예제 #1
0
        /// <summary>
        /// Creates an encrypted key.
        /// </summary>
        /// <param name="symmetricKey">Symmetric key that is to be encrypted.
        /// Cannot be null.</param>
        /// <param name="encryptCertificate">Certificate that will be
        /// used to encrypt the symmetric key. Cannot be null.</param>
        /// <param name="referenceIds">List of IDs which reference the
        /// 'xenc:EncryptedData' elements the key was used to encrypt.
        /// Cannot be null or empty.</param>
        /// <returns>'EncryptedKey' object.</returns>
        public static EncryptedKey CreateEncryptedKey(SymmetricAlgorithm symmetricKey,
                                                      X509Certificate2 encryptCertificate, IList <string> referenceIds)
        {
            // Encrypt the session key using the public key
            byte[] encryptedKeyData =
                EncryptedXml.EncryptKey(symmetricKey.Key,
                                        (RSA)encryptCertificate.PublicKey.Key, false);

            // Create the encrypted key
            EncryptedKey encryptedKey = new EncryptedKey();

            encryptedKey.CipherData       = new CipherData(encryptedKeyData);
            encryptedKey.EncryptionMethod =
                new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);

            // Set the key information for the encrypted key
            KeyInfoX509Data xd = new KeyInfoX509Data();

            xd.AddSubjectKeyId(CertificateUtils.GetSubjectKeyIdentifier(
                                   encryptCertificate).SubjectKeyIdentifier);
            encryptedKey.KeyInfo.AddClause(xd);

            // Add a data reference for each identifier
            foreach (string referenceId in referenceIds)
            {
                DataReference dataReference = new DataReference("#" + referenceId);
                encryptedKey.ReferenceList.Add(dataReference);
            }

            return(encryptedKey);
        }
예제 #2
0
        internal static void Encrypt(Stream toEncrypt, RsaKeyParameters key, out KeyInfo keyInfo, out EncryptionMethod encryptionMethod, out CipherData cipherData)
        {
            var random  = new SecureRandom();
            var keyData = new byte[128 / 8];
            var ivData  = new byte[128 / 8];

            random.NextBytes(ivData);
            random.NextBytes(keyData);
            var sessionKey = new ParametersWithIV(new KeyParameter(keyData), ivData);

            encryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES128Url);
            keyInfo          = new KeyInfo();

            EncryptedKey encKey;

            keyInfo.AddClause(
                new KeyInfoEncryptedKey(
                    encKey = new EncryptedKey()
            {
                CipherData       = new CipherData(EncryptedXml.EncryptKey(keyData, key, useOAEP: true)),
                EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSAOAEPUrl)
            }));

            encKey.KeyInfo.AddClause(new RSAKeyValue(key));

            byte[] dataToEncrypt = new byte[toEncrypt.Length];
            toEncrypt.Read(dataToEncrypt, 0, (int)toEncrypt.Length);

            var encryptedXml = new EncryptedXml();

            encryptedXml.Padding = "PKCS7";
            encryptedXml.Mode    = "CBC";
            byte[] encryptedData = encryptedXml.EncryptData(dataToEncrypt, sessionKey);
            cipherData = new CipherData(encryptedData);
        }
예제 #3
0
        public void GetDecryptionKey_CarriedKeyName()
        {
            using (Aes aes = Aes.Create())
                using (Aes innerAes = Aes.Create())
                {
                    innerAes.KeySize = 128;

                    EncryptedData edata = new EncryptedData();
                    edata.KeyInfo = new KeyInfo();
                    edata.KeyInfo.AddClause(new KeyInfoName("aes"));

                    EncryptedKey ekey        = new EncryptedKey();
                    byte[]       encKeyBytes = EncryptedXml.EncryptKey(innerAes.Key, aes);
                    ekey.CipherData       = new CipherData(encKeyBytes);
                    ekey.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);
                    ekey.CarriedKeyName   = "aes";
                    ekey.KeyInfo          = new KeyInfo();
                    ekey.KeyInfo.AddClause(new KeyInfoName("another_aes"));

                    XmlDocument doc = new XmlDocument();
                    doc.LoadXml(ekey.GetXml().OuterXml);

