2

我正在使用 WCF 编写客户端,我需要将 signaturemethod 算法设置为 rsa-sha1,将 DigestMethod 设置为 sha256。SecurityAlgorithmSuite 中的枚举值都不支持这一点。所以,我希望在我的 SOAP 请求中使用它:

   <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
   <ds:Reference URI="#TS-25">
   <ds:Transforms>
   <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
   </ds:Transform>
   </ds:Transforms>
   <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>

我的代码:

    Dim asbe As System.ServiceModel.Channels.AsymmetricSecurityBindingElement
    asbe = New System.ServiceModel.Channels.AsymmetricSecurityBindingElement

    asbe.MessageSecurityVersion = _
        MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11

    asbe.InitiatorTokenParameters = New System.ServiceModel.Security.Tokens.X509SecurityTokenParameters(System.ServiceModel.Security.Tokens.X509KeyIdentifierClauseType.Thumbprint, SecurityTokenInclusionMode.AlwaysToRecipient)
    asbe.RecipientTokenParameters = New System.ServiceModel.Security.Tokens.X509SecurityTokenParameters(System.ServiceModel.Security.Tokens.X509KeyIdentifierClauseType.Thumbprint, SecurityTokenInclusionMode.AlwaysToInitiator)


    asbe.MessageProtectionOrder = System.ServiceModel.Security.MessageProtectionOrder.SignBeforeEncrypt

    asbe.SecurityHeaderLayout = System.ServiceModel.Channels.SecurityHeaderLayout.Strict
    asbe.EnableUnsecuredResponse = True 
    asbe.IncludeTimestamp = True 
    asbe.SetKeyDerivation(False)

    asbe.DefaultAlgorithmSuite = System.ServiceModel.Security.SecurityAlgorithmSuite.Basic128Sha256Rsa15

    Dim usernameToken As New UserNameSecurityTokenParameters
    usernameToken.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient
    asbe.EndpointSupportingTokenParameters.Signed.Add(usernameToken)
    asbe.AllowInsecureTransport = True

    Dim myBinding As CustomBinding
    myBinding = New CustomBinding

    myBinding.Elements.Add(asbe)
    myBinding.Elements.Add(New TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8))

    Dim httpsBindingElement As HttpsTransportBindingElement  
    httpsBindingElement = New HttpsTransportBindingElement
    myBinding.Elements.Add(httpsBindingElement)

    Return myBinding
4

1 回答 1

1

要解决此问题,您必须创建一个继承 SecurityAlgorithmSuite 的自定义类。然后,您可以将可覆盖方法的默认属性设置为您需要的任何内容。要使用它,而不是: 

asbe.DefaultAlgorithmSuite = System.ServiceModel.Security.SecurityAlgorithmSuite.Basic128Sha256Rsa15

你会这样做:

asbe.DefaultAlgorithmSuite = new CustomAlgorithmSuiteclass

那么代理对象上的 DefaultAlgorithmSuite 属性将包含自定义类中设置的所有默认值。我没有想到这归功于:http ://social.msdn.microsoft.com/Forums/vstudio/en-US/8b149878-f9a2-44e3-afd4-68884b02e129/algorithm-suite-wcf-ws-security

于 2014-11-25T19:35:12.883 回答