# System.ServiceModel.Security ``` diff +namespace System.ServiceModel.Security { + public class Basic128SecurityAlgorithmSuite : SecurityAlgorithmSuite { + public Basic128SecurityAlgorithmSuite(); + public override string DefaultAsymmetricKeyWrapAlgorithm { get; } + public override string DefaultAsymmetricSignatureAlgorithm { get; } + public override string DefaultCanonicalizationAlgorithm { get; } + public override string DefaultDigestAlgorithm { get; } + public override string DefaultEncryptionAlgorithm { get; } + public override int DefaultEncryptionKeyDerivationLength { get; } + public override int DefaultSignatureKeyDerivationLength { get; } + public override int DefaultSymmetricKeyLength { get; } + public override string DefaultSymmetricKeyWrapAlgorithm { get; } + public override string DefaultSymmetricSignatureAlgorithm { get; } + public override bool IsAsymmetricKeyLengthSupported(int length); + public override bool IsSymmetricKeyLengthSupported(int length); + public override string ToString(); + } + public class Basic192SecurityAlgorithmSuite : SecurityAlgorithmSuite { + public Basic192SecurityAlgorithmSuite(); + public override string DefaultAsymmetricKeyWrapAlgorithm { get; } + public override string DefaultAsymmetricSignatureAlgorithm { get; } + public override string DefaultCanonicalizationAlgorithm { get; } + public override string DefaultDigestAlgorithm { get; } + public override string DefaultEncryptionAlgorithm { get; } + public override int DefaultEncryptionKeyDerivationLength { get; } + public override int DefaultSignatureKeyDerivationLength { get; } + public override int DefaultSymmetricKeyLength { get; } + public override string DefaultSymmetricKeyWrapAlgorithm { get; } + public override string DefaultSymmetricSignatureAlgorithm { get; } + public override bool IsAsymmetricKeyLengthSupported(int length); + public override bool IsSymmetricKeyLengthSupported(int length); + public override string ToString(); + } + public class Basic256SecurityAlgorithmSuite : SecurityAlgorithmSuite { + public Basic256SecurityAlgorithmSuite(); + public override string DefaultAsymmetricKeyWrapAlgorithm { get; } + public override string DefaultAsymmetricSignatureAlgorithm { get; } + public override string DefaultCanonicalizationAlgorithm { get; } + public override string DefaultDigestAlgorithm { get; } + public override string DefaultEncryptionAlgorithm { get; } + public override int DefaultEncryptionKeyDerivationLength { get; } + public override int DefaultSignatureKeyDerivationLength { get; } + public override int DefaultSymmetricKeyLength { get; } + public override string DefaultSymmetricKeyWrapAlgorithm { get; } + public override string DefaultSymmetricSignatureAlgorithm { get; } + public override bool IsAsymmetricKeyLengthSupported(int length); + public override bool IsSymmetricKeyLengthSupported(int length); + public override string ToString(); + } + public abstract class BasicSecurityProfileVersion { + public static BasicSecurityProfileVersion BasicSecurityProfile10 { get; } + } + public class ChannelProtectionRequirements { + public ChannelProtectionRequirements(); + public ChannelProtectionRequirements(ChannelProtectionRequirements other); + public ScopedMessagePartSpecification IncomingEncryptionParts { get; } + public ScopedMessagePartSpecification IncomingSignatureParts { get; } + public bool IsReadOnly { get; } + public ScopedMessagePartSpecification OutgoingEncryptionParts { get; } + public ScopedMessagePartSpecification OutgoingSignatureParts { get; } + public void Add(ChannelProtectionRequirements protectionRequirements); + public void Add(ChannelProtectionRequirements protectionRequirements, bool channelScopeOnly); + public ChannelProtectionRequirements CreateInverse(); + public void MakeReadOnly(); + } + public sealed class HttpDigestClientCredential { + public NetworkCredential ClientCredential { get; set; } + } + public abstract class IdentityVerifier { + protected IdentityVerifier(); + public abstract bool CheckAccess(EndpointIdentity identity, AuthorizationContext authContext); + public static IdentityVerifier CreateDefault(); + public abstract bool TryGetIdentity(EndpointAddress reference, out EndpointIdentity identity); + } + public