public ActionResult Index()
{
var xml = new XmlDocument();
xml.LoadXml("<message>Hello World</message>");
var model = new XmlModel();
model.PlainText = XmlToString(xml);
model.RecipientThumbprint = RecipientThumbprint;
model.SenderThumbprint = SenderThumbprint;
return View(model);
}
public ActionResult Index(XmlModel model)
{
if (model.Action == "encrypt")
{
var recipientCertificate = LoadCertificate(model.RecipientThumbprint);
var signingCertificate = LoadCertificate(model.SenderThumbprint);
var xmlDocument = new XmlDocument();
xmlDocument.LoadXml(model.PlainText);
var elementToEncrypt = xmlDocument.GetElementsByTagName("message")[0] as XmlElement;
var encryptedXml = new EncryptedXml();
// Encrypt the element.
var encryptedElement = encryptedXml.Encrypt(elementToEncrypt, recipientCertificate);
EncryptedXml.ReplaceElement(elementToEncrypt, encryptedElement, false);
// Sign the document
var signedXml = new SignedXml(xmlDocument) { SigningKey = signingCertificate.PrivateKey };
var reference = new Reference { Uri = string.Empty };
var transform = new XmlDsigC14NTransform();
reference.AddTransform(transform);
var envelope = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(envelope);
signedXml.AddReference(reference);
var keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(signingCertificate));
signedXml.KeyInfo = keyInfo;
signedXml.ComputeSignature();
var xmlDigitalSignature = signedXml.GetXml();
xmlDocument.DocumentElement.AppendChild(xmlDocument.ImportNode(xmlDigitalSignature, true));
model.PlainText = "";
model.Envelope = XmlToString(xmlDocument);
}
else if (model.Action == "decrypt")
{
var xmlDocument = new XmlDocument();
xmlDocument.LoadXml(model.Envelope);
// Validate the signature
var signedXml = new SignedXml(xmlDocument);
var nodeList = xmlDocument.GetElementsByTagName("Signature");
if (nodeList.Count <= 0)
{
throw new Exception("No signature found.");
}
signedXml.LoadXml((XmlElement)nodeList[0]);
AsymmetricAlgorithm signingKey;
if (!signedXml.CheckSignatureReturningKey(out signingKey))
{
throw new Exception("Invalid Signature");
}
else
{
IEnumerable<X509Certificate2> keyInfoCertificates =
signedXml.KeyInfo.OfType<KeyInfoX509Data>()
.SelectMany(x => x.Certificates.Cast<X509Certificate2>());
var signingCertificate = keyInfoCertificates.FirstOrDefault(x => x.PublicKey.Key == signingKey);
if (signingCertificate == null)
{
throw new Exception("Signing certificate not found in KeyInfo.");
}
model.SenderSubject = signingCertificate.Subject;
}
var encryptedXml = new EncryptedXml(xmlDocument);
encryptedXml.DecryptDocument();
model.Envelope = "";
model.PlainText = XmlToString(xmlDocument);
}
ModelState.Clear();
model.RecipientThumbprint = RecipientThumbprint;
model.SenderThumbprint = SenderThumbprint;
return View(model);
}