public void Encrypt_X509_XmlNull()
{
var certificate = TestHelpers.GetSampleX509Certificate();
XmlEncryption exml = new XmlEncryption();
Assert.Throws <ArgumentNullException>(() => exml.Encrypt(null, certificate.Item1));
}
public void DecryptData_CipherReference_InvalidUri()
{
XmlDocument doc = new XmlDocument();
doc.PreserveWhitespace = true;
string xml = "<root> <child>sample</child> </root>";
doc.LoadXml(xml);
var random = new SecureRandom();
var ivdata = new byte[128 / 8];
var keydata = new byte[256 / 8];
random.NextBytes(ivdata);
random.NextBytes(keydata);
var param = new ParametersWithIV(new KeyParameter(keydata), ivdata);
XmlEncryption exml = new XmlEncryption();
XmlDecryption dexml = new XmlDecryption();
exml.AddKeyNameMapping("aes", param);
EncryptedData ed = exml.Encrypt(doc.DocumentElement, "aes");
ed.CipherData = new CipherData();
ed.CipherData.CipherReference = new CipherReference("invaliduri");
Action decrypt = () => dexml.DecryptData(ed, param);
Assert.Throws <System.Security.Cryptography.CryptographicException>(decrypt);
}
public void Encrypt_DecryptDocument_AES()
{
XmlDocument doc = new XmlDocument();
doc.PreserveWhitespace = true;
string xml = "<root> <child>sample</child> </root>";
doc.LoadXml(xml);
var aes = CipherUtilities.GetCipher("AES/CBC/ZEROBYTEPADDING");
var random = new SecureRandom();
var ivdata = new byte[128 / 8];
var keydata = new byte[256 / 8];
random.NextBytes(ivdata);
random.NextBytes(keydata);
var param = new ParametersWithIV(new KeyParameter(keydata), ivdata);
XmlEncryption exml = new XmlEncryption();
exml.AddKeyNameMapping("aes", param);
EncryptedData ed = exml.Encrypt(doc.DocumentElement, "aes");
doc.LoadXml(ed.GetXml().OuterXml);
XmlDecryption exmlDecryptor = new XmlDecryption(doc);
exmlDecryptor.AddKeyNameMapping("aes", param);
exmlDecryptor.DecryptDocument();
Assert.Equal(xml, doc.OuterXml);
}
public void Encrypt_KeyNameNull()
{
XmlDocument doc = new XmlDocument();
doc.LoadXml("<root />");
XmlEncryption exml = new XmlEncryption();
string keyName = null;
Assert.Throws <ArgumentNullException>(() => exml.Encrypt(doc.DocumentElement, keyName));
}
public void Encrypt_X509_CertificateNull()
{
XmlDocument doc = new XmlDocument();
doc.LoadXml("<root />");
XmlEncryption exml = new XmlEncryption();
X509Certificate certificate = null;
Assert.Throws <ArgumentNullException>(() => exml.Encrypt(doc.DocumentElement, certificate));
}
private void CheckEncryptionMethod(object algorithm, string uri)
{
XmlDocument doc = new XmlDocument();
doc.LoadXml("<root />");
XmlEncryption exml = new XmlEncryption();
exml.AddKeyNameMapping("key", algorithm);
EncryptedData edata = exml.Encrypt(doc.DocumentElement, "key");
IEnumerator keyInfoEnum = edata.KeyInfo.GetEnumerator();
keyInfoEnum.MoveNext();
KeyInfoEncryptedKey kiEncKey = keyInfoEnum.Current as KeyInfoEncryptedKey;
Assert.NotNull(edata);
Assert.Equal(uri, XmlNameSpace.Url[kiEncKey.GetEncryptedKey().EncryptionMethod.KeyAlgorithm]);
Assert.NotNull(edata.CipherData.CipherValue);
}
private XmlDocument GetTransformedOutput(XmlDocument doc, string nodeToEncrypt)
{
var aes = CipherUtilities.GetCipher("AES/CBC/PKCS7");
var random = new SecureRandom();
var keyData = new byte[aes.GetBlockSize()];
var ivData = new byte[aes.GetBlockSize()];
random.NextBytes(ivData);
random.NextBytes(keyData);
var key = new ParametersWithIV(new KeyParameter(keyData), ivData);
var encryptedXml = new XmlEncryption();
encryptedXml.AddKeyNameMapping("aes", key);
XmlElement elementToEncrypt = (XmlElement)doc.DocumentElement.SelectSingleNode(nodeToEncrypt);
EncryptedData encryptedData = encryptedXml.Encrypt(elementToEncrypt, "aes");
XmlDecryption.ReplaceElement(elementToEncrypt, encryptedData, false);
XmlNamespaceManager xmlNamespaceManager = new XmlNamespaceManager(doc.NameTable);