                    EncryptedXml exml = new EncryptedXml(doc);
                    exml.AddKeyNameMapping("another_aes", aes);
                    SymmetricAlgorithm decryptedAlg = exml.GetDecryptionKey(edata, EncryptedXml.XmlEncAES256Url);

                    Assert.Equal(innerAes.Key, decryptedAlg.Key);
                }
        }
        public void DecryptEncryptedKey_KeyInfoEncryptedKey()
        {
            XmlDocument doc = new XmlDocument();

            doc.PreserveWhitespace = true;
            string xml = "<root>  <child>sample</child>   </root>";

            doc.LoadXml(xml);

            var random  = new SecureRandom();
            var keydata = new byte[256 / 8];

            random.NextBytes(keydata);
            var param = new KeyParameter(keydata);

            keydata = new byte[128 / 8];
            random.NextBytes(keydata);
            var innerParam = new KeyParameter(keydata);

            keydata = new byte[192 / 8];
            random.NextBytes(keydata);
            var outerParam = new KeyParameter(keydata);

            EncryptedXml exml = new EncryptedXml(doc);

            exml.AddKeyNameMapping("aes", param);

            EncryptedKey ekey = new EncryptedKey();

            byte[] encKeyBytes = EncryptedXml.EncryptKey(outerParam.GetKey(), param);
            ekey.CipherData       = new CipherData(encKeyBytes);
            ekey.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);
            ekey.Id      = "Key_ID";
            ekey.KeyInfo = new KeyInfo();
            ekey.KeyInfo.AddClause(new KeyInfoName("aes"));

            KeyInfo topLevelKeyInfo = new KeyInfo();

            topLevelKeyInfo.AddClause(new KeyInfoEncryptedKey(ekey));

            EncryptedKey ekeyTopLevel = new EncryptedKey();

            byte[] encTopKeyBytes = EncryptedXml.EncryptKey(innerParam.GetKey(), outerParam);
            ekeyTopLevel.CipherData       = new CipherData(encTopKeyBytes);
            ekeyTopLevel.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);
            ekeyTopLevel.KeyInfo          = topLevelKeyInfo;

            doc.LoadXml(ekeyTopLevel.GetXml().OuterXml);

            byte[] decryptedKey = exml.DecryptEncryptedKey(ekeyTopLevel);
            Assert.Equal(innerParam.GetKey(), decryptedKey);

            EncryptedData eData = new EncryptedData();

            eData.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);
            eData.KeyInfo          = topLevelKeyInfo;
            var decryptedAlg = exml.GetDecryptionKey(eData, null);

            Assert.Equal(outerParam.GetKey(), ((KeyParameter)decryptedAlg).GetKey());
        }
예제 #5
0
 public void EncryptKey_KeyNull()
 {
     using (Aes aes = Aes.Create())
     {
         Assert.Throws <ArgumentNullException>(() => EncryptedXml.EncryptKey(null, aes));
     }
 }
예제 #6
0
        public override byte [] EncryptKey(string algorithm, byte [] keyData)
        {
            if (algorithm == null)
            {
                throw new ArgumentNullException("algorithm");
            }
            if (keyData == null)
            {
                throw new ArgumentNullException("keyData");
            }

            switch (algorithm)
            {
            case EncryptedXml.XmlEncRSA15Url:
            case EncryptedXml.XmlEncRSAOAEPUrl:
                break;

            default:
                throw new NotSupportedException(String.Format("This X509 security key does not support specified algorithm '{0}'", algorithm));
            }

            bool useOAEP =
                algorithm == EncryptedXml.XmlEncRSAOAEPUrl;

            return(EncryptedXml.EncryptKey(keyData, cert.PublicKey.Key as RSA, useOAEP));
        }
예제 #7
0
 public void EncryptKey_RSA_KeyDataNull()
 {
     using (RSA rsa = RSA.Create())
     {
         Assert.Throws <ArgumentNullException>(() => EncryptedXml.EncryptKey(null, rsa, false));
     }
 }
        public override byte[] EncryptKey(string algorithm, byte[] keyData)
        {
            // Ensure that we have an RSA algorithm object
            RSA rsa = this.PublicKey as RSA;

            if (rsa == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA)));
            }

            switch (algorithm)
            {
            case EncryptedXml.XmlEncRSA15Url:
                return(EncryptedXml.EncryptKey(keyData, rsa, false));

            case EncryptedXml.XmlEncRSAOAEPUrl:
                return(EncryptedXml.EncryptKey(keyData, rsa, true));

            default:
                if (IsSupportedAlgorithm(algorithm))
                {
                    return(EncryptedXml.EncryptKey(keyData, rsa, true));
                }

                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
            }
        }
예제 #9
0
        public static void Encrypt(Stream toEncrypt, RSA key, out KeyInfo keyInfo, out EncryptionMethod encryptionMethod, out CipherData cipherData)
        {
            using (Aes sessionKey = Aes.Create())
            {
                sessionKey.KeySize = 128;
                encryptionMethod   = new EncryptionMethod(EncryptedXml.XmlEncAES128Url);
                keyInfo            = new KeyInfo();

                EncryptedKey encKey;
                keyInfo.AddClause(
                    new KeyInfoEncryptedKey(
                        encKey = new EncryptedKey()
                {
                    CipherData       = new CipherData(EncryptedXml.EncryptKey(sessionKey.Key, key, useOAEP: true)),
                    EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSAOAEPUrl)
                }));

                encKey.KeyInfo.AddClause(new RSAKeyValue(key));

                byte[] dataToEncrypt = new byte[toEncrypt.Length];
                toEncrypt.Read(dataToEncrypt, 0, (int)toEncrypt.Length);

                var encryptedXml = new EncryptedXml();
                encryptedXml.Padding = PaddingMode.PKCS7;
                encryptedXml.Mode    = CipherMode.CBC;
                byte[] encryptedData = encryptedXml.EncryptData(dataToEncrypt, sessionKey);
                cipherData = new CipherData(encryptedData);
            }
        }
예제 #10
0
        public override byte[] EncryptKey(string algorithm, byte[] keyData)
        {
            if (algorithm == null)
            {
                throw new ArgumentNullException(nameof(algorithm));
            }

            if (keyData == null)
            {
                throw new ArgumentNullException(nameof(keyData));
            }

            bool useOAEP;

            switch (algorithm)
            {
            case EncryptedXml.XmlEncRSA15Url:
                useOAEP = false;
                break;

            case EncryptedXml.XmlEncRSAOAEPUrl:
                useOAEP = true;
                break;

            default:
                throw new NotSupportedException($"The encryption algorithm {algorithm} is not supported");
            }

            return(EncryptedXml.EncryptKey(keyData, rsa as RSA, useOAEP));
        }
예제 #11
0
        /// <summary>
        /// 加密xml文档对象
        /// </summary>
        /// <param name="Doc">xml文档</param>
        /// <param name="ElementToEncrypt">要被加密的XML元素</param>
        /// <param name="Alg">不对称加密算法</param>
        /// <param name="KeyName">指定解密需要的RSA密钥名称</param>
        private void Encrypt(XmlDocument Doc, string ElementToEncrypt, RSA Alg, string KeyName)
        {
            //xmlElement表示被加密的XML元素
            XmlElement xmlElement = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement;
            AesManaged aes        = new AesManaged();

            //指定密钥大小为256位
            aes.KeySize = 256;
            //用AES算法加密指定的元素进行加密,得到加密后的字节数组
            EncryptedXml encryptedXml = new EncryptedXml();

            byte[] encryptedElement = encryptedXml.EncryptData(xmlElement, aes, false);
            //构造一个 EncryptedData 对象,然后用加密后的XML元素的URL标识符填充它,
            //以便解密方知道XML包含一个加密元素
            EncryptedData encryptedData = new EncryptedData();

            encryptedData.Type             = EncryptedXml.XmlEncElementUrl;
            encryptedData.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);
            //ek表示加密后的<EncryptedKey>元素
            EncryptedKey ek = new EncryptedKey();

