public void Encrypt_X509_XmlNull() { var certificate = TestHelpers.GetSampleX509Certificate(); XmlEncryption exml = new XmlEncryption(); Assert.Throws <ArgumentNullException>(() => exml.Encrypt(null, certificate.Item1)); }
public void Encrypt_DecryptDocument_AES() { XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; string xml = "<root> <child>sample</child> </root>"; doc.LoadXml(xml); var aes = CipherUtilities.GetCipher("AES/CBC/ZEROBYTEPADDING"); var random = new SecureRandom(); var ivdata = new byte[128 / 8]; var keydata = new byte[256 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); XmlEncryption exml = new XmlEncryption(); exml.AddKeyNameMapping("aes", param); EncryptedData ed = exml.Encrypt(doc.DocumentElement, "aes"); doc.LoadXml(ed.GetXml().OuterXml); XmlDecryption exmlDecryptor = new XmlDecryption(doc); exmlDecryptor.AddKeyNameMapping("aes", param); exmlDecryptor.DecryptDocument(); Assert.Equal(xml, doc.OuterXml); }
public static void Encrypt(Stream toEncrypt, RsaKeyParameters key, out KeyInfo keyInfo, out EncryptionMethod encryptionMethod, out CipherData cipherData) { var random = new SecureRandom(); var keyData = new byte[128 / 8]; var ivData = new byte[128 / 8]; random.NextBytes(ivData); random.NextBytes(keyData); var sessionKey = new ParametersWithIV(new KeyParameter(keyData), ivData); encryptionMethod = new EncryptionMethod(NS.XmlEncAES128Url); keyInfo = new KeyInfo(); EncryptedKey encKey; keyInfo.AddClause( new KeyInfoEncryptedKey( encKey = new EncryptedKey() { CipherData = new CipherData(XmlEncryption.EncryptKey(keyData, key, useOAEP: true)), EncryptionMethod = new EncryptionMethod(NS.XmlEncRSAOAEPUrl) })); encKey.KeyInfo.AddClause(new RsaKeyValue(key)); byte[] dataToEncrypt = new byte[toEncrypt.Length]; toEncrypt.Read(dataToEncrypt, 0, (int)toEncrypt.Length); var encryptedXml = new XmlEncryption(); encryptedXml.SetPadding("PKCS7"); encryptedXml.SetMode("CBC"); byte[] encryptedData = encryptedXml.EncryptData(dataToEncrypt, sessionKey); cipherData = new CipherData(encryptedData); }
public void DecryptEncryptedKey_KeyInfoEncryptedKey() { XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; string xml = "<root> <child>sample</child> </root>"; doc.LoadXml(xml); var random = new SecureRandom(); var keydata = new byte[256 / 8]; random.NextBytes(keydata); var param = new KeyParameter(keydata); keydata = new byte[128 / 8]; random.NextBytes(keydata); var innerParam = new KeyParameter(keydata); keydata = new byte[192 / 8]; random.NextBytes(keydata); var outerParam = new KeyParameter(keydata); XmlDecryption exml = new XmlDecryption(doc); exml.AddKeyNameMapping("aes", param); EncryptedKey ekey = new EncryptedKey(); byte[] encKeyBytes = XmlEncryption.EncryptKey(outerParam.GetKey(), param); ekey.CipherData = new CipherData(encKeyBytes); ekey.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url); ekey.Id = "Key_ID"; ekey.KeyInfo = new KeyInfo(); ekey.KeyInfo.AddClause(new KeyInfoName("aes")); KeyInfo topLevelKeyInfo = new KeyInfo(); topLevelKeyInfo.AddClause(new KeyInfoEncryptedKey(ekey)); EncryptedKey ekeyTopLevel = new EncryptedKey(); byte[] encTopKeyBytes = XmlEncryption.EncryptKey(innerParam.GetKey(), outerParam); ekeyTopLevel.CipherData = new CipherData(encTopKeyBytes); ekeyTopLevel.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url); ekeyTopLevel.KeyInfo = topLevelKeyInfo; doc.LoadXml(ekeyTopLevel.GetXml().OuterXml); byte[] decryptedKey = exml.DecryptEncryptedKey(ekeyTopLevel); Assert.Equal(innerParam.GetKey(), decryptedKey); EncryptedData eData = new EncryptedData(); eData.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url); eData.KeyInfo = topLevelKeyInfo; var decryptedAlg = exml.GetDecryptionKey(eData, NS.None); Assert.Equal(outerParam.GetKey(), ((KeyParameter)decryptedAlg).GetKey()); }
