public static void Encrypt(Stream toEncrypt, RsaKeyParameters key, out KeyInfo keyInfo, out EncryptionMethod encryptionMethod, out CipherData cipherData) { var random = new SecureRandom(); var keyData = new byte[128 / 8]; var ivData = new byte[128 / 8]; random.NextBytes(ivData); random.NextBytes(keyData); var sessionKey = new ParametersWithIV(new KeyParameter(keyData), ivData); encryptionMethod = new EncryptionMethod(NS.XmlEncAES128Url); keyInfo = new KeyInfo(); EncryptedKey encKey; keyInfo.AddClause( new KeyInfoEncryptedKey( encKey = new EncryptedKey() { CipherData = new CipherData(XmlEncryption.EncryptKey(keyData, key, useOAEP: true)), EncryptionMethod = new EncryptionMethod(NS.XmlEncRSAOAEPUrl) })); encKey.KeyInfo.AddClause(new RsaKeyValue(key)); byte[] dataToEncrypt = new byte[toEncrypt.Length]; toEncrypt.Read(dataToEncrypt, 0, (int)toEncrypt.Length); var encryptedXml = new XmlEncryption(); encryptedXml.SetPadding("PKCS7"); encryptedXml.SetMode("CBC"); byte[] encryptedData = encryptedXml.EncryptData(dataToEncrypt, sessionKey); cipherData = new CipherData(encryptedData); }
public void DecryptEncryptedKey_KeyInfoEncryptedKey() { XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; string xml = "<root> <child>sample</child> </root>"; doc.LoadXml(xml); var random = new SecureRandom(); var keydata = new byte[256 / 8]; random.NextBytes(keydata); var param = new KeyParameter(keydata); keydata = new byte[128 / 8]; random.NextBytes(keydata); var innerParam = new KeyParameter(keydata); keydata = new byte[192 / 8]; random.NextBytes(keydata); var outerParam = new KeyParameter(keydata); XmlDecryption exml = new XmlDecryption(doc); exml.AddKeyNameMapping("aes", param); EncryptedKey ekey = new EncryptedKey(); byte[] encKeyBytes = XmlEncryption.EncryptKey(outerParam.GetKey(), param); ekey.CipherData = new CipherData(encKeyBytes); ekey.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url); ekey.Id = "Key_ID"; ekey.KeyInfo = new KeyInfo(); ekey.KeyInfo.AddClause(new KeyInfoName("aes")); KeyInfo topLevelKeyInfo = new KeyInfo(); topLevelKeyInfo.AddClause(new KeyInfoEncryptedKey(ekey)); EncryptedKey ekeyTopLevel = new EncryptedKey(); byte[] encTopKeyBytes = XmlEncryption.EncryptKey(innerParam.GetKey(), outerParam); ekeyTopLevel.CipherData = new CipherData(encTopKeyBytes); ekeyTopLevel.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url); ekeyTopLevel.KeyInfo = topLevelKeyInfo; doc.LoadXml(ekeyTopLevel.GetXml().OuterXml); byte[] decryptedKey = exml.DecryptEncryptedKey(ekeyTopLevel); Assert.Equal(innerParam.GetKey(), decryptedKey); EncryptedData eData = new EncryptedData(); eData.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url); eData.KeyInfo = topLevelKeyInfo; var decryptedAlg = exml.GetDecryptionKey(eData, NS.None); Assert.Equal(outerParam.GetKey(), ((KeyParameter)decryptedAlg).GetKey()); }
public void EncryptKey_RSA_KeyDataNull() { var keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); var pair = keyGen.GenerateKeyPair(); Assert.Throws <ArgumentNullException>(() => XmlEncryption.EncryptKey(null, (RsaKeyParameters)pair.Public, false)); }
public void EncryptKey_RSA_UseOAEP() { byte[] data = Encoding.ASCII.GetBytes("12345678"); var keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); var pair = keyGen.GenerateKeyPair(); byte[] encryptedData = XmlEncryption.EncryptKey(data, (RsaKeyParameters)pair.Public, true); byte[] decryptedData = XmlDecryption.DecryptKey(encryptedData, (RsaKeyParameters)pair.Private, true); Assert.Equal(data, decryptedData); }
public void EncryptKey_KeyNull() { var random = new SecureRandom(); var ivdata = new byte[128 / 8]; var keydata = new byte[256 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); Assert.Throws <ArgumentNullException>(() => XmlEncryption.EncryptKey(null, new KeyParameter(keydata))); }
public void EncryptKey_AES() { var random = new SecureRandom(); var keydata = new byte[256 / 8]; random.NextBytes(keydata); var param = new KeyParameter(keydata); byte[] key = Encoding.ASCII.GetBytes("123456781234567812345678"); byte[] encryptedKey = XmlEncryption.EncryptKey(key, param); Assert.NotNull(encryptedKey); Assert.Equal(key, XmlDecryption.DecryptKey(encryptedKey, param)); }
public void DecryptKey_AESCorruptedKey8Bytes() { var random = new SecureRandom(); var keydata = new byte[256 / 8]; random.NextBytes(keydata); var param = new KeyParameter(keydata); byte[] key = Encoding.ASCII.GetBytes("12345678"); byte[] encryptedKey = XmlEncryption.EncryptKey(key, param); encryptedKey[0] ^= 0xFF; Assert.Throws <System.Security.Cryptography.CryptographicException>(() => XmlDecryption.DecryptKey(encryptedKey, param)); }
public void GetDecryptionKey_CarriedKeyName() { var random = new SecureRandom(); var ivdata = new byte[128 / 8]; var keydata = new byte[256 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var param = new ParametersWithIV(new KeyParameter(keydata), ivdata); keydata = new byte[128 / 8]; random.NextBytes(ivdata); random.NextBytes(keydata); var innerParam = new ParametersWithIV(new KeyParameter(keydata), ivdata); EncryptedData edata = new EncryptedData(); edata.KeyInfo = new KeyInfo(); edata.KeyInfo.AddClause(new KeyInfoName("aes")); EncryptedKey ekey = new EncryptedKey(); byte[] encKeyBytes = XmlEncryption.EncryptKey(((KeyParameter)innerParam.Parameters).GetKey(), (KeyParameter)param.Parameters); ekey.CipherData = new CipherData(encKeyBytes); ekey.EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url); ekey.CarriedKeyName = "aes"; ekey.KeyInfo = new KeyInfo(); ekey.KeyInfo.AddClause(new KeyInfoName("another_aes")); XmlDocument doc = new XmlDocument(); doc.LoadXml(ekey.GetXml().OuterXml); XmlDecryption exml = new XmlDecryption(doc); exml.AddKeyNameMapping("another_aes", param); var decryptedAlg = exml.GetDecryptionKey(edata, NS.XmlEncAES256Url); Assert.IsType <KeyParameter>(decryptedAlg); Assert.Equal(((KeyParameter)innerParam.Parameters).GetKey(), ((KeyParameter)decryptedAlg).GetKey()); }
private static void Encrypt(XmlDocument doc, string elementName, string encryptionElementID, RsaKeyParameters rsaKey, string keyName, bool useOAEP) { var elementToEncrypt = (XmlElement)doc.GetElementsByTagName(elementName)[0]; var sessionKeyData = EncryptingAndDecryptingSymmetric.GenerateBlock(256); var sessionKeyIV = EncryptingAndDecryptingSymmetric.GenerateBlock(128); var sessionKey = new ParametersWithIV(new KeyParameter(sessionKeyData), sessionKeyIV); var encryptedKey = new EncryptedKey() { CipherData = new CipherData(XmlEncryption.EncryptKey(sessionKeyData, rsaKey, useOAEP)), EncryptionMethod = new EncryptionMethod(useOAEP ? NS.XmlEncRSAOAEPUrl : NS.XmlEncRSA15Url) }; encryptedKey.AddReference(new DataReference() { Uri = "#" + encryptionElementID }); var encryptedData = new EncryptedData() { Type = XmlNameSpace.Url[NS.XmlEncElementUrl], Id = encryptionElementID, EncryptionMethod = new EncryptionMethod(NS.XmlEncAES256Url) }; encryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedKey)); encryptedKey.KeyInfo.AddClause(new KeyInfoName() { Value = keyName }); var encryptedXml = new XmlEncryption(); encryptedData.CipherData.CipherValue = encryptedXml.EncryptData(elementToEncrypt, sessionKey, false); XmlDecryption.ReplaceElement(elementToEncrypt, encryptedData, false); }
private static void Encrypt(XmlDocument doc, string elementName, string encryptionElementID, ICipherParameters key, string keyName, Func <ICipherParameters> innerKeyFactory) { var elementToEncrypt = (XmlElement)doc.GetElementsByTagName(elementName)[0]; ICipherParameters innerKey = innerKeyFactory(); var encryptedKey = new EncryptedKey() { CipherData = new CipherData(XmlEncryption.EncryptKey(((KeyParameter)((ParametersWithIV)innerKey).Parameters).GetKey(), (KeyParameter)((ParametersWithIV)key).Parameters)), EncryptionMethod = new EncryptionMethod(EncryptingAndDecryptingSymmetric.GetEncryptionMethodName(key, keyWrap: true)) }; encryptedKey.AddReference(new DataReference() { Uri = "#" + encryptionElementID }); var encryptedData = new EncryptedData() { Type = XmlNameSpace.Url[NS.XmlEncElementUrl], Id = encryptionElementID, EncryptionMethod = new EncryptionMethod(EncryptingAndDecryptingSymmetric.GetEncryptionMethodName(innerKey, keyWrap: false)) }; encryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedKey)); encryptedKey.KeyInfo.AddClause(new KeyInfoName() { Value = keyName }); var encryptedXml = new XmlEncryption(); encryptedData.CipherData.CipherValue = encryptedXml.EncryptData(elementToEncrypt, innerKey, false); XmlDecryption.ReplaceElement(elementToEncrypt, encryptedData, false); }
public void EncryptKey_RSA_RSANull() { Assert.Throws <ArgumentNullException>(() => XmlEncryption.EncryptKey(new byte[16], null, false)); }
public void EncryptKey_SymmetricAlgorithmNull() { Assert.Throws <ArgumentNullException>(() => XmlEncryption.EncryptKey(new byte[16], null)); }
public void EncryptKey_AESNotDivisibleBy8() { var random = new SecureRandom(); var keydata = new byte[256 / 8]; random.NextBytes(keydata); var param = new KeyParameter(keydata); byte[] key = Encoding.ASCII.GetBytes("1234567"); Assert.Throws <System.Security.Cryptography.CryptographicException>(() => XmlEncryption.EncryptKey(key, param)); }