Exemplo n.º 1
0
        public EncryptedData Encrypt(XmlElement inputElement, X509Certificate2 certificate)
        {
            if (inputElement == null)
            {
                throw new ArgumentNullException("inputElement");
            }
            if (certificate == null)
            {
                throw new ArgumentNullException("certificate");
            }
            if (System.Security.Cryptography.X509Certificates.X509Utils.OidToAlgId(certificate.PublicKey.Oid.Value) != 0xa400)
            {
                throw new NotSupportedException(SecurityResources.GetResourceString("NotSupported_KeyAlgorithm"));
            }
            EncryptedData data = new EncryptedData {
                Type             = "http://www.w3.org/2001/04/xmlenc#Element",
                EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#aes256-cbc")
            };
            EncryptedKey encryptedKey = new EncryptedKey {
                EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#rsa-1_5")
            };

            encryptedKey.KeyInfo.AddClause(new KeyInfoX509Data(certificate));
            RijndaelManaged symmetricAlgorithm = new RijndaelManaged();

            encryptedKey.CipherData.CipherValue = EncryptKey(symmetricAlgorithm.Key, certificate.PublicKey.Key as RSA, false);
            KeyInfoEncryptedKey clause = new KeyInfoEncryptedKey(encryptedKey);

            data.KeyInfo.AddClause(clause);
            data.CipherData.CipherValue = this.EncryptData(inputElement, symmetricAlgorithm, false);
            return(data);
        }
        public override XmlNode Encrypt(XmlNode node)
        {
            XmlDocument         xmlDocument;
            EncryptedXml        exml;
            byte[]              rgbOutput;
            EncryptedData       ed;
            KeyInfoName         kin;
            SymmetricAlgorithm  symAlg;
            EncryptedKey        ek;
            KeyInfoEncryptedKey kek;
            XmlElement          inputElement;
            RSACryptoServiceProvider rsa = GetCryptoServiceProvider(false, false);


            // Encrypt the node with the new key
            xmlDocument = new XmlDocument();
            xmlDocument.PreserveWhitespace = true;
            xmlDocument.LoadXml("<foo>"+ node.OuterXml+ "</foo>");
            exml = new EncryptedXml(xmlDocument);
            inputElement = xmlDocument.DocumentElement;

            // Create a new 3DES key
            symAlg = new TripleDESCryptoServiceProvider();
            byte[] rgbKey1 = GetRandomKey();
            symAlg.Key = rgbKey1;
            symAlg.Mode = CipherMode.ECB;
            symAlg.Padding = PaddingMode.PKCS7;
            rgbOutput = exml.EncryptData(inputElement, symAlg, true);
            ed = new EncryptedData();
            ed.Type = EncryptedXml.XmlEncElementUrl;
            ed.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncTripleDESUrl);
            ed.KeyInfo = new KeyInfo();

            ek = new EncryptedKey();
            ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
            ek.KeyInfo = new KeyInfo();
            ek.CipherData = new CipherData();
            ek.CipherData.CipherValue = EncryptedXml.EncryptKey(symAlg.Key, rsa, UseOAEP);
            kin = new KeyInfoName();
            kin.Value = _KeyName;
            ek.KeyInfo.AddClause(kin);
            kek = new KeyInfoEncryptedKey(ek);
            ed.KeyInfo.AddClause(kek);
            ed.CipherData = new CipherData();
            ed.CipherData.CipherValue = rgbOutput;
            EncryptedXml.ReplaceElement(inputElement, ed, true);
                // Get node from the document
            foreach (XmlNode node2 in xmlDocument.ChildNodes)
                if (node2.NodeType == XmlNodeType.Element)
                    foreach (XmlNode node3 in node2.ChildNodes) // node2 is the "foo" node
                        if (node3.NodeType == XmlNodeType.Element)
                            return node3; // node3 is the "EncryptedData" node
                return null;