interface ISecuritySession : ISession { + EndpointIdentity RemoteIdentity { get; } + } + public class MessagePartSpecification { + public MessagePartSpecification(); + public MessagePartSpecification(bool isBodyIncluded); + public MessagePartSpecification(bool isBodyIncluded, params XmlQualifiedName[] headerTypes); + public MessagePartSpecification(params XmlQualifiedName[] headerTypes); + public ICollection HeaderTypes { get; } + public bool IsBodyIncluded { get; set; } + public bool IsReadOnly { get; } + public static MessagePartSpecification NoParts { get; } + public void Clear(); + public void MakeReadOnly(); + public void Union(MessagePartSpecification specification); + } + public enum MessageProtectionOrder { + EncryptBeforeSign = 2, + SignBeforeEncrypt = 0, + SignBeforeEncryptAndEncryptSignature = 1, + } + public class MessageSecurityException : CommunicationException { + public MessageSecurityException(); + public MessageSecurityException(string message); + public MessageSecurityException(string message, Exception innerException); + } + public sealed class MessageSecurityTokenVersion : SecurityTokenVersion { + public bool EmitBspRequiredAttributes { get; } + public SecureConversationVersion SecureConversationVersion { get; } + public SecurityVersion SecurityVersion { get; } + public TrustVersion TrustVersion { get; } + public static MessageSecurityTokenVersion WSSecurity10WSTrust13WSSecureConversation13BasicSecurityProfile10 { get; } + public static MessageSecurityTokenVersion WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10 { get; } + public static MessageSecurityTokenVersion WSSecurity11WSTrust13WSSecureConversation13 { get; } + public static MessageSecurityTokenVersion WSSecurity11WSTrust13WSSecureConversation13BasicSecurityProfile10 { get; } + public static MessageSecurityTokenVersion WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005 { get; } + public static MessageSecurityTokenVersion WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005BasicSecurityProfile10 { get; } + public override ReadOnlyCollection GetSecuritySpecifications(); + public static MessageSecurityTokenVersion GetSecurityTokenVersion(SecurityVersion version, bool emitBspAttributes); + public override string ToString(); + } + public abstract class NonceCache { + protected NonceCache(); + public int CacheSize { get; set; } + public TimeSpan CachingTimeSpan { get; set; } + public abstract bool CheckNonce(byte[] nonce); + public abstract bool TryAddNonce(byte[] nonce); + } + public static class ProtectionLevelHelper { + public static int GetOrdinal(Nullable p); + public static bool IsDefined(ProtectionLevel value); + public static bool IsStronger(ProtectionLevel v1, ProtectionLevel v2); + public static bool IsStrongerOrEqual(ProtectionLevel v1, ProtectionLevel v2); + public static ProtectionLevel Max(ProtectionLevel v1, ProtectionLevel v2); + public static void Validate(ProtectionLevel value); + } + public class ScopedMessagePartSpecification { + public ScopedMessagePartSpecification(); + public ScopedMessagePartSpecification(ScopedMessagePartSpecification other); + public ICollection Actions { get; } + public MessagePartSpecification ChannelParts { get; } + public bool IsReadOnly { get; } + public void AddParts(MessagePartSpecification parts); + public void AddParts(MessagePartSpecification parts, string action); + public void MakeReadOnly(); + public bool TryGetParts(string action, bool excludeChannelScope, out MessagePartSpecification parts); + public bool TryGetParts(string action, out MessagePartSpecification parts); + } + public abstract class SecureConversationVersion { + public static SecureConversationVersion Default { get; } + public XmlDictionaryString Namespace { get; } + public XmlDictionaryString Prefix { get; } + public static SecureConversationVersion WSSecureConversation13 { get; } + public static SecureConversationVersion WSSecureConversationFeb2005 { get; } + } + public class SecurityAccessDeniedException : CommunicationException { + public SecurityAccessDeniedException(string message); + public SecurityAccessDeniedException(string message, Exception innerException); + } + public abstract class SecurityAlgorithmSuite { + protected SecurityAlgorithmSuite(); + public static SecurityAlgorithmSuite Basic128 { get; } + public static SecurityAlgorithmSuite Basic128Rsa15 { get; } + public static SecurityAlgorithmSuite Basic128Sha256 { get; } + public static SecurityAlgorithmSuite Basic128Sha256Rsa15 { get; } + public static SecurityAlgorithmSuite Basic192 { get; } + public static SecurityAlgorithmSuite Basic192Rsa15 { get; } + public static SecurityAlgorithmSuite Basic192Sha256 { get; } + public static SecurityAlgorithmSuite Basic192Sha256Rsa15 { get; } + public static SecurityAlgorithmSuite Basic256 { get; } + public static SecurityAlgorithmSuite Basic256Rsa15 { get; } + public static SecurityAlgorithmSuite Basic256Sha256 { get; } + public static SecurityAlgorithmSuite Basic256Sha256Rsa15 { get; } + public static SecurityAlgorithmSuite Default { get; } + public abstract string DefaultAsymmetricKeyWrapAlgorithm { get; } + public abstract string DefaultAsymmetricSignatureAlgorithm { get; } + public abstract string DefaultCanonicalizationAlgorithm { get; } + public abstract string DefaultDigestAlgorithm { get; } + public abstract string DefaultEncryptionAlgorithm { get; } + public abstract int DefaultEncryptionKeyDerivationLength { get; } + public abstract int DefaultSignatureKeyDerivationLength { get; } + public abstract int DefaultSymmetricKeyLength { get; } + public abstract string DefaultSymmetricKeyWrapAlgorithm { get; } + public abstract string DefaultSymmetricSignatureAlgorithm { get; } + public static SecurityAlgorithmSuite TripleDes { get; } + public static SecurityAlgorithmSuite TripleDesRsa15 { get; } + public static SecurityAlgorithmSuite TripleDesSha256 { get; } + public static SecurityAlgorithmSuite TripleDesSha256Rsa15 { get; } + public abstract bool IsAsymmetricKeyLengthSupported(int length); + public virtual bool IsAsymmetricKeyWrapAlgorithmSupported(string algorithm); + public virtual bool IsAsymmetricSignatureAlgorithmSupported(string algorithm); + public virtual bool IsCanonicalizationAlgorithmSupported(string algorithm); + public virtual bool IsDigestAlgorithmSupported(string algorithm); + public virtual bool IsEncryptionAlgorithmSupported(string algorithm); + public virtual bool IsEncryptionKeyDerivationAlgorithmSupported(string algorithm); + public virtual bool IsSignatureKeyDerivationAlgorithmSupported(string algorithm); + public abstract bool IsSymmetricKeyLengthSupported(int length); + public virtual bool IsSymmetricKeyWrapAlgorithmSupported(string algorithm); + public virtual bool IsSymmetricSignatureAlgorithmSupported(string algorithm); + } + public class SecurityContextKeyIdentifierClause : SecurityKeyIdentifierClause { + public SecurityContextKeyIdentifierClause(UniqueId contextId); + public SecurityContextKeyIdentifierClause(UniqueId contextId, UniqueId generation); + public SecurityContextKeyIdentifierClause(UniqueId contextId, UniqueId generation, byte[] derivationNonce, int derivationLength); + public UniqueId ContextId { get; } + public UniqueId Generation { get; } + public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause); + public bool Matches(UniqueId contextId, UniqueId generation); + public override string ToString(); + } + public abstract class SecurityCredentialsManager { + protected SecurityCredentialsManager(); + public abstract SecurityTokenManager CreateSecurityTokenManager(); + } + public enum SecurityKeyEntropyMode { + ClientEntropy = 0, + CombinedEntropy = 2, + ServerEntropy = 1, + } + public class SecurityMessageProperty : IDisposable, IMessageProperty { + public SecurityMessageProperty(); + public ReadOnlyCollection ExternalAuthorizationPolicies { get; set; } + public bool HasIncomingSupportingTokens { get; } + public Collection IncomingSupportingTokens { get; } + public SecurityTokenSpecification InitiatorToken { get; set; } + public Collection OutgoingSupportingTokens { get; } + public SecurityTokenSpecification ProtectionToken { get; set; } + public SecurityTokenSpecification RecipientToken { get; set; } + public string SenderIdPrefix { get; set; } + public ServiceSecurityContext ServiceSecurityContext { get; set; } + public SecurityTokenSpecification TransportToken { get; set; } + public IMessageProperty CreateCopy(); + public void Dispose(); + public static SecurityMessageProperty GetOrCreate(Message message); + } + public class SecurityNegotiationException : CommunicationException { + public SecurityNegotiationException(); + public SecurityNegotiationException(string message); + public SecurityNegotiationException(string message, Exception innerException); + } + public abstract class SecurityPolicyVersion { + public string Namespace { get; } + public string Prefix { get; } + public static SecurityPolicyVersion WSSecurityPolicy11 { get; } + public static SecurityPolicyVersion WSSecurityPolicy12 { get; } + } + public abstract class SecurityStateEncoder { + protected SecurityStateEncoder(); + protected internal abstract byte[] DecodeSecurityState(byte[] data); + protected internal abstract byte[] EncodeSecurityState(byte[] data); + } + public enum SecurityTokenAttachmentMode { + Endorsing = 1, + Signed = 0, + SignedEncrypted = 3, + SignedEndorsing = 2, + } + public class SecurityTokenSpecification { + public SecurityTokenSpecification(SecurityToken token, ReadOnlyCollection tokenPolicies); + public SecurityToken SecurityToken { get; } + public ReadOnlyCollection SecurityTokenPolicies { get; } + } + public abstract class SecurityVersion { + public static SecurityVersion WSSecurity10 { get; } + public static SecurityVersion WSSecurity11 { get; } + } + public class SspiSecurityTokenProvider : SecurityTokenProvider { + public SspiSecurityTokenProvider(NetworkCredential credential, bool extractGroupsForWindowsAccounts, bool allowUnauthenticatedCallers); + public SspiSecurityTokenProvider(NetworkCredential credential, bool allowNtlm, TokenImpersonationLevel impersonationLevel); + protected override Task GetTokenCoreAsync(CancellationToken cancellationToken); + } + public class SupportingTokenSpecification : SecurityTokenSpecification { + public SupportingTokenSpecification(SecurityToken token, ReadOnlyCollection tokenPolicies, SecurityTokenAttachmentMode attachmentMode); + public SupportingTokenSpecification(SecurityToken token, ReadOnlyCollection tokenPolicies, SecurityTokenAttachmentMode attachmentMode, SecurityTokenParameters tokenParameters); + public SecurityTokenAttachmentMode SecurityTokenAttachmentMode { get; } + } + public class TripleDesSecurityAlgorithmSuite : SecurityAlgorithmSuite { + public TripleDesSecurityAlgorithmSuite(); + public override string DefaultAsymmetricKeyWrapAlgorithm { get; } + public override string DefaultAsymmetricSignatureAlgorithm { get; } + public override string DefaultCanonicalizationAlgorithm { get; } + public override string DefaultDigestAlgorithm { get; } + public override string DefaultEncryptionAlgorithm { get; } + public override int DefaultEncryptionKeyDerivationLength { get; } + public override int DefaultSignatureKeyDerivationLength { get; } + public override int DefaultSymmetricKeyLength { get; } + public override string DefaultSymmetricKeyWrapAlgorithm { get; } + public override string DefaultSymmetricSignatureAlgorithm { get; } + public override bool IsAsymmetricKeyLengthSupported(int length); + public override bool IsSymmetricKeyLengthSupported(int length); + public override string ToString(); + } + public abstract class TrustVersion { + public static TrustVersion Default { get; } + public XmlDictionaryString Namespace { get; } + public XmlDictionaryString Prefix { get; } + public static TrustVersion WSTrust13 { get; } + public static TrustVersion WSTrustFeb2005 { get; } + } + public sealed class UserNamePasswordClientCredential { + public string Password { get; set; } + public string UserName { get; set; } + } + public sealed class WindowsClientCredential { + public TokenImpersonationLevel AllowedImpersonationLevel { get; set; } + public bool AllowNtlm { get; set; } + public NetworkCredential ClientCredential { get; set; } + } + public class WSSecurityTokenSerializer : SecurityTokenSerializer { + public WSSecurityTokenSerializer(); + public WSSecurityTokenSerializer(bool emitBspRequiredAttributes); + public WSSecurityTokenSerializer(SecurityVersion securityVersion); + public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes); + public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer); + public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable knownTypes); + public WSSecurityTokenSerializer(SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable knownTypes, int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength); + public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable knownTypes); + public WSSecurityTokenSerializer(SecurityVersion securityVersion, TrustVersion trustVersion, SecureConversationVersion secureConversationVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable knownTypes, int maximumKeyDerivationOffset, int maximumKeyDerivationLabelLength, int maximumKeyDerivationNonceLength); + public static WSSecurityTokenSerializer DefaultInstance { get; } + public bool EmitBspRequiredAttributes { get; } + public int MaximumKeyDerivationLabelLength { get; } + public int MaximumKeyDerivationNonceLength { get; } + public int MaximumKeyDerivationOffset { get; } + public SecurityVersion SecurityVersion { get; } + protected override bool CanReadKeyIdentifierClauseCore(XmlReader reader); + protected override bool CanReadKeyIdentifierCore(XmlReader reader); + protected override bool CanReadTokenCore(XmlReader reader); + protected override bool CanWriteKeyIdentifierClauseCore(SecurityKeyIdentifierClause keyIdentifierClause); + protected override bool CanWriteKeyIdentifierCore(SecurityKeyIdentifier keyIdentifier); + protected override bool CanWriteTokenCore(SecurityToken token); + public virtual SecurityKeyIdentifierClause CreateKeyIdentifierClauseFromTokenXml(XmlElement element, SecurityTokenReferenceStyle tokenReferenceStyle); + protected internal virtual string GetTokenTypeUri(Type tokenType); + protected override SecurityKeyIdentifierClause ReadKeyIdentifierClauseCore(XmlReader reader); + protected override SecurityKeyIdentifier ReadKeyIdentifierCore(XmlReader reader); + protected override SecurityToken ReadTokenCore(XmlReader reader, SecurityTokenResolver tokenResolver); + public virtual bool TryCreateKeyIdentifierClauseFromTokenXml(XmlElement element, SecurityTokenReferenceStyle tokenReferenceStyle, out SecurityKeyIdentifierClause securityKeyIdentifierClause); + protected override void WriteKeyIdentifierClauseCore(XmlWriter writer, SecurityKeyIdentifierClause keyIdentifierClause); + protected override void WriteKeyIdentifierCore(XmlWriter writer, SecurityKeyIdentifier keyIdentifier); + protected override void WriteTokenCore(XmlWriter writer, SecurityToken token); + } + public sealed class X509CertificateInitiatorClientCredential { + public X509Certificate2 Certificate { get; set; } + public void SetCertificate(StoreLocation storeLocation, StoreName storeName, X509FindType findType, object findValue); + public void SetCertificate(string subjectName, StoreLocation storeLocation, StoreName storeName); + } + public sealed class X509CertificateRecipientClientCredential { + public X509ServiceCertificateAuthentication Authentication { get; } + public X509Certificate2 DefaultCertificate { get; set; } + public Dictionary ScopedCertificates { get; } + public X509ServiceCertificateAuthentication SslCertificateAuthentication { get; set; } + public void SetDefaultCertificate(StoreLocation storeLocation, StoreName storeName, X509FindType findType, object findValue); + public void SetDefaultCertificate(string subjectName, StoreLocation storeLocation, StoreName storeName); + public void SetScopedCertificate(StoreLocation storeLocation, StoreName storeName, X509FindType findType, object findValue, Uri targetService); + public void SetScopedCertificate(string subjectName, StoreLocation storeLocation, StoreName storeName, Uri targetService); + } + public enum X509CertificateValidationMode { + ChainTrust = 2, + Custom = 4, + None = 0, + PeerOrChainTrust = 3, + PeerTrust = 1, + } + public class X509ClientCertificateAuthentication { + public X509ClientCertificateAuthentication(); + } + public sealed class X509ServiceCertificateAuthentication { + public X509ServiceCertificateAuthentication(); + public X509CertificateValidationMode CertificateValidationMode { get; set; } + public X509CertificateValidator CustomCertificateValidator { get; set; } + public X509RevocationMode RevocationMode { get; set; } + public StoreLocation TrustedStoreLocation { get; set; } + } +} ```