Merge pull request #51 from gsuberland/ssl-ipc

Add support for SSL

Author: jacqueskang

README.md

@@ -2,7 +2,7 @@
 
 # IpcServiceFramework
 
-A .NET Core lightweight inter-process communication framework allowing invoking a service via named pipeline and/or TCP (in a similar way as WCF, which is currently unavailable for .NET Core).
+A .NET Core lightweight inter-process communication framework allowing invoking a service via named pipeline and/or TCP (in a similar way as WCF, which is currently unavailable for .NET Core). Secure communication over SSL is also supported.
 
 Support using primitive or complexe types in service contract.
 
@@ -109,3 +109,55 @@ $ dotnet add package JKang.IpcServiceFramework.Client
 ```
 
 __Welcome to raise any issue or even provide any suggestion/PR to participate this project!__
+
+## Security
+
+If you are running IPC channels over TCP on an untrusted network, you should consider using SSL. IpcServiceFramework supports SSL on TCP clients and hosts.
+
+### Generate certificates for testing
+
+**Do not use the provided certificates in the project folder.** These are used for example purposes only.
+
+For testing, you can generate a self-signed certificate using the following openssl command:
+
+    openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.cer -days 365
+
+This generates a key and a certificate that can be used for testing.
+
+### Setting up the SSL endpoint
+
+The endpoint requires a PKCS12 file containing both the certificate and a corresponding private key.
+
+A certificate and key can be combined to a PKCS12 file for use with the server using the following command:
+
+    openssl pkcs12 -export -in cert.cer -inkey key.pem -out server.pfx
+
+You will be asked for a password.
+
+You can import the certificate and provide it to the server endpoint using code similar to the following:
+
+    var certificate = new X509Certificate2(@"path\to\server.pfx", "password");
+	serviceHostBuilder.AddTcpEndpoint<ISomeServiceContract>("someEndpoint", ip, port, certificate);
+
+See the ConsoleServer and WebServer projects for more complete examples.
+
+Note: for security and maintenance reasons, we do not recommend that you hard-code the certificate password. It should instead be stored in the application configuration file so that it can be easily changed.
+
+### Safe usage
+
+SSL/TLS is only secure if you use it properly. Here are some tips:
+
+* For production purposes, use a proper server certificate, signed by a real certificate authority (CA) or your organisation's internal CA. Do not use self-signed certificates in production.
+* Do not use custom certificate validation callbacks on the client. They are hard to implement correctly and tend to result in security issues.
+* Unconditionally returning true in a validation callback provides no security whatsoever against an attacker who can perform man-in-the-middle attacks.
+* The callback used in the ConsoleServer project example is not secure. It checks for the correct certificate by hash but does not check its validity, expiry date, revocation status, or other important security properties.
+
+### Client certificates
+
+Client certificates are not currently supported.
+
+## Stream translators
+
+If you want to process the binary data after serialisation or before deserialisation, for example to add a custom handshake when the connection begins, you can do so using a stream translator. Host and client classes allow you to pass a `Func<Stream, Stream>` stream translation callback in their constructors, which can be used to "wrap" a custom stream around the network stream. This is supported on TCP communications both with and without SSL enabled. See the `XorStream` class in the IpcServiceSample.ServiceContracts project for an example of a stream translator.
+
+Stream translators are also useful for logging packets for debugging. See the `LoggingStream` class in the IpcServiceSample.ServiceContracts project for an example of using a stream translator to log traffic.

src/IpcServiceSample.ConsoleClient/Program.cs

@@ -1,7 +1,10 @@
 using IpcServiceSample.ServiceContracts;
+using IpcServiceSample.ServiceContracts.Helpers;
 using JKang.IpcServiceFramework;
 using System;
 using System.Net;
+using System.Net.Security;
+using System.Security.Cryptography.X509Certificates;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
@@ -35,6 +38,20 @@ await Task.WhenAll(RunTestsAsync(source.Token), Task.Run(() =>
             }
         }
 
+        private static bool InsecureValidationCallback_TESTONLY(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
+        {
+            /* WARNING: Using certificate validation callback can be dangerous. Incorrect implementation can lead to serious security issues.
