WCF base64如何对客户端app.config中的public键进行编码
How does WCF base64 encode the public key in client app.config
我只是在玩 WCF 和证书。我在我的计算机上安装了一个证书,在我的 WCF 服务配置中引用它,如下所示:
<serviceCertificate findValue="testcert"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName" />
然后我启动服务。一切都很好。然后,我通过将服务添加为服务引用,在 visual studio 中创建了一个简单的客户端控制台程序。事实上,我可以联系该服务,所以一切正常!当我为我的客户查看 app.config 时,我有这个身份:
<identity>
<certificate encodedValue="AwAAAAEAAAAUAAAAuFTG2BUHH8JSm1VyxrCgEzaOQfAgAAAAAQAAALIEAAAwggSuMIIClqADAgECAhBqosPak3lGkETZ3xl9oaC0MA0GCSqGSIb3DQEBBQUAMBMxETAPBgNVBAMTCHRlc3RjZXJ0MB4XDTE1MDUwMjIyMDAwMFoXDTI1MDUwOTIyMDAwMFowEzERMA8GA1UEAxMIdGVzdGNlcnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCoRWN7519nqQ7uFwgKtUWdTyKUhz+OdF9XtQF431/A1nhVsQsZ+J2k2Ola63eyTIEdR4y6jUx7KfQ1TMOtKSKB6iobP+JT8jibS1Ll47s6Ym2iEGLI6myftsuTezjObrnFO3tifCIMeKtMKdu1XYkpWr/DQogBElI6ZjkpaxIN+R+kw0cBwUm1o29/3V3VdHY9rlh4j8YJPMY903WCU/p7kCjiCfHWrWEkicer1rC6OC0TPLQVP0FSt6dCo1ptvHHk+aIUOU/lExCpT/FYjGUw5l8KeLz+V2xJ+Uy/kjuaAfSqE9wel/yDhDq599xbiBCViyAFSOfl11IcmOpA+H2LLuqvYZaFfem0MrTNJbr79Xjp/ywaQYf0jcK/D7t+6ouPmv4hibkeeELO1Cy3LQIYc3MNkvAkoiIXTxve2TmmN8CThQPfX3jrFm+sHvUEja4HnP5sbMuk9yNEvS+pJZj6hcmRyHzj9GIRRB5rCYfg/6pe0ttIs0Y4vaVzO232i4ffL1S9OzSLf7OYHfKvPc7YeEuouqPSAjIzB9BbEh678AtIUmatOiSBPpHYsPgz5QN+0kNSCgXnVkV+XN+JEOjxmHxGaPQHP3bvXAXZ94Y8jeSzLH5SyDxakAEJuujTL3wSRbNAy+ORexSC3YGmuQixaOHuTZ40BCQKxrDo/+NX6wIDAQABMA0GCSqGSIb3DQEBBQUAA4ICAQCcPb5B8Q3X3XqIrrNbzl4Eb4mLzmHrRP/W64LssGLr9O0MoJYw+RdOWyIbEtvg7nq0p0qBSi7lBq1ete/RSNiT3WMjIRPCgwZkq/yadolGgtRBq3FVHR7royjLu1DwOBtAhMQuBHopK6Dt88E4z8Bh/vyMruMs7VSH6cFbA0+iII02TLkC4+cgt5ZTxdet2JwyGsHNdk9c8pfq50Wht3kFzZPMYrowYH/c0fxkaIqWUN+W2sabBj/lzpo3kd6q0bBqamek9Bmk6IgikQrgx/ktAF3ul1u+2ybltQ7gJZIIuZphDSPmRRm+/sB2Wf6XGSG1ZUhrxsofQ7HVhlksTIfDQ7CtB8IlTmtesorJNfXw9ymKDWzvDRfNEVChDj/OGu3GHX6qwq7PeCsstxQeQRVQgB4Mo+ghCeTjH20xCxOzzZZVP0IRe/WvxNzxJxcnzYCgF7F9ztQBJoqUBqLVKdXYnLFRymFPpnc6OOTIi/+yD/4oNV9qMfFX14K+rVmq+HkDW1p3ipteDz2xzodiiYTk27yILHb3yJ2GgvuLmv4zKgUc3KTkxQeN4fmDOgqFP9VFXGWqgiPrbuFiBB+VNFDwbqgQtnz/tmZ6PDCNuMFJYALYSnKzU9/IWWScivzVeyrZuWPALX8nW3gAtOOgTaSKg9/3jAAqIWqTvkO0sviG6A==" /></identity>
