public void DecryptEncryptedKey_KeyInfoEncryptedKey()
        {
            XmlDocument doc = new XmlDocument();

            doc.PreserveWhitespace = true;
            string xml = "<root>  <child>sample</child>   </root>";

            doc.LoadXml(xml);

            var random  = new SecureRandom();
            var keydata = new byte[256 / 8];

            random.NextBytes(keydata);
            var param = new KeyParameter(keydata);

            keydata = new byte[128 / 8];
            random.NextBytes(keydata);
            var innerParam = new KeyParameter(keydata);

            keydata = new byte[192 / 8];
            random.NextBytes(keydata);
            var outerParam = new KeyParameter(keydata);

            XmlDecryption exml = new XmlDecryption(doc);

            exml.AddKeyNameMapping("aes", param);

            EncryptedKey ekey = new EncryptedKey();

            byte[] encKeyBytes = XmlEncryption.EncryptKey(outerParam.GetKey(), param);
            ekey.CipherData       = new CipherData(encKeyBytes);
            ekey.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url);
            ekey.Id      = "Key_ID";
            ekey.KeyInfo = new KeyInfo();
            ekey.KeyInfo.AddClause(new KeyInfoName("aes"));

            KeyInfo topLevelKeyInfo = new KeyInfo();

            topLevelKeyInfo.AddClause(new KeyInfoEncryptedKey(ekey));

            EncryptedKey ekeyTopLevel = new EncryptedKey();

            byte[] encTopKeyBytes = XmlEncryption.EncryptKey(innerParam.GetKey(), outerParam);
            ekeyTopLevel.CipherData       = new CipherData(encTopKeyBytes);
            ekeyTopLevel.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url);
            ekeyTopLevel.KeyInfo          = topLevelKeyInfo;

            doc.LoadXml(ekeyTopLevel.GetXml().OuterXml);

            byte[] decryptedKey = exml.DecryptEncryptedKey(ekeyTopLevel);
            Assert.Equal(innerParam.GetKey(), decryptedKey);

            EncryptedData eData = new EncryptedData();

            eData.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url);
            eData.KeyInfo          = topLevelKeyInfo;
            var decryptedAlg = exml.GetDecryptionKey(eData, NS.None);

            Assert.Equal(outerParam.GetKey(), ((KeyParameter)decryptedAlg).GetKey());
        }
        public static void Decrypt(XmlDocument doc, RsaKeyParameters rsaKey, string keyName)
        {
            var encrypted = new XmlDecryption(doc);

            encrypted.AddKeyNameMapping(keyName, rsaKey);
            encrypted.DecryptDocument();
        }
        public void Encrypt_DecryptDocument_AES()
        {
            XmlDocument doc = new XmlDocument();

            doc.PreserveWhitespace = true;
            string xml = "<root>  <child>sample</child>   </root>";

            doc.LoadXml(xml);

            var aes     = CipherUtilities.GetCipher("AES/CBC/ZEROBYTEPADDING");
            var random  = new SecureRandom();
            var ivdata  = new byte[128 / 8];
            var keydata = new byte[256 / 8];

            random.NextBytes(ivdata);
            random.NextBytes(keydata);
            var param = new ParametersWithIV(new KeyParameter(keydata), ivdata);

            XmlEncryption exml = new XmlEncryption();

            exml.AddKeyNameMapping("aes", param);
            EncryptedData ed = exml.Encrypt(doc.DocumentElement, "aes");

            doc.LoadXml(ed.GetXml().OuterXml);
            XmlDecryption exmlDecryptor = new XmlDecryption(doc);

            exmlDecryptor.AddKeyNameMapping("aes", param);
            exmlDecryptor.DecryptDocument();

            Assert.Equal(xml, doc.OuterXml);
        }
        public void GetDecryptionKey_CarriedKeyName()
        {
            var random  = new SecureRandom();
            var ivdata  = new byte[128 / 8];
            var keydata = new byte[256 / 8];

            random.NextBytes(ivdata);
            random.NextBytes(keydata);
            var param = new ParametersWithIV(new KeyParameter(keydata), ivdata);

            keydata = new byte[128 / 8];
            random.NextBytes(ivdata);
            random.NextBytes(keydata);
            var innerParam = new ParametersWithIV(new KeyParameter(keydata), ivdata);

            EncryptedData edata = new EncryptedData();

            edata.KeyInfo = new KeyInfo();
            edata.KeyInfo.AddClause(new KeyInfoName("aes"));

            EncryptedKey ekey = new EncryptedKey();

            byte[] encKeyBytes = XmlEncryption.EncryptKey(((KeyParameter)innerParam.Parameters).GetKey(), (KeyParameter)param.Parameters);
            ekey.CipherData       = new CipherData(encKeyBytes);
            ekey.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url);
            ekey.CarriedKeyName   = "aes";
            ekey.KeyInfo          = new KeyInfo();
            ekey.KeyInfo.AddClause(new KeyInfoName("another_aes"));

