File: FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\SecurityBindingElementImporter.cs
Web Access
Project: src\src\dotnet-svcutil\lib\src\dotnet-svcutil-lib.csproj (dotnet-svcutil-lib)
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.
 
namespace System.ServiceModel.Channels
{
    using System;
    using System.ServiceModel.Description;
    using Microsoft.Xml;
    using System.Collections.Generic;
    using System.Globalization;
    using System.Runtime.Serialization;
    using System.ServiceModel;
    using System.ServiceModel.Security;
    using System.ServiceModel.Security.Tokens;
 
    using System.Net.Security;
    using System.Text;
 
    public sealed class AsymmetricSecurityBindingElement : SecurityBindingElement, IPolicyExportExtension
    {
        internal const bool defaultAllowSerializedSigningTokenOnReply = false;
 
        private bool _allowSerializedSigningTokenOnReply;
        private SecurityTokenParameters _initiatorTokenParameters;
        private MessageProtectionOrder _messageProtectionOrder;
        private SecurityTokenParameters _recipientTokenParameters;
        private bool _requireSignatureConfirmation;
        private bool _isCertificateSignatureBinding;
 
        private AsymmetricSecurityBindingElement(AsymmetricSecurityBindingElement elementToBeCloned)
            : base(elementToBeCloned)
        {
            if (elementToBeCloned._initiatorTokenParameters != null)
                _initiatorTokenParameters = (SecurityTokenParameters)elementToBeCloned._initiatorTokenParameters.Clone();
            _messageProtectionOrder = elementToBeCloned._messageProtectionOrder;
            if (elementToBeCloned._recipientTokenParameters != null)
                _recipientTokenParameters = (SecurityTokenParameters)elementToBeCloned._recipientTokenParameters.Clone();
            _requireSignatureConfirmation = elementToBeCloned._requireSignatureConfirmation;
            _allowSerializedSigningTokenOnReply = elementToBeCloned._allowSerializedSigningTokenOnReply;
            _isCertificateSignatureBinding = elementToBeCloned._isCertificateSignatureBinding;
        }
 
        public AsymmetricSecurityBindingElement()
            : this(null, null)
        {
            // empty
        }
 
        public AsymmetricSecurityBindingElement(SecurityTokenParameters recipientTokenParameters)
            : this(recipientTokenParameters, null)
        {
            // empty
        }
 
        public AsymmetricSecurityBindingElement(SecurityTokenParameters recipientTokenParameters, SecurityTokenParameters initiatorTokenParameters)
            : this(recipientTokenParameters, initiatorTokenParameters, AsymmetricSecurityBindingElement.defaultAllowSerializedSigningTokenOnReply)
        {
            // empty
        }
 
        internal AsymmetricSecurityBindingElement(
            SecurityTokenParameters recipientTokenParameters,
            SecurityTokenParameters initiatorTokenParameters,
            bool allowSerializedSigningTokenOnReply)
            : base()
        {
            _messageProtectionOrder = SecurityBindingElement.defaultMessageProtectionOrder;
            _requireSignatureConfirmation = SecurityBindingElement.defaultRequireSignatureConfirmation;
            _initiatorTokenParameters = initiatorTokenParameters;
            _recipientTokenParameters = recipientTokenParameters;
            _allowSerializedSigningTokenOnReply = allowSerializedSigningTokenOnReply;
            _isCertificateSignatureBinding = false;
        }
 
        public bool AllowSerializedSigningTokenOnReply
        {
            get
            {
                return _allowSerializedSigningTokenOnReply;
            }
            set
            {
                _allowSerializedSigningTokenOnReply = value;
            }
        }
 
        public SecurityTokenParameters InitiatorTokenParameters
        {
            get
            {
                return _initiatorTokenParameters;
            }
            set
            {
                _initiatorTokenParameters = value;
            }
        }
 
        public MessageProtectionOrder MessageProtectionOrder
        {
            get
            {
                return _messageProtectionOrder;
            }
            set
            {
                if (!MessageProtectionOrderHelper.IsDefined(value))
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("value"));
                _messageProtectionOrder = value;
            }
        }
 
        public SecurityTokenParameters RecipientTokenParameters
        {
            get
            {
                return _recipientTokenParameters;
            }
            set
            {
                _recipientTokenParameters = value;
            }
        }
 
        public bool RequireSignatureConfirmation
        {
            get
            {
                return _requireSignatureConfirmation;
            }
            set
            {
                _requireSignatureConfirmation = value;
            }
        }
 
