gpt4 book ai didi

.net - 使用 SignedXml.ComputeSignature 将签名添加到配置文件后为 "Unrecognized configuration section"

转载 作者:行者123 更新时间:2023-12-02 06:19:22 24 4
gpt4 key购买 nike

我有一个使用 .NET 3.5 Framework 构建的 Windows 窗体应用程序,该应用程序自行托管 WCF 服务。该服务和应用程序可以自行正常运行。

考虑到是否可以在 app.config 文件中访问地址和绑定(bind)信息,我决定使用 System.Security.Cryptography.Xml.SignedXml.ComputeSignature 添加数字签名。然后我将签名添加到 app.config 并保存。这会在 app.config 中创建一个 Signature 元素,作为 app.config 文件的配置节点的最终子元素。

我添加了一个在启动服务之前检查签名的功能。应用程序正确验证了签名,但是当尝试启动服务时,它会抛出以下嵌套错误:

  1. “System.ServiceModel.DiagnosticUtility”的类型初始值设定项引发异常。

2.配置系统初始化失败

3.无法识别的配置部分签名。

我将 Signature 元素放置在 app.config 中的位置似乎并不重要。签名总是正确验证,并且服务总是对无法识别的配置部分进行轰炸。注释掉 app.config 中的 Signature 元素和代码中的签名检查,服务将再次启动,不会出现任何问题。

为什么服务会抛出这些错误,我该如何解决这些错误?

这是带有经过编辑的应用程序名称和 URL 的 app.config:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<section name="MyApp.My.MySettings" type="System.Configuration.ClientSettingsSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</sectionGroup>
</configSections>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="MyAppServicePortBinding" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://myappurl/MyService" binding="basicHttpBinding" bindingConfiguration="MyAppServicePortBinding" contract="MyAppService" name="MyAppServicePort" />
</client>
<services>
<service name="MyApp.MyService" behaviorConfiguration="MyAppServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="http://mylocalservice:8080/LocalService" />
</baseAddresses>
</host>
<!-- this endpoint is exposed at the base address provided by host -->
<endpoint address="" binding="wsHttpBinding" contract="MyApp.IServiceInit" bindingNamespace="http://mylocalservice:8080/LocalService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MyAppServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<applicationSettings>
<MyApp.My.MySettings>
<setting name="DefaultEntryType" serializeAs="String">
<value>M</value>
</setting>
<setting name="CardTypes" serializeAs="String">
<value>1111</value>
</setting>
<setting name="Freq" serializeAs="String">
<value>120000</value>
</setting>
</MyApp.My.MySettings>
</applicationSettings>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>jJYnz3j6LgxqdcUgvNSGNmJVum4=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>czpn/uA31kMSoGFk2hi3SCYky6YM6/MjBT3lpMn7wluCjeFIFj0vJJZVI9ueQQn/RglFi8RIfAyov3rDwiS+pP/4b1Yh8KqNOftHMH9pC+CFsMHMQnIoPHyXVrFLpuU6rzjACdUky4zuB7I7Q5AHf1CF8F9PSEgIxiQ4gHgPhJCLujl6wvsMg3rXDHazRQ2Curj94iKUIsKo50X1dJxER1oWOB9g6QgzqsXTOmUkgGOygJrnrn1WQJ0UbWAvHHXIPZdD6jOL24vqhOYm55+b6hlkWdIvEvLBPVMtv2V8oQqxBpWRDh8ovMn4LQdgcFOpa/vG3ISXGp2oRzsCEpaxCQ==</SignatureValue>
</Signature>
</configuration>

最佳答案

您缺少一些允许将签名嵌入到 app.config 中的基本信息。

来自http://www.beefycode.com/post/Managing-AppConfig-Integrity-using-Xml-Digital-Signatures.aspx关于将签名添加到 app.config 文件:

We can't just plop this new element in the app.config and expect the .NET configuration manager to process it without knowing what it is; this will cause failure during application startup. No special tricks here, we simply need to instruct the configuration system to ignore this element by adding the following to the top of the config file.

首先在 app.config 中输入以下内容:

<configSections>
...
<section name="Signature" type="System.Configuration.IgnoreSectionHandler" />
</configSections>

查看上面的链接以获取完整的 app.config 和使用示例。它应该可以完成这项工作。

关于.net - 使用 SignedXml.ComputeSignature 将签名添加到配置文件后为 "Unrecognized configuration section",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/7617726/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com