SOAP Web Service Tutorials - Herong's Tutorial Examples - Version 5.02, by Dr. Herong Yang
2-Step Message Encryption - Symmetric and RSA
This section describes how SoapUI performs the SOAP message entryption in 2 steps: encrypt the SOAP message with random secret key and encrypt the secret key with receiver's RSA public key.
Now let's take a closer look at the SOAP request message generated by SoapUI from the previous tutorial. Note that the request message listed below has been simplified. See the next tutorial for the full request message.
<soapenv:Envelope xmlns:ser="..." xmlns:soapenv="..." xmlns:wsse11="..." xmlns:wsse="..." xmlns:wsu="..." xmlns:ds="..." xmlns:xenc="..."> <soapenv:Header> <wsse:Security> <wsse:BinarySecurityToken wsu:Id="3F60678EF1C89DEFF1140372822597117" ...> ... X.509 certificate ... </wsse:BinarySecurityToken> <xenc:EncryptedKey Id="EK-3F60678EF1C89DEFF1140372822597116"> <xenc:EncryptionMethod Algorithm="...rsa-oaep-mgf1p"/> <ds:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI="#3F60678EF1C89DEFF1140372822597117" .../> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> ... Encrypted secret key with the public key ... </xenc:CipherValue> </xenc:CipherData> <xenc:ReferenceList> <xenc:DataReference URI="#ED-3F60678EF1C89DEFF1140372822597218"/> </xenc:ReferenceList> </xenc:EncryptedKey> </wsse:Security> </soapenv:Header> <soapenv:Body> <xenc:EncryptedData Id="ED-3F60678EF1C89DEFF1140372822597218" ...> <xenc:EncryptionMethod Algorithm="...aes128-cbc"/> <ds:KeyInfo> <wsse:SecurityTokenReference wsse11:TokenType="...#EncryptedKey"> <wsse:Reference URI="#EK-3F60678EF1C89DEFF1140372822597116"/> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue> ... Encrypted "Body" content with the secret key ... </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </soapenv:Body> </soapenv:Envelope>
This message confirms that the encrypted SOAP message was generated by SoapUI in 2 steps. The first step is to perform a symmetric encryption on the specified message element with a random secret key:
The second step is to perform RSA encryption on the secret key with SOAP message receiver's public key:
Last update: 2014.
Table of Contents
Introduction to SOAP (Simple Object Access Protocol)
SOAP Message Transmission and Processing
SOAP Message Exchange Patterns
Perl SOAP::Lite - SOAP Server-Client Communication Module
Perl Socket Test Program for HTTP and SOAP
Perl SOAP::Lite for GetSpeech SOAP 1.1 Web Service
Perl SOAP::Lite 0.710 for SOAP 1.2 Web Services
Perl SOAP::Lite 0.710 for WSDL
PHP SOAP Extension Client Programs
PHP SOAP Extension Server Programs
Java Socket and HttpURLConnection for SOAP
SAAJ - SOAP with Attachments API for Java
SoapUI - SOAP Web Service Testing Tool
WS-Security - SOAP Message Security Extension
►WS-Security X.509 Certificate Token
What Is WS-Security X.509 Certificate Token Profile?
What Is XML Signature Syntax and Processing?
Generating a Self-Signed Certificate with "keytool"
SoapUI Configuration for Messaging Signing
Generating Digital Signature with SoapUI
Validating ds:Signature with X.509 Certificate
Digital Signature Options Supported in SoapUI
What Is XML Encryption Syntax and Processing?
SoapUI Configuration for Messaging Encryption
"not an RSA key" - Encryption Failed in SoapUI
Encryption using RSA Public Key with SoapUI
►2-Step Message Encryption - Symmetric and RSA
Decrypting Encrypted SOAP Message
Message Encryption Options Supported in SoapUI