【发布时间】:2011-12-27 12:08:55
【问题描述】:
我需要从基于 WCF 的服务中签署 xml 回复
这里是示例代码:
public void BeforeSendReply(ref Message reply, object correlationState)
{
MemoryStream ms = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(ms, Encoding.UTF8);
reply.WriteMessage(writer);
writer.Flush();
ms.Seek(0, SeekOrigin.Begin);
XmlDocument doc = new XmlDocument();
doc.Load(ms);
doc.Save(@"C:\reply.xml");
ms.Seek(0, SeekOrigin.Begin);
CspParameters cspParams = new CspParameters();
cspParams.KeyContainerName = "XML_DSIG_RSA_KEY";
RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams);
SignedXml signedXml = new SignedXml(doc);
signedXml.SigningKey = rsaKey;
Reference reference = new Reference();
reference.Uri = string.Empty;
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
signedXml.AddReference(reference);
signedXml.ComputeSignature();
XmlElement xmlDigitalSignature = signedXml.GetXml();
doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true));
doc.Save(@"C:\signed_reply.xml");
MemoryStream signedStream = new MemoryStream();
doc.Save(signedStream);
signedStream.Seek(0, SeekOrigin.Begin);
XmlReader reader = XmlReader.Create(signedStream);
Message newMessage = Message.CreateMessage(reader, int.MaxValue, reply.Version);
newMessage.Properties.CopyProperties(reply.Properties);
reply = newMessage;
}
使用 SoapUI 进行测试时,我什么也看不到,并且生成的客户端因异常而失败。从变量 ms 返回时,一切都按预期进行。这段代码有什么问题?
回复.xml
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://tempuri.org/ITest/GetProductResponse</Action>
</s:Header>
<s:Body>
<GetProductResponse xmlns="http://tempuri.org/">
<GetProductResult xmlns:a="http://schemas.datacontract.org/2004/07/WebJsonService" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<a:Description>test</a:Description>
<a:Id>5</a:Id>
<a:Name>test</a:Name>
<a:Price>0.25</a:Price>
</GetProductResult>
</GetProductResponse>
</s:Body>
</s:Envelope>
signed_reply.xml
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://tempuri.org/ITest/GetProductResponse</Action>
</s:Header>
<s:Body>
<GetProductResponse xmlns="http://tempuri.org/">
<GetProductResult xmlns:a="http://schemas.datacontract.org/2004/07/WebJsonService" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<a:Description>test</a:Description>
<a:Id>5</a:Id>
<a:Name>test</a:Name>
<a:Price>0.25</a:Price>
</GetProductResult>
</GetProductResponse>
</s:Body>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>fXEwGkEaeFkpQaxZr1T61l0q5XE=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>eikY2sH9l12SyEiCwuEKBTqJZjKnkHND/8opBOp3uF0jkR/iYsAxFhDNuVXAghVsTbdllg+G8a/UKMN10JByvl5RV9wULM+5CLKQ2e1d3+0kBZdd5Q568yJNQhYbFENzJP2aRJiv9rWN8ji4QGdDITNy7IVcgv5M8flPr+5/9A8=</SignatureValue>
</Signature>
</s:Envelope>
【问题讨论】:
-
想知道为什么您需要在服务逻辑中对回复进行签名,wcf 消息安全会为消息签名 ....