我在某处读到该值是 public 密钥的 base64 编码值,由服务的 wsdl 提供。这个对吗?如果我查看 wsdl,这里的 public 键是
<Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>
MIIErjCCApagAwIBAgIQaqLD2pN5RpBE2d8ZfaGgtDANBgkqhkiG9w0BAQUFADATMREwDwYDVQQDEwh0ZXN0Y2VydDAeFw0xNTA1MDIyMjAwMDBaFw0yNTA1MDkyMjAwMDBaMBMxETAPBgNVBAMTCHRlc3RjZXJ0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqEVje+dfZ6kO7hcICrVFnU8ilIc/jnRfV7UBeN9fwNZ4VbELGfidpNjpWut3skyBHUeMuo1Meyn0NUzDrSkigeoqGz/iU/I4m0tS5eO7OmJtohBiyOpsn7bLk3s4zm65xTt7YnwiDHirTCnbtV2JKVq/w0KIARJSOmY5KWsSDfkfpMNHAcFJtaNvf91d1XR2Pa5YeI/GCTzGPdN1glP6e5Ao4gnx1q1hJInHq9awujgtEzy0FT9BUrenQqNabbxx5PmiFDlP5RMQqU/xWIxlMOZfCni8/ldsSflMv5I7mgH0qhPcHpf8g4Q6uffcW4gQlYsgBUjn5ddSHJjqQPh9iy7qr2GWhX3ptDK0zSW6+/V46f8sGkGH9I3Cvw+7fuqLj5r+IYm5HnhCztQsty0CGHNzDZLwJKIiF08b3tk5pjfAk4UD31946xZvrB71BI2uB5z+bGzLpPcjRL0vqSWY+oXJkch84/RiEUQeawmH4P+qXtLbSLNGOL2lcztt9ouH3y9UvTs0i3+zmB3yrz3O2HhLqLqj0gIyMwfQWxIeu/ALSFJmrTokgT6R2LD4M+UDftJDUgoF51ZFflzfiRDo8Zh8Rmj0Bz9271wF2feGPI3ksyx+Usg8WpABCbro0y98EkWzQMvjkXsUgt2BprkIsWjh7k2eNAQkCsaw6P/jV+sCAwEAATANBgkqhkiG9w0BAQUFAAOCAgEAnD2+QfEN1916iK6zW85eBG+Ji85h60T/1uuC7LBi6/TtDKCWMPkXTlsiGxLb4O56tKdKgUou5QatXrXv0UjYk91jIyETwoMGZKv8mnaJRoLUQatxVR0e66Moy7tQ8DgbQITELgR6KSug7fPBOM/AYf78jK7jLO1Uh+nBWwNPoiCNNky5AuPnILeWU8XXrdicMhrBzXZPXPKX6udFobd5Bc2TzGK6MGB/3NH8ZGiKllDfltrGmwY/5c6aN5HeqtGwampnpPQZpOiIIpEK4Mf5LQBd7pdbvtsm5bUO4CWSCLmaYQ0j5kUZvv7Adln+lxkhtWVIa8bKH0Ox1YZZLEyHw0OwrQfCJU5rXrKKyTX18Pcpig1s7w0XzRFQoQ4/zhrtxh1+qsKuz3grLLcUHkEVUIAeDKPoIQnk4x9tMQsTs82WVT9CEXv1r8Tc8ScXJ82AoBexfc7UASaKlAai1SnV2JyxUcphT6Z3OjjkyIv/sg/+KDVfajHxV9eCvq1Zqvh5A1tad4qbXg89sc6HYomE5Nu8iCx298idhoL7i5r+MyoFHNyk5MUHjeH5gzoKhT/VRVxlqoIj627hYgQflTRQ8G6oELZ8/7ZmejwwjbjBSWAC2Epys1PfyFlknIr81Xsq2bljwC1/J1t4ALTjoE2kioPf94wAKiFqk75DtLL4hug=
</X509Certificate>
</X509Data>
</KeyInfo>
</Identity>
当我从证书存储区导出密钥(base64 编码导出)时,它与 public 密钥匹配。一切都很好。但是我不知道 wsdl 和导出的值如何对应于客户端 app.config 文件中的值?如果我对导出的值(或来自 wsdl 的值)进行 base64 编码,我不会得到编码值。
所以我的问题是:客户端 app.config 文件中的值是如何编码的?我错过了什么吗?它甚至是客户端 app.config 中存在的 public 密钥吗?
