protected SslStreamSecurityBindingElement(SslStreamSecurityBindingElement elementToBeCloned) : base(elementToBeCloned) { _identityVerifier = elementToBeCloned._identityVerifier; RequireClientCertificate = elementToBeCloned.RequireClientCertificate; _sslProtocols = elementToBeCloned._sslProtocols; }
public static SslStreamSecurityUpgradeProvider CreateServerProvider( SslStreamSecurityBindingElement bindingElement, BindingContext context) { SecurityCredentialsManager credentialProvider = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialProvider == null) { credentialProvider = ServiceCredentials.CreateDefaultCredentials(); } Uri listenUri = TransportSecurityHelpers.GetListenUri(context.ListenUriBaseAddress, context.ListenUriRelativeAddress); SecurityTokenManager tokenManager = credentialProvider.CreateSecurityTokenManager(); RecipientServiceModelSecurityTokenRequirement serverCertRequirement = new RecipientServiceModelSecurityTokenRequirement(); serverCertRequirement.TokenType = SecurityTokenTypes.X509Certificate; serverCertRequirement.RequireCryptographicToken = true; serverCertRequirement.KeyUsage = SecurityKeyUsage.Exchange; serverCertRequirement.TransportScheme = context.Binding.Scheme; serverCertRequirement.ListenUri = listenUri; SecurityTokenProvider tokenProvider = tokenManager.CreateSecurityTokenProvider(serverCertRequirement); if (tokenProvider == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.Format(SR.ClientCredentialsUnableToCreateLocalTokenProvider, serverCertRequirement))); } SecurityTokenAuthenticator certificateAuthenticator = TransportSecurityHelpers.GetCertificateTokenAuthenticator(tokenManager, context.Binding.Scheme, listenUri); return(new SslStreamSecurityUpgradeProvider(context.Binding, tokenProvider, bindingElement.RequireClientCertificate, certificateAuthenticator, context.Binding.Scheme, bindingElement.IdentityVerifier, bindingElement.SslProtocols)); }
protected override bool IsMatch(BindingElement b) { if (b == null) { return(false); } SslStreamSecurityBindingElement ssl = b as SslStreamSecurityBindingElement; if (ssl == null) { return(false); } return(requireClientCertificate == ssl.requireClientCertificate && sslProtocols == ssl.sslProtocols); }