How do I define channel security in WCF to encrypted messages using by a hard-coded symmetric key with AES256 standard? I do not want to use certificates and I am aware that this is a "weak" security practice.
Asked
Active
Viewed 998 times
4
-
1Why not use and trust the same self signed certificate with the same private key on both sides? I understand why you would not want PKI, but it would amount to about the same thing... – Maarten Bodewes Mar 10 '12 at 12:17
-
Actually this method is acceptable as a solution in ms scenario. However, in the long time passed since I asked the question I have decided to implement my security by configuring Windows to do IPSec intead. This also has the advantage of being transparent to the application. – dux2 Mar 11 '12 at 05:15
-
@owlstead - so assuming you go with certificates (which is also the direction I'm heading in now) but not have the same cert on both sides can you describe how to restrict it so that only certain clients can access the service? (since symmetric encryption is sort of ensuring both encryption and that the 2 parties are known to each other). If you can stick that in your answer I'll probably award the bounty to you (fwiw). – Xiaofu Mar 11 '12 at 13:23
-
Most of the time you can retrieve the certificates that clients use to authenticate to the server from the server side code. So in that case you have a two step authentication - you create an SSL connection based on the PKI, and then you filter out the right clients by requesting the cert. from the SSL implementation. I'm no WCF wiz, I found some stuff regarding Identities, maybe use that as a starter. – Maarten Bodewes Mar 11 '12 at 14:02
2 Answers
2
WCF does not support pre-shared key (PSK) it seems, more information here:
Community
- 1
- 1
Maarten Bodewes
- 90,524
- 13
- 150
- 263
-
That's true, out of the box WCF does not support it because it is considered less secure. Knowing this, @dux2 & I am therefore looking for a more concrete custom solution. I've looked into MessageInspectors and I guess you'd also need to turn off the standard WCF security (some crude authentication could be passed along with the encrypted msg instead). – Xiaofu Mar 10 '12 at 04:32
2
There is no configuration option to achieve this...
You will need to work with MessageInspectors, MessageFormatters and similar - for some good starting points see:
- http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.idispatchmessageformatter.aspx
- http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.iclientmessageformatter.aspx
- https://stackoverflow.com/a/3257760/847363
- http://benpowell.org/supporting-the-ws-i-basic-profile-password-digest-in-a-wcf-client-proxy/
- http://social.msdn.microsoft.com/Forums/en/wcf/thread/0f09954e-3cef-45b3-a00d-f0f579a06bf7
- http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.idispatchmessageinspector.aspx
- http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.iclientmessageinspector.aspx
- http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.iclientmessageinspector.beforesendrequest.aspx
- http://yuzhangqi.itpub.net/post/37475/500654
- http://wcfpro.wordpress.com/category/wcf-extensions/
- http://social.technet.microsoft.com/wiki/contents/articles/1322.how-to-inspect-wcf-message-headers-using-iclientmessageinspector-en-us.aspx
- http://weblogs.asp.net/paolopia/archive/2007/08/23/writing-a-wcf-message-inspector.aspx
- http://wcfpro.wordpress.com/2011/03/29/iclientmessageinspector/
- https://stackoverflow.com/a/8022912/847363
It might even be necessary to work with OperationSelectors...
-
A nice reading list to dive into, thanks. I have already made some prototypes using both message inspectors for custom encryption, and custom certificate validators for using certs as owlstead suggested so I expect I'll eventually arrive at a satisfactory solution that is 'secure enough'. – Xiaofu Mar 15 '12 at 13:07