public void DecryptData_CipherReference_InvalidUri() { XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; string xml = "<root> <child>sample</child> </root>"; doc.LoadXml(xml); var random = new SecureRandom(); var ivdata = new byte[128 / 8]; var keydata = new byte[256 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); XmlEncryption exml = new XmlEncryption(); XmlDecryption dexml = new XmlDecryption(); exml.AddKeyNameMapping("aes", param); EncryptedData ed = exml.Encrypt(doc.DocumentElement, "aes"); ed.CipherData = new CipherData(); ed.CipherData.CipherReference = new CipherReference("invaliduri"); Action decrypt = () => dexml.DecryptData(ed, param); Assert.Throws <System.Security.Cryptography.CryptographicException>(decrypt); }
public void EncryptKey_RSA_KeyDataNull() { var keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); var pair = keyGen.GenerateKeyPair(); Assert.Throws <ArgumentNullException>(() => XmlEncryption.EncryptKey(null, (RsaKeyParameters)pair.Public, false)); }
public void EncryptData_Xml_SymmetricAlgorithmNull() { XmlDocument doc = new XmlDocument(); doc.LoadXml("<root />"); XmlEncryption ex = new XmlEncryption(); Assert.Throws <ArgumentNullException>(() => ex.EncryptData(doc.DocumentElement, null, true)); }
public void Encrypt_MissingKey() { XmlDocument doc = new XmlDocument(); doc.LoadXml("<root />"); XmlEncryption exml = new XmlEncryption(); Assert.Throws <System.Security.Cryptography.CryptographicException>(() => exml.Encrypt(doc.DocumentElement, "aes")); }
public void Encrypt_KeyNameNull() { XmlDocument doc = new XmlDocument(); doc.LoadXml("<root />"); XmlEncryption exml = new XmlEncryption(); string keyName = null; Assert.Throws <ArgumentNullException>(() => exml.Encrypt(doc.DocumentElement, keyName)); }
public void Encrypt_X509_CertificateNull() { XmlDocument doc = new XmlDocument(); doc.LoadXml("<root />"); XmlEncryption exml = new XmlEncryption(); X509Certificate certificate = null; Assert.Throws <ArgumentNullException>(() => exml.Encrypt(doc.DocumentElement, certificate)); }
public void RoundtripSample1() { using (StringWriter sw = new StringWriter()) { { XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; doc.LoadXml("<root> <child>sample</child> </root>"); XmlElement body = doc.DocumentElement; var aes = CipherUtilities.GetCipher("AES/CBC/ZEROBYTEPADDING"); var ivdata = Convert.FromBase64String("pBUM5P03rZ6AE4ZK5EyBrw=="); var keydata = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640="); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); XmlEncryption exml = new XmlEncryption(); byte[] encrypted = exml.EncryptData(body, param, false); EncryptedData edata = new EncryptedData(); edata.Type = XmlNameSpace.Url[NS.XmlEncElementUrl]; edata.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url); EncryptedKey ekey = new EncryptedKey(); byte[] encKeyBytes = keydata; ekey.CipherData = new CipherData(encKeyBytes); ekey.EncryptionMethod = new EncryptionMethod(NS.XmlEncRSA15Url); DataReference dr = new DataReference(); dr.Uri = "_0"; ekey.AddReference(dr); edata.KeyInfo.AddClause(new KeyInfoEncryptedKey(ekey)); ekey.KeyInfo.AddClause(new RsaKeyValue()); edata.CipherData.CipherValue = encrypted; XmlDecryption.ReplaceElement(doc.DocumentElement, edata, false); doc.Save(new XmlTextWriter(sw)); } { var aes = CipherUtilities.GetCipher("AES/CBC/ZEROBYTEPADDING"); var random = new SecureRandom(); var ivdata = new byte[aes.GetBlockSize()]; var keydata = Convert.FromBase64String("o/ilseZu+keLBBWGGPlUHweqxIPc4gzZEFWr2nBt640="); random.NextBytes(ivdata); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; doc.LoadXml(sw.ToString()); XmlDecryption encxml = new XmlDecryption(doc); EncryptedData edata = new EncryptedData(); edata.LoadXml(doc.DocumentElement); encxml.ReplaceData(doc.DocumentElement, encxml.DecryptData(edata, param)); } } }
