2
мне нужно подписать XML-ответ от службы на основе WCFWCF Message Inspector
Вот пример кода:
public void BeforeSendReply(ref Message reply, object correlationState)
{
MemoryStream ms = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(ms, Encoding.UTF8);
reply.WriteMessage(writer);
writer.Flush();
ms.Seek(0, SeekOrigin.Begin);
XmlDocument doc = new XmlDocument();
doc.Load(ms);
doc.Save(@"C:\reply.xml");
ms.Seek(0, SeekOrigin.Begin);
CspParameters cspParams = new CspParameters();
cspParams.KeyContainerName = "XML_DSIG_RSA_KEY";
RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams);
SignedXml signedXml = new SignedXml(doc);
signedXml.SigningKey = rsaKey;
Reference reference = new Reference();
reference.Uri = string.Empty;
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
signedXml.AddReference(reference);
signedXml.ComputeSignature();
XmlElement xmlDigitalSignature = signedXml.GetXml();
doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true));
doc.Save(@"C:\signed_reply.xml");
MemoryStream signedStream = new MemoryStream();
doc.Save(signedStream);
signedStream.Seek(0, SeekOrigin.Begin);
XmlReader reader = XmlReader.Create(signedStream);
Message newMessage = Message.CreateMessage(reader, int.MaxValue, reply.Version);
newMessage.Properties.CopyProperties(reply.Properties);
reply = newMessage;
}
При тестировании с SoapUI я ничего не вижу и генерируется клиент не на исключение. При возврате из переменной ms все идет так, как ожидалось. Что может быть неправильным в этом коде?
reply.xml
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://tempuri.org/ITest/GetProductResponse</Action>
</s:Header>
<s:Body>
<GetProductResponse xmlns="http://tempuri.org/">
<GetProductResult xmlns:a="http://schemas.datacontract.org/2004/07/WebJsonService" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<a:Description>test</a:Description>
<a:Id>5</a:Id>
<a:Name>test</a:Name>
<a:Price>0.25</a:Price>
</GetProductResult>
</GetProductResponse>
</s:Body>
</s:Envelope>
signed_reply.xml
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://tempuri.org/ITest/GetProductResponse</Action>
</s:Header>
<s:Body>
<GetProductResponse xmlns="http://tempuri.org/">
<GetProductResult xmlns:a="http://schemas.datacontract.org/2004/07/WebJsonService" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<a:Description>test</a:Description>
<a:Id>5</a:Id>
<a:Name>test</a:Name>
<a:Price>0.25</a:Price>
</GetProductResult>
</GetProductResponse>
</s:Body>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>fXEwGkEaeFkpQaxZr1T61l0q5XE=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>eikY2sH9l12SyEiCwuEKBTqJZjKnkHND/8opBOp3uF0jkR/iYsAxFhDNuVXAghVsTbdllg+G8a/UKMN10JByvl5RV9wULM+5CLKQ2e1d3+0kBZdd5Q568yJNQhYbFENzJP2aRJiv9rWN8ji4QGdDITNy7IVcgv5M8flPr+5/9A8=</SignatureValue>
</Signature>
</s:Envelope>
интересно, почему вам нужно подписать ответ в логике обслуживания, безопасность сообщения wcf делает знак сообщения .... –