        internal override ISecurityCapabilities GetIndividualISecurityCapabilities()
        {
            ProtectionLevel requestProtectionLevel = ProtectionLevel.EncryptAndSign;
            ProtectionLevel responseProtectionLevel = ProtectionLevel.EncryptAndSign;
            bool supportsServerAuthentication = false;
 
            if (IsCertificateSignatureBinding)
            {
                requestProtectionLevel = ProtectionLevel.Sign;
                responseProtectionLevel = ProtectionLevel.None;
            }
            else if (RecipientTokenParameters != null)
            {
                supportsServerAuthentication = RecipientTokenParameters.SupportsServerAuthentication;
            }
 
            bool supportsClientAuthentication;
            bool supportsClientWindowsIdentity;
            GetSupportingTokensCapabilities(out supportsClientAuthentication, out supportsClientWindowsIdentity);
            if (InitiatorTokenParameters != null)
            {
                supportsClientAuthentication = supportsClientAuthentication || InitiatorTokenParameters.SupportsClientAuthentication;
                supportsClientWindowsIdentity = supportsClientWindowsIdentity || InitiatorTokenParameters.SupportsClientWindowsIdentity;
            }
 
            return new SecurityCapabilities(supportsClientAuthentication, supportsServerAuthentication, supportsClientWindowsIdentity,
                requestProtectionLevel, responseProtectionLevel);
        }
 
        internal override bool SupportsDuplex
        {
            get { return !_isCertificateSignatureBinding; }
        }
 
        internal override bool SupportsRequestReply
        {
            get
            {
                return !_isCertificateSignatureBinding;
            }
        }
 
        internal bool IsCertificateSignatureBinding
        {
            get { return _isCertificateSignatureBinding; }
            set { _isCertificateSignatureBinding = value; }
        }
 
        public override void SetKeyDerivation(bool requireDerivedKeys)
        {
            base.SetKeyDerivation(requireDerivedKeys);
            if (_initiatorTokenParameters != null)
                _initiatorTokenParameters.RequireDerivedKeys = requireDerivedKeys;
            if (_recipientTokenParameters != null)
                _recipientTokenParameters.RequireDerivedKeys = requireDerivedKeys;
        }
 
        internal override bool IsSetKeyDerivation(bool requireDerivedKeys)
        {
            if (!base.IsSetKeyDerivation(requireDerivedKeys))
                return false;
            if (_initiatorTokenParameters != null && _initiatorTokenParameters.RequireDerivedKeys != requireDerivedKeys)
                return false;
            if (_recipientTokenParameters != null && _recipientTokenParameters.RequireDerivedKeys != requireDerivedKeys)
                return false;
            return true;
        }
 
        private bool HasProtectionRequirements(ScopedMessagePartSpecification scopedParts)
        {
            foreach (string action in scopedParts.Actions)
            {
                MessagePartSpecification parts;
                if (scopedParts.TryGetParts(action, out parts))
                {
                    if (!parts.IsEmpty())
                    {
                        return true;
                    }
                }
            }
            return false;
        }
 
        protected override IChannelFactory<TChannel> BuildChannelFactoryCore<TChannel>(BindingContext context)
        {
            throw new NotImplementedException();
        }
 
        public override T GetProperty<T>(BindingContext context)
        {
            throw new NotImplementedException();
        }
 
        public override string ToString()
        {
            StringBuilder sb = new StringBuilder();
            sb.AppendLine(base.ToString());
 
            sb.AppendLine(String.Format(CultureInfo.InvariantCulture, "MessageProtectionOrder: {0}", _messageProtectionOrder.ToString()));
            sb.AppendLine(String.Format(CultureInfo.InvariantCulture, "RequireSignatureConfirmation: {0}", _requireSignatureConfirmation.ToString()));
            sb.Append("InitiatorTokenParameters: ");
            if (_initiatorTokenParameters != null)
                sb.AppendLine(_initiatorTokenParameters.ToString().Trim().Replace("\n", "\n  "));
            else
                sb.AppendLine("null");
            sb.Append("RecipientTokenParameters: ");
            if (_recipientTokenParameters != null)
                sb.AppendLine(_recipientTokenParameters.ToString().Trim().Replace("\n", "\n  "));
            else
                sb.AppendLine("null");
 
            return sb.ToString().Trim();
        }
 
        public override BindingElement Clone()
        {
            return new AsymmetricSecurityBindingElement(this);
        }
 
        void IPolicyExportExtension.ExportPolicy(MetadataExporter exporter, PolicyConversionContext context)
        {
            throw new NotImplementedException();
        }
    }
}