2 // SslSecurityTokenAuthenticator.cs
5 // Atsushi Enomoto <atsushi@ximian.com>
7 // Copyright (C) 2007 Novell, Inc. http://www.novell.com
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using System.Collections.Generic;
30 using System.Collections.ObjectModel;
32 using System.Net.Security;
33 using System.IdentityModel.Policy;
34 using System.IdentityModel.Selectors;
35 using System.IdentityModel.Tokens;
36 using System.Security.Cryptography;
37 using System.Security.Cryptography.X509Certificates;
38 using System.Security.Cryptography.Xml;
39 using System.ServiceModel.Channels;
40 using System.ServiceModel.Description;
41 using System.ServiceModel.Security;
42 using System.ServiceModel.Security.Tokens;
45 using ReqType = System.ServiceModel.Security.Tokens.ServiceModelSecurityTokenRequirement;
47 namespace System.ServiceModel.Security.Tokens
49 // FIXME: implement all
50 class SslSecurityTokenAuthenticator : CommunicationSecurityTokenAuthenticator
52 ServiceCredentialsSecurityTokenManager manager;
53 SslAuthenticatorCommunicationObject comm;
56 public SslSecurityTokenAuthenticator (
57 ServiceCredentialsSecurityTokenManager manager,
58 SecurityTokenRequirement r)
60 this.manager = manager;
61 mutual = (r.TokenType == ServiceModelSecurityTokenTypes.MutualSslnego);
62 comm = new SslAuthenticatorCommunicationObject (this);
65 public bool IsMutual {
66 get { return mutual; }
69 public ServiceCredentialsSecurityTokenManager Manager {
70 get { return manager; }
73 public override AuthenticatorCommunicationObject Communication {
77 protected override bool CanValidateTokenCore (SecurityToken token)
79 throw new NotImplementedException ();
82 protected override ReadOnlyCollection<IAuthorizationPolicy>
83 ValidateTokenCore (SecurityToken token)
85 throw new NotImplementedException ();
89 class SslAuthenticatorCommunicationObject : AuthenticatorCommunicationObject
91 SslSecurityTokenAuthenticator owner;
93 public SslAuthenticatorCommunicationObject (SslSecurityTokenAuthenticator owner)
98 WSTrustSecurityTokenServiceProxy proxy;
100 protected internal override TimeSpan DefaultCloseTimeout {
101 get { throw new NotImplementedException (); }
104 protected internal override TimeSpan DefaultOpenTimeout {
105 get { throw new NotImplementedException (); }
108 public override Message ProcessNegotiation (Message request, TimeSpan timeout)
110 if (request.Headers.Action == Constants.WstIssueAction)
111 return ProcessClientHello (request, timeout);
113 return ProcessClientKeyExchange (request, timeout);
116 class TlsServerSessionInfo
118 public TlsServerSessionInfo (string context, TlsServerSession tls)
124 public string ContextId;
125 public TlsServerSession Tls;
126 public MemoryStream Messages = new MemoryStream ();
129 Dictionary<string,TlsServerSessionInfo> sessions =
130 new Dictionary<string,TlsServerSessionInfo> ();
132 void AppendNegotiationMessageXml (XmlReader reader, TlsServerSessionInfo tlsInfo)
134 XmlDsigExcC14NTransform t = new XmlDsigExcC14NTransform ();
135 XmlDocument doc = new XmlDocument ();
136 doc.PreserveWhitespace = true;
137 reader.MoveToContent ();
138 doc.AppendChild (doc.ReadNode (reader));
140 MemoryStream stream = (MemoryStream) t.GetOutput ();
141 byte [] bytes = stream.ToArray ();
142 tlsInfo.Messages.Write (bytes, 0, bytes.Length);
145 // FIXME: use timeout
146 Message ProcessClientHello (Message request, TimeSpan timeout)
148 // FIXME: use correct buffer size
149 MessageBuffer buffer = request.CreateBufferedCopy (0x10000);
150 WSTrustRequestSecurityTokenReader reader =
151 new WSTrustRequestSecurityTokenReader (buffer.CreateMessage ().GetReaderAtBodyContents (), SecurityTokenSerializer);
154 if (sessions.ContainsKey (reader.Value.Context))
155 throw new SecurityNegotiationException (String.Format ("The context '{0}' already exists in this SSL negotiation manager", reader.Value.Context));
157 // FIXME: it seems .NET retrieves X509 Certificate through CreateSecurityTokenProvider(somex509requirement).GetToken().SecurityKeys[0]
158 // (should result in X509AsymmetricSecurityKey) and continues tlsstart.
159 // That's not very required feature so I ignore it.