        }
 public override XmlNode Encrypt(XmlNode node)
 {
     RSACryptoServiceProvider cryptoServiceProvider = this.GetCryptoServiceProvider(false, false);
     XmlDocument document = new XmlDocument {
         PreserveWhitespace = true
     };
     document.LoadXml("<foo>" + node.OuterXml + "</foo>");
     EncryptedXml xml = new EncryptedXml(document);
     XmlElement documentElement = document.DocumentElement;
     SymmetricAlgorithm symmetricAlgorithm = new TripleDESCryptoServiceProvider();
     byte[] randomKey = this.GetRandomKey();
     symmetricAlgorithm.Key = randomKey;
     symmetricAlgorithm.Mode = CipherMode.ECB;
     symmetricAlgorithm.Padding = PaddingMode.PKCS7;
     byte[] buffer = xml.EncryptData(documentElement, symmetricAlgorithm, true);
     EncryptedData encryptedData = new EncryptedData {
         Type = "http://www.w3.org/2001/04/xmlenc#Element",
         EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#tripledes-cbc"),
         KeyInfo = new KeyInfo()
     };
     EncryptedKey encryptedKey = new EncryptedKey {
         EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#rsa-1_5"),
         KeyInfo = new KeyInfo(),
         CipherData = new CipherData()
     };
     encryptedKey.CipherData.CipherValue = EncryptedXml.EncryptKey(symmetricAlgorithm.Key, cryptoServiceProvider, this.UseOAEP);
     KeyInfoName clause = new KeyInfoName {
         Value = this._KeyName
     };
     encryptedKey.KeyInfo.AddClause(clause);
     KeyInfoEncryptedKey key2 = new KeyInfoEncryptedKey(encryptedKey);
     encryptedData.KeyInfo.AddClause(key2);
     encryptedData.CipherData = new CipherData();
     encryptedData.CipherData.CipherValue = buffer;
     EncryptedXml.ReplaceElement(documentElement, encryptedData, true);
     foreach (XmlNode node2 in document.ChildNodes)
     {
         if (node2.NodeType == XmlNodeType.Element)
         {
             foreach (XmlNode node3 in node2.ChildNodes)
             {
                 if (node3.NodeType == XmlNodeType.Element)
                 {
                     return node3;
                 }
             }
         }
     }
     return null;
 }
Exemplo n.º 4
0
        // Encrypts the given element with the certificate specified. The certificate is added as
        // an X509Data KeyInfo to an EncryptedKey (AES session key) generated randomly.
        public EncryptedData Encrypt(XmlElement inputElement, X509Certificate2 certificate)
        {
            if (inputElement == null)
            {
                throw new ArgumentNullException(nameof(inputElement));
            }
            if (certificate == null)
            {
                throw new ArgumentNullException(nameof(certificate));
            }

            using (RSA rsaPublicKey = certificate.GetRSAPublicKey())
            {
                if (rsaPublicKey == null)
                {
                    throw new NotSupportedException(SR.NotSupported_KeyAlgorithm);
                }

                // Create the EncryptedData object, using an AES-256 session key by default.
                EncryptedData ed = new EncryptedData();
                ed.Type             = EncryptedXml.XmlEncElementUrl;
                ed.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);

                // Include the certificate in the EncryptedKey KeyInfo.
                EncryptedKey ek = new EncryptedKey();
                ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
                ek.KeyInfo.AddClause(new KeyInfoX509Data(certificate));

                // Create a random AES session key and encrypt it with the public key associated with the certificate.
                using (Aes aes = Aes.Create())
                {
                    ek.CipherData.CipherValue = EncryptedXml.EncryptKey(aes.Key, rsaPublicKey, false);

                    // Encrypt the input element with the random session key that we've created above.
                    KeyInfoEncryptedKey kek = new KeyInfoEncryptedKey(ek);
                    ed.KeyInfo.AddClause(kek);
                    ed.CipherData.CipherValue = EncryptData(inputElement, aes, false);
                }

                return(ed);
            }
        }
        // Encrypts the given element with the certificate specified. The certificate is added as
        // an X509Data KeyInfo to an EncryptedKey (AES session key) generated randomly.
        public EncryptedData Encrypt(XmlElement inputElement, X509Certificate2 certificate)
        {
            if (inputElement == null)
            {
                throw new ArgumentNullException("inputElement");
            }
            if (certificate == null)
            {
                throw new ArgumentNullException("certificate");
            }

            if (X509Utils.OidToAlgId(certificate.PublicKey.Oid.Value) != CAPI.CALG_RSA_KEYX)
            {
                throw new NotSupportedException(SecurityResources.GetResourceString("NotSupported_KeyAlgorithm"));
            }