这两个值均适用于指纹为 B854C6D815071FC2529B5572C6B0A013368E41F0 且主题为 CN=testcert
的证书
其中一个是使用此方法 (https://msdn.microsoft.com/en-us/library/dxz81eb9(v=vs.110).aspx) 并通过 Cert X509ContentType 后将获得的字节的 base64 编码,另一个是使用 SerializedCert X509ContentType。
我不知道为什么一个比另一个使用,但它们代表相同的东西(尽管从我发布的 link 看来,SerializedCert 包含包含在 Windows 证书存储以及证书本身)
我只是在玩 WCF 和证书。我在我的计算机上安装了一个证书,在我的 WCF 服务配置中引用它,如下所示:
<serviceCertificate findValue="testcert"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName" />
然后我启动服务。一切都很好。然后,我通过将服务添加为服务引用,在 visual studio 中创建了一个简单的客户端控制台程序。事实上,我可以联系该服务,所以一切正常!当我为我的客户查看 app.config 时,我有这个身份:
<identity>
<certificate encodedValue="AwAAAAEAAAAUAAAAuFTG2BUHH8JSm1VyxrCgEzaOQfAgAAAAAQAAALIEAAAwggSuMIIClqADAgECAhBqosPak3lGkETZ3xl9oaC0MA0GCSqGSIb3DQEBBQUAMBMxETAPBgNVBAMTCHRlc3RjZXJ0MB4XDTE1MDUwMjIyMDAwMFoXDTI1MDUwOTIyMDAwMFowEzERMA8GA1UEAxMIdGVzdGNlcnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCoRWN7519nqQ7uFwgKtUWdTyKUhz+OdF9XtQF431/A1nhVsQsZ+J2k2Ola63eyTIEdR4y6jUx7KfQ1TMOtKSKB6iobP+JT8jibS1Ll47s6Ym2iEGLI6myftsuTezjObrnFO3tifCIMeKtMKdu1XYkpWr/DQogBElI6ZjkpaxIN+R+kw0cBwUm1o29/3V3VdHY9rlh4j8YJPMY903WCU/p7kCjiCfHWrWEkicer1rC6OC0TPLQVP0FSt6dCo1ptvHHk+aIUOU/lExCpT/FYjGUw5l8KeLz+V2xJ+Uy/kjuaAfSqE9wel/yDhDq599xbiBCViyAFSOfl11IcmOpA+H2LLuqvYZaFfem0MrTNJbr79Xjp/ywaQYf0jcK/D7t+6ouPmv4hibkeeELO1Cy3LQIYc3MNkvAkoiIXTxve2TmmN8CThQPfX3jrFm+sHvUEja4HnP5sbMuk9yNEvS+pJZj6hcmRyHzj9GIRRB5rCYfg/6pe0ttIs0Y4vaVzO232i4ffL1S9OzSLf7OYHfKvPc7YeEuouqPSAjIzB9BbEh678AtIUmatOiSBPpHYsPgz5QN+0kNSCgXnVkV+XN+JEOjxmHxGaPQHP3bvXAXZ94Y8jeSzLH5SyDxakAEJuujTL3wSRbNAy+ORexSC3YGmuQixaOHuTZ40BCQKxrDo/+NX6wIDAQABMA0GCSqGSIb3DQEBBQUAA4ICAQCcPb5B8Q3X3XqIrrNbzl4Eb4mLzmHrRP/W64LssGLr9O0MoJYw+RdOWyIbEtvg7nq0p0qBSi7lBq1ete/RSNiT3WMjIRPCgwZkq/yadolGgtRBq3FVHR7royjLu1DwOBtAhMQuBHopK6Dt88E4z8Bh/vyMruMs7VSH6cFbA0+iII02TLkC4+cgt5ZTxdet2JwyGsHNdk9c8pfq50Wht3kFzZPMYrowYH/c0fxkaIqWUN+W2sabBj/lzpo3kd6q0bBqamek9Bmk6IgikQrgx/ktAF3ul1u+2ybltQ7gJZIIuZphDSPmRRm+/sB2Wf6XGSG1ZUhrxsofQ7HVhlksTIfDQ7CtB8IlTmtesorJNfXw9ymKDWzvDRfNEVChDj/OGu3GHX6qwq7PeCsstxQeQRVQgB4Mo+ghCeTjH20xCxOzzZZVP0IRe/WvxNzxJxcnzYCgF7F9ztQBJoqUBqLVKdXYnLFRymFPpnc6OOTIi/+yD/4oNV9qMfFX14K+rVmq+HkDW1p3ipteDz2xzodiiYTk27yILHb3yJ2GgvuLmv4zKgUc3KTkxQeN4fmDOgqFP9VFXGWqgiPrbuFiBB+VNFDwbqgQtnz/tmZ6PDCNuMFJYALYSnKzU9/IWWScivzVeyrZuWPALX8nW3gAtOOgTaSKg9/3jAAqIWqTvkO0sviG6A==" /></identity>
我在某处读到该值是 public 密钥的 base64 编码值,由服务的 wsdl 提供。这个对吗?如果我查看 wsdl,这里的 public 键是
<Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>
MIIErjCCApagAwIBAgIQaqLD2pN5RpBE2d8ZfaGgtDANBgkqhkiG9w0BAQUFADATMREwDwYDVQQDEwh0ZXN0Y2VydDAeFw0xNTA1MDIyMjAwMDBaFw0yNTA1MDkyMjAwMDBaMBMxETAPBgNVBAMTCHRlc3RjZXJ0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqEVje+dfZ6kO7hcICrVFnU8ilIc/jnRfV7UBeN9fwNZ4VbELGfidpNjpWut3skyBHUeMuo1Meyn0NUzDrSkigeoqGz/iU/I4m0tS5eO7OmJtohBiyOpsn7bLk3s4zm65xTt7YnwiDHirTCnbtV2JKVq/w0KIARJSOmY5KWsSDfkfpMNHAcFJtaNvf91d1XR2Pa5YeI/GCTzGPdN1glP6e5Ao4gnx1q1hJInHq9awujgtEzy0FT9BUrenQqNabbxx5PmiFDlP5RMQqU/xWIxlMOZfCni8/ldsSflMv5I7mgH0qhPcHpf8g4Q6uffcW4gQlYsgBUjn5ddSHJjqQPh9iy7qr2GWhX3ptDK0zSW6+/V46f8sGkGH9I3Cvw+7fuqLj5r+IYm5HnhCztQsty0CGHNzDZLwJKIiF08b3tk5pjfAk4UD31946xZvrB71BI2uB5z+bGzLpPcjRL0vqSWY+oXJkch84/RiEUQeawmH4P+qXtLbSLNGOL2lcztt9ouH3y9UvTs0i3+zmB3yrz3O2HhLqLqj0gIyMwfQWxIeu/ALSFJmrTokgT6R2LD4M+UDftJDUgoF51ZFflzfiRDo8Zh8Rmj0Bz9271wF2feGPI3ksyx+Usg8WpABCbro0y98EkWzQMvjkXsUgt2BprkIsWjh7k2eNAQkCsaw6P/jV+sCAwEAATANBgkqhkiG9w0BAQUFAAOCAgEAnD2+QfEN1916iK6zW85eBG+Ji85h60T/1uuC7LBi6/TtDKCWMPkXTlsiGxLb4O56tKdKgUou5QatXrXv0UjYk91jIyETwoMGZKv8mnaJRoLUQatxVR0e66Moy7tQ8DgbQITELgR6KSug7fPBOM/AYf78jK7jLO1Uh+nBWwNPoiCNNky5AuPnILeWU8XXrdicMhrBzXZPXPKX6udFobd5Bc2TzGK6MGB/3NH8ZGiKllDfltrGmwY/5c6aN5HeqtGwampnpPQZpOiIIpEK4Mf5LQBd7pdbvtsm5bUO4CWSCLmaYQ0j5kUZvv7Adln+lxkhtWVIa8bKH0Ox1YZZLEyHw0OwrQfCJU5rXrKKyTX18Pcpig1s7w0XzRFQoQ4/zhrtxh1+qsKuz3grLLcUHkEVUIAeDKPoIQnk4x9tMQsTs82WVT9CEXv1r8Tc8ScXJ82AoBexfc7UASaKlAai1SnV2JyxUcphT6Z3OjjkyIv/sg/+KDVfajHxV9eCvq1Zqvh5A1tad4qbXg89sc6HYomE5Nu8iCx298idhoL7i5r+MyoFHNyk5MUHjeH5gzoKhT/VRVxlqoIj627hYgQflTRQ8G6oELZ8/7ZmejwwjbjBSWAC2Epys1PfyFlknIr81Xsq2bljwC1/J1t4ALTjoE2kioPf94wAKiFqk75DtLL4hug=
</X509Certificate>
</X509Data>
</KeyInfo>
</Identity>
当我从证书存储区导出密钥(base64 编码导出)时,它与 public 密钥匹配。一切都很好。但是我不知道 wsdl 和导出的值如何对应于客户端 app.config 文件中的值?如果我对导出的值(或来自 wsdl 的值)进行 base64 编码,我不会得到编码值。
所以我的问题是:客户端 app.config 文件中的值是如何编码的?我错过了什么吗?它甚至是客户端 app.config 中存在的 public 密钥吗?
这两个值均适用于指纹为 B854C6D815071FC2529B5572C6B0A013368E41F0 且主题为 CN=testcert
的证书其中一个是使用此方法 (https://msdn.microsoft.com/en-us/library/dxz81eb9(v=vs.110).aspx) 并通过 Cert X509ContentType 后将获得的字节的 base64 编码,另一个是使用 SerializedCert X509ContentType。
我不知道为什么一个比另一个使用,但它们代表相同的东西(尽管从我发布的 link 看来,SerializedCert 包含包含在 Windows 证书存储以及证书本身)