160 TlsServerSession tls = new TlsServerSession (owner.Manager.ServiceCredentials.ServiceCertificate.Certificate, owner.IsMutual);
161 TlsServerSessionInfo tlsInfo = new TlsServerSessionInfo (
162 reader.Value.Context, tls);
164 AppendNegotiationMessageXml (buffer.CreateMessage ().GetReaderAtBodyContents (), tlsInfo);
166 tls.ProcessClientHello (reader.Value.BinaryExchange.Value);
167 WstRequestSecurityTokenResponse rstr =
168 new WstRequestSecurityTokenResponse (SecurityTokenSerializer);
169 rstr.Context = reader.Value.Context;
170 rstr.BinaryExchange = new WstBinaryExchange (Constants.WstBinaryExchangeValueTls);
171 rstr.BinaryExchange.Value = tls.ProcessServerHello ();
173 Message reply = Message.CreateMessage (request.Version, Constants.WstIssueReplyAction, rstr);
174 reply.Headers.RelatesTo = request.Headers.MessageId;
176 // FIXME: use correct buffer size
177 buffer = reply.CreateBufferedCopy (0x10000);
178 AppendNegotiationMessageXml (buffer.CreateMessage ().GetReaderAtBodyContents (), tlsInfo);
180 sessions [reader.Value.Context] = tlsInfo;
182 return buffer.CreateMessage ();
185 // FIXME: use timeout
186 Message ProcessClientKeyExchange (Message request, TimeSpan timeout)
188 // FIXME: use correct buffer size
189 MessageBuffer buffer = request.CreateBufferedCopy (0x10000);
191 WSTrustRequestSecurityTokenResponseReader reader =
192 new WSTrustRequestSecurityTokenResponseReader (Constants.WstTlsnegoProofTokenType, buffer.CreateMessage ().GetReaderAtBodyContents (), SecurityTokenSerializer, null);
195 TlsServerSessionInfo tlsInfo;
196 if (!sessions.TryGetValue (reader.Value.Context, out tlsInfo))
197 throw new SecurityNegotiationException (String.Format ("The context '{0}' does not exist in this SSL negotiation manager", reader.Value.Context));
198 TlsServerSession tls = tlsInfo.Tls;
200 AppendNegotiationMessageXml (buffer.CreateMessage ().GetReaderAtBodyContents (), tlsInfo);
201 //Console.WriteLine (System.Text.Encoding.UTF8.GetString (tlsInfo.Messages.ToArray ()));
203 tls.ProcessClientKeyExchange (reader.Value.BinaryExchange.Value);
205 byte [] serverFinished = tls.ProcessServerFinished ();
207 // The shared key is computed as recommended in WS-Trust:
208 // P_SHA1(encrypted_key,SHA1(exc14n(RST..RSTRs))+"CK-HASH")
209 byte [] hash = SHA1.Create ().ComputeHash (tlsInfo.Messages.ToArray ());
210 byte [] key = tls.CreateHash (tls.MasterSecret, hash, "CK-HASH");
211 byte [] keyTlsApplied = tls.ProcessApplicationData (key);
212 foreach (byte b in hash) Console.Write ("{0:X02} ", b); Console.WriteLine ();
213 foreach (byte b in key) Console.Write ("{0:X02} ", b); Console.WriteLine ();
215 WstRequestSecurityTokenResponseCollection col =
216 new WstRequestSecurityTokenResponseCollection ();
217 WstRequestSecurityTokenResponse rstr =
218 new WstRequestSecurityTokenResponse (SecurityTokenSerializer);
219 rstr.Context = reader.Value.Context;
220 rstr.TokenType = Constants.WsscContextToken;
221 DateTime from = DateTime.Now;
222 // FIXME: not sure if arbitrary key is used here.
223 SecurityContextSecurityToken sct = SecurityContextSecurityToken.CreateCookieSecurityContextToken (
224 // Create a new context.
225 // (do not use sslnego context here.)
227 "uuid-" + Guid.NewGuid (),
230 // FIXME: use LocalServiceSecuritySettings.NegotiationTimeout
233 owner.Manager.ServiceCredentials.SecureConversationAuthentication.SecurityStateEncoder);
234 rstr.RequestedSecurityToken = sct;
235 // without this ProcessApplicationData(), .NET seems
236 // to fail recovering the key.
237 rstr.RequestedProofToken = keyTlsApplied;
238 rstr.RequestedAttachedReference = new LocalIdKeyIdentifierClause (sct.Id);
239 rstr.RequestedUnattachedReference = new SecurityContextKeyIdentifierClause (sct.ContextId, null);
240 WstLifetime lt = new WstLifetime ();
242 lt.Expires = from.Add (SecurityBindingElement.LocalServiceSettings.IssuedCookieLifetime);
244 rstr.BinaryExchange = new WstBinaryExchange (Constants.WstBinaryExchangeValueTls);
245 rstr.BinaryExchange.Value = serverFinished;
247 col.Responses.Add (rstr);
249 // Authenticator is mandatory for MS sslnego.
250 rstr = new WstRequestSecurityTokenResponse (SecurityTokenSerializer);
251 rstr.Context = reader.Value.Context;
252 rstr.Authenticator = tls.CreateHash (key, hash, "AUTH-HASH");
253 col.Responses.Add (rstr);
255 sessions.Remove (reader.Value.Context);
257 // FIXME: get correct tokenRequestor address (probably identity authorized?)
258 if (owner.IssuedSecurityTokenHandler != null)
259 owner.IssuedSecurityTokenHandler (sct, request.Headers.ReplyTo);
261 return Message.CreateMessage (request.Version, Constants.WstIssueReplyAction, col);
264 protected override void OnAbort ()
266 throw new NotImplementedException ();
269 protected override void OnOpen (TimeSpan timeout)
271 if (State == CommunicationState.Opened)
272 throw new InvalidOperationException ("Already opened.");
276 proxy = new WSTrustSecurityTokenServiceProxy (
277 IssuerBinding, IssuerAddress);
280 protected override IAsyncResult OnBeginOpen (TimeSpan timeout, AsyncCallback callback, object state)
282 throw new NotImplementedException ();
285 protected override void OnEndOpen (IAsyncResult result)
287 throw new NotImplementedException ();
290 protected override void OnClose (TimeSpan timeout)
296 protected override IAsyncResult OnBeginClose (TimeSpan timeout, AsyncCallback callback, object state)
298 throw new NotImplementedException ();
301 protected override void OnEndClose (IAsyncResult result)
303 throw new NotImplementedException ();