            // Create the EncryptedData object, using an AES-256 session key by default.
            EncryptedData ed = new EncryptedData();

            ed.Type             = EncryptedXml.XmlEncElementUrl;
            ed.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);

            // Include the certificate in the EncryptedKey KeyInfo.
            EncryptedKey ek = new EncryptedKey();

            ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
            ek.KeyInfo.AddClause(new KeyInfoX509Data(certificate));

            // Create a random AES session key and encrypt it with the public key associated with the certificate.
            RijndaelManaged rijn = new RijndaelManaged();

            ek.CipherData.CipherValue = EncryptedXml.EncryptKey(rijn.Key, certificate.PublicKey.Key as RSA, false);

            // Encrypt the input element with the random session key that we've created above.
            KeyInfoEncryptedKey kek = new KeyInfoEncryptedKey(ek);

            ed.KeyInfo.AddClause(kek);
            ed.CipherData.CipherValue = EncryptData(inputElement, rijn, false);

            return(ed);
        }
Exemplo n.º 6
0
        // Encrypts the given element with the key name specified. A corresponding key name mapping
        // has to be defined before calling this method. The key name is added as
        // a KeyNameInfo KeyInfo to an EncryptedKey (AES session key) generated randomly.
        public EncryptedData Encrypt(XmlElement inputElement, string keyName)
        {
            if (inputElement == null)
            {
                throw new ArgumentNullException("inputElement");
            }
            if (keyName == null)
            {
                throw new ArgumentNullException("keyName");
            }

            Object encryptionKey = null;

            if (m_keyNameMapping != null)
            {
                encryptionKey = m_keyNameMapping[keyName];
            }

            if (encryptionKey == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_MissingEncryptionKey"));
            }

            // kek is either a SymmetricAlgorithm or an RSA key, otherwise, we wouldn't be able to insert it in the hash table
            SymmetricAlgorithm symKey = encryptionKey as SymmetricAlgorithm;
            RSA rsa = encryptionKey as RSA;

            // Create the EncryptedData object, using an AES-256 session key by default.
            EncryptedData ed = new EncryptedData();

            ed.Type             = EncryptedXml.XmlEncElementUrl;
            ed.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);

            // Include the key name in the EncryptedKey KeyInfo.
            string encryptionMethod = null;

            if (symKey == null)
            {
                encryptionMethod = EncryptedXml.XmlEncRSA15Url;
            }
            else if (symKey is TripleDES)
            {
                // CMS Triple DES Key Wrap
                encryptionMethod = EncryptedXml.XmlEncTripleDESKeyWrapUrl;
            }
            else if (symKey is Rijndael || symKey is Aes)
            {
                // FIPS AES Key Wrap
                switch (symKey.KeySize)
                {
                case 128:
                    encryptionMethod = EncryptedXml.XmlEncAES128KeyWrapUrl;
                    break;

                case 192:
                    encryptionMethod = EncryptedXml.XmlEncAES192KeyWrapUrl;
                    break;

                case 256:
                    encryptionMethod = EncryptedXml.XmlEncAES256KeyWrapUrl;
                    break;
                }
            }
            else
            {
                // throw an exception if the transform is not in the previous categories
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_NotSupportedCryptographicTransform"));
            }
            EncryptedKey ek = new EncryptedKey();

            ek.EncryptionMethod = new EncryptionMethod(encryptionMethod);
            ek.KeyInfo.AddClause(new KeyInfoName(keyName));

            // Create a random AES session key and encrypt it with the public key associated with the certificate.
            using (Aes aes = Aes.Create()) {
                ek.CipherData.CipherValue = symKey == null?
                                            EncryptedXml.EncryptKey(aes.Key, rsa, false) :
                                                EncryptedXml.EncryptKey(aes.Key, symKey);

                // Encrypt the input element with the random session key that we've created above.
                KeyInfoEncryptedKey kek = new KeyInfoEncryptedKey(ek);
                ed.KeyInfo.AddClause(kek);
                ed.CipherData.CipherValue = EncryptData(inputElement, aes, false);
            }

            return(ed);
        }
Exemplo n.º 7
0
        // Encrypts the given element with the key name specified. A corresponding key name mapping 
        // has to be defined before calling this method. The key name is added as
        // a KeyNameInfo KeyInfo to an EncryptedKey (AES session key) generated randomly.
        public EncryptedData Encrypt (XmlElement inputElement, string keyName) {
            if (inputElement == null)
                throw new ArgumentNullException("inputElement");
            if (keyName == null)
                throw new ArgumentNullException("keyName");