            //用RSA算法加密AES的密钥
            ek.CipherData       = new CipherData(EncryptedXml.EncryptKey(aes.Key, Alg, false));
            ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
            //指定解密需要的RSA密钥名称
            ek.KeyInfo.AddClause(new KeyInfoName(KeyName));
            //将加密后的密钥添加到EncryptedData对象中
            encryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(ek));
            //将加密后的元素添加到 EncryptedData 对象中
            encryptedData.CipherData.CipherValue = encryptedElement;
            //用EncryptedData元素替换原始XmlDocument对象中的元素
            EncryptedXml.ReplaceElement(xmlElement, encryptedData, false);
        }
예제 #12
0
        internal static void Encrypt(this XmlElement elementToEncrypt, bool useOaep, X509Certificate2 certificate)
        {
            if (certificate == null)
            {
                throw new ArgumentNullException("certificate");
            }

            var encryptedData = new EncryptedData
            {
                Type             = EncryptedXml.XmlEncElementUrl,
                EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url)
            };

            var algorithm    = useOaep ? EncryptedXml.XmlEncRSAOAEPUrl : EncryptedXml.XmlEncRSA15Url;
            var encryptedKey = new EncryptedKey
            {
                EncryptionMethod = new EncryptionMethod(algorithm),
            };

            var encryptedXml = new EncryptedXml();

            byte[] encryptedElement;
            using (var symmetricAlgorithm = new RijndaelManaged())
            {
                symmetricAlgorithm.KeySize = 256;
                encryptedKey.CipherData    = new CipherData(EncryptedXml.EncryptKey(symmetricAlgorithm.Key, (RSA)certificate.PublicKey.Key, useOaep));
                encryptedElement           = encryptedXml.EncryptData(elementToEncrypt, symmetricAlgorithm, false);
            }
            encryptedData.CipherData.CipherValue = encryptedElement;

            encryptedData.KeyInfo = new KeyInfo();
            encryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedKey));
            EncryptedXml.ReplaceElement(elementToEncrypt, encryptedData, false);
        }
예제 #13
0
        public static XmlDocument EncryptXmlDoc(XmlDocument xmlDoc, X509Certificate2 cert, XmlEncryptionAlgorithmType encryptionAlgorithm, string elementPrefix, string elementName, string wrapperElementPrefix = null, string wrapperElementName = null)
        {
            var rsa = cert.GetRSAPublicKey();

            if (rsa == null)
            {
                throw new IdentityProviderException("X509 must be RSA");
            }

            if (String.IsNullOrWhiteSpace(wrapperElementName))
            {
                wrapperElementName = elementName;
            }

            var element = xmlDoc.DocumentElement.GetSingleElementRequired(null, elementName, true);

            string encryptionAlgorithmUrl    = Algorithms.GetEncryptionAlgorithmUrl(encryptionAlgorithm);
            string encryptionKeyAlgorithmUrl = useOeap ? Algorithms.RsaOaep : Algorithms.Rsa;

            var encryptedXml       = new EncryptedXml(xmlDoc);
            var symmetricAlgorithm = Algorithms.Create(encryptionAlgorithm);

            var encryptedElementBytes = encryptedXml.EncryptData(element, symmetricAlgorithm, false);
            var encryptedKeyBytes     = EncryptedXml.EncryptKey(symmetricAlgorithm.Key, rsa, useOeap);

            var encryptedKey = new EncryptedKey
            {
                EncryptionMethod = new EncryptionMethod(encryptionKeyAlgorithmUrl),
                CipherData       = new CipherData(encryptedKeyBytes)
            };

            var encryptedDataElement = new EncryptedData
            {
                Type             = EncryptedXml.XmlEncElementUrl,
                EncryptionMethod = new EncryptionMethod(encryptionAlgorithmUrl),
                CipherData       = new CipherData(encryptedElementBytes),
                KeyInfo          = new KeyInfo()
            };

            encryptedDataElement.KeyInfo.AddClause(new KeyInfoX509Data(cert));
            encryptedDataElement.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedKey));

            EncryptedXml.ReplaceElement(element, encryptedDataElement, true);

            XmlHelper.SetPrefix("xenc", element.ChildNodes[0]);
            //XmlHelper.SetPrefix(elementPrefix, element.ChildNodes[0]);

            if (wrapperElementName != elementName)
            {
                xmlDoc.DocumentElement.RemoveChild(element);

                var newElement = xmlDoc.CreateElement(wrapperElementPrefix, wrapperElementName, element.NamespaceURI);
                xmlDoc.DocumentElement.AppendChild(newElement);

                newElement.AppendChild(element.ChildNodes[0]);
            }

            return(xmlDoc);
        }
예제 #14
0
        public void EncryptKey_AESNotDivisibleBy8()
        {
            using (Aes aes = Aes.Create())
            {
                byte[] key = Encoding.ASCII.GetBytes("1234567");

