Listing 1

<soap:Envelope 
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2003/06/secext">
<soap:Header>
...
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp 
wsu:Id="Timestamp-c600bbb2-7d35-441a-ad89-6b356777c2da"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2003/06/utility">
<wsu:Created 
wsu:Id="Id-69e5ed3d-ef43-4995-af05-1eb146d96f80"
>2004-01-06T21:50:20Z</wsu:Created>
<wsu:Expires 
wsu:Id="Id-09185624-4f41-44eb-8dd6-4bed57f53c54"
>2004-01-06T21:55:20Z</wsu:Expires>
</wsu:Timestamp>
<wsse:BinarySecurityToken ValueType="wsse:X509v3"
EncodingType="wsse:Base64Binary" 
xmlns:wsu="http://schemas.xmlsoap.org/ws/2003/06/utility" 
wsu:Id="SecurityToken-69b4cdaa-4cf4-4e88-a591-78d0c73ba61d"
>MIIFIDCCBAigAwIBMRM ...=</wsse:BinarySecurityToken>
<xenc:EncryptedKey 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier 
ValueType="wsse:X509v3"
>F5XpYpi3n00/mqB8/W8tWIBF4TA=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</KeyInfo>
<xenc:CipherData>
<xenc:CipherValue
>GSwglkSTqNM5h5nyzeZSFNTWMpQ ...=</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference 
URI="#EncryptedContent-48d1ac67-0bab-4e8e-99d3-b12c45ebebbb" />
</xenc:ReferenceList>
</xenc:EncryptedKey>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#Id-8b4fd84b-44a5-41c7-8458-0f11eb9c2883">
<Transforms>
<Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>cEKveGWL2UBX5TRrF4yyqtyxKg0=</DigestValue>
</Reference>
...
</SignedInfo>
<SignatureValue>P3Ah7ZhCZucoEz20y2BFsJ...=</SignatureValue>
<KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference 
URI="#SecurityToken-69b4cdaa-4cf4-4e88-a591-78d0c73ba61d" 
ValueType="wsse:X509v3" />
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="Id-8b4fd84b-44a5-41c7-8458-0f11eb9c2883" 
xmlns:wsu="http://schemas.xmlsoap.org/ws/2003/06/utility">
<xenc:EncryptedData 
Id="EncryptedContent-48d1ac67-0bab-4e8e-99d3-b12c45ebebbb" 
Type="http://www.w3.org/2001/04/xmlenc#Content" 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
<xenc:CipherData>
<xenc:CipherValue>s1SNQenKOIFQQxF...=</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</soap:Body>
</soap:Envelope>

Listing 2

// Instantiate a new binary security token for the
// X.509 certificate used to sign the message
X509SecurityToken myToken;

// Set the key bytes based on the supplied key string
byte[] keyIdentifer;
keyIdentifer = Convert.FromBase64String(keyString);

// Open and read the current user certificate store
X509CertificateStore myStore;
myStore = X509CertificateStore.CurrentUserStore(
X509CertificateStore.MyStore);
myStore.OpenRead();

// Get the certificate that matches the supplied key 
X509CertificateCollection myCerts;
myCerts = myStore.FindCertificateByKeyIdentifier(
keyIdentifer);

// Instantiate a new certificate object
X509Certificate myCert = null;

// If the collection is not empty, get the first 
// certificate in the collection 
if (myCerts.Count == 1)
{
// Use the returned certificate 
myCert = myCerts[0];

// Create the security token 
// based on the certificate 
myToken = new X509SecurityToken(myCert);

// Return the token
return myToken;
}
else if(myCerts.Count > 1)
{
// Multiple certificates exists 
// with the same key
MessageBox.Show("There are more than one "
+ "certificates corresponding to the key " 
+ keyString + ". \n"
+ "Please resolve this issue.");
}
else
{ 
// The certificate could not be found
MessageBox.Show("The certificate corresponding "
+ "to the key " + keyString 
+ " could not be found. \n"
+ " Please verify that this certificate is "
+ "installed properly.");
}
return null;

Listing 3

// Instantiate the Web service 
DocumentServiceWse myService; 
myService = new DocumentServiceWse();

// Create a new SoapContext for the request message
SoapContext myReqContext;
myReqContext = myService.RequestSoapContext; 

if (myTokens[0] != null)
{
// Add the new token to the Security.Tokens 
// collection in the SoapContext of the 
// request message 
myReqContext.Security.Tokens.Add(myTokens[0]);

// Verify that the token can be used for signing
if (myTokens[0].SupportsDigitalSignature)
{
// Create a Signature using the token
Signature mySig = new Signature(myTokens[0]);

// Add the Signature to the SoapContext 
myReqContext.Security.Elements.Add(mySig);

// If we have a second token, verify that 
// it is a X509-based token that 
// supports encryption
if (myTokens[1] != null && 
myTokens[1].TokenType == TokenType.X509v3 
&& myTokens[1].SupportsDataEncryption)
{
// Create a new EncryptedData object
// that tells WSE to encrypt the 
// message body using the provided 
// security token 
EncryptedData myEncData;
myEncData = new EncryptedData(myTokens[1]);

// Add the EncryptedData to the SoapContext
myReqContext.Security.Elements.Add(myEncData); 
}
}
else
{
throw new ApplicationException("You cannot use "
+ "this token to access the service.");
}

try
{
// call the GetDocument method on the Web service
docNames = myService.GetDocument(docNames);

// get the context from the response message 
// that contains XML documents as attachments
SoapContext myRespContext;
myRespContext = myService.ResponseSoapContext;

// get the XML documents from the attachments
string[] myDocs;
myDocs = GetAttachments(myRespContext, docNames);

// return the XML documents
return myDocs;
}
catch(Exception ex)
{
throw new ApplicationException(ex.Message);
} 
}
return null;
vb