Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Security / AcceptorSessionSymmetricMessageSecurityProtocol.cs / 1 / AcceptorSessionSymmetricMessageSecurityProtocol.cs
//---------------------------------------------------------- // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel.Security { using System.Collections.Generic; using System.ServiceModel; using System.Collections.ObjectModel; using System.IO; using System.IdentityModel.Selectors; using System.IdentityModel.Claims; using System.IdentityModel.Policy; using System.IdentityModel.Tokens; using System.Security.Cryptography; using System.ServiceModel.Security.Tokens; using System.ServiceModel.Channels; using System.Text; using System.Xml; using System.Xml.Serialization; sealed class AcceptorSessionSymmetricMessageSecurityProtocol : MessageSecurityProtocol, IAcceptorSecuritySessionProtocol { SecurityToken outgoingSessionToken; SecurityTokenAuthenticator sessionTokenAuthenticator; SecurityTokenResolver sessionTokenResolver; ReadOnlyCollectionsessionResolverList; bool returnCorrelationState = false; DerivedKeySecurityToken derivedSignatureToken; DerivedKeySecurityToken derivedEncryptionToken; UniqueId sessionId; SecurityStandardsManager sessionStandardsManager; Object thisLock = new Object(); bool requireDerivedKeys; public AcceptorSessionSymmetricMessageSecurityProtocol(SessionSymmetricMessageSecurityProtocolFactory factory, EndpointAddress target) : base(factory, target, null) { if (factory.ActAsInitiator == true) { DiagnosticUtility.DebugAssert("This protocol can only be used at the recipient."); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ProtocolMustBeRecipient, this.GetType().ToString()))); } this.requireDerivedKeys = factory.SecurityTokenParameters.RequireDerivedKeys; if (requireDerivedKeys) { SecurityTokenSerializer innerTokenSerializer = this.Factory.StandardsManager.SecurityTokenSerializer; WSSecureConversation secureConversation = (innerTokenSerializer is WSSecurityTokenSerializer) ? ((WSSecurityTokenSerializer)innerTokenSerializer).SecureConversation : new WSSecurityTokenSerializer(this.Factory.MessageSecurityVersion.SecurityVersion).SecureConversation; this.sessionStandardsManager = new SecurityStandardsManager(factory.MessageSecurityVersion, new DerivedKeyCachingSecurityTokenSerializer(2, false, secureConversation, innerTokenSerializer)); } } Object ThisLock { get { return thisLock; } } public bool ReturnCorrelationState { get { return this.returnCorrelationState; } set { this.returnCorrelationState = value; } } protected override bool PerformIncomingAndOutgoingMessageExpectationChecks { get { return false; } } SessionSymmetricMessageSecurityProtocolFactory Factory { get { return (SessionSymmetricMessageSecurityProtocolFactory)base.MessageSecurityProtocolFactory; } } public SecurityToken GetOutgoingSessionToken() { lock (ThisLock) { return this.outgoingSessionToken; } } public void SetOutgoingSessionToken(SecurityToken token) { if (token == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token"); } lock (ThisLock) { this.outgoingSessionToken = token; if (this.requireDerivedKeys) { string derivationAlgorithm = SecurityUtils.GetKeyDerivationAlgorithm(this.sessionStandardsManager.MessageSecurityVersion.SecureConversationVersion); this.derivedSignatureToken = new DerivedKeySecurityToken(-1, 0, this.Factory.OutgoingAlgorithmSuite.GetSignatureKeyDerivationLength(token, this.sessionStandardsManager.MessageSecurityVersion.SecureConversationVersion), null, DerivedKeySecurityToken.DefaultNonceLength, token, this.Factory.SecurityTokenParameters.CreateKeyIdentifierClause(token, SecurityTokenReferenceStyle.External), derivationAlgorithm, SecurityUtils.GenerateId()); this.derivedEncryptionToken = new DerivedKeySecurityToken(-1, 0, this.Factory.OutgoingAlgorithmSuite.GetEncryptionKeyDerivationLength(token, this.sessionStandardsManager.MessageSecurityVersion.SecureConversationVersion), null, DerivedKeySecurityToken.DefaultNonceLength, token, this.Factory.SecurityTokenParameters.CreateKeyIdentifierClause(token, SecurityTokenReferenceStyle.External), derivationAlgorithm, SecurityUtils.GenerateId()); } } } public void SetSessionTokenAuthenticator(UniqueId sessionId, SecurityTokenAuthenticator sessionTokenAuthenticator, SecurityTokenResolver sessionTokenResolver) { this.CommunicationObject.ThrowIfDisposedOrImmutable(); lock (ThisLock) { this.sessionId = sessionId; this.sessionTokenAuthenticator = sessionTokenAuthenticator; this.sessionTokenResolver = sessionTokenResolver; List tmp = new List (1); tmp.Add(this.sessionTokenResolver); this.sessionResolverList = new ReadOnlyCollection (tmp); } } void GetTokensForOutgoingMessages(out SecurityToken signingToken, out SecurityToken encryptionToken, out SecurityTokenParameters tokenParameters) { lock (ThisLock) { if (requireDerivedKeys) { signingToken = this.derivedSignatureToken; encryptionToken = this.derivedEncryptionToken; } else { signingToken = encryptionToken = this.outgoingSessionToken; } } tokenParameters = this.Factory.GetTokenParameters(); } protected override IAsyncResult BeginSecureOutgoingMessageCore(Message message, TimeSpan timeout, SecurityProtocolCorrelationState correlationState, AsyncCallback callback, object state) { SecurityToken signingToken; SecurityToken encryptionToken; SecurityTokenParameters tokenParameters; this.GetTokensForOutgoingMessages(out signingToken, out encryptionToken, out tokenParameters); SetUpDelayedSecurityExecution(ref message, signingToken, encryptionToken, tokenParameters, correlationState); return new TypedCompletedAsyncResult (message, callback, state); } protected override SecurityProtocolCorrelationState SecureOutgoingMessageCore(ref Message message, TimeSpan timeout, SecurityProtocolCorrelationState correlationState) { SecurityToken signingToken; SecurityToken encryptionToken; SecurityTokenParameters tokenParameters; this.GetTokensForOutgoingMessages(out signingToken, out encryptionToken, out tokenParameters); SetUpDelayedSecurityExecution(ref message, signingToken, encryptionToken, tokenParameters, correlationState); return null; } protected override void EndSecureOutgoingMessageCore(IAsyncResult result, out Message message, out SecurityProtocolCorrelationState newCorrelationState) { message = TypedCompletedAsyncResult .End(result); newCorrelationState = null; } void SetUpDelayedSecurityExecution(ref Message message, SecurityToken signingToken, SecurityToken encryptionToken, SecurityTokenParameters tokenParameters, SecurityProtocolCorrelationState correlationState) { string actor = string.Empty; SendSecurityHeader securityHeader = ConfigureSendSecurityHeader(message, actor, null, correlationState); if (this.Factory.ApplyIntegrity) { securityHeader.SetSigningToken(signingToken, tokenParameters); } if (Factory.ApplyConfidentiality) { securityHeader.SetEncryptionToken(encryptionToken, tokenParameters); } message = securityHeader.SetupExecution(); } protected override SecurityProtocolCorrelationState VerifyIncomingMessageCore(ref Message message, string actor, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates) { SessionSymmetricMessageSecurityProtocolFactory factory = this.Factory; IList supportingAuthenticators; ReceiveSecurityHeader securityHeader = ConfigureReceiveSecurityHeader(message, string.Empty, correlationStates, (this.requireDerivedKeys) ? this.sessionStandardsManager : null, out supportingAuthenticators); securityHeader.ConfigureSymmetricBindingServerReceiveHeader(this.sessionTokenAuthenticator, this.Factory.SecurityTokenParameters, supportingAuthenticators); securityHeader.ConfigureOutOfBandTokenResolver(MergeOutOfBandResolvers(supportingAuthenticators, this.sessionResolverList)); // do not enforce key derivation requirement for Cancel messages due to WSE interop securityHeader.EnforceDerivedKeyRequirement = (message.Headers.Action != factory.StandardsManager.SecureConversationDriver.CloseAction.Value); ProcessSecurityHeader(securityHeader, ref message, null, timeout, correlationStates); SecurityToken signingToken = securityHeader.SignatureToken; SecurityContextSecurityToken signingSct = (signingToken as SecurityContextSecurityToken); if (signingSct == null || signingSct.ContextId != sessionId) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.NoSessionTokenPresentInMessage))); } AttachRecipientSecurityProperty(message, signingToken, false, securityHeader.BasicSupportingTokens, securityHeader.EndorsingSupportingTokens, securityHeader.SignedEndorsingSupportingTokens, securityHeader.SignedSupportingTokens, securityHeader.SecurityTokenAuthorizationPoliciesMapping); return GetCorrelationState(null, securityHeader); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- Win32Interop.cs
- Vector3D.cs
- VectorCollection.cs
- XpsDocumentEvent.cs
- CachedPathData.cs
- DetailsViewUpdatedEventArgs.cs
- DebugInfoGenerator.cs
- SoapAttributes.cs
- DataSourceControlBuilder.cs
- RunWorkerCompletedEventArgs.cs
- DiagnosticTraceSource.cs
- ParserStack.cs
- HtmlButton.cs
- AdornerHitTestResult.cs
- _OverlappedAsyncResult.cs
- CharacterBufferReference.cs
- StringUtil.cs
- BinaryFormatter.cs
- Trigger.cs
- DrawingAttributes.cs
- DataGrid.cs
- cryptoapiTransform.cs
- PasswordBox.cs
- ArrayConverter.cs
- DiagnosticsConfigurationHandler.cs
- IntSecurity.cs
- UnknownBitmapDecoder.cs
- KnownTypeAttribute.cs
- CodeLinePragma.cs
- TextTreeInsertElementUndoUnit.cs
- StringCollectionMarkupSerializer.cs
- WrappedReader.cs
- DictionarySectionHandler.cs
- EncoderReplacementFallback.cs
- XmlNotation.cs
- WindowsListView.cs
- SchemaTypeEmitter.cs
- webclient.cs
- CollectionViewGroup.cs
- ColorTransform.cs
- DoubleLinkList.cs
- ListViewSortEventArgs.cs
- ConfigurationLockCollection.cs
- MexNamedPipeBindingCollectionElement.cs
- SoapConverter.cs
- remotingproxy.cs
- RadioButtonPopupAdapter.cs
- GraphicsState.cs
- uribuilder.cs
- FreezableOperations.cs
- QilInvoke.cs
- DataBindingExpressionBuilder.cs
- UnmanagedMarshal.cs
- x509utils.cs
- DefaultMergeHelper.cs
- ExceptionHelpers.cs
- DataControlPagerLinkButton.cs
- DelegateInArgument.cs
- DrawingCollection.cs
- DesignerActionTextItem.cs
- ChannelCacheDefaults.cs
- EditingScopeUndoUnit.cs
- TreeNodeCollection.cs
- UInt64Storage.cs
- ColorAnimationUsingKeyFrames.cs
- FormsIdentity.cs
- RuleDefinitions.cs
- SoundPlayerAction.cs
- ImageInfo.cs
- PrefixQName.cs
- RequestTimeoutManager.cs
- WebException.cs
- ObjectSecurity.cs
- PagerSettings.cs
- HttpCacheVaryByContentEncodings.cs
- DataServiceQueryContinuation.cs
- XPathNavigatorReader.cs
- InputScopeConverter.cs
- ManagementEventWatcher.cs
- CommandBindingCollection.cs
- ZeroOpNode.cs
- SqlBuilder.cs
- CodeDirectoryCompiler.cs
- EventSetterHandlerConverter.cs
- Version.cs
- ObjectDataSourceView.cs
- GridItemProviderWrapper.cs
- SR.cs
- Stylesheet.cs
- RuleSettings.cs
- CompressedStack.cs
- PropertyNames.cs
- BinaryReader.cs
- PerformanceCounterLib.cs
- HttpProfileBase.cs
- ServicePointManager.cs
- StylusCaptureWithinProperty.cs
- CaseInsensitiveHashCodeProvider.cs
- RuntimeHelpers.cs
- DbParameterCollection.cs