Click here to Skip to main content
12,947,834 members (85,997 online)
Rate this:
 
Please Sign up or sign in to vote.
See more:
Basically my problem is communicate with a web service that use WS-Security standard. The client I’m working on is in .net 4.0 C# (WCF) and the service is non .net (I don’t know what kind of technology is behind)
Basically the message that I have to send to the service, must have a signed UsernameToken without password and encrypted body trough HTTPS using a certificate. Although I have written a lot of wcf services, I ‘m not an expert in signing, cryptography and in SW-security so I don’t know how to resolve the problem.

I Attached an example of the message that was been provided to me by a company that has already done a client like this, but in another technology (I suppose in java or PHP),
the WSDL file that represents the service + (xsd).

I already lost a week googling around and trying some approaches but without success.

Regards

An example of message that I have to generate:
(I will post the WSDL, if it is necessary)

<?xml version="1.0" encoding="UTF-8"?>
 
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://model.ws.contidigioco.sogei.it"><SOAP-ENV:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1"><wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="pfx5103b365-8647-6f38-f83a-96b62ed8ba8a" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIFFTCCA/2gAwIBAgIERCtuGjANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJJVDESMBAGA1UECgwJU29nZWkgU3BBMSowKAYDVQQLDCFTZXJ2aXppIEludGVybmkgZGkgQ2VydGlmaWNhemlvbmUxFjAUBgNVBAsMDUNBIFNvZ2VpIFRlc3QwHhcNMTEwODE5MTMyMTU4WhcNMTQwODE5MTM1MTU4WjBOMQswCQYDVQQGEwJJVDENMAsGA1UECgwEQUFNUzEXMBUGA1UECwwOY29udGkgZGkgZ2lvY28xFzAVBgNVBAMMDjA5MjU1NTUxMDA1LTAxMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCftiIx8u7rAMe3Goylc3EHwYp3xHl9N0H9PlDjkZvex8l8oMSR0zeYbLGGZZ3GVXRn5iE08Vn7Du/MTLt3zBwJchCcvKua+6fmaS4A9sBeqSHvCHUpQw7Z2Rg1Kt2IF8bfYQfxIhbGSzfy6E4CxJ/PuS1DCWPLIOAsPLx2agV9cwIDAQABo4ICZjCCAmIwDgYDVR0PAQH/BAQDAgZAMIICDgYDVR0fBIICBTCCAgEwgbuggbiggbWGgYxsZGFwOi8vY2Fkcy1zb2dlaS1jb2xsLnNvZ2VpLml0L291PUNBJTIwU29nZWklMjBUZXN0LG91PVNlcnZpemklMjBJbnRlcm5pJTIwZGklMjBDZXJ0aWZpY2F6aW9uZSxvPVNvZ2VpJTIwU3BBLGM9SVQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdIYkaHR0cDovL2NhY3JsLXNvZ2VpLWNvbGwuc29nZWkuaXQvY3JsMIIBP6CCATugggE3pHYwdDELMAkGA1UEBhMCSVQxEjAQBgNVBAoMCVNvZ2VpIFNwQTEqMCgGA1UECwwhU2Vydml6aSBJbnRlcm5pIGRpIENlcnRpZmljYXppb25lMRYwFAYDVQQLDA1DQSBTb2dlaSBUZXN0MQ0wCwYDVQQDDARDUkwzhoGUbGRhcDovL2NhZHMtc29nZWktY29sbC5zb2dlaS5pdC9jbj1DUkwzLG91PUNBJTIwU29nZWklMjBUZXN0LG91PVNlcnZpemklMjBJbnRlcm5pJTIwZGklMjBDZXJ0aWZpY2F6aW9uZSxvPVNvZ2VpJTIwU3BBLGM9SVQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdIYmaHR0cDovL2NhY3JsLXNvZ2VpLWNvbGwuc29nZWkuaXQvY3JsYzMwHwYDVR0jBBgwFoAU64njNZbZjaXO1ir0HgJlhE9CKkUwHQYDVR0OBBYEFAMcOkgKA+KREWiI3K7mCKP2teMaMA0GCSqGSIb3DQEBBQUAA4IBAQBqJ4Cfs1vPCNZN+aT1eRbyYUrsdoJgPTrUelrB7r1UtUwiGZl2JmAAq7rjBocw6yZGshbdAiKWgAzbcPi3Irr9oxexMIPBaTOzQOQm20sfyiO2c0rGG0z4f8oSiXtD0CqFCoGRj3ewQ/W8Ci1dNAvg4jpPFUFcayTWoQa/WCTjwQVGhwRA+9MTaIUpRGWi1azj0ilOms5G6IPpYUOkvecLUAK8L2nn6JSgdLmuO4AXIdsHKPrmwpLhSpHUK+0lOnotcl8LuhS5aMLfmveAUWUrFRmN+UAIdma/sz9MSkG01dVvCHt1yFhsZG7JFCnawVFpwgvdnhXnFMAsbEoyFbW/</wsse:BinarySecurityToken><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="pfx2f485c7d-f3a3-c0e6-d3f6-9a21fcc64407"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference><wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">u6wrbnwkFONrwzOd14aypodyCG8=</wsse:KeyIdentifier></wsse:SecurityTokenReference></dsig:KeyInfo><xenc:CipherData><xenc:CipherValue>bB0sYRxhvPtIyyl6YnMh6e+PJDIS00y51dXQpvko9z1PC9uvh5lnNWTttuXtWIUdnuLoE6Z1zltElJ1JblOOOM/JbPdFlMYrPffQ0lFwCpmWTaO4yalinHZfXMAYUmi0zvVbAJa4OnkvFtuh7kPh2xw6nYhN8WgbmbCFwQSJW+c=</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI="#pfx136522fa-4afe-4213-8873-f3cadb47160b"/></xenc:ReferenceList></xenc:EncryptedKey><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
 
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
 
  <ds:Reference URI="#pfx302538f3-37f4-2f7d-aa24-29d4af8eebfd"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>EcdfsT4YSOmiQ16MJXLyoI/DK48=</ds:DigestValue></ds:Reference><ds:Reference URI="#pfx8fbbe8c2-32ae-5655-428e-4eb0c37063be"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>52jUev5juPZ4txScxIRVDbdmUKo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ijk75UWOmwozTdHmdWKxGIxpSV/HjxaY3/L9f3RZ3o7Du52MAvvD1gGOxaLp2o8UGS9MC3nSbRSwML0n3vW/kCHmf0Si635DWJFQ6K6d/KCauSmtG3XUBaGMEmS3a6rTIFGgomXKw8QYj/oBeskzYqM752Y767FXzM5Igo0Qocg=</ds:SignatureValue>
 
<ds:KeyInfo Id="pfx929b4ca4-e389-ef15-a2af-984f503e2afc"><wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="pfx59774bd1-79b6-cf7f-285c-98e027a8f553"><wsse:Reference URI="#pfx5103b365-8647-6f38-f83a-96b62ed8ba8a" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature><wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="pfx302538f3-37f4-2f7d-aa24-29d4af8eebfd"><wsse:Username>09255551005</wsse:Username></wsse:UsernameToken></wsse:Security></SOAP-ENV:Header><SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="pfx8fbbe8c2-32ae-5655-428e-4eb0c37063be"><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" Type="http://www.w3.org/2001/04/xmlenc#Content" Id="pfx136522fa-4afe-4213-8873-f3cadb47160b">
 
   <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:Reference URI="#pfx2f485c7d-f3a3-c0e6-d3f6-9a21fcc64407"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData>
 