            XmlDocument doc = new XmlDocument();

            doc.LoadXml(ekey.GetXml().OuterXml);

            XmlDecryption exml = new XmlDecryption(doc);

            exml.AddKeyNameMapping("another_aes", param);
            var decryptedAlg = exml.GetDecryptionKey(edata, NS.XmlEncAES256Url);

            Assert.IsType <KeyParameter>(decryptedAlg);
            Assert.Equal(((KeyParameter)innerParam.Parameters).GetKey(), ((KeyParameter)decryptedAlg).GetKey());
        }
Exemplo n.º 5
0
        private XmlDocument GetTransformedOutput(XmlDocument doc, string nodeToEncrypt)
        {
            var aes     = CipherUtilities.GetCipher("AES/CBC/PKCS7");
            var random  = new SecureRandom();
            var keyData = new byte[aes.GetBlockSize()];
            var ivData  = new byte[aes.GetBlockSize()];

            random.NextBytes(ivData);
            random.NextBytes(keyData);
            var key = new ParametersWithIV(new KeyParameter(keyData), ivData);

            var encryptedXml = new XmlEncryption();

            encryptedXml.AddKeyNameMapping("aes", key);

            XmlElement    elementToEncrypt = (XmlElement)doc.DocumentElement.SelectSingleNode(nodeToEncrypt);
            EncryptedData encryptedData    = encryptedXml.Encrypt(elementToEncrypt, "aes");

            XmlDecryption.ReplaceElement(elementToEncrypt, encryptedData, false);

            XmlNamespaceManager xmlNamespaceManager = new XmlNamespaceManager(doc.NameTable);

            xmlNamespaceManager.AddNamespace("enc", XmlNameSpace.Url[NS.XmlEncNamespaceUrl]);
            XmlElement encryptedNode = (XmlElement)doc.DocumentElement.SelectSingleNode("//enc:EncryptedData", xmlNamespaceManager);

            encryptedNode.SetAttribute("ID", "#_0");

            transform.LoadInput(doc);

            var dencryptedXml = new XmlDecryption();

            dencryptedXml.AddKeyNameMapping("aes", key);

            transform.XmlDecryption = dencryptedXml;
            XmlDocument transformedDocument = (XmlDocument)transform.GetOutput();

            transform.XmlDecryption = null;

            return(transformedDocument);
        }
        public void GetDecryptionKey_KeyInfoName()
        {
            var random  = new SecureRandom();
            var ivdata  = new byte[128 / 8];
            var keydata = new byte[256 / 8];

            random.NextBytes(ivdata);
            random.NextBytes(keydata);
            var param = new ParametersWithIV(new KeyParameter(keydata), ivdata);

            EncryptedData edata = new EncryptedData();

            edata.KeyInfo = new KeyInfo();
            edata.KeyInfo.AddClause(new KeyInfoName("aes"));

            XmlDecryption exml = new XmlDecryption();

            exml.AddKeyNameMapping("aes", param);
            var decryptedAlg = exml.GetDecryptionKey(edata, NS.None);

            Assert.IsType <ParametersWithIV>(decryptedAlg);
            Assert.Equal(((KeyParameter)param.Parameters).GetKey(), ((KeyParameter)((ParametersWithIV)decryptedAlg).Parameters).GetKey());
        }
        public void PropagatedNamespaces_XmlDecryptionTransform(bool addPropagatedNamespace, string expectedResult)
        {
            XmlDocument baseDocument = new XmlDocument();

            baseDocument.LoadXml("<a><b><c xmlns=\"urn:foo\"/></b></a>");

            var aes     = CipherUtilities.GetCipher("AES/CBC/PKCS7");
            var random  = new SecureRandom();
            var keyData = new byte[aes.GetBlockSize()];
            var ivData  = new byte[aes.GetBlockSize()];

            random.NextBytes(ivData);
            random.NextBytes(keyData);
            var key = new ParametersWithIV(new KeyParameter(keyData), ivData);

            XmlEncryption encryptedXml = new XmlEncryption(baseDocument);
            XmlDecryption decryptedXml = new XmlDecryption(baseDocument);

            encryptedXml.AddKeyNameMapping("key", key);
            decryptedXml.AddKeyNameMapping("key", key);
            XmlElement    bElement      = (XmlElement)baseDocument.DocumentElement.SelectSingleNode("b");
            EncryptedData encryptedData = encryptedXml.Encrypt(bElement, "key");

            XmlDecryption.ReplaceElement(bElement, encryptedData, false);

            XmlDecryptionTransform decryptionTransform = new XmlDecryptionTransform();

            decryptionTransform.XmlDecryption = decryptedXml;
            decryptionTransform.LoadInput(baseDocument);
            if (addPropagatedNamespace)
            {
                decryptionTransform.PropagatedNamespaces.Add("f", "urn:foo");
            }
            XmlDocument decryptedDocument = (XmlDocument)decryptionTransform.GetOutput(typeof(XmlDocument));

            Assert.Equal(expectedResult, decryptedDocument.OuterXml);
        }