+             * 
+             * For example, unconditionally returning true in this function provides no security whatsoever against an attacker who can perform
+             * man-in-the-middle attacks.
+             * 
+             * This function is used only for test purposes. It validates only that the correct server certificate is used by the server.
+             * However, it does not validate the certificate chain or validate that the certificate common name matches the server domain name.
+             * Do not use this example in a production application.
+            */
+            return certificate.GetCertHashString() == "FA54627C36D3DAEFF69E04B59120992305A7104F";
+        }
+
         private static async Task RunTestsAsync(CancellationToken cancellationToken)
         {
             IpcServiceClient<IComputingService> computingClient = new IpcServiceClientBuilder<IComputingService>()
@@ -45,6 +62,18 @@ private static async Task RunTestsAsync(CancellationToken cancellationToken)
                 .UseTcp(IPAddress.Loopback, 45684)
                 .Build();
 
+            IpcServiceClient<ITestService> secureClient = new IpcServiceClientBuilder<ITestService>()
+                .UseTcp(IPAddress.Loopback, 44384, "test-ipcsf-secure-server", InsecureValidationCallback_TESTONLY)
+                .Build();
+
+            IpcServiceClient<ITestService> xorTranslatedClient = new IpcServiceClientBuilder<ITestService>()
+                .UseTcp(IPAddress.Loopback, 45454, s => new XorStream(s))
+                .Build();
+
+            IpcServiceClient<ISystemService> loggedClient = new IpcServiceClientBuilder<ISystemService>()
+                .UseTcp(IPAddress.Loopback, 45684, s => new LoggingStream(s, "ipc.log"))
+                .Build();
+
             // test 1: call IPC service method with primitive types
             float result1 = await computingClient.InvokeAsync(x => x.AddFloat(1.23f, 4.56f), cancellationToken);
             Console.WriteLine($"[TEST 1] sum of 2 floating number is: {result1}");
@@ -96,6 +125,18 @@ private static async Task RunTestsAsync(CancellationToken cancellationToken)
             // test 11: call async server function
             int sum = await computingClient.InvokeAsync(x => x.SumAsync(1, 1));
             Console.WriteLine($"[TEST 11] Called async function: {sum}");
+          
+            // test 12: call secure service method
+            generatedId = await secureClient.InvokeAsync(x => x.GenerateId(), cancellationToken);
+            Console.WriteLine($"[TEST 12] Called secure service method, generated ID is: {generatedId}");
+
+            // test 13 call translated service method
+            generatedId = await xorTranslatedClient.InvokeAsync(x => x.GenerateId(), cancellationToken);
+            Console.WriteLine($"[TEST 13] Called translated service method, generated ID is: {generatedId}");
