Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version

Custom Authentication and Security for Routing Service of WCF 4.0

, 13 Oct 2012
Defining security contextes in Routing service environment.
Routing_Service_POC-noexe.zip
Routing_Service_POC
POC
RoutingServicePOC
ClientCommonLib
obj
Debug
Properties
Client
bin
Debug
Client.vshost.exe.manifest
MessageLog.svclog
obj
x86
Debug
Properties
GlobalCommonLib
GlobalCommonLib.csproj.user
obj
Debug
Properties
RoutingServicePOC.5.1.ReSharper.user
RoutingServicePOC.suo
RoutingServicePOC
Filter
obj
Debug
CSAutoParameterize
original
transformed
Package
PackageTmp
RoutingService.svc
RoutingServicePOC.zip
TransformWebConfig
original
transformed
Properties
RoutingService.svc
RoutingServicePOC.csproj.user
ServiceA.Contract
obj
Debug
Properties
ServiceA
bin
Debug
ServiceA.vshost.exe.manifest
obj
x86
Debug
Properties
ServiceB.Contract
obj
Debug
Properties
ServiceB
bin
Debug
ServiceB.vshost.exe.manifest
obj
x86
Debug
Properties
ServiceCommonLib
obj
Debug
Properties
_ReSharper.RoutingServicePOC
BuildScriptCache
.crc
.version
9
6ecd42b4.dat
NamedArguments
.crc
.version
8
64bd7be7.dat
ProjectModel
ProjectModel.dat
Resources
.crc
.version
SymbolCache.bin
TagPrefixes
.crc
.version
5
5402198f.dat
TodoCache
.crc
.version
5
5402198f.dat
WebsiteFileReferences
.crc
.version
WordIndex
.crc
.version
1
3da9581c.dat
Routing_Service_POC.zip
library
ICSharpCode.SharpZipLib.dll
Ionic.Zip.dll
bin
Debug
ClientCommonLib.dll
ClientCommonLib.pdb
GlobalCommonLib.dll
GlobalCommonLib.pdb
Release
ClientCommonLib.csprojResolveAssemblyReference.cache
ClientCommonLib.dll
ClientCommonLib.pdb
DesignTimeResolveAssemblyReferencesInput.cache
ResolveAssemblyReference.cache
TempPE
Client.exe
Client.pdb
Client.vshost.exe
Client.vshost.exe.manifest
ClientCommonLib.dll
ClientCommonLib.pdb
GlobalCommonLib.dll
GlobalCommonLib.pdb
MessageLog.svclog
ServiceA.Contract.dll
ServiceA.Contract.pdb
ServiceB.Contract.dll
ServiceB.Contract.pdb
Client.csprojResolveAssemblyReference.cache
Client.exe
Client.pdb
DesignTimeResolveAssemblyReferencesInput.cache
ResolveAssemblyReference.cache
TempPE
bin
Debug
GlobalCommonLib.dll
GlobalCommonLib.pdb
ICSharpCode.SharpZipLib.dll
Ionic.Zip.dll
Release
GlobalCommonLib.csproj.user
DesignTimeResolveAssemblyReferencesInput.cache
GlobalCommonLib.csprojResolveAssemblyReference.cache
GlobalCommonLib.dll
GlobalCommonLib.pdb
ResolveAssemblyReference.cache
TempPE
RoutingServicePOC.5.1.ReSharper.user
RoutingServicePOC.suo
App_Data
bin
GlobalCommonLib.dll
GlobalCommonLib.pdb
ICSharpCode.SharpZipLib.dll
Ionic.Zip.dll
RoutingServicePOC.dll
RoutingServicePOC.pdb
Database
DesignTimeResolveAssemblyReferencesInput.cache
bin
GlobalCommonLib.dll
GlobalCommonLib.pdb
RoutingServicePOC.dll
RoutingServicePOC.pdb
RoutingService.svc
RoutingServicePOC.zip
ResolveAssemblyReference.cache
RoutingServicePOC.csprojResolveAssemblyReference.cache
RoutingServicePOC.dll
RoutingServicePOC.pdb
TempPE
RoutingService.svc
RoutingServicePOC.csproj.user
bin
Debug
ServiceA.Contract.dll
ServiceA.Contract.pdb
Release
DesignTimeResolveAssemblyReferencesInput.cache
ServiceA.Contract.dll
ServiceA.Contract.pdb
TempPE
GlobalCommonLib.dll
GlobalCommonLib.pdb
ServiceA.Contract.dll
ServiceA.Contract.pdb
ServiceA.exe
ServiceA.pdb
ServiceA.vshost.exe
ServiceA.vshost.exe.manifest
ServiceCommonLib.dll
ServiceCommonLib.pdb
DesignTimeResolveAssemblyReferences.cache
DesignTimeResolveAssemblyReferencesInput.cache
ResolveAssemblyReference.cache
ServiceA.csprojResolveAssemblyReference.cache
ServiceA.exe
ServiceA.pdb
TempPE
bin
Debug
ServiceB.Contract.dll
ServiceB.Contract.pdb
Release
DesignTimeResolveAssemblyReferencesInput.cache
ServiceB.Contract.dll
ServiceB.Contract.pdb
TempPE
GlobalCommonLib.dll
GlobalCommonLib.pdb
ServiceB.Contract.dll
ServiceB.Contract.pdb
ServiceB.exe
ServiceB.pdb
ServiceB.vshost.exe
ServiceB.vshost.exe.manifest
ServiceCommonLib.dll
ServiceCommonLib.pdb
Release
DesignTimeResolveAssemblyReferencesInput.cache
ResolveAssemblyReference.cache
ServiceB.csprojResolveAssemblyReference.cache
ServiceB.exe
ServiceB.pdb
TempPE
bin
Debug
GlobalCommonLib.dll
GlobalCommonLib.pdb
ServiceCommonLib.dll
ServiceCommonLib.pdb
Release
DesignTimeResolveAssemblyReferencesInput.cache
ResolveAssemblyReference.cache
ServiceCommonLib.csprojResolveAssemblyReference.cache
ServiceCommonLib.dll
ServiceCommonLib.pdb
TempPE
.crc
.version
5
6ecd42b4.dat
DecompilerCache
.crc
.version
1
64bd7be7.dat
PdbInfo
ProjectModel.dat
.crc
.version
SymbolCache.bin
.crc
.version
0
1
2
5402198f.dat
6
.crc
.version
5402198f.dat
7
.crc
.version
.crc
.version
3da9581c.dat
3
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.ServiceModel.Channels;
using System.Text;
using System.Xml;

