利用WSE 加密SOAP报文(8)
2024-07-21 02:21:39
供稿:网友
下面是被wse在运行时序列化后产生的报文加密后的结果
<?xml version="1.0" encoding="utf-8"?>
<soap:envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"
xmlns:xsd="http://www.w3.org/2001/xmlschema">
<soap:header>
<wsu:timestamp
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
<wsu:created>2003-02-11t20:21:52z</wsu:created>
<wsu:expires>2003-02-11t20:26:52z</wsu:expires>
</wsu:timestamp>
<wsse:security soap:mustunderstand="1"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext">
<xenc:encryptedkey
type="http://www.w3.org/2001/04/xmlenc#encryptedkey"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:encryptionmethod
algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<keyinfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<wsse:securitytokenreference>
<wsse:keyidentifier valuetype="wsse:x509v3">
ymlkvwxyd8vuguyliuioxoy7zyn9pwhbfahciyov0aydeaqqpw=
</wsse:keyidentifier>
</wsse:securitytokenreference>
</keyinfo>
<xenc:cipherdata>
<xenc:ciphervalue>
uykgbexdy8lyszqgdgxoxoy7zyn9pwhbfahciyov0...bwrnwk=
</xenc:ciphervalue>
</xenc:cipherdata>
<xenc:referencelist>
<xenc:datareference uri=
"#encryptedcontent-cf014249-0e2a-4f8b-9002-13a7de916be0" />
</xenc:referencelist>
</xenc:encryptedkey>
<xenc:encryptedkey
type="http://www.w3.org/2001/04/xmlenc#encryptedkey"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:encryptionmethod
algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<keyinfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<wsse:securitytokenreference>
<wsse:keyidentifier valuetype="wsse:x509v3">
ymlkvwxyd8vuguyliuiydeaqqpw=
</wsse:keyidentifier>
</wsse:securitytokenreference>
</keyinfo>
<xenc:cipherdata>
<xenc:ciphervalue>
in8kf1cidijjjxclz+... wmqbeevxmzk=
</xenc:ciphervalue>
</xenc:cipherdata>
<xenc:referencelist>
<xenc:datareference uri=
"#encryptedcontent-0744279a-02bf-4ad1-998e-622208eded0e" />
</xenc:referencelist>
</xenc:encryptedkey>
</wsse:security>
</soap:header>
<soap:body>
<getxmldocumentresponse xmlns="http://example.com/dime/">
<getxmldocumentresult>
<response>
<notencrypted>
this part of the response does not need encryption
</notencrypted>
<encryptedresponse
wsu:id="id:e5e8d792-abe7-4476-91d0-856fbdf4a958"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
<xenc:encrypteddata
id=
"encryptedcontent-cf014249-0e2a-4f8b-9002-13a7de916be0"
type="http://www.w3.org/2001/04/xmlenc#content"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:encryptionmethod
algorithm=
"http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
<xenc:cipherdata>
<xenc:ciphervalue>
2mnhckgvh/5jb0pf4pch3u2vaukswsa...afevjzt=
</xenc:ciphervalue>
</xenc:cipherdata>
</xenc:encrypteddata>
</encryptedresponse>
</response>
</getxmldocumentresult>
</getxmldocumentresponse>
</soap:body>
</soap:envelope>
注意,在这个加密后的报文里,这里有一个用于表示x.509证书的binarysecuritytoken元素,但有两个分开的encryptedkey元素,每个encrypteddata元素都被添加到soapcontext,在最外面的被加密的元素中(encryptedresponse),你只能看到encrypteddata元素,当encryptedresponse被加密后,表示encryptedsub元素的encrypteddata元素也随之转换为密文了。当这个报文在客户端被收到时,securityinputfilter使用来自记号的信息来得到曾给两个encryptedkey元素解密过的私有密钥。
本文来源于网页设计爱好者web开发社区http://www.html.org.cn收集整理,欢迎访问。