+            
+            // test 14: use a translated stream to log data to a text file
+            generatedId = await loggedClient.InvokeAsync(x => x.GenerateId(), cancellationToken);
+            Console.WriteLine($"[TEST 14] Called method using stream translator for logging, generated ID is: {generatedId}");
         }
     }
 }

src/IpcServiceSample.ConsoleServer/Certificates/cert.crt

@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFfTCCA2WgAwIBAgIUCTca4HpnnD5ZL3E3YIiM+meBmLYwDQYJKoZIhvcNAQEL
+BQAwTjELMAkGA1UEBhMCWFgxDTALBgNVBAgMBFRlc3QxDTALBgNVBAoMBFRlc3Qx
+ITAfBgNVBAMMGHRlc3QtaXBjc2Ytc2VjdXJlLXNlcnZlcjAeFw0xODEyMTIyMjQ4
+NDNaFw0yODEyMDkyMjQ4NDNaME4xCzAJBgNVBAYTAlhYMQ0wCwYDVQQIDARUZXN0
+MQ0wCwYDVQQKDARUZXN0MSEwHwYDVQQDDBh0ZXN0LWlwY3NmLXNlY3VyZS1zZXJ2
+ZXIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCsQeBCs8OknFXnlz0i
+a6ScSF2cS/zKKpExDfhcLlGRhcXwydu1q3SMumvFgOMqKeBs7oM2JT1VqEWC77D6
+Cct+rIAdEw/Km1njYxLjo4buYIwJbNeJT+iZv0sSFJvx+Go15n6QfrFcmVGy52Hs
+BkD7SQTSLv9D5UwysNn7i/BcSXZPw272oobYqRKeQQ0aVMCP7f0O1vXcJVVsER0H
+YpI0m7BTpIFQbGg8jnjSue0AKQmYyzoroOwW1B7y/lp8W43lCL40ZMiBwZQ6jFFp
+OHBB+SxQqzWr6duBxA6F96tlDEXZXCJoOt0nIVXtXcv5q5xpcuiIil21aIVMSw3o
+Eo7ccvIm/gTCUnkJ0ahx7DAX1jaTt5Zh8K78z0CXxr5pg+Q/BFdGZ0iaYBtKX+yL
+1vcWLusKYhI2IEFgtJXhfjaYm/rhTjS4SCzmAMexWPWJXy/Bu1nh2fSrMMZeWyeu
+S/0T60cZav/Pqqat+ReufvxRlpYlq8KfOuVrfbwbYZwR4NyVRDPNhAMgTZngqTbN
+5xsqrH1pNspwU8emJOUvH0CWY4/qRr5uJzbNsBS9nbJERAQe0wsPpw8ZOgItmEX/
+X562cjGrCXvaQewh2a17kvFq+eEpR/pMs/JBGT22wFVfof0Sy/Fl0w0hHW4QPM7e
++I9mbNuedK4w6vUSqwCK5knpeQIDAQABo1MwUTAdBgNVHQ4EFgQU3Xxk9XFDaGnZ
+zck+or/hA5yRJEswHwYDVR0jBBgwFoAU3Xxk9XFDaGnZzck+or/hA5yRJEswDwYD
+VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAVih/7NFQsbjieZZcxqvk
+XhfnMMXtJZiHnTS5gFEtbAwuhCYE2yrhXngGKXSQX2XCcuSzvgVysiV/prN+KVHf
+APZXiGjOaCJwPHkiCeJ/bub+cLclnm3dNnoHgmKhIZgv7C/bAnGGdcwlOP76lgg2
+c/pEuFyfN1mwEiHjO/ryEHF3KxpGvdlkHZXnSoRP+Ghk0PCmwJkyRaCkn6YbeAq2
++7CVnlMwzCqsIRb2yz/0COWJYTH3w39Ejf5HGGl2TKQ3mt1425m5j/kJdBxCE6cC
+epufzBae143qvkDGN4/3Xhb3QGxh7ep9RGXTgPHlQqXMS6gWpa9dJ1wGJb1M4O92
+V6c+Gp87mA42/sew1kBERx8KupgM/zTatRO+b5DCRkTuZ/aQvxaod3c++0WeufsC
+IFMOGkqYNDot2bAqFQKqg72FXR0OD/Iq4R6ZQNeYUoNH3c4ev3zcevPzaO9wwP06
+C5vfp4QivK/3vcjHMxfCEPm3KNls/U6syTTH12RHguGUHsEd7SY4S7n3oJoziXtf
+yzKQF+CkDTWC86pjm9bN3AchObYJIbVx+vZnWOzDmOZTE0AshGWxlWTR3TMJLiNr
+sgtTfiNEN+6HbKh4aoDAtapwyoGy0LfqoiLHAYjp8ePS1v0Lr80c5yoPDLrfdYHK
+ZHQzl1Ey1cFJr0zpx9Bi33I=
+-----END CERTIFICATE-----

src/IpcServiceSample.ConsoleServer/Certificates/key.pem

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCsQeBCs8OknFXn
+lz0ia6ScSF2cS/zKKpExDfhcLlGRhcXwydu1q3SMumvFgOMqKeBs7oM2JT1VqEWC
+77D6Cct+rIAdEw/Km1njYxLjo4buYIwJbNeJT+iZv0sSFJvx+Go15n6QfrFcmVGy
+52HsBkD7SQTSLv9D5UwysNn7i/BcSXZPw272oobYqRKeQQ0aVMCP7f0O1vXcJVVs
+ER0HYpI0m7BTpIFQbGg8jnjSue0AKQmYyzoroOwW1B7y/lp8W43lCL40ZMiBwZQ6
+jFFpOHBB+SxQqzWr6duBxA6F96tlDEXZXCJoOt0nIVXtXcv5q5xpcuiIil21aIVM
+Sw3oEo7ccvIm/gTCUnkJ0ahx7DAX1jaTt5Zh8K78z0CXxr5pg+Q/BFdGZ0iaYBtK
+X+yL1vcWLusKYhI2IEFgtJXhfjaYm/rhTjS4SCzmAMexWPWJXy/Bu1nh2fSrMMZe
+WyeuS/0T60cZav/Pqqat+ReufvxRlpYlq8KfOuVrfbwbYZwR4NyVRDPNhAMgTZng
+qTbN5xsqrH1pNspwU8emJOUvH0CWY4/qRr5uJzbNsBS9nbJERAQe0wsPpw8ZOgIt
+mEX/X562cjGrCXvaQewh2a17kvFq+eEpR/pMs/JBGT22wFVfof0Sy/Fl0w0hHW4Q
+PM7e+I9mbNuedK4w6vUSqwCK5knpeQIDAQABAoICAQCUKFTrChLMEmsQtlQutsbu
+ZI+fTvwuJk6bEpj7MBuYPqbxY61FpCKqp+zqAuFf8oTFLKBOgdkvQ3wGEoL1jFcq
+rNPELhD3AoddvGkSwiPcA85ujN8Vi1VUZ+P5uSAoDrHLimRxg4apTnWmmrzudLKP
+b05mOWX0z9OqBdJ3OPWTatwH3uAh4ch5sXICC5FphFvbb6aojNsKblH6kP2WzIFU
+HlSanHNc6OD+tMvW83OVH7bRZHqz68UkHW5BMeRB8b0psUtnZQfQEt+bO/UJuzFS
+jS5AdAHFy26xPh//ufYBA31QZp5xZ6+vaEyvzG0UYTY2vE6kod3Xmf6MkEF1ygB0
+0arsKvpTi9DN3tT02oxO1zrGj35Hn5Hmdq4SjexRHTRktlOpY6e7pOYK1fnKxXlX
+OVn7+iaFBIM2M1GhXdcuetMd4cswtKbOwR5K4HpO3op64IeiNlh2OdrzkbW+67s0
+g5N3kNZ6wZ4x8Syim8SsEEYHu1bhOvp5Im3zCVdVOxvkYogjxVc+COayu0ROPR4K
+81DLX5oI8AV7LkRVNiAH4/c/qRm2eTPdVtrrSBZ+GoSBw5YpwSi4EUh/i4FooN5I
+16OpH5OHwvufNgGQj9LF16Z1LfTrg5Vo7dA0v+1EBFig6jLpByD5SfRcqYtLTwYc
+UDQFBR32F7BUd4fUdMQSwQKCAQEA4AWadKLNyXjw7gaqdewyDtPyjhqsth4R+UzU
+Cb+Fr6xJv6YLp6sxUwHlynLnTHZWxtBbAM53UHk5PB7d/7EGRbQfPG+i8wjOa3WF
+BpcwIRB1M8dKa1StZH1T56H9+cDqr2yXcw0KOdQBZAoIPY/PTFeSQFS4Q8U47XQG
+8T5HrQAlIpn96jXDko/4eyhIF6DYo0+RCT47R6UtgPZMVhrh8txN92qhTTYqX/hx
+qHJL1I2hXnK4P/7HfAVFPl2I95JY4bcmC/+jEGqZiQEMXWdbQXO/9NdaCcpp1as2
+CpbCe/tA2oNyOGXrH0j9BtYHpVdvcagXi91gxd6+wEa4/285mwKCAQEAxNimA/CI
+BJWZN8P8341R0O7002zsrqRdPqRx3NQFkzsS8JSZwvPQCIN8Snao+hkkU5tsglDm
+zNZ+RqdQmDTbbeKoiqTO/kWTS96nRu/BQl33Y3JQz4MWDsTNNaRHKvMhnAa11QFT
+B1hKH6HxNUF0m0G8nVtQwfRJ+dUGmXKmuxYQXZDFlZw5ofKZ6RC7bldU77Ff6jwp
+9OOQmlfxtRFeGH1iweDF3Mob9h0Dfzu6TUxcbbqBloDDawBkTNLvT6yMaBew8CFH
+JnILd/tkTZOOCcG3tepfCvERKeFCpzPOHhoRAPZnBhRszjJFJDSfZghRRo3A7XPl
+VmXXVTKJCK10ewKCAQEA3GDGxEzQMo2WPiIymJUF3Y5lQ6Q8GWBVgDEzOm+9fMb5
+Od6IAqanfCgWvWTx40dbMHQRwiZaO8E1K86Vx46HRBTg0Zxk6b7VCeNvPL+Iak59
+bbV0oUeI151u6CR067f7Zx1lk5nVYHQN9jLkTmNlo41WY5C0QH8I9Jc6qSICcs78
+uSBSKJBBV7Hn2IgU+6GQ3H9Oh5A/0shMjlw9VktV0Ysl6+pqycEqSITokrP1oyC9
+CWPDm7jw1zF8H9D2B85hP5Lji9Qsvt6PMbblShF+NVJAGQWtHoqQONEX9ay/oCXY
+c93xhEfG2Fz+BTaSCPaNvHqGx2G9bIomjpJENYxeVwKCAQBzYstt48DXbxmxJqFE
+KYKcBnZcuKzEcnR2E87qsx3Rf/9KJtE7BdAcLXbd71B9yd8RYznn6aRgzhqXL9x+
+W/2EHCjPnGv5gK8m+gzz9/ZBAPPSx1+3RA/Z+GKR3woYkwxQeV58zZnt5EMO586M
+eSHxIEd/tddQ2fHDEKwdpqc1Y2mUbxhi6oCd/adahwRXWbngBwlCNKIjeoF497Qn
+f1a45EbPfwJ8ubxKOBekrU43oVtMttbfcfsa7c/deIfvHCXxnnGJUPh0AMXYPvQ8
+xRGthnA5oniz4Ts+YVzAxg08d+sftVAOsEpXVABTiMUm+hkqUk2U4yq7yla/CjBp
+dcOhAoIBAATy3NTShfK2Cnf6FtbHJaZkrxtQX/O4tilNXSQce9cG+wPqaMasAI1n
+vIW5hbBlvawZkbjG2aRwSjivNDXRHjj/HLPjtChtldhf6QiQLtD2sOeDuX1OFJBB
+OUEqIZZ1jnPCED/1tzqVQgZMIanAUN/rdB/axm/47QOKY2cOanY/s1KHlUTXaSBI
+2TXS9u8vw/WnsW1te4I/vSlQP2WHVYIb1o6lXAcTT3Mq5k+/7zB/zhDFuXL9i2/t
+B2JOrecJAdn24mT6LKcc0U73/3gY7+tw2J08gxBu4h1/fVvw613yM2VjfQcctCLP
