public bool DecryptBody(XmlDocument xmlDoc)
{
Algorithm keyEncryptionAlgorithm = _soapEnvelopeConfiguration.ApplyElement(Direction.Incoming, Usage.KeyEncryption).Algorithm;
X509Certificate2 cert = _certstore.ClientEncryptionCertificate();
RSACryptoServiceProvider privateKeyProvider = (RSACryptoServiceProvider)cert.PrivateKey;
// Get encrypted key
var encryptedKeyNodes = xmlDoc.GetElementsByTagName("xenc:EncryptedKey");
if (encryptedKeyNodes.Count == 0)
{
return(false);
}
var encryptedKeyElement = encryptedKeyNodes[0] as XmlElement;
EncryptedKey encKey = new EncryptedKey();
encKey.LoadXml(encryptedKeyElement);
// Decrypt key
bool useOaep;
encKey.EncryptionMethod = CalculateEncryptedKey(keyEncryptionAlgorithm, out useOaep);
var decryptedKey = EncryptedXml.DecryptKey(encKey.CipherData.CipherValue, privateKeyProvider, useOaep);
// Create tripledes key
var sessionKey = TripleDES.Create();
sessionKey.Key = decryptedKey;
// Get encrypted data
XmlElement encryptedElement = xmlDoc.GetElementsByTagName("xenc:EncryptedData")[0] as XmlElement;
EncryptedData edElement = new EncryptedData();
edElement.LoadXml(encryptedElement);
EncryptedXml exml = new EncryptedXml(xmlDoc);
var decryptedData = exml.DecryptData(edElement, sessionKey);
exml.ReplaceData(encryptedElement, decryptedData);
return(true);
}
public void Can_load_client_encryption()
{
Assert.IsNotNull(sut.ClientEncryptionCertificate());
}