                Assert.Throws <CryptographicException>(() => EncryptedXml.EncryptKey(key, aes));
            }
        }
예제 #15
0
        public void EncryptKey_AESNotDivisibleBy8()
        {
            using (Aes aes = Aes.Create())
            {
                byte[] key = "1234567" u8.ToArray();

                Assert.Throws <CryptographicException>(() => EncryptedXml.EncryptKey(key, aes));
            }
        }
        public void EncryptKey_RSA_KeyDataNull()
        {
            var keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA");

            keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
            var pair = keyGen.GenerateKeyPair();

            Assert.Throws <ArgumentNullException>(() => EncryptedXml.EncryptKey(null, (RsaKeyParameters)pair.Public, false));
        }
예제 #17
0
        /// <summary>
        /// Generates an encrypted assertion and writes it to disk.
        /// </summary>
        public static void GenerateEncryptedAssertion()
        {
            var cert      = Certificates.InMemoryResourceUtility.GetInMemoryCertificate("sts_dev_certificate.pfx", "test1234");
            var assertion = AssertionUtil.GetTestAssertion();

            // Create an EncryptedData instance to hold the results of the encryption.o
            var encryptedData = new EncryptedData
            {
                Type             = EncryptedXml.XmlEncElementUrl,
                EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url)
            };

            // Create a symmetric key.
            var aes = new RijndaelManaged {
                KeySize = 256
            };

            aes.GenerateKey();

            // Encrypt the assertion and add it to the encryptedData instance.
            var encryptedXml     = new EncryptedXml();
            var encryptedElement = encryptedXml.EncryptData(assertion.DocumentElement, aes, false);

            encryptedData.CipherData.CipherValue = encryptedElement;

            // Add an encrypted version of the key used.
            encryptedData.KeyInfo = new KeyInfo();

            var encryptedKey = new EncryptedKey();

            // Use this certificate to encrypt the key.
            var publicKeyRsa = cert.PublicKey.Key as RSA;

            Assert.True(publicKeyRsa != null, "Public key of certificate was not an RSA key. Modify test.");
            encryptedKey.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
            encryptedKey.CipherData       = new CipherData(EncryptedXml.EncryptKey(aes.Key, publicKeyRsa, false));

            encryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedKey));

            // Create the resulting Xml-document to hook into.
            var encryptedAssertion = new EncryptedAssertion
            {
                EncryptedData = new Schema.XEnc.EncryptedData(),
                EncryptedKey  = new Schema.XEnc.EncryptedKey[1]
            };

            encryptedAssertion.EncryptedKey[0] = new Schema.XEnc.EncryptedKey();

            var result = Serialization.Serialize(encryptedAssertion);

            var encryptedDataElement = GetElement(Schema.XEnc.EncryptedData.ElementName, Saml20Constants.Xenc, result);

            EncryptedXml.ReplaceElement(encryptedDataElement, encryptedData, false);

            // At this point, result can be output to text
        }
예제 #18
0
 public void EncryptKey_RSA_UseOAEP()
 {
     byte[] data = Encoding.ASCII.GetBytes("12345678");
     using (RSA rsa = RSA.Create())
     {
         byte[] encryptedData = EncryptedXml.EncryptKey(data, rsa, true);
         byte[] decryptedData = EncryptedXml.DecryptKey(encryptedData, rsa, true);
         Assert.Equal(data, decryptedData);
     }
 }
예제 #19
0
 public void EncryptKey_RSA_UseOAEP()
 {
     byte[] data = "12345678" u8.ToArray();
     using (RSA rsa = RSA.Create())
     {
         byte[] encryptedData = EncryptedXml.EncryptKey(data, rsa, true);
         byte[] decryptedData = EncryptedXml.DecryptKey(encryptedData, rsa, true);
         Assert.Equal(data, decryptedData);
     }
 }
        public override XmlNode Encrypt(XmlNode node)
        {
            RSACryptoServiceProvider cryptoServiceProvider = this.GetCryptoServiceProvider(false, false);
            XmlDocument document = new XmlDocument {
                PreserveWhitespace = true
            };

            document.LoadXml("<foo>" + node.OuterXml + "</foo>");
            EncryptedXml       xml                = new EncryptedXml(document);
            XmlElement         documentElement    = document.DocumentElement;
            SymmetricAlgorithm symmetricAlgorithm = new TripleDESCryptoServiceProvider();

