我正在尝试使用带有证书的 WCF 来调用 Web 服务来签署消息。
服务器仅支持以下规范化算法:'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments '
默认情况下,WCF 使用“http://www.w3.org/2001/10/xml-exc-c14n#” '
由于我无法使用配置文件对其进行配置,因此我创建了一个自定义绑定(bind),在其中设置了一个自定义 SecurityAlgorithmSuite 以强制 WCF 使用服务期望的规范化算法。 这是我的自定义绑定(bind):
public class TestBinding : Binding
{
public override BindingElementCollection CreateBindingElements()
{
var sec = TransportSecurityBindingElement.CreateCertificateOverTransportBindingElement();
sec.MessageSecurityVersion = MessageSecurityVersion
.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
sec.EnableUnsecuredResponse = true;
sec.DefaultAlgorithmSuite = new TestSecurityAlgorithmSuite();
return new BindingElementCollection(new BindingElement[] {
new TextMessageEncodingBindingElement() { MessageVersion = MessageVersion.Soap11WSAddressing10 },
sec,
new HttpsTransportBindingElement() { RequireClientCertificate = true }
});
}
public override string Scheme
{
get { return new HttpsTransportBindingElement().Scheme; }
}
}
和算法套件:
public class TestSecurityAlgorithmSuite : Basic256SecurityAlgorithmSuite
{
public override string DefaultCanonicalizationAlgorithm
{
get { return "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; }
}
public override string ToString()
{
return "TestSecurityAlgorithmSuite";
}
}
不幸的是,我得到了错误:
Canonicalization algorithm 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments' is not supported.
Server stack trace:
à System.ServiceModel.Security.WSSecurityOneDotZeroSendSecurityHeader.StartPrimarySignatureCore(SecurityToken token, SecurityKeyIdentifier keyIdentifier, MessagePartSpecification signatureParts, Boolean generateTargettableSignature)
à System.ServiceModel.Security.WSSecurityOneDotZeroSendSecurityHeader.CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier)
à System.ServiceModel.Security.SendSecurityHeader.SignWithSupportingToken(SecurityToken token, SecurityKeyIdentifierClause identifierClause)
à System.ServiceModel.Security.SendSecurityHeader.SignWithSupportingTokens()
à System.ServiceModel.Security.SendSecurityHeader.CompleteSecurityApplication()
à System.ServiceModel.Security.SecurityAppliedMessage.OnWriteMessage(XmlDictionaryWriter writer)
à System.ServiceModel.Channels.Message.WriteMessage(XmlDictionaryWriter writer)
à System.ServiceModel.Channels.BufferedMessageWriter.WriteMessage(Message message, BufferManager bufferManager, Int32 initialOffset, Int32 maxSizeQuota)
à System.ServiceModel.Channels.TextMessageEncoderFactory.TextMessageEncoder.WriteMessage(Message message, Int32 maxMessageSize, BufferManager bufferManager, Int32 messageOffset)
à System.ServiceModel.Channels.MessageEncoder.WriteMessage(Message message, Int32 maxMessageSize, BufferManager bufferManager)
à System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message, Boolean shouldRecycleBuffer)
à System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message)
à System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout)
à System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout)
à System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
à System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
à System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
à System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
à System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
à System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)'
我开始觉得所有的希望都破灭了。有什么方法可以使 WCF 使用所需的算法吗?
最佳答案
不幸的是,异常是 self 描述的:当前版本的 WCF 不支持“http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments”规范化算法。
关于c# - 使用 WCF 更改规范化算法,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/30779840/