public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, string EncryptionElementID, RSA Alg, string KeyName) { // Check the arguments. if (Doc == null) { throw new ArgumentNullException("Doc"); } if (ElementToEncrypt == null) { throw new ArgumentNullException("ElementToEncrypt"); } if (EncryptionElementID == null) { throw new ArgumentNullException("EncryptionElementID"); } if (Alg == null) { throw new ArgumentNullException("Alg"); } if (KeyName == null) { throw new ArgumentNullException("KeyName"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // a new random symmetric key. ////////////////////////////////////////////////// // Create a 256 bit Rijndael key. RijndaelManaged sessionKey = new RijndaelManaged(); sessionKey.KeySize = 256; EncryptedXml eXml = new EncryptedXml(); byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, sessionKey, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.Type = EncryptedXml.XmlEncElementUrl; edElement.Id = EncryptionElementID; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. edElement.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url); // Encrypt the session key and add it to an EncryptedKey element. EncryptedKey ek = new EncryptedKey(); ek.Id = "keyID"; byte[] encryptedKey = EncryptedXml.EncryptKey(sessionKey.Key, Alg, false); ek.CipherData = new CipherData(encryptedKey); ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url); // Set the KeyInfo element to specify the // name of the RSA key. // Create a new KeyInfo element. edElement.KeyInfo = new KeyInfo(); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.Value = KeyName; // Add the KeyInfoName element to the // EncryptedKey object. ek.KeyInfo.AddClause(kin); // Create a new KeyReference object. // Use the uri of the encrypted key. KeyReference kryRef = new KeyReference("#keyID"); ek.AddReference(kryRef); // Create a new DataReference element // for the KeyInfo element. This optional // element specifies which EncryptedData // uses this key. An XML document can have // multiple EncryptedData elements that use // different keys. DataReference dRef = new DataReference(); // Specify the EncryptedData URI. dRef.Uri = "#" + EncryptionElementID; // Add the DataReference to the EncryptedKey. ek.AddReference(dRef); // Add the encrypted key to the // EncryptedData object. edElement.KeyInfo.AddClause(new KeyInfoEncryptedKey(ek)); // Add the encrypted element data to the // EncryptedData object. edElement.CipherData.CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); }
object ReadContent(XmlReader reader) { reader.MoveToContent(); if (reader.NodeType != XmlNodeType.Element) { throw new XmlException(String.Format("Node type {0} is not expected as a WS-Security message header content.", reader.NodeType)); } switch (reader.NamespaceURI) { case Constants.WsuNamespace: switch (reader.LocalName) { case "Timestamp": return(ReadTimestamp(reader)); } break; //case Constants.WstNamespace: case Constants.Wss11Namespace: if (reader.LocalName == "SignatureConfirmation") { return(ReadSignatureConfirmation(reader, doc)); } break; case SignedXml.XmlDsigNamespaceUrl: switch (reader.LocalName) { case "Signature": WSSignedXml sxml = new WSSignedXml(doc); sxml.Signature.LoadXml((XmlElement)doc.ReadNode(reader)); UpdateSignatureKeyInfo(sxml.Signature, doc, serializer); return(sxml); } break; case EncryptedXml.XmlEncNamespaceUrl: switch (reader.LocalName) { case "EncryptedData": XmlElement el = (XmlElement)doc.ReadNode(reader); return(CreateEncryptedData(el)); case "ReferenceList": ReferenceList rl = new ReferenceList(); reader.Read(); for (reader.MoveToContent(); reader.NodeType != XmlNodeType.EndElement; reader.MoveToContent()) { switch (reader.LocalName) { case "DataReference": DataReference dref = new DataReference(); dref.LoadXml((XmlElement)doc.ReadNode(reader)); rl.Add(dref); continue; case "KeyReference": KeyReference kref = new KeyReference(); kref.LoadXml((XmlElement)doc.ReadNode(reader)); rl.Add(kref); continue; } throw new XmlException(String.Format("Unexpected {2} node '{0}' in namespace '{1}' in ReferenceList.", reader.Name, reader.NamespaceURI, reader.NodeType)); } reader.ReadEndElement(); return(rl); } break; } // SecurityTokenReference will be handled here. // This order (Token->KeyIdentifierClause) is // important because WrappedKey could be read // in both context (but must be a token here). if (serializer.CanReadToken(reader)) { return(serializer.ReadToken(reader, resolver)); } else if (serializer.CanReadKeyIdentifierClause(reader)) { return(serializer.ReadKeyIdentifierClause(reader)); } else { throw new XmlException(String.Format("Unexpected element '{0}' in namespace '{1}' as a WS-Security message header content.", reader.Name, reader.NamespaceURI)); } }
public void AddReference(KeyReference keyReference) { }
public void AddReference(KeyReference keyReference) {}