What are those "garbage" 16 bytes at the beginning of an unencrypted EncryptedData tag from an encrypted ws-security SOAP message? (WCF)

Question

I'm inspecting a WCF request message in order to implement part of the WS-Security standard to have iPhone <-> WCF intercommunication (I'm using certificate security over basicHttpBinding).
After reading the standard xmlenc-core I could decrypt both the SignedInfo and the Body tags, but I see 16 bytes at the beginning of both unencrypted tags from which I have no idea.
I create a sample application according to the standard in order to send request from the iPhone to a self hosted WCF but it continues responding "An error occurred when verifying security for the message". The only thing I don't know how to implement are those 16 bytes, does anybody knows what to use on those 16 bytes?

Thanks

score 2 · Accepted Answer · answered Nov 21 '09 at 17:39

2

When using Triple-DES and AES the cipher-text is prefixed by the IV. So when decrypting, you should use the first 16 bytes of the value as the IV and then perform the AES-CBC decryption on the remaining bytes. My guess is that you have forgotten this and thus are decrypting the IV also (which will yield garbage).

answered Nov 21 '09 at 17:39

Rasmus Faber

48,631
24
141
189

Thanks for the response! It's weird though, because every other time I've used the Crypto API on the iPhone none of those bytes appeared :S. Thanks anyway! – TehJabbit Nov 24 '09 at 13:30

What are those "garbage" 16 bytes at the beginning of an unencrypted EncryptedData tag from an encrypted ws-security SOAP message? (WCF)

1 Answers1