            Object encryptionKey = null;
            if (m_keyNameMapping != null)
                encryptionKey = m_keyNameMapping[keyName];

            if (encryptionKey == null)
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_MissingEncryptionKey"));

            // kek is either a SymmetricAlgorithm or an RSA key, otherwise, we wouldn't be able to insert it in the hash table
            SymmetricAlgorithm symKey = encryptionKey as SymmetricAlgorithm;
            RSA rsa = encryptionKey as RSA;

            // Create the EncryptedData object, using an AES-256 session key by default.
            EncryptedData ed = new EncryptedData();
            ed.Type = EncryptedXml.XmlEncElementUrl;
            ed.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);

            // Include the key name in the EncryptedKey KeyInfo.
            string encryptionMethod = null;
            if (symKey == null) {
                encryptionMethod = EncryptedXml.XmlEncRSA15Url;
            } else if (symKey is TripleDES) {
                // CMS Triple DES Key Wrap
                encryptionMethod = EncryptedXml.XmlEncTripleDESKeyWrapUrl;
            } else if (symKey is Rijndael || symKey is Aes) {
                // FIPS AES Key Wrap
                switch (symKey.KeySize) {
                case 128:
                    encryptionMethod = EncryptedXml.XmlEncAES128KeyWrapUrl;
                    break;
                case 192:
                    encryptionMethod = EncryptedXml.XmlEncAES192KeyWrapUrl;
                    break;
                case 256:
                    encryptionMethod = EncryptedXml.XmlEncAES256KeyWrapUrl;
                    break;
                }
            } else {
                // throw an exception if the transform is not in the previous categories
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_NotSupportedCryptographicTransform"));
            }
            EncryptedKey ek = new EncryptedKey();
            ek.EncryptionMethod = new EncryptionMethod(encryptionMethod);
            ek.KeyInfo.AddClause(new KeyInfoName(keyName));

            // Create a random AES session key and encrypt it with the public key associated with the certificate.
            RijndaelManaged rijn = new RijndaelManaged();
            ek.CipherData.CipherValue = (symKey == null ? EncryptedXml.EncryptKey(rijn.Key, rsa, false) : EncryptedXml.EncryptKey(rijn.Key, symKey));

            // Encrypt the input element with the random session key that we've created above.
            KeyInfoEncryptedKey kek = new KeyInfoEncryptedKey(ek);
            ed.KeyInfo.AddClause(kek);
            ed.CipherData.CipherValue = EncryptData(inputElement, rijn, false);

            return ed;
        }
Exemplo n.º 8
0
        // Encrypts the given element with the certificate specified. The certificate is added as
        // an X509Data KeyInfo to an EncryptedKey (AES session key) generated randomly.
        public EncryptedData Encrypt (XmlElement inputElement, X509Certificate2 certificate) {
            if (inputElement == null)
                throw new ArgumentNullException("inputElement");
            if (certificate == null)
                throw new ArgumentNullException("certificate");

            if (X509Utils.OidToAlgId(certificate.PublicKey.Oid.Value) != CAPI.CALG_RSA_KEYX)
                throw new NotSupportedException(SecurityResources.GetResourceString("NotSupported_KeyAlgorithm"));

            // Create the EncryptedData object, using an AES-256 session key by default.
            EncryptedData ed = new EncryptedData();
            ed.Type = EncryptedXml.XmlEncElementUrl;
            ed.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);

            // Include the certificate in the EncryptedKey KeyInfo.
            EncryptedKey ek = new EncryptedKey();
            ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
            ek.KeyInfo.AddClause(new KeyInfoX509Data(certificate));

            // Create a random AES session key and encrypt it with the public key associated with the certificate.
            RijndaelManaged rijn = new RijndaelManaged();
            ek.CipherData.CipherValue = EncryptedXml.EncryptKey(rijn.Key, certificate.PublicKey.Key as RSA, false);

            // Encrypt the input element with the random session key that we've created above.
            KeyInfoEncryptedKey kek = new KeyInfoEncryptedKey(ek);
            ed.KeyInfo.AddClause(kek);
            ed.CipherData.CipherValue = EncryptData(inputElement, rijn, false);

            return ed;
        }
Exemplo n.º 9
0
        public virtual SymmetricAlgorithm GetDecryptionKey(EncryptedData encryptedData, string symmetricAlgorithmUri)
        {
            if (encryptedData == null)
            {
                throw new ArgumentNullException("encryptedData");
            }
            if (encryptedData.KeyInfo == null)
            {
                return(null);
            }
            IEnumerator  enumerator   = encryptedData.KeyInfo.GetEnumerator();
            EncryptedKey encryptedKey = null;

            while (enumerator.MoveNext())
            {
                KeyInfoName current = enumerator.Current as KeyInfoName;
                if (current != null)
                {
                    string str = current.Value;
                    if (((SymmetricAlgorithm)this.m_keyNameMapping[str]) != null)
                    {
                        return((SymmetricAlgorithm)this.m_keyNameMapping[str]);
                    }
                    XmlNamespaceManager nsmgr = new XmlNamespaceManager(this.m_document.NameTable);
                    nsmgr.AddNamespace("enc", "http://www.w3.org/2001/04/xmlenc#");
                    XmlNodeList list = this.m_document.SelectNodes("//enc:EncryptedKey", nsmgr);
                    if (list != null)
                    {
                        foreach (XmlNode node in list)
                        {
                            XmlElement   element = node as XmlElement;
                            EncryptedKey key3    = new EncryptedKey();
                            key3.LoadXml(element);
                            if ((key3.CarriedKeyName == str) && (key3.Recipient == this.Recipient))
                            {
                                encryptedKey = key3;
                                break;
                            }
                        }
                    }
                    break;
                }
                KeyInfoRetrievalMethod method = enumerator.Current as KeyInfoRetrievalMethod;
                if (method != null)
                {
                    string idValue = System.Security.Cryptography.Xml.Utils.ExtractIdFromLocalUri(method.Uri);
                    encryptedKey = new EncryptedKey();
                    encryptedKey.LoadXml(this.GetIdElement(this.m_document, idValue));
                    break;
                }
                KeyInfoEncryptedKey key = enumerator.Current as KeyInfoEncryptedKey;
                if (key != null)
                {
                    encryptedKey = key.EncryptedKey;
                    break;
                }
            }
            if (encryptedKey == null)
            {
                return(null);
            }
            if (symmetricAlgorithmUri == null)
            {
                if (encryptedData.EncryptionMethod == null)
                {
                    throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_MissingAlgorithm"));
                }
                symmetricAlgorithmUri = encryptedData.EncryptionMethod.KeyAlgorithm;
            }
            byte[] buffer = this.DecryptEncryptedKey(encryptedKey);
            if (buffer == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_MissingDecryptionKey"));
            }
            SymmetricAlgorithm algorithm = (SymmetricAlgorithm)CryptoConfig.CreateFromName(symmetricAlgorithmUri);

            algorithm.Key = buffer;
            return(algorithm);
        }
Exemplo n.º 10
0
        public EncryptedData Encrypt(XmlElement inputElement, string keyName)
        {
            if (inputElement == null)
            {
                throw new ArgumentNullException("inputElement");
            }
            if (keyName == null)
            {
                throw new ArgumentNullException("keyName");
            }
            object obj2 = null;

            if (this.m_keyNameMapping != null)
            {
                obj2 = this.m_keyNameMapping[keyName];
            }
            if (obj2 == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_MissingEncryptionKey"));
            }
            SymmetricAlgorithm symmetricAlgorithm = obj2 as SymmetricAlgorithm;
            RSA           rsa  = obj2 as RSA;
            EncryptedData data = new EncryptedData {
                Type             = "http://www.w3.org/2001/04/xmlenc#Element",
                EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#aes256-cbc")
            };
            string algorithm = null;

