如何在PHP中解密加密的soap响应？

Question

我正在尝试使用PHP SoapClient实施Web服务。 Web服务受WS-Security保护。我正在使用此软件包https://github.com/robrichards/wse-php，并按照该软件包中提供的示例进行操作。

我应用了UsernameToken，对标头和正文进行了签名，并将加密的请求发送到了Web服务。

下面是代码段：

<?php
define('PRIVATE_KEY', dirname(__FILE__) . '/private.pem');
define('SERVICE_CERT', dirname(__FILE__) . '/downloadedfromwebpage.cer');
define('CERT_FILE', dirname(__FILE__) . '/convertedfromCER.pem');

class MySoap extends SoapClient {
    function __doRequest($request, $location, $saction, $version) {
        $doc = new DOMDocument('1.0');
        $doc->loadXML($request);

        $objWSSE = new WSSESoap($doc);

        // add Timestamp with no expiration timestamp
        $objWSSE->signAllHeaders = true; 
        $objWSSE->addTimestamp();

        // create new XMLSec Key using AES256_CBC and type is private key
        $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'private'));

        // load the private key from file - last arg is bool if key in file (TRUE) or is string (FALSE)
        $objKey->loadKey(PRIVATE_KEY, TRUE);

        // Sign the message - also signs appropiate WS-Security items
        $options = array("insertBefore" => FALSE, "");
        $objWSSE->signSoapDoc($objKey, $options);

        // Add certificate (BinarySecurityToken) to the message
        $token = $objWSSE->addBinaryToken(file_get_contents(CERT_FILE));

        // Attach pointer to Signature
        $objWSSE->attachTokentoSig($token);

        $objKey = new XMLSecurityKey(XMLSecurityKey::AES256_CBC);
        $objKey->generateSessionKey();

        $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type'=>'public'));
        $siteKey->loadKey(SERVICE_CERT, TRUE, TRUE);

        $options = array("KeyInfo" => array("X509SubjectKeyIdentifier" => true));
        $objWSSE->encryptSoapDoc($siteKey, $objKey, $options);

        $retVal = parent::__doRequest($objWSSE->saveXML(), $location, $saction, $version);

        #return $retVal;
        $doc = new DOMDocument();
        $doc->loadXML($retVal);

        $options = array("keys" => array("private" => array("key" => PRIVATE_KEY, "isFile" => true, "isCert" => false)));
        $objWSSE->decryptSoapDoc($doc, $options); // Here it always throws exception "Failure decrypting Data"

        return $doc->saveXML();
    }
}

我正在接收加密的响应，但无法解密。它总是抛出异常“数据解密失败”。
非常感谢您的帮助。