Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
incorporating the cert
Browse files Browse the repository at this point in the history
birojnayak committed Oct 13, 2023
1 parent 38d0eb1 commit 433314e
Showing 2 changed files with 14 additions and 9 deletions.
Original file line number Diff line number Diff line change
@@ -5,6 +5,7 @@
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Security.Cryptography.X509Certificates;
using System.Threading.Tasks;
using CoreWCF.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
@@ -42,7 +43,7 @@ public static IHost CreateWebHostBuilder<TStartup>(string linuxSocketFilepath =


//only for test, don't use in production code
public static X509Certificate2 GetServiceCertificate()
public static async Task<X509Certificate2> GetServiceCertificateAsync()
{
string AspNetHttpsOid = "1.3.6.1.4.1.311.84.1.1";
X509Certificate2 foundCert = null;
@@ -76,10 +77,11 @@ public static X509Certificate2 GetServiceCertificate()
cert.Dispose();
}
}

if (foundCert == null)
foundCert = await ServiceUtilHelper.GetServiceMacineCertFromServerAsync();
return foundCert;
}

public static void CloseServiceModelObjects(params System.ServiceModel.ICommunicationObject[] objects)
{
foreach (System.ServiceModel.ICommunicationObject comObj in objects)
Original file line number Diff line number Diff line change
@@ -8,6 +8,7 @@
using System.ServiceModel;
using System.ServiceModel.Channels;
using System.ServiceModel.Description;
using System.Threading.Tasks;
using Binding.UDS.IntegrationTests;
using Binding.UDS.IntegrationTests.ServiceContract;
using CoreWCF.Configuration;
@@ -97,7 +98,7 @@ public void WindowsAuth()

[WcfFact]
[OuterLoop]
private void BasicCertAsTransport()
private async Task BasicCertAsTransportAsync()
{
string testString = new string('a', 3000);
IHost host = ServiceHelper.CreateWebHostBuilder<StartupForUnixDomainSocketTransportCertificate>(UDS.GetUDSFilePath());
@@ -111,8 +112,10 @@ private void BasicCertAsTransport()
Scheme = "net.uds",
Path = UDS.GetUDSFilePath()
};
var cert = await ServiceHelper.GetServiceCertificateAsync();
var identity = new X509CertificateEndpointIdentity(cert);
var factory = new System.ServiceModel.ChannelFactory<IEchoService>(binding,
new System.ServiceModel.EndpointAddress(uriBuilder.ToString()));
new System.ServiceModel.EndpointAddress(new Uri(uriBuilder.ToString()), identity));

factory.Credentials.ServiceCertificate.SslCertificateAuthentication = new System.ServiceModel.Security.X509ServiceCertificateAuthentication
{
@@ -121,7 +124,7 @@ private void BasicCertAsTransport()
};

ClientCredentials clientCredentials = (ClientCredentials)factory.Endpoint.EndpointBehaviors[typeof(ClientCredentials)];
clientCredentials.ClientCertificate.Certificate = ServiceHelper.GetServiceCertificate(); // this is a fake cert and we are not doing client cert validation
clientCredentials.ClientCertificate.Certificate = cert; // this is a fake cert and we are not doing client cert validation
var channel = factory.CreateChannel();
try
{
@@ -251,16 +254,16 @@ public void Configure(IHost host)
};

builder.AddServiceEndpoint<EchoService, IEchoService>(udsBinding, "net.uds://" + GetUDSFilePath());
Action<CoreWCF.ServiceHostBase> serviceHost = host => ChangeHostBehavior(host);
Action<CoreWCF.ServiceHostBase> serviceHost = async host => await ChangeHostBehaviorAsync(host);
builder.ConfigureServiceHostBase<EchoService>(serviceHost);
});
}

public void ChangeHostBehavior(CoreWCF.ServiceHostBase host)
public async Task ChangeHostBehaviorAsync(CoreWCF.ServiceHostBase host)
{
var srvCredentials = host.Credentials;
//provide the certificate, here we are getting the default asp.net core default certificate, not recommended for prod workload.
srvCredentials.ServiceCertificate.Certificate = ServiceHelper.GetServiceCertificate();
srvCredentials.ServiceCertificate.Certificate = await ServiceHelper.GetServiceCertificateAsync();
srvCredentials.ClientCertificate.Authentication.CertificateValidationMode = CoreWCF.Security.X509CertificateValidationMode.None;
}
}

0 comments on commit 433314e

Please sign in to comment.