            if (symmetricAlgorithm == null)
            {
                algorithm = "http://www.w3.org/2001/04/xmlenc#rsa-1_5";
            }
            else if (symmetricAlgorithm is TripleDES)
            {
                algorithm = "http://www.w3.org/2001/04/xmlenc#kw-tripledes";
            }
            else
            {
                if (!(symmetricAlgorithm is Rijndael) && !(symmetricAlgorithm is Aes))
                {
                    throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_NotSupportedCryptographicTransform"));
                }
                switch (symmetricAlgorithm.KeySize)
                {
                case 0x80:
                    algorithm = "http://www.w3.org/2001/04/xmlenc#kw-aes128";
                    break;

                case 0xc0:
                    algorithm = "http://www.w3.org/2001/04/xmlenc#kw-aes192";
                    break;

                case 0x100:
                    algorithm = "http://www.w3.org/2001/04/xmlenc#kw-aes256";
                    break;
                }
            }
            EncryptedKey encryptedKey = new EncryptedKey {
                EncryptionMethod = new EncryptionMethod(algorithm)
            };

            encryptedKey.KeyInfo.AddClause(new KeyInfoName(keyName));
            RijndaelManaged managed = new RijndaelManaged();

            encryptedKey.CipherData.CipherValue = (symmetricAlgorithm == null) ? EncryptKey(managed.Key, rsa, false) : EncryptKey(managed.Key, symmetricAlgorithm);
            KeyInfoEncryptedKey clause = new KeyInfoEncryptedKey(encryptedKey);

            data.KeyInfo.AddClause(clause);
            data.CipherData.CipherValue = this.EncryptData(inputElement, managed, false);
            return(data);
        }
Exemplo n.º 11
0
 public virtual byte[] DecryptEncryptedKey(EncryptedKey encryptedKey)
 {
     if (encryptedKey == null)
     {
         throw new ArgumentNullException("encryptedKey");
     }
     if (encryptedKey.KeyInfo != null)
     {
         IEnumerator  enumerator = encryptedKey.KeyInfo.GetEnumerator();
         EncryptedKey key2       = null;
         bool         useOAEP    = false;
         while (enumerator.MoveNext())
         {
             KeyInfoName current = enumerator.Current as KeyInfoName;
             if (current != null)
             {
                 string str  = current.Value;
                 object obj2 = this.m_keyNameMapping[str];
                 if (obj2 != null)
                 {
                     if (obj2 is SymmetricAlgorithm)
                     {
                         return(DecryptKey(encryptedKey.CipherData.CipherValue, (SymmetricAlgorithm)obj2));
                     }
                     useOAEP = (encryptedKey.EncryptionMethod != null) && (encryptedKey.EncryptionMethod.KeyAlgorithm == "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
                     return(DecryptKey(encryptedKey.CipherData.CipherValue, (RSA)obj2, useOAEP));
                 }
                 break;
             }
             KeyInfoX509Data data = enumerator.Current as KeyInfoX509Data;
             if (data != null)
             {
                 X509Certificate2Enumerator enumerator2 = System.Security.Cryptography.Xml.Utils.BuildBagOfCerts(data, CertUsageType.Decryption).GetEnumerator();
                 while (enumerator2.MoveNext())
                 {
                     RSA privateKey = enumerator2.Current.PrivateKey as RSA;
                     if (privateKey != null)
                     {
                         useOAEP = (encryptedKey.EncryptionMethod != null) && (encryptedKey.EncryptionMethod.KeyAlgorithm == "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
                         return(DecryptKey(encryptedKey.CipherData.CipherValue, privateKey, useOAEP));
                     }
                 }
                 break;
             }
             KeyInfoRetrievalMethod method = enumerator.Current as KeyInfoRetrievalMethod;
             if (method != null)
             {
                 string idValue = System.Security.Cryptography.Xml.Utils.ExtractIdFromLocalUri(method.Uri);
                 key2 = new EncryptedKey();
                 key2.LoadXml(this.GetIdElement(this.m_document, idValue));
                 return(this.DecryptEncryptedKey(key2));
             }
             KeyInfoEncryptedKey key = enumerator.Current as KeyInfoEncryptedKey;
             if (key != null)
             {
                 key2 = key.EncryptedKey;
                 byte[] buffer = this.DecryptEncryptedKey(key2);
                 if (buffer != null)
                 {
                     SymmetricAlgorithm symmetricAlgorithm = (SymmetricAlgorithm)CryptoConfig.CreateFromName(encryptedKey.EncryptionMethod.KeyAlgorithm);
                     symmetricAlgorithm.Key = buffer;
                     return(DecryptKey(encryptedKey.CipherData.CipherValue, symmetricAlgorithm));
                 }
             }
         }
     }
     return(null);
 }
        public EncryptedData Encrypt(XmlElement inputElement, string keyName)
        {
            if (inputElement == null)
            {
                throw new ArgumentNullException("inputElement");
            }
            if (keyName == null)
            {
                throw new ArgumentNullException("keyName");
            }
            object obj2 = null;
            if (this.m_keyNameMapping != null)
            {
                obj2 = this.m_keyNameMapping[keyName];
            }
            if (obj2 == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_MissingEncryptionKey"));
            }
            SymmetricAlgorithm symmetricAlgorithm = obj2 as SymmetricAlgorithm;
            RSA rsa = obj2 as RSA;
            EncryptedData data = new EncryptedData {
                Type = "http://www.w3.org/2001/04/xmlenc#Element",
                EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#aes256-cbc")
            };
            string algorithm = null;
            if (symmetricAlgorithm == null)
            {
                algorithm = "http://www.w3.org/2001/04/xmlenc#rsa-1_5";
            }
            else if (symmetricAlgorithm is TripleDES)
            {
                algorithm = "http://www.w3.org/2001/04/xmlenc#kw-tripledes";
            }
            else
            {
                if (!(symmetricAlgorithm is Rijndael) && !(symmetricAlgorithm is Aes))
                {
                    throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_NotSupportedCryptographicTransform"));
                }
                switch (symmetricAlgorithm.KeySize)
                {
                    case 0x80:
                        algorithm = "http://www.w3.org/2001/04/xmlenc#kw-aes128";
                        break;