            byte[] randomKey = this.GetRandomKey();
            symmetricAlgorithm.Key     = randomKey;
            symmetricAlgorithm.Mode    = CipherMode.ECB;
            symmetricAlgorithm.Padding = PaddingMode.PKCS7;
            byte[]        buffer        = xml.EncryptData(documentElement, symmetricAlgorithm, true);
            EncryptedData encryptedData = new EncryptedData {
                Type             = "http://www.w3.org/2001/04/xmlenc#Element",
                EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#tripledes-cbc"),
                KeyInfo          = new KeyInfo()
            };
            EncryptedKey encryptedKey = new EncryptedKey {
                EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#rsa-1_5"),
                KeyInfo          = new KeyInfo(),
                CipherData       = new CipherData()
            };

            encryptedKey.CipherData.CipherValue = EncryptedXml.EncryptKey(symmetricAlgorithm.Key, cryptoServiceProvider, this.UseOAEP);
            KeyInfoName clause = new KeyInfoName {
                Value = this._KeyName
            };

            encryptedKey.KeyInfo.AddClause(clause);
            KeyInfoEncryptedKey key2 = new KeyInfoEncryptedKey(encryptedKey);

            encryptedData.KeyInfo.AddClause(key2);
            encryptedData.CipherData             = new CipherData();
            encryptedData.CipherData.CipherValue = buffer;
            EncryptedXml.ReplaceElement(documentElement, encryptedData, true);
            foreach (XmlNode node2 in document.ChildNodes)
            {
                if (node2.NodeType == XmlNodeType.Element)
                {
                    foreach (XmlNode node3 in node2.ChildNodes)
                    {
                        if (node3.NodeType == XmlNodeType.Element)
                        {
                            return(node3);
                        }
                    }
                }
            }
            return(null);
        }
예제 #21
0
        /// <summary>
        /// Creates the encrypted key.
        /// </summary>
        /// <returns>EncryptedKey.</returns>
        protected override EncryptedKey CreateEncryptedKey()
        {
            var encryptedKey = new EncryptedKey
            {
                CipherData       = new CipherData(EncryptedXml.EncryptKey(Symmetric.Key, PublicKey, false)),
                EncryptionMethod = CreateAsymmetricXmlEncryptionMethod(),
            };

            encryptedKey.KeyInfo.AddClause(new KeyInfoName(XmlConstants.SymmetricKeyInfoName));
            return(encryptedKey);
        }
 public override byte [] EncryptKey(string algorithm, byte [] keyData)
 {
     if (algorithm == null)
     {
         throw new ArgumentNullException("algorithm");
     }
     if (keyData == null)
     {
         throw new ArgumentNullException("keyData");
     }
     return(EncryptedXml.EncryptKey(keyData, GetSymmetricAlgorithm(algorithm)));
 }
예제 #23
0
        public void EncryptKey_TripleDES()
        {
            using (TripleDES tripleDES = TripleDES.Create())
            {
                byte[] key = Encoding.ASCII.GetBytes("123456781234567812345678");

                byte[] encryptedKey = EncryptedXml.EncryptKey(key, tripleDES);

                Assert.NotNull(encryptedKey);
                Assert.Equal(key, EncryptedXml.DecryptKey(encryptedKey, tripleDES));
            }
        }
        public void EncryptKey_KeyNull()
        {
            var random  = new SecureRandom();
            var ivdata  = new byte[128 / 8];
            var keydata = new byte[256 / 8];

            random.NextBytes(ivdata);
            random.NextBytes(keydata);
            var param = new ParametersWithIV(new KeyParameter(keydata), ivdata);

            Assert.Throws <ArgumentNullException>(() => EncryptedXml.EncryptKey(null, new KeyParameter(keydata)));
        }
예제 #25
0
        public void DecryptKey_AESCorruptedKey()
        {
            using (Aes aes = Aes.Create())
            {
                byte[] key = "123456781234567812345678" u8.ToArray();

                byte[] encryptedKey = EncryptedXml.EncryptKey(key, aes);
                encryptedKey[0] ^= 0xFF;

