Re: Encrypting the response

From: SA (informatica_at_freemail.nl)
Date: 09/07/04

• Next message: D.Mitchell: "Why can't I step into my web service?"
• Previous message: Jocelyn Duhaylungsod: "Re: how to remove the timestamp in WSE2"
• In reply to: D.Mitchell: "Re: Encrypting the response"
• Next in thread: D.Mitchell: "Re: Encrypting the response"
• Reply: D.Mitchell: "Re: Encrypting the response"
• Messages sorted by: [ date ] [ thread ]

---

Date: Tue, 7 Sep 2004 10:07:24 -0500

OK, I am not sure about this, but I believe that the problem is that you
encrypt the response with the token that was used to sign the request.

You should encrypt the response with the token that was used to encrypt the
request, which in your case is different.

The WSE 2.0 samples contain a function GetEncryptingToken that you can use
to get the token you're looking for.

Architecture tip: abstract the functionality of finding the signing and
encrypting tokens in separate functions.

-- 
Sven
"D.Mitchell" <DMitchell@discussions.microsoft.com> wrote in message
news:A63918DC-62C1-40DC-BA5C-C2E50CEC2E91@microsoft.com...
> Thanks for the reply Sven.
>
> I tried this and got 'The security token could not be authenticated or
> authorized.' at that new line.
>
> I'm confused what I need to do to encrypt the response. I have signed the
> request with the client/sender certificate and I have encrypted the
request
> with the server/receiver certificate.
>
> The signature gets verified with no problem and the request gets decrypted
> OK. I get back my DataSet if I don't add any response encryption code.
>
> This is what I was trying for response encryption...any ideas on where I
am
> going wrong...it's driving me crazy now...
>
> Dim responseContext As SoapContext = ResponseSoapContext.Current
> Dim requestContext As SoapContent = RequestSoapContext.Current
> Dim requestSigningToken As X509SecurityToken
> Dim foundSignature As Boolean
> Dim se As ISecurityElement
>
> 'loop over security elements in request
> For Each se In requestContext.Security.Elements
>
>     'when current element is message signature
>     If TypeOf se Is MessageSignature Then
>         Dim ms As MessageSignature = se
>         requestSigningToken = ms.SigningToken
>
>         'set flag indicating that we found message signature
>         foundSignature = True
>     End If
> Next
>
> 'when message signature was not found in security elements in request
> If foundSignature Then
>
>     'add the security token to the response
>     responseContext.Security.Tokens.Add(requestSigningToken)
>
>    'encrypt the response with the key in the request
>     responseContext.Security.Elements.Add(New
> EncryptedData(requestSigningToken))
> Else
>     Throw New SoapException("Could not retrieve signature.",
> SoapException.ClientFaultCode)
> End If
>
>
> "SA" wrote:
>
> > You will need to add your security token to the context first, like
> >
> > responseContext.Security.Tokens.Add(x509st)
> >
> > HTH
> > -- 
> >
> > Sven
> >
> >
> > "D.Mitchell" <DMitchell@discussions.microsoft.com> wrote in message
> > news:668CE380-52C3-401C-82D9-299C4758A662@microsoft.com...
> > > Looks like it should be fairly simple from the example provided with
WSE 2
> > > install. I get an error on the last line. Retrieve the signing token
OK.
> > It's
> > > definitley not nothing. Anything I am doing wrong.
> > >
> > > -- IN THE WEB METHOD
> > > Dim x509st As X509SecurityToken
> > > Dim se As ISecurityElement
> > >
> > > 'loop over security elements in request
> > > For Each se In context.Security.Elements
> > >
> > >     'when current element is message signature
> > >     If TypeOf se Is MessageSignature Then
> > >         Dim ms As MessageSignature = se
> > >
> > >         x509st = ms.SigningToken
> > >
> > >     End If
> > > Next
> > >
> > > 'encrypt the response
> > > Dim responseContext As SoapContext = ResponseSoapContext.Current
> > >
> > > -- ** ERROR - Refereced security token could not be retrieved **
> > > responseContext.Security.Elements.Add(New EncryptedData(x509st))
> > >
> > >
> > >
> > >
> >
> >
> >

---

• Next message: D.Mitchell: "Why can't I step into my web service?"
• Previous message: Jocelyn Duhaylungsod: "Re: how to remove the timestamp in WSE2"
• In reply to: D.Mitchell: "Re: Encrypting the response"
• Next in thread: D.Mitchell: "Re: Encrypting the response"
• Reply: D.Mitchell: "Re: Encrypting the response"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: Encrypting the response ... I'm confused what I need to do to encrypt the response. ... request with the client/sender certificate and I have encrypted the request ... I get back my DataSet if I don't add any response encryption code. ... Dim responseContext As SoapContext = ResponseSoapContext.Current ... (microsoft.public.dotnet.framework.webservices.enhancements) Re: Encrypting the response ... >> You should encrypt the response with the token that was used to encrypt the>> request, which in your case is different. ... >> encrypting tokens in separate functions. ... I have signed the>>> request with the client/sender certificate and I have encrypted the ... (microsoft.public.dotnet.framework.webservices.enhancements) Re: Encrypting the response ... >> encrypt the response with the token that was used to sign the request. ... >> encrypting tokens in separate functions. ... (microsoft.public.dotnet.framework.webservices.enhancements) EncryptedKey in WSE 2.0 -> "Referenced security token could not be retrieved" ... I wrote a .net client using WSE 2.0 to talk to a web service. ... The response signs the response. ... The symmetric key used to encrypt the reponse is itself encrypted using the client's x509 cert embedded in the request. ... (microsoft.public.dotnet.framework.webservices.enhancements) Re: Encrypting the response ... > encrypt the response with the token that was used to sign the request. ... > encrypting tokens in separate functions. ... (microsoft.public.dotnet.framework.webservices.enhancements)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)