                    case 0xc0:
                        algorithm = "http://www.w3.org/2001/04/xmlenc#kw-aes192";
                        break;

                    case 0x100:
                        algorithm = "http://www.w3.org/2001/04/xmlenc#kw-aes256";
                        break;
                }
            }
            EncryptedKey encryptedKey = new EncryptedKey {
                EncryptionMethod = new EncryptionMethod(algorithm)
            };
            encryptedKey.KeyInfo.AddClause(new KeyInfoName(keyName));
            RijndaelManaged managed = new RijndaelManaged();
            encryptedKey.CipherData.CipherValue = (symmetricAlgorithm == null) ? EncryptKey(managed.Key, rsa, false) : EncryptKey(managed.Key, symmetricAlgorithm);
            KeyInfoEncryptedKey clause = new KeyInfoEncryptedKey(encryptedKey);
            data.KeyInfo.AddClause(clause);
            data.CipherData.CipherValue = this.EncryptData(inputElement, managed, false);
            return data;
        }
 public EncryptedData Encrypt(XmlElement inputElement, X509Certificate2 certificate)
 {
     if (inputElement == null)
     {
         throw new ArgumentNullException("inputElement");
     }
     if (certificate == null)
     {
         throw new ArgumentNullException("certificate");
     }
     if (System.Security.Cryptography.X509Certificates.X509Utils.OidToAlgId(certificate.PublicKey.Oid.Value) != 0xa400)
     {
         throw new NotSupportedException(SecurityResources.GetResourceString("NotSupported_KeyAlgorithm"));
     }
     EncryptedData data = new EncryptedData {
         Type = "http://www.w3.org/2001/04/xmlenc#Element",
         EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#aes256-cbc")
     };
     EncryptedKey encryptedKey = new EncryptedKey {
         EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#rsa-1_5")
     };
     encryptedKey.KeyInfo.AddClause(new KeyInfoX509Data(certificate));
     RijndaelManaged symmetricAlgorithm = new RijndaelManaged();
     encryptedKey.CipherData.CipherValue = EncryptKey(symmetricAlgorithm.Key, certificate.PublicKey.Key as RSA, false);
     KeyInfoEncryptedKey clause = new KeyInfoEncryptedKey(encryptedKey);
     data.KeyInfo.AddClause(clause);
     data.CipherData.CipherValue = this.EncryptData(inputElement, symmetricAlgorithm, false);
     return data;
 }