                Assert.Throws <CryptographicException>(() => EncryptedXml.DecryptKey(encryptedKey, aes));
            }
        }
예제 #26
0
        public void DecryptKey_AESCorruptedKey8Bytes()
        {
            using (Aes aes = Aes.Create())
            {
                byte[] key = Encoding.ASCII.GetBytes("12345678");

                byte[] encryptedKey = EncryptedXml.EncryptKey(key, aes);
                encryptedKey[0] ^= 0xFF;

                Assert.Throws <CryptographicException>(() => EncryptedXml.DecryptKey(encryptedKey, aes));
            }
        }
예제 #27
0
        public void DecryptKey_TripleDESCorruptedKey()
        {
            using (TripleDES tripleDES = TripleDES.Create())
            {
                byte[] key = Encoding.ASCII.GetBytes("123456781234567812345678");

                byte[] encryptedKey = EncryptedXml.EncryptKey(key, tripleDES);
                encryptedKey[0] ^= 0xFF;

                Assert.Throws <CryptographicException>(() => EncryptedXml.DecryptKey(encryptedKey, tripleDES));
            }
        }
        public void EncryptKey_RSA_UseOAEP()
        {
            byte[] data   = Encoding.ASCII.GetBytes("12345678");
            var    keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA");

            keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
            var pair = keyGen.GenerateKeyPair();

            byte[] encryptedData = EncryptedXml.EncryptKey(data, (RsaKeyParameters)pair.Public, true);
            byte[] decryptedData = EncryptedXml.DecryptKey(encryptedData, (RsaKeyParameters)pair.Private, true);
            Assert.Equal(data, decryptedData);
        }
예제 #29
0
        public void EncryptKey_AES8Bytes()
        {
            using (Aes aes = Aes.Create())
            {
                byte[] key = Encoding.ASCII.GetBytes("12345678");

                byte[] encryptedKey = EncryptedXml.EncryptKey(key, aes);

                Assert.NotNull(encryptedKey);
                Assert.Equal(key, EncryptedXml.DecryptKey(encryptedKey, aes));
            }
        }
예제 #30
0
        public void GenerateEncryptedAssertion_01()
        {
            XmlDocument assertion = AssertionUtil.GetTestAssertion_01();

            // Create an EncryptedData instance to hold the results of the encryption.o
            EncryptedData encryptedData = new EncryptedData();

            encryptedData.Type             = EncryptedXml.XmlEncElementUrl;
            encryptedData.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);

            // Create a symmetric key.
            RijndaelManaged aes = new RijndaelManaged();

            aes.KeySize = 256;
            aes.GenerateKey();

            // Encrypt the assertion and add it to the encryptedData instance.
            EncryptedXml encryptedXml = new EncryptedXml();

            byte[] encryptedElement = encryptedXml.EncryptData(assertion.DocumentElement, aes, false);
            encryptedData.CipherData.CipherValue = encryptedElement;

            // Add an encrypted version of the key used.
            encryptedData.KeyInfo = new KeyInfo();

            EncryptedKey encryptedKey = new EncryptedKey();

            // Use this certificate to encrypt the key.
            X509Certificate2 cert = new X509Certificate2(@"Saml20\Certificates\sts_dev_certificate.pfx", "test1234");
            RSA publicKeyRSA      = cert.PublicKey.Key as RSA;

            Assert.IsNotNull(publicKeyRSA, "Public key of certificate was not an RSA key. Modify test.");
            encryptedKey.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
            encryptedKey.CipherData       = new CipherData(EncryptedXml.EncryptKey(aes.Key, publicKeyRSA, false));


            encryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedKey));

            // Create the resulting Xml-document to hook into.
            EncryptedAssertion encryptedAssertion = new EncryptedAssertion();

            encryptedAssertion.encryptedData   = new saml20.Schema.XEnc.EncryptedData();
            encryptedAssertion.encryptedKey    = new saml20.Schema.XEnc.EncryptedKey[1];
            encryptedAssertion.encryptedKey[0] = new saml20.Schema.XEnc.EncryptedKey();

            XmlDocument result;

            result = Serialization.Serialize(encryptedAssertion);

            XmlElement encryptedDataElement = GetElement(dk.nita.saml20.Schema.XEnc.EncryptedData.ELEMENT_NAME, Saml20Constants.XENC, result);

            EncryptedXml.ReplaceElement(encryptedDataElement, encryptedData, false);
        }