如何解密用x509加密的原始肥皂响应 [英] How to decrypt raw soap response encrypted with x509

问题描述

我们有一个批处理程序，与WSE的第三方提供商Web服务进行交谈，对WSE Web服务的调用使用x509证书加密。

我们有向第三方供应商提供两种不同的证书

1. 生产前证书


2. 生产证书

我们已经实现了一个 WebServiceResponseLogger ，继承自 SoapInputFilter ，这被添加到 Pipeline 作为 InputFilter 。在使用预生产证书时，这样做可以很好地记录响应。然而，当我们切换到生产并使用生产证书时，不会记录响应。

现在，我们已经看到了请求和响应通过提示，所以我们知道一个响应实际上出现的问题是，我们可以在fiddler中看到的响应是原始的响应。

我尝试了谷歌试图找出是否可以解密响应提琴师，我们有正确的证书，所以我会认为这是可能的。如果不是用提琴手，是否已经存在一个可以让我解密肥皂响应的工具？

解决方案

发布我找到的解决方案，以防其他人遇到这个问题：）

我设法找到一个链接，使我处于正确的轨道，并构建了以下控制台程序，该控制台程序成功解密了我从我们的提琴手会话中得到的响应。 / p>

我安装了WSE 2.0 NuGet软件包

  try 
 {
 // http://msdn.microsoft.com/en-us/library/aa529137.aspx 
 XmlDocument response = new XmlDocument（）; 
 response.Load（Response.xml）; 
 var encryptedKeyElement = response.GetElementsByTagName（xenc：EncryptedKey）[0] as XmlElement; 
 var encryptedDataElement = response.GetElementsByTagName（xenc：EncryptedData）[0]为XmlElement; 
 
 EncryptedKey encryptedKey = new EncryptedKey（encryptedKeyElement）; 
 EncryptedData data = new EncryptedData（encryptedDataElement，encryptedKey）; 
 
 var decryptptedData = data.Decrypt（）; 
} 
 catch（Exception ex）
 {
 Console.WriteLine（ex.ToString（））; 
 Console.WriteLine（按任意键退出）; 
 Console.Read（）; 
} 
  

We have a batch program that talks with a third party providers web service with WSE, the call to the WSE webservice is encrypted with a x509 certificate.

We have two different certificates to the third party provider

1. Pre-Production Certificate
2. Production Certificate

We have implemented a WebServiceResponseLogger that inherits from SoapInputFilter, this is added to the Pipeline as an InputFilter. this does a fine job logging the response when using the pre-production certificate. However when we switch to Production and utilize the production certificate, the response is not logged.

Now we have seen the request and response trough fiddler, so we know that a response actually appears, the problem is that the response we can see in fiddler is the raw response.

I've tried googling trying to figure out if we could decrypt the response in fiddler, we have the correct certificates, so I'd figure it would be possible. and if not with fiddler, does a Tool already exist that would allow me to decrypt the soap response?

解决方案

Finally got around to posting the solution i found, in case someone else runs into this problem :)

I managed to find a link on MSDN that put me on the right track and constructed the following console program that sucessfully decrypted the response I had from our fiddler sessions.

I installed the WSE 2.0 NuGet package

try
{
    // http://msdn.microsoft.com/en-us/library/aa529137.aspx
    XmlDocument response = new XmlDocument();
    response.Load("Response.xml");
    var encryptedKeyElement = response.GetElementsByTagName("xenc:EncryptedKey")[0] as XmlElement;
    var encryptedDataElement = response.GetElementsByTagName("xenc:EncryptedData")[0] as XmlElement;

    EncryptedKey encryptedKey = new EncryptedKey(encryptedKeyElement);
    EncryptedData data = new EncryptedData(encryptedDataElement, encryptedKey);

    var decryptedData = data.Decrypt();
}
catch (Exception ex)
{
    Console.WriteLine(ex.ToString());
    Console.WriteLine("Press any key to exit");
    Console.Read();
}

这篇关于如何解密用x509加密的原始肥皂响应的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！