|
13 December 2007 |
|
In order to understand this example, it is recommended that first you understand the previously seen example: XML Encryption
The method used for decrypting the XML documents is complementary to the encryption method. As you can see in the request, the only relevant changes are the inclusion of the css:DecryptRequest element and of the data encrypted in previous requests.
<?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<SOAP-ENV:Header><wsse:Security><wsse:UsernameToken wsu:Id="SecurityToken-1761483928579709014"><wsse:Username>dave</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">trustedx</wsse:Password></wsse:UsernameToken></wsse:Security></SOAP-ENV:Header>
<SOAP-ENV:Body xmlns:css="http://www.safelayer.com/TWS" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dss="http://www.docs.oasis-open.org/dss/2004/06/oasis-dss-1.0-core-schema-wd-27.xsd" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xades="http://uri.etsi.org/01903/v1.2.2#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" wsu:Id="Id-5414746326242942180">
<css:DecryptRequest Profile="urn:safelayer:tws:de:1.0:profiles:xmlenc:1.0:decrypt" RequestID="Id-9055454400376932865"><css:EnvelopedObject><css:XMLEnvelope>
<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>CN=Safelayer - Class 1 Root CA Demo, O=Safelayer Secure Communications\, S.A. [C.I.F. A61930046]</ds:X509IssuerName>
<ds:X509SerialNumber>961</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</ds:KeyInfo>
<xenc:CipherData> <xenc:CipherValue>q0haA7Vkn4isCxiSF2spBq+ImWyaeZ41J2PVbojmt9k733AxfTbhllD1Kkgfivf9j6AJis2oMFIg D+/WNFY2p+M7/e2pI6IKi5zBb+4Nc3tt6ot9x5z0iPFdZfYnTJPnHaYSaS3ZA9vZvxKxS2r4OQfI
2juFc2WvuR5o3M6BCtM=</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
</ds:KeyInfo>
<xenc:CipherData> <xenc:CipherValue>3uZfVssA4Upo0iJxYM49r7acwYuLKXK7DSssDTROHoh7XwMF6QKg3RDvz32417CJpEqWvQPt5UAG Q3HxE2zyDWyFVYcVtNb2/YpoVAHMJ+kD/H0Q1zAI4VWNRyKZqvntHzFpugX09ghbd1I5+dE0p8NY 8QUhCp/R/OrV5NUWr0CkEzw1Y3+vOCHyGNdW4PNNYrUwnitu4TKBZ7vyi7fQxs+R0bniYGVwpare 6f15zww9PTiY7CFbeR9gA2PRyz0UbNLS/lgg8i7sXsepjRk9GQ==</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData></css:XMLEnvelope></css:EnvelopedObject></css:DecryptRequest></SOAP-ENV:Body>
</SOAP-ENV:Envelope>
| | | | | | | |
The following explanation refers to the response that the TrustedX platform obtains once the request has been sent. Therefore, you should press the "try" button (above) to generate this response.
Basically, the response contains the css:DecryptResponse element, which indicates that it is a decryption request, as well as containing the decrypted document.
|
Try 
(1)