namespace GlobalCommonLib
{
    public class CryptographerBase
    {
        public const string KeyElementName = "EncryptionKey";
        public const string EncryptedElementName = "Encrypted";

        //The elements that will be encrypted when the contentEncryption is set to "Credentials" or "All".
        public const string CredentialsElementName = "Credentials";
        public const string AllElementName = "s:Envelope";

        public const int AesKeySize = 256; //The minimum size of the key is 128 bits, and the maximum size is 256 bits. [2]
        public const int RsaKeySize = 1024; //The RSACryptoServiceProvider supports key lengths from 384 bits to 16384 bits in increments of 8 bits if you have the Microsoft Enhanced Cryptographic Provider installed. It supports key lengths from 384 bits to 512 bits in increments of 8 bits if you have the Microsoft Base Cryptographic Provider installed.[1]

        protected const bool Content = false;//Encrypt only the content (true) or the node also (false); it seems not to function on true.?!?

        //on server: generates a new public/private key at its instantiation
        //on client: must be initiated with the public key of the server 
        public static RSACryptoServiceProvider RsaServiceProvider { get; private set; }

        //this is necessary on a multithreading environment to pair the request and reply (both on server and client)
        //on client: contains the message id and the key used to encrypt the request message; it will be used to decrypt the reply message.
        //on server: contains the message is and the key extracted from the encrypted message; it will be used to encrypt the reply message.
        //protected static ConcurrentDictionary<string, byte[]> AesKeys { get; private set; }

        static CryptographerBase()
        {
            RsaServiceProvider = new RSACryptoServiceProvider(RsaKeySize);
            //AesKeys = new ConcurrentDictionary<string, byte[]>();
        }

    }

    public class Cryptographer : CryptographerBase
    {
        public static void Encrypt(XmlDocument xmlDoc, string elementToEncrypt)
        {
            XmlNodeList elementsToEncrypt = xmlDoc.GetElementsByTagName(elementToEncrypt);
            if (elementsToEncrypt.Count == 0)
                return;

            var aesServiceProvider = new AesCryptoServiceProvider {KeySize = 256};
            aesServiceProvider.GenerateKey();

            XmlNode idNode = xmlDoc.GetElementsByTagName("a:MessageID")[0];
            
            string id = string.Empty;
            if (null != idNode)
                id =  BitConverter.ToString( Encoding.UTF8.GetBytes(idNode.InnerText));
             id += "||" + BitConverter.ToString(aesServiceProvider.Key);
            
