// If any changes are made to this method, please make sure that they are
// reflected in the corresponding IsCertificateOverTransportBinding() method.
public static TransportSecurityBindingElement CreateCertificateOverTransportBindingElement(MessageSecurityVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(version));
}
X509KeyIdentifierClauseType x509ReferenceType;
if (version.SecurityVersion == SecurityVersion.WSSecurity10)
{
x509ReferenceType = X509KeyIdentifierClauseType.Any;
}
else
{
x509ReferenceType = X509KeyIdentifierClauseType.Thumbprint;
}
TransportSecurityBindingElement result = new TransportSecurityBindingElement();
X509SecurityTokenParameters x509Parameters = new X509SecurityTokenParameters(
x509ReferenceType,
SecurityTokenInclusionMode.AlwaysToRecipient,
false);
result.EndpointSupportingTokenParameters.Endorsing.Add(
x509Parameters
);
result.IncludeTimestamp = true;
// result.LocalClientSettings.DetectReplays = false;
result.LocalServiceSettings.DetectReplays = false;
result.MessageSecurityVersion = version;
return(result);
}
// If any changes are made to this method, please make sure that they are
// reflected in the corresponding IsUserNameOverTransportBinding() method.
public static TransportSecurityBindingElement CreateUserNameOverTransportBindingElement()
{
TransportSecurityBindingElement result = new TransportSecurityBindingElement();
result.EndpointSupportingTokenParameters.SignedEncrypted.Add(
new UserNameSecurityTokenParameters());
result.IncludeTimestamp = true;
//result.LocalClientSettings.DetectReplays = false;
result.LocalServiceSettings.DetectReplays = false;
return(result);
}
// If any changes are made to this method, please make sure that they are
// reflected in the corresponding IsSspiNegotiationOverTransportBinding() method.
public static TransportSecurityBindingElement CreateSspiNegotiationOverTransportBindingElement(bool requireCancellation)
{
TransportSecurityBindingElement result = new TransportSecurityBindingElement();
SspiSecurityTokenParameters sspiParameters = new SspiSecurityTokenParameters(requireCancellation)
{
RequireDerivedKeys = false
};
result.EndpointSupportingTokenParameters.Endorsing.Add(
sspiParameters);
result.IncludeTimestamp = true;
// result.LocalClientSettings.DetectReplays = false;
result.LocalServiceSettings.DetectReplays = false;
result.SupportsExtendedProtectionPolicy = true;
return(result);
}
// If any changes are made to this method, please make sure that they are
// reflected in the corresponding IsSecureConversationBinding() method.
public static SecurityBindingElement CreateSecureConversationBindingElement(SecurityBindingElement bootstrapSecurity, bool requireCancellation, ChannelProtectionRequirements bootstrapProtectionRequirements)
{
if (bootstrapSecurity == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("bootstrapBinding");
}
SecurityBindingElement result;
if (bootstrapSecurity is TransportSecurityBindingElement)
{
// there is no need to do replay detection or key derivation for transport bindings
TransportSecurityBindingElement primary = new TransportSecurityBindingElement();
SecureConversationSecurityTokenParameters scParameters = new SecureConversationSecurityTokenParameters(
bootstrapSecurity,
requireCancellation,
bootstrapProtectionRequirements)
{
RequireDerivedKeys = false
};
primary.EndpointSupportingTokenParameters.Endorsing.Add(
scParameters);
// primary.LocalClientSettings.DetectReplays = false;
primary.LocalServiceSettings.DetectReplays = false;
primary.IncludeTimestamp = true;
result = primary;
}
else // Symmetric- or AsymmetricSecurityBindingElement
{
SymmetricSecurityBindingElement primary = new SymmetricSecurityBindingElement(
new SecureConversationSecurityTokenParameters(
bootstrapSecurity,
requireCancellation,
bootstrapProtectionRequirements))
{
// there is no need for signature confirmation on the steady state binding
RequireSignatureConfirmation = false
};
result = primary;
}
return(result);
}
private TransportSecurityBindingElement(TransportSecurityBindingElement elementToBeCloned) : base(elementToBeCloned)
{
// empty
}
