySize", SR.GetString(SR.ValueMustBeNonNegative))); 
                } 
                XmlDocument doc = new XmlDocument();
                XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.KeySize.Value, 
                    this.DriverDictionary.Namespace.Value);
                result.AppendChild(doc.CreateTextNode(keySize.ToString(System.Globalization.CultureInfo.InvariantCulture.NumberFormat)));
                return result;
            } 

            public override XmlElement CreateKeyTypeElement(SecurityKeyType keyType) 
            { 
                if (keyType == SecurityKeyType.SymmetricKey)
                    return CreateSymmetricKeyTypeElement(); 
                else if (keyType == SecurityKeyType.AsymmetricKey)
                    return CreatePublicKeyTypeElement();
                else
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.UnableToCreateKeyTypeElementForUnknownKeyType, keyType.ToString()))); 
            }
 
            public override bool TryParseKeyTypeElement(XmlElement element, out SecurityKeyType keyType) 
            {
                if (element == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("element");

                if (TryParseSymmetricKeyElement(element))
                { 
                    keyType = SecurityKeyType.SymmetricKey;
                    return true; 
                } 
                else if (TryParsePublicKeyElement(element))
                { 
                    keyType = SecurityKeyType.AsymmetricKey;
                    return true;
                }
 
                keyType = SecurityKeyType.SymmetricKey;
                return false; 
 
            }
 
            public bool TryParseSymmetricKeyElement(XmlElement element)
            {
                if (element == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("element"); 

                return element.LocalName == this.DriverDictionary.KeyType.Value 
                    && element.NamespaceURI == this.DriverDictionary.Namespace.Value 
                    && element.InnerText == this.DriverDictionary.SymmetricKeyType.Value;
            } 

            XmlElement CreateSymmetricKeyTypeElement()
            {
                XmlDocument doc = new XmlDocument(); 
                XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.KeyType.Value,
                    this.DriverDictionary.Namespace.Value); 
                result.AppendChild(doc.CreateTextNode(this.DriverDictionary.SymmetricKeyType.Value)); 
                return result;
            } 

            bool TryParsePublicKeyElement(XmlElement element)
            {
                if (element == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("element");
 
                return element.LocalName == this.DriverDictionary.KeyType.Value 
                    && element.NamespaceURI == this.DriverDictionary.Namespace.Value
                    && element.InnerText == this.DriverDictionary.PublicKeyType.Value; 
            }

            XmlElement CreatePublicKeyTypeElement()
            { 
                XmlDocument doc = new XmlDocument();
                XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.KeyType.Value, 
                    this.DriverDictionary.Namespace.Value); 
                result.AppendChild(doc.CreateTextNode(this.DriverDictionary.PublicKeyType.Value));
                return result; 
            }

            public override bool TryParseTokenTypeElement(XmlElement element, out string tokenType)
            { 
                if (element == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("element"); 
 
                if (element.LocalName == this.DriverDictionary.TokenType.Value
                    && element.NamespaceURI == this.DriverDictionary.Namespace.Value) 
                {
                    tokenType = element.InnerText;
                    return true;
                } 

                tokenType = null; 
                return false; 
            }
 
            public override XmlElement CreateTokenTypeElement(string tokenTypeUri)
            {
                if (tokenTypeUri == null)
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenTypeUri");
                } 
                XmlDocument doc = new XmlDocument(); 
                XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.TokenType.Value,
                    this.DriverDictionary.Namespace.Value); 
                result.AppendChild(doc.CreateTextNode(tokenTypeUri));
                return result;
            }
 
            public override XmlElement CreateUseKeyElement(SecurityKeyIdentifier keyIdentifier, SecurityStandardsManager standardsManager)
            { 
                if (keyIdentifier == null) 
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyIdentifier"); 
                }
                if (standardsManager == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("standardsManager"); 
                }
                XmlDocument doc = new XmlDocument(); 
                XmlElement result = doc.CreateElement(this.DriverDictionary.UseKey.Value, this.DriverDictionary.Namespace.Value); 
                MemoryStream stream = new MemoryStream();
                using (XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter(new XmlTextWriter(stream, Encoding.UTF8))) 
                {
#pragma warning suppress 56506 // standardsManager.SecurityTokenSerializer can never be null.
                    standardsManager.SecurityTokenSerializer.WriteKeyIdentifier(writer, keyIdentifier);
                    writer.Flush(); 
                    stream.Seek(0, SeekOrigin.Begin);
                    XmlNode skiNode; 
                    using (XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader(new XmlTextReader(stream))) 
                    {
                        reader.MoveToContent(); 
                        skiNode = doc.ReadNode(reader);
                    }
                    result.AppendChild(skiNode);
                } 
                return result;
            } 
 
