c
/
mono
mirror da https://github.com/mono/mono.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352
							//------------------------------------------------------------
// Copyright (c) Microsoft Corporation.  All rights reserved.
//------------------------------------------------------------

using System.Collections.Generic;
using System.IdentityModel;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.ServiceModel.Security.Tokens;
using System.Xml;

namespace System.ServiceModel.Security
{

    class WSKeyInfoSerializer : KeyInfoSerializer
    {
        static Func<KeyInfoSerializer, IEnumerable<SecurityTokenSerializer.SerializerEntries>> CreateAdditionalEntries(SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
        {
            return (KeyInfoSerializer keyInfoSerializer) =>
                {
                    List<SecurityTokenSerializer.SerializerEntries> serializerEntries = new List<SecurityTokenSerializer.SerializerEntries>();

                    if (securityVersion == SecurityVersion.WSSecurity10)
                    {
                        serializerEntries.Add(new System.IdentityModel.Tokens.WSSecurityJan2004(keyInfoSerializer));
                    }
                    else if (securityVersion == SecurityVersion.WSSecurity11)
                    {
                        serializerEntries.Add(new System.IdentityModel.Tokens.WSSecurityXXX2005(keyInfoSerializer));
                    }
                    else
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityVersion", SR.GetString(SR.MessageSecurityVersionOutOfRange)));
                    }

                    if (secureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
                    {
                        serializerEntries.Add(new WSSecureConversationFeb2005(keyInfoSerializer));
                    }
                    else if (secureConversationVersion == SecureConversationVersion.WSSecureConversation13)
                    {
                        serializerEntries.Add(new WSSecureConversationDec2005(keyInfoSerializer));
                    }
                    else
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
                    }

                    return serializerEntries;
                };
        }

        public WSKeyInfoSerializer(bool emitBspRequiredAttributes, DictionaryManager dictionaryManager, System.IdentityModel.TrustDictionary trustDictionary, SecurityTokenSerializer innerSecurityTokenSerializer, SecurityVersion securityVersion, SecureConversationVersion secureConversationVersion)
            : base(emitBspRequiredAttributes, dictionaryManager, trustDictionary, innerSecurityTokenSerializer, CreateAdditionalEntries(securityVersion, secureConversationVersion))
        {
        }

        #region WSSecureConversation classes

        abstract class WSSecureConversation : SecurityTokenSerializer.SerializerEntries
        {
            KeyInfoSerializer securityTokenSerializer;

            protected WSSecureConversation( KeyInfoSerializer securityTokenSerializer )
            {
                this.securityTokenSerializer = securityTokenSerializer;
            }

            public KeyInfoSerializer SecurityTokenSerializer
            {
                get { return this.securityTokenSerializer; }
            }

            public abstract System.IdentityModel.SecureConversationDictionary SerializerDictionary
            {
                get;
            }

            public virtual string DerivationAlgorithm
            {
                get { return SecurityAlgorithms.Psha1KeyDerivation; }
            }

            public override void PopulateTokenEntries( IList<TokenEntry> tokenEntryList )
            {
                if ( tokenEntryList == null )
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "tokenEntryList" );
                }
                tokenEntryList.Add( new DerivedKeyTokenEntry( this ) );
                tokenEntryList.Add( new SecurityContextTokenEntry( this ) );
            }

            protected abstract class SctStrEntry : StrEntry
            {
                WSSecureConversation parent;

                public SctStrEntry( WSSecureConversation parent )
                {
                    this.parent = parent;
                }

                protected WSSecureConversation Parent
                {
                    get { return this.parent; }
                }

                public override Type GetTokenType( SecurityKeyIdentifierClause clause )
                {
                    return null;
                }

                public override string GetTokenTypeUri()
                {
                    return null;
                }

                public override bool CanReadClause( XmlDictionaryReader reader, string tokenType )
                {
                    if ( tokenType != null && tokenType != parent.SerializerDictionary.SecurityContextTokenType.Value )
                    {
                        return false;
                    }
                    if ( reader.IsStartElement(
                        parent.SecurityTokenSerializer.DictionaryManager.SecurityJan2004Dictionary.Reference,
                        parent.SecurityTokenSerializer.DictionaryManager.SecurityJan2004Dictionary.Namespace ) )
                    {
                        string valueType = reader.GetAttribute( parent.SecurityTokenSerializer.DictionaryManager.SecurityJan2004Dictionary.ValueType, null );
                        if ( valueType != null && valueType != parent.SerializerDictionary.SecurityContextTokenReferenceValueType.Value )
                        {
                            return false;
                        }
                        string uri = reader.GetAttribute( parent.SecurityTokenSerializer.DictionaryManager.SecurityJan2004Dictionary.URI, null );
                        if ( uri != null )
                        {
                            if ( uri.Length > 0 && uri[0] != '#' )
                            {
                                return true;
                            }
                        }
                    }
                    return false;
                }

                public override SecurityKeyIdentifierClause ReadClause( XmlDictionaryReader reader, byte[] derivationNonce, int derivationLength, string tokenType )
                {
                    System.Xml.UniqueId uri = XmlHelper.GetAttributeAsUniqueId( reader, XD.SecurityJan2004Dictionary.URI, null );
                    System.Xml.UniqueId generation = ReadGeneration( reader );

                    if ( reader.IsEmptyElement )
                    {
                        reader.Read();
                    }
                    else
                    {
                        reader.ReadStartElement();
                        while ( reader.IsStartElement() )
                        {
                            reader.Skip();
                        }
                        reader.ReadEndElement();
                    }

                    return new SecurityContextKeyIdentifierClause( uri, generation, derivationNonce, derivationLength );
                }

                protected abstract System.Xml.UniqueId ReadGeneration( XmlDictionaryReader reader );

                public override bool SupportsCore( SecurityKeyIdentifierClause clause )
                {
                    return clause is SecurityContextKeyIdentifierClause;
                }

                public override void WriteContent( XmlDictionaryWriter writer, SecurityKeyIdentifierClause clause )
                {
                    SecurityContextKeyIdentifierClause sctClause = clause as SecurityContextKeyIdentifierClause;
                    writer.WriteStartElement( XD.SecurityJan2004Dictionary.Prefix.Value, XD.SecurityJan2004Dictionary.Reference, XD.SecurityJan2004Dictionary.Namespace );
                    XmlHelper.WriteAttributeStringAsUniqueId( writer, null, XD.SecurityJan2004Dictionary.URI, null, sctClause.ContextId );
                    WriteGeneration( writer, sctClause );
                    writer.WriteAttributeString( XD.SecurityJan2004Dictionary.ValueType, null, parent.SerializerDictionary.SecurityContextTokenReferenceValueType.Value );
                    writer.WriteEndElement();
                }

                protected abstract void WriteGeneration( XmlDictionaryWriter writer, SecurityContextKeyIdentifierClause clause );
            }

            protected class SecurityContextTokenEntry : SecurityTokenSerializer.TokenEntry
            {
                WSSecureConversation parent;
                Type[] tokenTypes;

                public SecurityContextTokenEntry( WSSecureConversation parent )
                {
                    this.parent = parent;
                }

                protected WSSecureConversation Parent
                {
                    get { return this.parent; }
                }

                protected override XmlDictionaryString LocalName { get { return parent.SerializerDictionary.SecurityContextToken; } }
                protected override XmlDictionaryString NamespaceUri { get { return parent.SerializerDictionary.Namespace; } }
                protected override Type[] GetTokenTypesCore()
                {
                    if ( tokenTypes == null )
                        this.tokenTypes = new Type[] { typeof( SecurityContextSecurityToken ) };

                    return this.tokenTypes;
                }
                public override string TokenTypeUri { get { return parent.SerializerDictionary.SecurityContextTokenType.Value; } }
                protected override string ValueTypeUri { get { return null; } }

            }

            protected class DerivedKeyTokenEntry : SecurityTokenSerializer.TokenEntry
            {
                public const string DefaultLabel = "WS-SecureConversation";

                WSSecureConversation parent;
                Type[] tokenTypes;

                public DerivedKeyTokenEntry( WSSecureConversation parent )
                {
                    if ( parent == null )
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "parent" );
                    }
                    this.parent = parent;
                }

                protected override XmlDictionaryString LocalName { get { return parent.SerializerDictionary.DerivedKeyToken; } }
                protected override XmlDictionaryString NamespaceUri { get { return parent.SerializerDictionary.Namespace; } }
                protected override Type[] GetTokenTypesCore()
                {
                    if ( tokenTypes == null )
                        this.tokenTypes = new Type[] { typeof( DerivedKeySecurityToken ) };

                    return this.tokenTypes;
                }

                public override string TokenTypeUri { get { return parent.SerializerDictionary.DerivedKeyTokenType.Value; } }
                protected override string ValueTypeUri { get { return null; } }
            }
        }

        class WSSecureConversationFeb2005 : WSSecureConversation
        {
            public WSSecureConversationFeb2005( KeyInfoSerializer securityTokenSerializer )
                : base( securityTokenSerializer )
            {
            }

            public override System.IdentityModel.SecureConversationDictionary SerializerDictionary
            {
                get { return this.SecurityTokenSerializer.DictionaryManager.SecureConversationFeb2005Dictionary; }
            }

            public override void PopulateStrEntries( IList<StrEntry> strEntries )
            {
                strEntries.Add( new SctStrEntryFeb2005( this ) );
            }

            class SctStrEntryFeb2005 : SctStrEntry
            {
                public SctStrEntryFeb2005( WSSecureConversationFeb2005 parent )
                    : base( parent )
                {
                }

                protected override System.Xml.UniqueId ReadGeneration( XmlDictionaryReader reader )
                {
                    return XmlHelper.GetAttributeAsUniqueId(
                        reader,
                        this.Parent.SecurityTokenSerializer.DictionaryManager.SecureConversationDec2005Dictionary.Instance,
                        this.Parent.SecurityTokenSerializer.DictionaryManager.SecureConversationFeb2005Dictionary.Namespace );
                }

                protected override void WriteGeneration( XmlDictionaryWriter writer, SecurityContextKeyIdentifierClause clause )
                {
                    // serialize the generation
                    if ( clause.Generation != null )
                    {
                        XmlHelper.WriteAttributeStringAsUniqueId(
                            writer,
                            this.Parent.SecurityTokenSerializer.DictionaryManager.SecureConversationFeb2005Dictionary.Prefix.Value,
                            this.Parent.SecurityTokenSerializer.DictionaryManager.SecureConversationDec2005Dictionary.Instance,
                            this.Parent.SecurityTokenSerializer.DictionaryManager.SecureConversationFeb2005Dictionary.Namespace,
                            clause.Generation );
                    }
                }
            }
        }

        class WSSecureConversationDec2005 : WSSecureConversation
        {
            public WSSecureConversationDec2005( KeyInfoSerializer securityTokenSerializer )
                : base( securityTokenSerializer )
            {
            }

            public override System.IdentityModel.SecureConversationDictionary SerializerDictionary
            {
                get { return this.SecurityTokenSerializer.DictionaryManager.SecureConversationDec2005Dictionary; }
            }

            public override void PopulateStrEntries( IList<StrEntry> strEntries )
            {
                strEntries.Add( new SctStrEntryDec2005( this ) );
            }

            public override string DerivationAlgorithm
            {
                get
                {
                    return SecurityAlgorithms.Psha1KeyDerivationDec2005;
                }
            }

            class SctStrEntryDec2005 : SctStrEntry
            {
                public SctStrEntryDec2005( WSSecureConversationDec2005 parent )
                    : base( parent )
                {
                }

                protected override System.Xml.UniqueId ReadGeneration( XmlDictionaryReader reader )
                {
                    return XmlHelper.GetAttributeAsUniqueId( reader, this.Parent.SecurityTokenSerializer.DictionaryManager.SecureConversationDec2005Dictionary.Instance,
                        this.Parent.SecurityTokenSerializer.DictionaryManager.SecureConversationDec2005Dictionary.Namespace );
                }

                protected override void WriteGeneration( XmlDictionaryWriter writer, SecurityContextKeyIdentifierClause clause )
                {
                    // serialize the generation
                    if ( clause.Generation != null )
                    {
                        XmlHelper.WriteAttributeStringAsUniqueId(
                            writer,
                            this.Parent.SecurityTokenSerializer.DictionaryManager.SecureConversationDec2005Dictionary.Prefix.Value,
                            this.Parent.SecurityTokenSerializer.DictionaryManager.SecureConversationDec2005Dictionary.Instance,
                            this.Parent.SecurityTokenSerializer.DictionaryManager.SecureConversationDec2005Dictionary.Namespace,
                            clause.Generation );
                    }
                }
            }

        }

        #endregion
    }
}