Decryption Steps

Previous page
Table of content
Next page


Decryption essentially involves reversing the encryption steps.

Step 1: Determine the Algorithm, Parameters, and ds:KeyInfot

Because none of these items are mandatory, they may be omitted from the EncryptedType structure if they are already known by the decrypting entity. If they are not already known to the decryptor, the parameters are to be found in the EncryptedData structure (see step 2 of the encryption steps for a sample EncryptedData structure).

Step 2: Locate the Key

The key may be located using the ds:KeyInfo structure. If the key is encrypted and contained in an EncryptedKey structure, it must be decrypted using the decrypting party’s private key.

Alternatively, if the key is referenced by its name in a KeyName element, the key should be retrieved from the local key store using the name, or a binding between this name and the name of the key. The key can be held locally or, alternatively, it could be the key name for an XKMS query.

Step 3: Decrypt the Data

If the data is obtained from a CipherValue element, the text must be base64 decoded to obtain the encryped octet sequence that the encryption algorithm expects. If the data is obtained by dereferencing a URI from a CipherReference element, any transforms specified must be performed on the data in order to retrieve the encrypted octet sequence. Decrypt the octet sequence according to the algorithm and key determined earlier.

Step 4: Process XML Elements or XML Element Content

At this stage, we have obtained UTF-8 encoded data. This must be placed into the original XML data in place of the EncryptedData structure. If the data is not an XML element or the content of an XML element, then skip to step 5.

Step 5: Process Data that Is Not an XML Element or XML Element Content

If the decrypted data is not an XML element or data in an XML element, then we pass it back to the application, which must know what to do with it. This is where the type information is essential. If it is not included with the encrypted data, it must be already known by the decrypting application.


Previous page
Table of content
Next page
Web Services Security
Web Services Security
ISBN: 0072224711
EAN: 2147483647
Year: 2003
Pages: 105
Authors: Mark ONeill
BUY ON AMAZON
Java I/O
Adobe After Effects 7.0 Studio Techniques
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
Sap Bw: a Step By Step Guide for Bw 2.0
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
GDI+ Programming with C#
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy