TechQA.

How to decrypt raw soap response encrypted with x509

2.9k views Asked by At

We have a batch program that talks with a third party providers web service with WSE, the call to the WSE webservice is encrypted with a x509 certificate.

We have two different certificates to the third party provider

  1. Pre-Production Certificate
  2. Production Certificate

We have implemented a WebServiceResponseLogger that inherits from SoapInputFilter, this is added to the Pipeline as an InputFilter. this does a fine job logging the response when using the pre-production certificate. However when we switch to Production and utilize the production certificate, the response is not logged.

Now we have seen the request and response trough fiddler, so we know that a response actually appears, the problem is that the response we can see in fiddler is the raw response.

I've tried googling trying to figure out if we could decrypt the response in fiddler, we have the correct certificates, so I'd figure it would be possible. and if not with fiddler, does a Tool already exist that would allow me to decrypt the soap response?

c# web-services encryption x509 wse
Original Q&A
1

There are 1 answers

1
thmsn On BEST ANSWER

Finally got around to posting the solution i found, in case someone else runs into this problem :)

I managed to find a link on MSDN that put me on the right track and constructed the following console program that sucessfully decrypted the response I had from our fiddler sessions.

I installed the WSE 2.0 NuGet package

try
{
    // http://msdn.microsoft.com/en-us/library/aa529137.aspx
    XmlDocument response = new XmlDocument();
    response.Load("Response.xml");
    var encryptedKeyElement = response.GetElementsByTagName("xenc:EncryptedKey")[0] as XmlElement;
    var encryptedDataElement = response.GetElementsByTagName("xenc:EncryptedData")[0] as XmlElement;

    EncryptedKey encryptedKey = new EncryptedKey(encryptedKeyElement);
    EncryptedData data = new EncryptedData(encryptedDataElement, encryptedKey);

    var decryptedData = data.Decrypt();
}
catch (Exception ex)
{
    Console.WriteLine(ex.ToString());
    Console.WriteLine("Press any key to exit");
    Console.Read();
}

Related Questions in C#

Related Questions in WEB-SERVICES

Related Questions in ENCRYPTION

Related Questions in X509

Related Questions in WSE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions