PROC SOAP how to decrypt XML Response (WS-Security)

Reply
New Contributor
Posts: 2

PROC SOAP how to decrypt XML Response (WS-Security)

Hi @ll,@ll,

 

my brain is starting to make bubbles due to soap and WS-Security ... Smiley Frustrated

 

I have an xml response file, that was created through following code

 

FILENAME REQUEST "%sysfunc(getoption(work))\req.xml";
FILENAME RESPONSE "%sysfunc(getoption(work))\res.xml";

data _null_;
   file request;
   input;
   put _infile_;
   datalines4;
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="SERVICE_REPLACED" xmlns:mod="MODEL_REPLACED">
   <soapenv:Header/>
   <soapenv:Body>
      <ser:service_name_replaced>
         <!--Optional:-->
         <mod:pid>ID</mod:pid>
      </ser:service_name_replaced>
   </soapenv:Body>
</soapenv:Envelope>
;;;;
run;

%let RESPONSE=RESPONSE;
proc soap in=REQUEST
          out=&RESPONSE
          url="WEBSERVICE_REPLACED"
          wssusername="username"
          wsspassword="password"
          axis2configfile="C:\temp\axis2.xml";  

run;

the response xml looks like this (without most of the # Smiley Happy ):

 

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   <SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
      <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
         <xenc:EncryptedKey Id="##################" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
               <wsse:SecurityTokenReference>
                  <ds:X509Data>
                     <ds:X509IssuerSerial>
                        <ds:X509IssuerName>CN=### ###,OU=####,O=#####,L=####,ST=#####,C=DE,1.2.840.113549.1.9.1=########################</ds:X509IssuerName>
                        <ds:X509SerialNumber>#########</ds:X509SerialNumber>
                     </ds:X509IssuerSerial>
                  </ds:X509Data>
               </wsse:SecurityTokenReference>
            </ds:KeyInfo>
            <xenc:CipherData>
               <xenc:CipherValue>##########################################################################</xenc:CipherValue>
            </xenc:CipherData>
            <xenc:ReferenceList>
               <xenc:DataReference URI="######"/>
               <xenc:DataReference URI="######"/>
            </xenc:ReferenceList>
         </xenc:EncryptedKey>
         <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-#####################">########################</wsse:BinarySecurityToken>
         <xenc:EncryptedData Id="#######" Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
               <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
                  <wsse:Reference URI="#################################"/>
               </wsse:SecurityTokenReference>
            </ds:KeyInfo>
            <xenc:CipherData>
               <xenc:CipherValue>#####################################</xenc:CipherValue>
            </xenc:CipherData>
         </xenc:EncryptedData>
         <wsu:Timestamp wsu:Id="######">
            <wsu:Created>2016-07-11T13:46:45.809Z</wsu:Created>
            <wsu:Expires>2016-07-11T13:51:45.809Z</wsu:Expires>
         </wsu:Timestamp>
      </wsse:Security>
   </SOAP-ENV:Header>
   <soap:Body wsu:Id="#######" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
      <xenc:EncryptedData Id="#####" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
         <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
         <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
               <wsse:Reference URI="##################"/>
            </wsse:SecurityTokenReference>
         </ds:KeyInfo>
         <xenc:CipherData>
            <xenc:CipherValue>#######################</xenc:CipherValue>
         </xenc:CipherData>
      </xenc:EncryptedData>
   </soap:Body>
</soap:Envelope>

In SAS 9.4 TS 1M1, how can I decrypt the CipherValue?

Problem is, the creator of the interface/webservice is long gone, so I'm tapping a bit in the dark...

 

thanks a lot in advance

Ask a Question
Discussion stats
  • 0 replies
  • 252 views
  • 0 likes
  • 1 in conversation