public void EncryptKey_KeyNull() { var random = new SecureRandom(); var ivdata = new byte[128 / 8]; var keydata = new byte[256 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); Assert.Throws <ArgumentNullException>(() => XmlEncryption.EncryptKey(null, new KeyParameter(keydata))); }
public void EncryptKey_RSA_UseOAEP() { byte[] data = Encoding.ASCII.GetBytes("12345678"); var keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); var pair = keyGen.GenerateKeyPair(); byte[] encryptedData = XmlEncryption.EncryptKey(data, (RsaKeyParameters)pair.Public, true); byte[] decryptedData = XmlDecryption.DecryptKey(encryptedData, (RsaKeyParameters)pair.Private, true); Assert.Equal(data, decryptedData); }
public void DecryptData_CipherReference_IdUri() { XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; string xml = "<root> <child>sample</child> </root>"; doc.LoadXml(xml); var random = new SecureRandom(); var ivdata = new byte[128 / 8]; var keydata = new byte[256 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); XmlEncryption exml = new XmlEncryption(doc); XmlDecryption dexml = new XmlDecryption(doc); string cipherValue = Convert.ToBase64String(exml.EncryptData(Encoding.UTF8.GetBytes(xml), param)); EncryptedData ed = new EncryptedData(); ed.Type = XmlNameSpace.Url[NS.XmlEncElementUrl]; ed.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url); ed.CipherData = new CipherData(); ed.CipherData.CipherReference = new CipherReference("#ID_0"); string xslt = "<xsl:stylesheet version=\"1.0\" xmlns:xsl=\"http://www.w3.org/1999/XSL/Transform\"><xsl:template match = \"/\"><xsl:value-of select=\".\" /></xsl:template></xsl:stylesheet>"; XmlDsigXsltTransform xsltTransform = new XmlDsigXsltTransform(); XmlDocument xsltDoc = new XmlDocument(); xsltDoc.LoadXml(xslt); xsltTransform.LoadInnerXml(xsltDoc.ChildNodes); ed.CipherData.CipherReference.AddTransform(xsltTransform); ed.CipherData.CipherReference.AddTransform(new XmlDsigBase64Transform()); doc.LoadXml("<root></root>"); XmlNode encryptedDataNode = doc.ImportNode(ed.GetXml(), true); doc.DocumentElement.AppendChild(encryptedDataNode); XmlElement cipherDataByReference = doc.CreateElement("CipherData"); cipherDataByReference.SetAttribute("ID", "ID_0"); cipherDataByReference.InnerText = cipherValue; doc.DocumentElement.AppendChild(cipherDataByReference); string decryptedXmlString = Encoding.UTF8.GetString(dexml.DecryptData(ed, param)); Assert.Equal(xml, decryptedXmlString); }
public void EncryptData_Xml_XmlElementNull() { XmlEncryption ex = new XmlEncryption(); var random = new SecureRandom(); var ivdata = new byte[128 / 8]; var keydata = new byte[256 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); Assert.Throws <ArgumentNullException>(() => ex.EncryptData(null, param, true)); }
public void AddKeyNameMapping_KeyNameNull() { XmlEncryption exml = new XmlEncryption(); var random = new SecureRandom(); var ivdata = new byte[128 / 8]; var keydata = new byte[256 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); Assert.Throws <ArgumentNullException>(() => exml.AddKeyNameMapping(null, param)); }
public void EncryptKey_AES() { var random = new SecureRandom(); var keydata = new byte[256 / 8]; random.NextBytes(keydata); var param = new KeyParameter(keydata); byte[] key = Encoding.ASCII.GetBytes("123456781234567812345678"); byte[] encryptedKey = XmlEncryption.EncryptKey(key, param); Assert.NotNull(encryptedKey); Assert.Equal(key, XmlDecryption.DecryptKey(encryptedKey, param)); }
private static void EncryptElement(XmlDocument doc, string elementName, ICipherParameters key) { var elementToEncrypt = (XmlElement)doc.GetElementsByTagName(elementName)[0]; var encryptedXml = new XmlEncryption(); var encryptedData = new EncryptedData() { Type = XmlNameSpace.Url[NS.XmlEncElementUrl], EncryptionMethod = new EncryptionMethod(GetEncryptionMethodName(key)) }; encryptedData.CipherData.CipherValue = encryptedXml.EncryptData(elementToEncrypt, key, false); XmlDecryption.ReplaceElement(elementToEncrypt, encryptedData, false); }
public void DecryptKey_AESCorruptedKey8Bytes() { var random = new SecureRandom(); var keydata = new byte[256 / 8]; random.NextBytes(keydata); var param = new KeyParameter(keydata); byte[] key = Encoding.ASCII.GetBytes("12345678"); byte[] encryptedKey = XmlEncryption.EncryptKey(key, param); encryptedKey[0] ^= 0xFF; Assert.Throws <System.Security.Cryptography.CryptographicException>(() => XmlDecryption.DecryptKey(encryptedKey, param)); }
public void Properties() { XmlEncryption exml = new XmlEncryption(); exml.SetXmlDSigSearchDepth(10); exml.SetResolver(null); exml.SetPadding("NOPADDING"); exml.SetMode("CBC"); exml.SetEncoding(Encoding.ASCII); exml.Recipient = "Recipient"; Assert.Equal(10, exml.GetXmlDSigSearchDepth()); Assert.Null(exml.GetResolver()); Assert.Equal("NOPADDING", exml.GetPadding()); Assert.Equal("CBC", exml.GetMode()); Assert.Equal(Encoding.ASCII, exml.GetEncoding()); Assert.Equal("Recipient", exml.Recipient); }
private void CheckEncryptionMethod(object algorithm, string uri) { XmlDocument doc = new XmlDocument(); doc.LoadXml("<root />"); XmlEncryption exml = new XmlEncryption(); exml.AddKeyNameMapping("key", algorithm); EncryptedData edata = exml.Encrypt(doc.DocumentElement, "key"); IEnumerator keyInfoEnum = edata.KeyInfo.GetEnumerator(); keyInfoEnum.MoveNext(); KeyInfoEncryptedKey kiEncKey = keyInfoEnum.Current as KeyInfoEncryptedKey; Assert.NotNull(edata); Assert.Equal(uri, XmlNameSpace.Url[kiEncKey.GetEncryptedKey().EncryptionMethod.KeyAlgorithm]); Assert.NotNull(edata.CipherData.CipherValue); }
public void GetDecryptionKey_CarriedKeyName() { var random = new SecureRandom(); var ivdata = new byte[128 / 8]; var keydata = new byte[256 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); keydata = new byte[128 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var innerParam = new ParametersWithIV(new KeyParameter(keydata), ivdata); EncryptedData edata = new EncryptedData(); edata.KeyInfo = new KeyInfo(); edata.KeyInfo.AddClause(new KeyInfoName("aes")); EncryptedKey ekey = new EncryptedKey(); byte[] encKeyBytes = XmlEncryption.EncryptKey(((KeyParameter)innerParam.Parameters).GetKey(), (KeyParameter)param.Parameters); ekey.CipherData = new CipherData(encKeyBytes); ekey.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url); ekey.CarriedKeyName = "aes"; ekey.KeyInfo = new KeyInfo(); ekey.KeyInfo.AddClause(new KeyInfoName("another_aes")); XmlDocument doc = new XmlDocument(); doc.LoadXml(ekey.GetXml().OuterXml); XmlDecryption exml = new XmlDecryption(doc); exml.AddKeyNameMapping("another_aes", param); var decryptedAlg = exml.GetDecryptionKey(edata, NS.XmlEncAES256Url); Assert.IsType <KeyParameter>(decryptedAlg); Assert.Equal(((KeyParameter)innerParam.Parameters).GetKey(), ((KeyParameter)decryptedAlg).GetKey()); }