xmlNamespaceManager.AddNamespace("enc", XmlNameSpace.Url[NS.XmlEncNamespaceUrl]);
XmlElement encryptedNode = (XmlElement)doc.DocumentElement.SelectSingleNode("//enc:EncryptedData", xmlNamespaceManager);
encryptedNode.SetAttribute("ID", "#_0");
transform.LoadInput(doc);
var dencryptedXml = new XmlDecryption();
dencryptedXml.AddKeyNameMapping("aes", key);
transform.XmlDecryption = dencryptedXml;
XmlDocument transformedDocument = (XmlDocument)transform.GetOutput();
transform.XmlDecryption = null;
return(transformedDocument);
}
public void Encrypt_X509()
{
XmlDocument doc = new XmlDocument();
doc.PreserveWhitespace = true;
string xml = "<root> <child>sample</child> </root>";
doc.LoadXml(xml);
var certificate = TestHelpers.GetSampleX509Certificate();
XmlEncryption exml = new XmlEncryption();
EncryptedData ed = exml.Encrypt(doc.DocumentElement, certificate.Item1);
Assert.NotNull(ed);
doc.LoadXml(ed.GetXml().OuterXml);
XmlNamespaceManager nm = new XmlNamespaceManager(doc.NameTable);
nm.AddNamespace("enc", XmlNameSpace.Url[NS.XmlEncNamespaceUrl]);
Assert.NotNull(doc.SelectSingleNode("//enc:EncryptedKey", nm));
Assert.DoesNotContain("sample", doc.OuterXml);
}
public void PropagatedNamespaces_XmlDecryptionTransform(bool addPropagatedNamespace, string expectedResult)
{
XmlDocument baseDocument = new XmlDocument();
baseDocument.LoadXml("<a><b><c xmlns=\"urn:foo\"/></b></a>");
var aes = CipherUtilities.GetCipher("AES/CBC/PKCS7");
var random = new SecureRandom();
var keyData = new byte[aes.GetBlockSize()];
var ivData = new byte[aes.GetBlockSize()];
random.NextBytes(ivData);
random.NextBytes(keyData);
var key = new ParametersWithIV(new KeyParameter(keyData), ivData);
XmlEncryption encryptedXml = new XmlEncryption(baseDocument);
XmlDecryption decryptedXml = new XmlDecryption(baseDocument);
encryptedXml.AddKeyNameMapping("key", key);
decryptedXml.AddKeyNameMapping("key", key);
XmlElement bElement = (XmlElement)baseDocument.DocumentElement.SelectSingleNode("b");
EncryptedData encryptedData = encryptedXml.Encrypt(bElement, "key");
XmlDecryption.ReplaceElement(bElement, encryptedData, false);
XmlDecryptionTransform decryptionTransform = new XmlDecryptionTransform();
decryptionTransform.XmlDecryption = decryptedXml;
decryptionTransform.LoadInput(baseDocument);
if (addPropagatedNamespace)
{
decryptionTransform.PropagatedNamespaces.Add("f", "urn:foo");
}
XmlDocument decryptedDocument = (XmlDocument)decryptionTransform.GetOutput(typeof(XmlDocument));
Assert.Equal(expectedResult, decryptedDocument.OuterXml);
}
public static void DecryptWithCertificate_NotInStore()
{
const string SecretMessage = "Grilled cheese is tasty";
XmlDocument document = new XmlDocument();
document.LoadXml($"<data><secret>{SecretMessage}</secret></data>");
XmlElement toEncrypt = (XmlElement)document.DocumentElement.FirstChild;
var cert = TestHelpers.GetSampleX509Certificate();
XmlEncryption encryptor = new XmlEncryption(document);
EncryptedData encryptedElement = encryptor.Encrypt(toEncrypt, cert.Item1);
XmlDecryption.ReplaceElement(toEncrypt, encryptedElement, false);
XmlDocument document2 = new XmlDocument();
document2.LoadXml(document.OuterXml);
XmlDecryption decryptor = new XmlDecryption(document2);
Assert.Throws <System.Security.Cryptography.CryptographicException>(() => decryptor.DecryptDocument());
Assert.DoesNotContain(SecretMessage, document2.OuterXml);
}
public void Encrypt_MissingKey()
{
XmlDocument doc = new XmlDocument();
doc.LoadXml("<root />");
XmlEncryption exml = new XmlEncryption();
Assert.Throws <System.Security.Cryptography.CryptographicException>(() => exml.Encrypt(doc.DocumentElement, "aes"));
}
public void Encrypt_XmlNull()
{
XmlEncryption exml = new XmlEncryption();
Assert.Throws <ArgumentNullException>(() => exml.Encrypt(null, "aes"));
}