      <xenc:CipherValue>e+gB1tGSPudYjMO2xaYnok9q84v85wI/fv9++oaYtvoprimOSaTxoMg0CRjbEgfA2ajLMgJt6fqOuBQtZ0+0OYfCqLj0qBnw5pR8QrPhxpuKDiptdPlu9LB/IfEqFpQ0TvDmYKLP7QocyTiq39F89stGcIzB6JXdq4f3CeZXB3gLseTNTk52ELBQkIsxKdBzOb7mdEWQmiuJT2r1cGoYdixYuZ05fx7DyVGYme9pGwhoQNgBooHGMN0bunB9QsI9rdAwCUWRgT4lbmIo6nkTLmXijvZEdmEQg9iMY6WyHi1+g+qsJvDlNO4G7C96BmsFEuNsQSxJF67F7mN0ztnHvJfYhoRAmrvsijY390X1gqEBRm6aNHWG7TdFbn5GA59vh54SdDX/Q1/0+VUL+vmg2HKkQnM4l9UraP0bfCEJxWWf0fg5AzdO4pR2EOJhLIJVLNDmPpJkQn3zzNRKmb08rRRWmkadXsBj5yYLGd+OOLOSip7cwnh/OI/7dJF9x/7Nsu0+M60Kh/CMznrqxmuPt1KriaFiUJT+kb6fa6CMypLCtlcNBzxisVGCeF9cdqxdbskpay5GdsXqeyCrsDoI8cO8tH+vmRSWZkmam8/J4hXJ8APd/imEBmMYH3TXiEYPUj227q+/6aMBvIF/PclZPhPWr3p6I1jx4LOgMm2UIh3z3+qoO1P0471luzbwygw5Y7WDZ9TQPHeWXPkkYTFkpiaAhLHXEGFazDjt15BkZc3VZlfC+RlaIlaoUcLBE35rdKgTENkZvGDv2OgctL2ThjGDmIdecbEafaEzpmZ8AXo4jvULhUE83AqYnwLgiH8odcYAIftVPPonaXhBxvbYjUrG1zPwjKM2ZP5eCba+fLscw/OOM5lUt6wUpkXbb0O0ejGud0Gslm2UObloLIamOXOV4eBqFxJHCGRSEz2/tSLlrO7rTF9sl6y9JWMQ/qSq0CrtCUfBmNcXcf5h+h+xtuOlcgJ7Z2lXP5tzyRoIi0hhs4++FFXKaHVJCn5jBp+m78rFVzFzjp5evHT8+/x5jDutooZvkoWXrvtzyNfdVMG8INv9XxPJM9wExaB6BwPcdhr1r816WiFD3Mhisv2kWVs6T0ztgu+z2LHATk4CHfSXXD9Fpog9WRh3o6/a8t5bmmrtOPh6yyGj0eeTNBGgHLIEIf/vNxo8uhuwukD2u+kF8bOsUcMWKs7XhIfLKMa1SyTlyhCliDpOYu1RduQ4G5MzIqdI9d/4mZZAPKAb63D4X2eKO+LcOMQSQKkaieA6dwH9PAk4U/CWnctCUC0MtFK5grpOTa7gd02utLifPchwFrF/8CflqgL758eJ9+bkSNJWipUeWgfgsyRalpXyg78sRQfG1noBiV5OLH5JsU1zvEfeTxkRLwf4p7iY+HLP3AnHGgbsL4aD5jdxP/BIG4qWrCEXrirW34GHbgieqwWdM/R5Pgiiw4Hl/LmnBMN5GplMKoJGmnbijU+G9OPouwznfTNpDVIauhGJ3du/i/99GfnTlWSLj1OwPv/VQdE/8VkIVNeTVbvmYhda1e/T1GEDxYkLE67GGxDF75kofmwRjmwE3URf+NEhp5GsEbU3R80+uhGHbruNIQ8EZjwnmGfIIeF0fiKWnezMAoM+t6e95QPgdDSM4CkVQkLl+TqAAesYsVNXJdCro/eKN9U/d05zLpA4LPhnK8V4CYxpsK2LtQt5CDCl+Sm9z8/8rxNRd+TO4W2SOa7ewedI7pQJlw==</xenc:CipherValue>
 
   </xenc:CipherData>
 
</xenc:EncryptedData></SOAP-ENV:Body></SOAP-ENV:Envelope>
Posted 31-Aug-12 6:17am

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

    Print Answers RSS
Top Experts
Last 24hrsThis month
OriginalGriff 5,344
CHill60 3,275
Maciej Los 2,628
Jochen Arndt 1,935
ppolymorphe 1,795


Advertise | Privacy | Mobile
Web02 | 2.8.170518.1 | Last Updated 31 Aug 2012
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100