private XmlDocument GetTransformedOutput(XmlDocument doc, string nodeToEncrypt) { var aes = CipherUtilities.GetCipher("AES/CBC/PKCS7"); var random = new SecureRandom(); var keyData = new byte[aes.GetBlockSize()]; var ivData = new byte[aes.GetBlockSize()]; random.NextBytes(ivData); random.NextBytes(keyData); var key = new ParametersWithIV(new KeyParameter(keyData), ivData); var encryptedXml = new XmlEncryption(); encryptedXml.AddKeyNameMapping("aes", key); XmlElement elementToEncrypt = (XmlElement)doc.DocumentElement.SelectSingleNode(nodeToEncrypt); EncryptedData encryptedData = encryptedXml.Encrypt(elementToEncrypt, "aes"); XmlDecryption.ReplaceElement(elementToEncrypt, encryptedData, false); XmlNamespaceManager xmlNamespaceManager = new XmlNamespaceManager(doc.NameTable); xmlNamespaceManager.AddNamespace("enc", XmlNameSpace.Url[NS.XmlEncNamespaceUrl]); XmlElement encryptedNode = (XmlElement)doc.DocumentElement.SelectSingleNode("//enc:EncryptedData", xmlNamespaceManager); encryptedNode.SetAttribute("ID", "#_0"); transform.LoadInput(doc); var dencryptedXml = new XmlDecryption(); dencryptedXml.AddKeyNameMapping("aes", key); transform.XmlDecryption = dencryptedXml; XmlDocument transformedDocument = (XmlDocument)transform.GetOutput(); transform.XmlDecryption = null; return(transformedDocument); }
private static void Encrypt(XmlDocument doc, string elementName, string encryptionElementID, RsaKeyParameters rsaKey, string keyName, bool useOAEP) { var elementToEncrypt = (XmlElement)doc.GetElementsByTagName(elementName)[0]; var sessionKeyData = EncryptingAndDecryptingSymmetric.GenerateBlock(256); var sessionKeyIV = EncryptingAndDecryptingSymmetric.GenerateBlock(128); var sessionKey = new ParametersWithIV(new KeyParameter(sessionKeyData), sessionKeyIV); var encryptedKey = new EncryptedKey() { CipherData = new CipherData(XmlEncryption.EncryptKey(sessionKeyData, rsaKey, useOAEP)), EncryptionMethod = new EncryptionMethod(useOAEP ? NS.XmlEncRSAOAEPUrl : NS.XmlEncRSA15Url) }; encryptedKey.AddReference(new DataReference() { Uri = "#" + encryptionElementID }); var encryptedData = new EncryptedData() { Type = XmlNameSpace.Url[NS.XmlEncElementUrl], Id = encryptionElementID, EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url) }; encryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedKey)); encryptedKey.KeyInfo.AddClause(new KeyInfoName() { Value = keyName }); var encryptedXml = new XmlEncryption(); encryptedData.CipherData.CipherValue = encryptedXml.EncryptData(elementToEncrypt, sessionKey, false); XmlDecryption.ReplaceElement(elementToEncrypt, encryptedData, false); }
internal static SamlResponse Parse(string xml, IConfiguration configuration) { var samlXml = new XmlDocument(); samlXml.LoadXml(xml); try { XmlEncryption.DecryptXml( (RSACng)configuration.SamlCertificate.GetRSAPrivateKey(), samlXml, new[] { "//*[local-name() = 'EncryptedID']", "//*[local-name() = 'EncryptedAttribute']" }); } catch (Exception e) { throw new CommunicatorException("Error decrypting data. See inner exception for more details.", e); } var doc = ResponseType.Deserialize(samlXml.InnerXml); return(new SamlResponse(doc)); }
public void Encrypt_X509() { XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; string xml = "<root> <child>sample</child> </root>"; doc.LoadXml(xml); var certificate = TestHelpers.GetSampleX509Certificate(); XmlEncryption exml = new XmlEncryption(); EncryptedData ed = exml.Encrypt(doc.DocumentElement, certificate.Item1); Assert.NotNull(ed); doc.LoadXml(ed.GetXml().OuterXml); XmlNamespaceManager nm = new XmlNamespaceManager(doc.NameTable); nm.AddNamespace("enc", XmlNameSpace.Url[NS.XmlEncNamespaceUrl]); Assert.NotNull(doc.SelectSingleNode("//enc:EncryptedKey", nm)); Assert.DoesNotContain("sample", doc.OuterXml); }
internal static SamlResponse Parse(string xml, IConfiguration configuration) { var samlXml = new XmlDocument(); samlXml.LoadXml(xml); ICollection <SamlAttributesEncryptionKey> encryptedAttributesEncryptionKeys = new Collection <SamlAttributesEncryptionKey>(); try { encryptedAttributesEncryptionKeys = XmlEncryption.DecryptXml( configuration.SamlCertificate.PrivateKey as RSACryptoServiceProvider, samlXml, new[] { "//*[local-name() = 'EncryptedID']", "//*[local-name() = 'EncryptedAttribute']" }); } catch (Exception e) { throw new CommunicatorException("Error decrypting data. See inner exception for more details.", e); } var doc = ResponseType.Deserialize(samlXml.InnerXml); return(new SamlResponse(doc, encryptedAttributesEncryptionKeys)); }