+n8O7s8EqosXOZRYQie6zT0ggrSQam1M=
+-----END PRIVATE KEY-----

src/IpcServiceSample.ConsoleServer/IpcServiceSample.ConsoleServer.csproj

@@ -16,5 +16,11 @@
     <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="2.0.0" />
     <PackageReference Include="Microsoft.Extensions.Logging.Console" Version="2.0.0" />
   </ItemGroup>
+
+  <ItemGroup>
+    <None Update="Certificates\server.pfx">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+  </ItemGroup>
 
 </Project>

src/IpcServiceSample.ConsoleServer/Program.cs

@@ -1,9 +1,11 @@
 using IpcServiceSample.ServiceContracts;
+using IpcServiceSample.ServiceContracts.Helpers;
 using JKang.IpcServiceFramework;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using System;
 using System.Net;
+using System.Security.Cryptography.X509Certificates;
 using System.Threading;
 using System.Threading.Tasks;
 
@@ -20,6 +22,8 @@ static void Main(string[] args)
             IIpcServiceHost host = new IpcServiceHostBuilder(services.BuildServiceProvider())
                 .AddNamedPipeEndpoint<IComputingService>("computingEndpoint", "pipeName")
                 .AddTcpEndpoint<ISystemService>("systemEndpoint", IPAddress.Loopback, 45684)
+                .AddTcpEndpoint<ITestService>("secureEndpoint", IPAddress.Loopback, 44384, new X509Certificate2(@"Certificates\server.pfx", "password"))
+                .AddTcpEndpoint<ITestService>("xorTranslatedEndpoint", IPAddress.Loopback, 45454, s => new XorStream(s))
                 .Build();
 
             var source = new CancellationTokenSource();
@@ -49,7 +53,8 @@ private static IServiceCollection ConfigureServices(IServiceCollection services)
                             options.ThreadCount = 2;
                         })
                         .AddService<IComputingService, ComputingService>()
-                        .AddService<ISystemService, SystemService>();
+                        .AddService<ISystemService, SystemService>()
+                        .AddService<ITestService, TestService>();
                 });
         }
     }

src/IpcServiceSample.ConsoleServer/TestService.cs

@@ -0,0 +1,16 @@
+using IpcServiceSample.ServiceContracts;
+using System;
+using System.Globalization;
+using System.Linq;
+using System.Threading;
+
+namespace IpcServiceSample.ConsoleServer
+{
+    public class TestService : ITestService
+    {
+        public Guid GenerateId()
+        {
+            return Guid.NewGuid();
+        }
+    }
+}

src/IpcServiceSample.ServiceContracts/Helpers/LoggingStream.cs

@@ -0,0 +1,105 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Text;
+
+namespace IpcServiceSample.ServiceContracts.Helpers
+{
+    public class LoggingStream : Stream
+    {
+        private Stream _baseStream;
+        private StreamWriter _log;
+
+        public LoggingStream(Stream stream, string logFile)
+        {
+            _baseStream = stream;
+            _log = new StreamWriter(logFile) { AutoFlush = true };
+        }
+
+        public override bool CanRead => _baseStream.CanRead;
+
+        public override bool CanSeek => _baseStream.CanSeek;
+
+        public override bool CanWrite => _baseStream.CanWrite;
+
+        public override long Length => _baseStream.Length;
+
+        public override long Position { get => _baseStream.Position; set => _baseStream.Position = value; }
+
+        private enum StreamOperation { Read, Write };
+        
+        private void Log(StreamOperation direction, byte[] buffer, int offset, int count)
+        {
+            _log.WriteLine($"[{direction.ToString().ToUpper()}: {count}]");
+            var dump = new StringBuilder();
+            var hex = new StringBuilder();
+            var ascii = new StringBuilder();
+            for (int i = 0; i < count; i++)
+            {
+                if (i > 0 && i % 16 == 0)
+                {
+                    dump.Append(hex.ToString().PadRight(48, ' '));
+                    dump.Append(' ', 3);
+                    dump.Append(ascii);
+                    dump.AppendLine();
+                    hex.Clear();
+                    ascii.Clear();
+                }
+
+                byte c = buffer[offset + i];
+
+                hex.AppendFormat("{0:x2} ", c);
+
+                if (c >= 32 && c < 255)
+                    ascii.Append((char)c);
+                else
+                    ascii.Append('.');
+            }
+            if (ascii.Length > 0)
+            {
+                dump.Append(hex.ToString().PadRight(48, ' '));
+                dump.Append(' ', 3);
+                dump.Append(ascii);
+                dump.AppendLine();
+            }
+
+            _log.WriteLine(dump.ToString());
+        }
+
+        private void Log(string message)
+        {
+            _log.WriteLine(message);
+        }
+
+        public override void Flush()
+        {
+            Log("[FLUSH]");
+            _baseStream.Flush();
+        }
+
+        public override int Read(byte[] buffer, int offset, int count)
+        {
+            int br = _baseStream.Read(buffer, offset, count);
+            Log(StreamOperation.Read, buffer, offset, br);
+            return br;
+        }
+
+        public override long Seek(long offset, SeekOrigin origin)
+        {
+            Log($"[SEEK: {origin.ToString()}+{offset}]");
+            return _baseStream.Seek(offset, origin);
+        }
+
+        public override void SetLength(long value)
+        {
+            Log($"[SET LENGTH: {value}]");
+            _baseStream.SetLength(value);
+        }
+
+        public override void Write(byte[] buffer, int offset, int count)
+        {
+            _baseStream.Write(buffer, offset, count);
+            Log(StreamOperation.Write, buffer, offset, count);
+        }
+    }
+}