private static void EncryptAssertion(string certificate, TElXMLDOMNode nodeToEnrypt)
{
//var nodeToEnrypt = FXMLDocument.FindNode("saml2:Assertion", true);
TElXMLEncryptor Encryptor;
TElXMLKeyInfoSymmetricData SymKeyData;
TElXMLKeyInfoRSAData RSAKeyData;
TElXMLKeyInfoX509Data X509KeyData;
TElXMLKeyInfoPGPData PGPKeyData;
FileStream F;
TElXMLDOMNode EncNode;
Encryptor = new TElXMLEncryptor
{
EncryptKey = true,
EncryptionMethod = 1,
KeyName = String.Empty,
EncryptedDataType = 0,
KeyEncryptionType = 0,
KeyTransportMethod = 1,
KeyWrapMethod = 0
};
SymKeyData = new TElXMLKeyInfoSymmetricData(true);
// generate random Key & IV
SymKeyData.Key.Generate(32 * 8);
SymKeyData.Key.GenerateIV(16 * 8);
Encryptor.KeyData = SymKeyData;
// xetKeyTransport
RSAKeyData = new TElXMLKeyInfoRSAData(true);
RSAKeyData.RSAKeyMaterial.Passphrase = String.Empty;
X509KeyData = new TElXMLKeyInfoX509Data(true);
PGPKeyData = new TElXMLKeyInfoPGPData(true);
certificate = HostingEnvironment.MapPath("~/App_Data/ussitsps_test_pub.asc");
F = new FileStream(certificate, FileMode.Open, FileAccess.Read);
PGPKeyData.PublicKey = new TElPGPPublicKey();
try
{
((TElPGPPublicKey)PGPKeyData.PublicKey).LoadFromStream(F);
}
catch
{
PGPKeyData.PublicKey.Dispose();
PGPKeyData.PublicKey = null;
}
F.Close();
Encryptor.KeyEncryptionKeyData = PGPKeyData;
//Encrypt Node
Encryptor.Encrypt(nodeToEnrypt);
// Save document
EncNode = Encryptor.Save(FXMLDocument);
//Replacing selected node with encrypted node
var encryptedAssertion = FXMLDocument.CreateElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml2:EncryptedAssertion");
var nsAttr = FXMLDocument.CreateAttribute("xmlns:saml2");
nsAttr.Value = "urn:oasis:names:tc:SAML:2.0:assertion";
encryptedAssertion.Attributes.Add(nsAttr);
encryptedAssertion.AppendChild(EncNode);
nodeToEnrypt.ParentNode.ReplaceChild(encryptedAssertion, nodeToEnrypt);
Encryptor.Dispose();
if (X509KeyData != null)
{
X509KeyData.Dispose();
}
if (PGPKeyData != null)
{
PGPKeyData.Dispose();
}
}
private static void EncryptAssertion(string certificate, TElXMLDOMNode nodeToEnrypt)
{
//var nodeToEnrypt = FXMLDocument.FindNode("saml2:Assertion", true);
TElXMLEncryptor Encryptor;
TElXMLKeyInfoSymmetricData SymKeyData;
TElXMLKeyInfoRSAData RSAKeyData;
TElXMLKeyInfoX509Data X509KeyData;
TElXMLKeyInfoPGPData PGPKeyData;
FileStream F;
TElXMLDOMNode EncNode;
Encryptor = new TElXMLEncryptor
{
EncryptKey = true,
EncryptionMethod = 1,
KeyName = String.Empty,
EncryptedDataType = 0,
KeyEncryptionType = 0,
KeyTransportMethod = 1,
KeyWrapMethod = 0
};
SymKeyData = new TElXMLKeyInfoSymmetricData(true);
// generate random Key & IV
SymKeyData.Key.Generate(32 * 8);
SymKeyData.Key.GenerateIV(16 * 8);
Encryptor.KeyData = SymKeyData;
// xetKeyTransport
RSAKeyData = new TElXMLKeyInfoRSAData(true);
RSAKeyData.RSAKeyMaterial.Passphrase = String.Empty;
X509KeyData = new TElXMLKeyInfoX509Data(true);
PGPKeyData = new TElXMLKeyInfoPGPData(true);
certificate = HostingEnvironment.MapPath("~/App_Data/ussitsps_test_pub.asc");
F = new FileStream(certificate, FileMode.Open, FileAccess.Read);
PGPKeyData.PublicKey = new TElPGPPublicKey();
try
{
((TElPGPPublicKey) PGPKeyData.PublicKey).LoadFromStream(F);
}
catch
{
PGPKeyData.PublicKey.Dispose();
PGPKeyData.PublicKey = null;
}
F.Close();
Encryptor.KeyEncryptionKeyData = PGPKeyData;
//Encrypt Node
Encryptor.Encrypt(nodeToEnrypt);
// Save document
EncNode = Encryptor.Save(FXMLDocument);
//Replacing selected node with encrypted node
var encryptedAssertion = FXMLDocument.CreateElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml2:EncryptedAssertion");
var nsAttr = FXMLDocument.CreateAttribute("xmlns:saml2");
nsAttr.Value = "urn:oasis:names:tc:SAML:2.0:assertion";
encryptedAssertion.Attributes.Add(nsAttr);
encryptedAssertion.AppendChild(EncNode);
nodeToEnrypt.ParentNode.ReplaceChild(encryptedAssertion, nodeToEnrypt);
Encryptor.Dispose();
if (X509KeyData != null)
X509KeyData.Dispose();
if (PGPKeyData != null)
PGPKeyData.Dispose();
}