public void PropagatedNamespaces_XmlDecryptionTransform(bool addPropagatedNamespace, string expectedResult) { XmlDocument baseDocument = new XmlDocument(); baseDocument.LoadXml("<a><b><c xmlns=\"urn:foo\"/></b></a>"); var aes = CipherUtilities.GetCipher("AES/CBC/PKCS7"); var random = new SecureRandom(); var keyData = new byte[aes.GetBlockSize()]; var ivData = new byte[aes.GetBlockSize()]; random.NextBytes(ivData); random.NextBytes(keyData); var key = new ParametersWithIV(new KeyParameter(keyData), ivData); XmlEncryption encryptedXml = new XmlEncryption(baseDocument); XmlDecryption decryptedXml = new XmlDecryption(baseDocument); encryptedXml.AddKeyNameMapping("key", key); decryptedXml.AddKeyNameMapping("key", key); XmlElement bElement = (XmlElement)baseDocument.DocumentElement.SelectSingleNode("b"); EncryptedData encryptedData = encryptedXml.Encrypt(bElement, "key"); XmlDecryption.ReplaceElement(bElement, encryptedData, false); XmlDecryptionTransform decryptionTransform = new XmlDecryptionTransform(); decryptionTransform.XmlDecryption = decryptedXml; decryptionTransform.LoadInput(baseDocument); if (addPropagatedNamespace) { decryptionTransform.PropagatedNamespaces.Add("f", "urn:foo"); } XmlDocument decryptedDocument = (XmlDocument)decryptionTransform.GetOutput(typeof(XmlDocument)); Assert.Equal(expectedResult, decryptedDocument.OuterXml); }
private static void Encrypt(XmlDocument doc, string elementName, string encryptionElementID, ICipherParameters key, string keyName, Func <ICipherParameters> innerKeyFactory) { var elementToEncrypt = (XmlElement)doc.GetElementsByTagName(elementName)[0]; ICipherParameters innerKey = innerKeyFactory(); var encryptedKey = new EncryptedKey() { CipherData = new CipherData(XmlEncryption.EncryptKey(((KeyParameter)((ParametersWithIV)innerKey).Parameters).GetKey(), (KeyParameter)((ParametersWithIV)key).Parameters)), EncryptionMethod = new EncryptionMethod(EncryptingAndDecryptingSymmetric.GetEncryptionMethodName(key, keyWrap: true)) }; encryptedKey.AddReference(new DataReference() { Uri = "#" + encryptionElementID }); var encryptedData = new EncryptedData() { Type = XmlNameSpace.Url[NS.XmlEncElementUrl], Id = encryptionElementID, EncryptionMethod = new EncryptionMethod(EncryptingAndDecryptingSymmetric.GetEncryptionMethodName(innerKey, keyWrap: false)) }; encryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedKey)); encryptedKey.KeyInfo.AddClause(new KeyInfoName() { Value = keyName }); var encryptedXml = new XmlEncryption(); encryptedData.CipherData.CipherValue = encryptedXml.EncryptData(elementToEncrypt, innerKey, false); XmlDecryption.ReplaceElement(elementToEncrypt, encryptedData, false); }
public static void DecryptWithCertificate_NotInStore() { const string SecretMessage = "Grilled cheese is tasty"; XmlDocument document = new XmlDocument(); document.LoadXml($"<data><secret>{SecretMessage}</secret></data>"); XmlElement toEncrypt = (XmlElement)document.DocumentElement.FirstChild; var cert = TestHelpers.GetSampleX509Certificate(); XmlEncryption encryptor = new XmlEncryption(document); EncryptedData encryptedElement = encryptor.Encrypt(toEncrypt, cert.Item1); XmlDecryption.ReplaceElement(toEncrypt, encryptedElement, false); XmlDocument document2 = new XmlDocument(); document2.LoadXml(document.OuterXml); XmlDecryption decryptor = new XmlDecryption(document2); Assert.Throws <System.Security.Cryptography.CryptographicException>(() => decryptor.DecryptDocument()); Assert.DoesNotContain(SecretMessage, document2.OuterXml); }