            public override XmlElement CreateSignWithElement(string signatureAlgorithm)
            { 
                if (signatureAlgorithm == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("signatureAlgorithm");
                } 
                XmlDocument doc = new XmlDocument();
                XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.SignWith.Value, 
                    this.DriverDictionary.Namespace.Value); 
                result.AppendChild(doc.CreateTextNode(signatureAlgorithm));
                return result; 
            }

            internal override bool IsSignWithElement(XmlElement element, out string signatureAlgorithm)
            { 
                return CheckElement(element, this.DriverDictionary.SignWith.Value, this.DriverDictionary.Namespace.Value, out signatureAlgorithm);
            } 
 
            public override XmlElement CreateEncryptWithElement(string encryptionAlgorithm)
            { 
                if (encryptionAlgorithm == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("encryptionAlgorithm");
                } 
                XmlDocument doc = new XmlDocument();
                XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.EncryptWith.Value, 
                    this.DriverDictionary.Namespace.Value); 
                result.AppendChild(doc.CreateTextNode(encryptionAlgorithm));
                return result; 
            }

            public override XmlElement CreateEncryptionAlgorithmElement(string encryptionAlgorithm)
            { 
                if (encryptionAlgorithm == null)
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("encryptionAlgorithm"); 
                }
                XmlDocument doc = new XmlDocument(); 
                XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.EncryptionAlgorithm.Value,
                    this.DriverDictionary.Namespace.Value);
                result.AppendChild(doc.CreateTextNode(encryptionAlgorithm));
                return result; 
            }
 
            internal override bool IsEncryptWithElement(XmlElement element, out string encryptWithAlgorithm) 
            {
                return CheckElement(element, this.DriverDictionary.EncryptWith.Value, this.DriverDictionary.Namespace.Value, out encryptWithAlgorithm); 
            }

            internal override bool IsEncryptionAlgorithmElement(XmlElement element, out string encryptionAlgorithm)
            { 
                return CheckElement(element, this.DriverDictionary.EncryptionAlgorithm.Value, this.DriverDictionary.Namespace.Value, out encryptionAlgorithm);
            } 
 
            public override XmlElement CreateComputedKeyAlgorithmElement(string algorithm)
            { 
                if (algorithm == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("algorithm");
                } 
                XmlDocument doc = new XmlDocument();
                XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.ComputedKeyAlgorithm.Value, 
                    this.DriverDictionary.Namespace.Value); 
                result.AppendChild(doc.CreateTextNode(algorithm));
                return result; 
            }

            public override XmlElement CreateCanonicalizationAlgorithmElement(string algorithm)
            { 
                if (algorithm == null)
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("algorithm"); 
                }
                XmlDocument doc = new XmlDocument(); 
                XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.CanonicalizationAlgorithm.Value,
                    this.DriverDictionary.Namespace.Value);
                result.AppendChild(doc.CreateTextNode(algorithm));
                return result; 
            }
 
            internal override bool IsCanonicalizationAlgorithmElement(XmlElement element, out string canonicalizationAlgorithm) 
            {
                return CheckElement(element, this.DriverDictionary.CanonicalizationAlgorithm.Value, this.DriverDictionary.Namespace.Value, out canonicalizationAlgorithm); 
            }

            public override bool TryParseRequiredClaimsElement(XmlElement element, out System.Collections.ObjectModel.Collection requiredClaims)
            { 
                if (element == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("element"); 
 
                if (element.LocalName == this.DriverDictionary.Claims.Value
                    && element.NamespaceURI == this.DriverDictionary.Namespace.Value) 
                {
                    requiredClaims = new System.Collections.ObjectModel.Collection();
                    foreach (XmlNode node in element.ChildNodes)
                        if (node is XmlElement) 
                        {
                            // PreSharp Bug: Parameter 'requiredClaims' to this public method must be validated: A null-dereference can occur here. 
                            #pragma warning suppress 56506 
                            requiredClaims.Add((XmlElement)node);
                        } 
                    return true;
                }

                requiredClaims = null; 
                return false;
            } 
 
            public override XmlElement CreateRequiredClaimsElement(IEnumerable claimsList)
            { 
                if (claimsList == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("claimsList");
                } 
                XmlDocument doc = new XmlDocument();
                XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.Claims.Value, 
                    this.DriverDictionary.Namespace.Value); 
                foreach (XmlElement claimElement in claimsList)
                { 
                    XmlElement element = (XmlElement) doc.ImportNode(claimElement, true);
                    result.AppendChild(element);
                }
                return result; 
            }
 
            internal static void ValidateRequestedKeySize(int keySize, SecurityAlgorithmSuite algorithmSuite) 
            {
                if ((keySize % 8 == 0) && algorithmSuite.IsSymmetricKeyLengthSupported(keySize)) 
                {
                    return;
                }
                else 
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new SecurityNegotiationException(SR.GetString(SR.InvalidKeyLengthRequested, keySize))); 
                } 
            }
 
            static void ValidateRequestorEntropy(SecurityToken entropy, SecurityKeyEntropyMode mode)
            {
                if ((mode == SecurityKeyEntropyMode.ClientEntropy || mode == SecurityKeyEntropyMode.CombinedEntropy)
                    && (entropy == null)) 
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.EntropyModeRequiresRequestorEntropy, mode))); 
                } 
                if (mode == SecurityKeyEntropyMode.ServerEntropy && entropy != null)
                { 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.EntropyModeCannotHaveRequestorEntropy, mode)));
                }
            }
 
            internal static void ProcessRstAndIssueKey(RequestSecurityToken requestSecurityToken, SecurityTokenResolver resolver, SecurityKeyEntropyMode keyEntropyMode, SecurityAlgorithmSuite algorithmSuite, out int issuedKeySize, out byte[] issuerEntropy, out byte[] proofKey,
                out SecurityToken proofToken) 
            { 
                SecurityToken requestorEntropyToken = requestSecurityToken.GetRequestorEntropy(resolver);
                ValidateRequestorEntropy(requestorEntropyToken, keyEntropyMode); 
                byte[] requestorEntropy;
                if (requestorEntropyToken != null)
                {
                    if (requestorEntropyToken is BinarySecretSecurityToken) 
                    {
                        BinarySecretSecurityToken skToken = (BinarySecretSecurityToken)requestorEntropyToken; 
                        requestorEntropy = skToken.GetKeyBytes(); 
                    }
                    else if (requestorEntropyToken is WrappedKeySecurityToken) 
                    {
                        requestorEntropy = ((WrappedKeySecurityToken)requestorEntropyToken).GetWrappedKey();
                    }
                    else 
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.TokenCannotCreateSymmetricCrypto, requestorEntropyToken))); 
                    } 
                }
                else 
                {
                    requestorEntropy = null;
                }
 
                if (keyEntropyMode == SecurityKeyEntropyMode.ClientEntropy)
                { 
                    if (requestorEntropy != null) 
                    {
                        // validate that the entropy length matches the algorithm suite 
                        ValidateRequestedKeySize(requestorEntropy.Length * 8, algorithmSuite);
                    }
                    proofKey = requestorEntropy;
                    issuerEntropy = null; 
                    issuedKeySize = 0;
                    proofToken = null; 
                } 
                else
                { 
                    if (requestSecurityToken.KeySize != 0)
                    {
                        ValidateRequestedKeySize(requestSecurityToken.KeySize, algorithmSuite);
                        issuedKeySize = requestSecurityToken.KeySize; 
                    }
                    else 
                    { 
                        issuedKeySize = algorithmSuite.DefaultSymmetricKeyLength;
                    } 
                    RNGCryptoServiceProvider random = new RNGCryptoServiceProvider();
                    if (keyEntropyMode == SecurityKeyEntropyMode.ServerEntropy)
                    {
                        proofKey = new byte[issuedKeySize / 8]; 
                        // proof key is completely issued by the server
                        random.GetNonZeroBytes(proofKey); 
                        issuerEntropy = null; 
                        proofToken = new BinarySecretSecurityToken(proofKey);
                    } 
                    else
                    {
                        issuerEntropy = new byte[issuedKeySize / 8];
                        random.GetNonZeroBytes(issuerEntropy); 
                        proofKey = RequestSecurityTokenResponse.ComputeCombinedKey(requestorEntropy, issuerEntropy, issuedKeySize);
                        proofToken = null; 
                    } 
                }
            } 

        }

        protected static bool CheckElement(XmlElement element, string name, string ns, out string value) 
        {
            value = null; 
            if (element.LocalName != name || element.NamespaceURI != ns) 
                return false;
            if (element.FirstChild is XmlText) 
            {
                value = ((XmlText)element.FirstChild).Value;
                return true;
            } 
            return false;
        } 
    } 
}

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK