Decrypted message received
Whether it is on the client or on the server side, WSE is always decrypted in the securityInputFilter implementation, because the symmetric encryption needs to be born with the public key, you need to create a SECURITYINPUTFILTER to call the method to get this symmetrical Key, then you can use the key and algorithm information contained in EncryptedData to help you find the correct shared key and encryption algorithm. This method must be implemented in a class that is derived from Microsoft.Web.Services.Security.IdecryptionKeyProvider. In my example, the DecryptionKeyProvider.getDecryptionKey method returns a symmetrical key as follows:
Public DecryptionKey GetDecryptionKey (String Encalgorithmuri,
KeyInfo Keyinfo)
{
// Re-create the same 16 bytes used to represent 128-bit keys
Byte [] Keybytes = {48, 218, 89, 25, 222, 209, 227, 51, 50, 168, 146,
188, 250, 166, 5, 206};
// Re-create 8 bytes indicating initialization vector (64-bit)
Byte [] ivbytes = {16, 143, 111, 77, 233, 137, 12, 72};
Symmetricalgorithm mysymalg = new tripledescryptoServiceProvider ();
Mysymalg.key = keybytes;
Mysymalg.iv = ivbytes;
/ / Re-create a symmetric encryption key
DecryptionKey Mykey = New SymmetricDecryptionKey (mysymalg);
Return mykey;
}
Even if you don't use them in my method, WSE wants to pass the URI of the KeyInfo element and encryption algorithm to this method, decide which shared key or encryption algorithm to generate a symmetric key
In order to allow SecurityInputFilter to access the getDecryptionKey method, the following configuration information must be added to the application's configuration file (that is, app.config file)
...
Type = "MyClient assembly.decryptionKeyProvider, Myclientassembly "/> The TYPE attribute does not have any space or any wrap. They only contain the above content to enhance readability, which can also be modified by WSE setting tools. Once the DecryptionKeyProvider class is added to the client and WSE security support is already configured, WSE will automatically block encrypted data, a 2-time development platform program based on standard web services, allows you to program it with your heart. Use X.509 certificates to encrypt SOAP packets
