简单WCF加密

最新推荐文章于 2019-01-08 02:40:21 发布
stweily
最新推荐文章于 2019-01-08 02:40:21 发布
阅读量1.2k
点赞数
分类专栏：编程语言文章标签： WCF
本文链接：https://blog.csdn.net/stweily/article/details/8968228
版权
编程语言专栏收录该内容
1 篇文章 0 订阅
订阅专栏
using System;
using System.Collections.Generic;
using System.Linq;
using System.ServiceModel;
using System.ServiceModel.Description;
using System.Text;

namespace TTTT
{
    class Program
    {
        static void Main(string[] args)
        {

            
            NetTcpBinding bind = new NetTcpBinding(SecurityMode.Transport);
            bind.MaxConnections = 1 << 16;
            bind.MaxReceivedMessageSize = 1024 * 1024;
            bind.MaxBufferSize = 1024 * 1024;
            bind.Security.Transport.ClientCredentialType = TcpClientCredentialType.Certificate;
            bind.Security.Transport.ExtendedProtectionPolicy = new System.Security.Authentication.ExtendedProtection.ExtendedProtectionPolicy(System.Security.Authentication.ExtendedProtection.PolicyEnforcement.Always);

            EndpointAddress endpointAddress = new System.ServiceModel.EndpointAddress(new Uri("net.tcp://localhost:56789/ChargeService"), EndpointIdentity.CreateDnsIdentity("SUPServer"));


            ServiceReference1.ChargeServiceClient csc = new ServiceReference1.ChargeServiceClient(bind, endpointAddress);

            csc.ClientCredentials.ClientCertificate.Certificate = new System.Security.Cryptography.X509Certificates.X509Certificate2(Properties.Resources.SUPServer, "xxlonline");
            //csc.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
            csc.ClientCredentials.Peer.PeerAuthentication.RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck;
            csc.ClientCredentials.ServiceCertificate.Authentication.RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck;
            //csc.ClientCredentials.ServiceCertificate.Authentication.CustomCertificateValidator = new SUPCertificateValidator();

            csc.Open();
            if (csc.State == CommunicationState.Opened)
            {
                var par = new ServiceReference1.CompositeType();
                par.BoolValue = true;
                par.StringValue = "唉";
                var re = csc.GetDataUsingDataContract(par);
                Console.Write(re.StringValue);
            }

            
            


        }
        /// <summary>
        /// 证书验证
        /// </summary>
         public class SUPCertificateValidator : System.IdentityModel.Selectors.X509CertificateValidator
    {
        public override void Validate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate)
        {
            if (!certificate.Thumbprint.Equals("7CB7D4243FA03CB6264B742CB0B63557C0A7AD2A"))
            {
                throw new System.IdentityModel.Tokens.SecurityTokenException("证书验证失败!");
            }
        }
    }
    }
}


 


服务端

using System;
using System.Collections.Generic;
using System.Linq;
using System.ServiceModel;
using System.ServiceModel.Description;
using System.Text;


namespace ConsoleApplication1
{
    class Program
    {
        static void Main(string[] args)
        {
            using (ServiceHost m_Host = new ServiceHost(typeof(WcfServiceLibrary.Service1), new Uri("net.tcp://localhost:56789")))
            {
                //var binding = new NetTcpBinding(SecurityMode.None);
                var binding = new NetTcpBinding(SecurityMode.Transport);
                binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Certificate;
                binding.Security.Transport.ExtendedProtectionPolicy = new System.Security.Authentication.ExtendedProtection.ExtendedProtectionPolicy(System.Security.Authentication.ExtendedProtection.PolicyEnforcement.Always);
                binding.Security.Message.ClientCredentialType = MessageCredentialType.None;

                ServiceMetadataBehavior m_ServiceMetadataBehavior = new ServiceMetadataBehavior();
                m_ServiceMetadataBehavior.MetadataExporter.PolicyVersion = PolicyVersion.Policy15; //元数据
                m_Host.Description.Behaviors.Add(m_ServiceMetadataBehavior);

                ServiceThrottlingBehavior m_ServiceThrottlingBehavior = new ServiceThrottlingBehavior();
                m_ServiceThrottlingBehavior.MaxConcurrentCalls = 2147483647;
                m_ServiceThrottlingBehavior.MaxConcurrentInstances = 2147483647;
                m_ServiceThrottlingBehavior.MaxConcurrentSessions = 2147483647;
                m_Host.Description.Behaviors.Add(m_ServiceThrottlingBehavior);

                
                   (m_Host.Description.Behaviors[typeof(ServiceDebugBehavior)] as ServiceDebugBehavior).IncludeExceptionDetailInFaults = true;
                   
                   ServiceCredentials m_ServiceCredentials = new ServiceCredentials();
                   m_ServiceCredentials.ServiceCertificate.Certificate = new System.Security.Cryptography.X509Certificates.X509Certificate2(Properties.Resources.SUPServer, "sssssss");
                   m_ServiceCredentials.ClientCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.Custom;
                   m_ServiceCredentials.ClientCertificate.Authentication.CustomCertificateValidator = new SUPCertificateValidator();
                   m_ServiceCredentials.ClientCertificate.Authentication.RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck;
                   
                   m_Host.Description.Behaviors.Add(m_ServiceCredentials);
                

                m_Host.AddServiceEndpoint(typeof(WcfServiceLibrary.IService1), binding, "ChargeService");
                m_Host.AddServiceEndpoint(ServiceMetadataBehavior.MexContractName, MetadataExchangeBindings.CreateMexTcpBinding(), "ChargeService/Mex");

 


                m_Host.Opened += delegate
                 {
                     Console.WriteLine("CalculaorService已经启动，按任意键终止服务！");
                 };

                m_Host.Open();
                Console.Read();

            }
                 
             
        
        }
    }
    public class SUPCertificateValidator : System.IdentityModel.Selectors.X509CertificateValidator
    {
        public override void Validate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate)
        {
            if (!certificate.Thumbprint.Equals("3xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"))
            {
                throw new System.IdentityModel.Tokens.SecurityTokenException("证书验证失败!");
            }
        }
    }
}




 
客户端