            //AesKeys.TryAdd(id, );

            var xmlElementToEncrypt = (XmlElement)elementsToEncrypt[0];
            var encryptedXml = new EncryptedXml();

            byte[] encryptedElement = encryptedXml.EncryptData(xmlElementToEncrypt, aesServiceProvider, Content);

            var encryptedData = new EncryptedData
                                    {
                                        Type = EncryptedXml.XmlEncElementUrl,
                                        EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url)
                                    };
            var encryptedKey = new EncryptedKey
                                   {
                                       CipherData =
                                           new CipherData(EncryptedXml.EncryptKey(aesServiceProvider.Key,
                                                                                  RsaServiceProvider, Content)),
                                       EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url)
                                   };
            encryptedData.KeyInfo = new KeyInfo();
            encryptedKey.KeyInfo.AddClause(new KeyInfoName(KeyElementName));
            encryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedKey));
            encryptedData.CipherData.CipherValue = encryptedElement;
            encryptedData.Id = id;
            EncryptedXml.ReplaceElement(xmlElementToEncrypt, encryptedData, Content);
        }

        public static void Decrypt(XmlDocument xmlDoc)
        {

            XmlNodeList encryptedElements = xmlDoc.GetElementsByTagName("EncryptedData");
            if (encryptedElements.Count == 0)
                return;

            var aesServiceProvider = new AesCryptoServiceProvider();
            var encryptedElement = (XmlElement)encryptedElements[0];

            var encryptedData = new EncryptedData();
            encryptedData.LoadXml(encryptedElement);

            var keyinString = encryptedData.Id.Split(new string[] {"||"}, StringSplitOptions.None).ElementAt(1);
            byte[] key = keyinString.Split('-').Select(b => Convert.ToByte(b, 16)).ToArray();
            //AesKeys.TryRemove(encryptedData.Id, out key);
            aesServiceProvider.Key = key;


            var encryptedXml = new EncryptedXml();
            encryptedXml.ReplaceData(encryptedElement, encryptedXml.DecryptData(encryptedData, aesServiceProvider));
        }

        public static ArraySegment<byte> EncryptBuffer(ArraySegment<byte> buffer, BufferManager bufferManager, int messageOffset, string elementToEncrypt = "s:Envelope")
        {
            var xmlDoc = new XmlDocument();

            using (var memoryStream = new MemoryStream(buffer.Array, buffer.Offset, buffer.Count))
            {
                xmlDoc.Load(memoryStream);                
            }

            Cryptographer.Encrypt(xmlDoc, elementToEncrypt);
            byte[] encryptedBytes = Encoding.UTF8.GetBytes(xmlDoc.OuterXml);
            byte[] bufferedBytes = bufferManager.TakeBuffer(encryptedBytes.Length);
            Array.Copy(encryptedBytes, 0, bufferedBytes, 0, encryptedBytes.Length);
            bufferManager.ReturnBuffer(buffer.Array);

            var byteArray = new ArraySegment<byte>(bufferedBytes, messageOffset, encryptedBytes.Length);

            return byteArray;
        }

        public static ArraySegment<byte> DecryptBuffer(ArraySegment<byte> buffer, BufferManager bufferManager)
        {
            var xmlDoc = new XmlDocument();
            using (var memoryStream = new MemoryStream(buffer.Array, buffer.Offset, buffer.Count))
            {
                xmlDoc.Load(memoryStream);
            }

            Cryptographer.Decrypt(xmlDoc);
            byte[] decryptedBytes = Encoding.UTF8.GetBytes(xmlDoc.OuterXml);

            byte[] bufferedBytes = bufferManager.TakeBuffer(decryptedBytes.Length);
            Array.Copy(decryptedBytes, 0, bufferedBytes, 0, decryptedBytes.Length);
            bufferManager.ReturnBuffer(buffer.Array);
            var byteArray = new ArraySegment<byte>(bufferedBytes, 0, decryptedBytes.Length);

            string s = Encoding.UTF8.GetString(byteArray.Array, byteArray.Offset, byteArray.Count);
            return byteArray;

        }

    }
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Morshed Anwar
Team Leader Adaptive Enterprise Limited (www.ael-bd.com)
Bangladesh Bangladesh
No Biography provided

| Advertise | Privacy | Mobile
Web04 | 2.8.140718.1 | Last Updated 13 Oct 2012
Article Copyright 2012 by Morshed Anwar
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid