SOAP Web Service Tutorials - Herong's Tutorial Examples - Version 5.02, by Dr. Herong Yang
What Is XML Encryption Syntax and Processing?
This section describes the XML Encryption Syntax and Processing specification developed by W3C that specifies a process for encrypting data and representing the result in XML.
What is "XML Encryption Syntax and Processing"? XML Encryption Syntax and Processing is a specification developed by W3C that specifies a process for encrypting data and representing the result in XML. The data may be arbitrary data (including an XML document), an XML element, or XML element content. The result of encrypting data is an XML Encryption EncryptedData element which contains (via one of its children's content) or identifies (via a URI reference) the cipher data.
The XML Encryption Syntax and Processing specification defines 2 XML structures:
Here is the structure of the "EncryptedData" element:
<EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='...'/> <EncryptionMethod Algorithm='...'/> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> ... </ds:KeyInfo> <CipherData> <CipherValue>...</CipherValue> </CipherData> </EncryptedData>
Notes on the above XML sybtax:
If the double encryption process is used, both EncryptedData" element and "EncryptedKey" element are included in parent XML element:
... <EncryptedData Id='ED' xmlns='http://www.w3.org/2001/04/xmlenc#' Type='...'/> <EncryptionMethod Algorithm='...'/> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:RetrievalMethod URI='#EK' Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/> </ds:KeyInfo> <CipherData> <CipherValue>...</CipherValue> </CipherData> </EncryptedData> ... <EncryptedKey Id='EK' xmlns='http://www.w3.org/2001/04/xmlenc#'> <EncryptionMethod Algorithm="..."/> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> ... </ds:KeyInfo> <CipherData> <CipherValue>...</CipherValue> </CipherData> <ReferenceList> <DataReference URI='#ED'/> </ReferenceList> <CarriedKeyName>Sally Doe</CarriedKeyName> </EncryptedKey> ...
Notes on the above XML syntax:
"XML Encryption Syntax and Processing" specification can be used together with "WS-Security X.509 Certificate Token Profile" to protect the SOAP message confidentiality by encrypting a single or multiple parts of the SOAP message.
For more information on "XML Encryption Syntax and Processing", see the full specification at http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/.
Last update: 2014.
Table of Contents
Introduction to SOAP (Simple Object Access Protocol)
SOAP Message Transmission and Processing
SOAP Message Exchange Patterns
Perl SOAP::Lite - SOAP Server-Client Communication Module
Perl Socket Test Program for HTTP and SOAP
Perl SOAP::Lite for GetSpeech SOAP 1.1 Web Service
Perl SOAP::Lite 0.710 for SOAP 1.2 Web Services
Perl SOAP::Lite 0.710 for WSDL
PHP SOAP Extension Client Programs
PHP SOAP Extension Server Programs
Java Socket and HttpURLConnection for SOAP
SAAJ - SOAP with Attachments API for Java
SoapUI - SOAP Web Service Testing Tool
WS-Security - SOAP Message Security Extension
►WS-Security X.509 Certificate Token
What Is WS-Security X.509 Certificate Token Profile?
What Is XML Signature Syntax and Processing?
Generating a Self-Signed Certificate with "keytool"
SoapUI Configuration for Messaging Signing
Generating Digital Signature with SoapUI
Validating ds:Signature with X.509 Certificate
Digital Signature Options Supported in SoapUI
►What Is XML Encryption Syntax and Processing?
SoapUI Configuration for Messaging Encryption
"not an RSA key" - Encryption Failed in SoapUI
Encryption using RSA Public Key with SoapUI
2-Step Message Encryption - Symmetric and RSA
Decrypting Encrypted SOAP Message
Message Encryption Options Supported in SoapUI