private static void EncryptAssertion(string certificate, TElXMLDOMNode nodeToEnrypt) { //var nodeToEnrypt = FXMLDocument.FindNode("saml2:Assertion", true); TElXMLEncryptor Encryptor; TElXMLKeyInfoSymmetricData SymKeyData; TElXMLKeyInfoRSAData RSAKeyData; TElXMLKeyInfoX509Data X509KeyData; TElXMLKeyInfoPGPData PGPKeyData; FileStream F; TElXMLDOMNode EncNode; Encryptor = new TElXMLEncryptor { EncryptKey = true, EncryptionMethod = 1, KeyName = String.Empty, EncryptedDataType = 0, KeyEncryptionType = 0, KeyTransportMethod = 1, KeyWrapMethod = 0 }; SymKeyData = new TElXMLKeyInfoSymmetricData(true); // generate random Key & IV SymKeyData.Key.Generate(32 * 8); SymKeyData.Key.GenerateIV(16 * 8); Encryptor.KeyData = SymKeyData; // xetKeyTransport RSAKeyData = new TElXMLKeyInfoRSAData(true); RSAKeyData.RSAKeyMaterial.Passphrase = String.Empty; X509KeyData = new TElXMLKeyInfoX509Data(true); PGPKeyData = new TElXMLKeyInfoPGPData(true); certificate = HostingEnvironment.MapPath("~/App_Data/ussitsps_test_pub.asc"); F = new FileStream(certificate, FileMode.Open, FileAccess.Read); PGPKeyData.PublicKey = new TElPGPPublicKey(); try { ((TElPGPPublicKey)PGPKeyData.PublicKey).LoadFromStream(F); } catch { PGPKeyData.PublicKey.Dispose(); PGPKeyData.PublicKey = null; } F.Close(); Encryptor.KeyEncryptionKeyData = PGPKeyData; //Encrypt Node Encryptor.Encrypt(nodeToEnrypt); // Save document EncNode = Encryptor.Save(FXMLDocument); //Replacing selected node with encrypted node var encryptedAssertion = FXMLDocument.CreateElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml2:EncryptedAssertion"); var nsAttr = FXMLDocument.CreateAttribute("xmlns:saml2"); nsAttr.Value = "urn:oasis:names:tc:SAML:2.0:assertion"; encryptedAssertion.Attributes.Add(nsAttr); encryptedAssertion.AppendChild(EncNode); nodeToEnrypt.ParentNode.ReplaceChild(encryptedAssertion, nodeToEnrypt); Encryptor.Dispose(); if (X509KeyData != null) { X509KeyData.Dispose(); } if (PGPKeyData != null) { PGPKeyData.Dispose(); } }
private static void EncryptAssertion(string certificate, TElXMLDOMNode nodeToEnrypt) { //var nodeToEnrypt = FXMLDocument.FindNode("saml2:Assertion", true); TElXMLEncryptor Encryptor; TElXMLKeyInfoSymmetricData SymKeyData; TElXMLKeyInfoRSAData RSAKeyData; TElXMLKeyInfoX509Data X509KeyData; TElXMLKeyInfoPGPData PGPKeyData; FileStream F; TElXMLDOMNode EncNode; Encryptor = new TElXMLEncryptor { EncryptKey = true, EncryptionMethod = 1, KeyName = String.Empty, EncryptedDataType = 0, KeyEncryptionType = 0, KeyTransportMethod = 1, KeyWrapMethod = 0 }; SymKeyData = new TElXMLKeyInfoSymmetricData(true); // generate random Key & IV SymKeyData.Key.Generate(32 * 8); SymKeyData.Key.GenerateIV(16 * 8); Encryptor.KeyData = SymKeyData; // xetKeyTransport RSAKeyData = new TElXMLKeyInfoRSAData(true); RSAKeyData.RSAKeyMaterial.Passphrase = String.Empty; X509KeyData = new TElXMLKeyInfoX509Data(true); PGPKeyData = new TElXMLKeyInfoPGPData(true); certificate = HostingEnvironment.MapPath("~/App_Data/ussitsps_test_pub.asc"); F = new FileStream(certificate, FileMode.Open, FileAccess.Read); PGPKeyData.PublicKey = new TElPGPPublicKey(); try { ((TElPGPPublicKey) PGPKeyData.PublicKey).LoadFromStream(F); } catch { PGPKeyData.PublicKey.Dispose(); PGPKeyData.PublicKey = null; } F.Close(); Encryptor.KeyEncryptionKeyData = PGPKeyData; //Encrypt Node Encryptor.Encrypt(nodeToEnrypt); // Save document EncNode = Encryptor.Save(FXMLDocument); //Replacing selected node with encrypted node var encryptedAssertion = FXMLDocument.CreateElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml2:EncryptedAssertion"); var nsAttr = FXMLDocument.CreateAttribute("xmlns:saml2"); nsAttr.Value = "urn:oasis:names:tc:SAML:2.0:assertion"; encryptedAssertion.Attributes.Add(nsAttr); encryptedAssertion.AppendChild(EncNode); nodeToEnrypt.ParentNode.ReplaceChild(encryptedAssertion, nodeToEnrypt); Encryptor.Dispose(); if (X509KeyData != null) X509KeyData.Dispose(); if (PGPKeyData != null) PGPKeyData.Dispose(); }