private static void ProofOfConceptXmlSignedAndEncryption()
{
var collection = new X509Certificate2Collection();
collection.Import(File.ReadAllBytes("NPPAutomationClient_enc.p12"), "password", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
var x509Certificate2 = collection.Cast <X509Certificate2>()
.First(c => c.FriendlyName.Equals("NPPAutomationClient", StringComparison.InvariantCultureIgnoreCase));
var rsaKey = x509Certificate2.PrivateKey as RSACryptoServiceProvider;
var xmlEncryption = new XmlEncryption.XmlEncryption();
var xmlDoc = new XmlDocument {
PreserveWhitespace = true
};
xmlDoc.Load("test.xml");
var signedContent = xmlEncryption.Sign(xmlDoc.OuterXml, rsaKey);
var xmlSigned = new XmlDocument {
PreserveWhitespace = true
};
xmlSigned.LoadXml(signedContent);
XmlNode docNode = xmlSigned.CreateXmlDeclaration("1.0", "UTF-8", null);
xmlSigned.InsertBefore(docNode, xmlSigned.FirstChild);
xmlSigned.Save("test-signed.xml");
Console.WriteLine("XML file signed.");
var encryptedContent = xmlEncryption.Encrypt(xmlSigned.OuterXml, rsaKey);
var xmlEncrypted = new XmlDocument {
PreserveWhitespace = true
};
xmlEncrypted.LoadXml(encryptedContent);
xmlEncrypted.Save("test-encryptedAndSigned.xml");
Console.WriteLine("Encrypted XML:");
Console.WriteLine();
Console.WriteLine(xmlEncrypted.OuterXml);
var decryptedContent = xmlEncryption.Decrypt(encryptedContent, rsaKey);
var xmlDecrypted = new XmlDocument {
PreserveWhitespace = true
};
xmlDecrypted.LoadXml(decryptedContent);
xmlDecrypted.Save("test-decryptedAndSigned.xml");
Console.WriteLine();
Console.WriteLine("Decrypted XML:");
Console.WriteLine();
Console.WriteLine(xmlDoc.OuterXml);
Console.WriteLine($"The signature is {xmlEncryption.VerifyXml(signedContent, rsaKey) }");
}
private static void ProofOfConceptXmlSigned()
{
var collection = new X509Certificate2Collection();
collection.Import(File.ReadAllBytes("NPPAutomationClient_enc.p12"), "password", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
var x509Certificate2 = collection.Cast <X509Certificate2>()
.First(c => c.FriendlyName.Equals("NPPAutomationClient", StringComparison.InvariantCultureIgnoreCase));
var rsaKey = x509Certificate2.PrivateKey as RSACryptoServiceProvider;
var xmlEncryption = new XmlEncryption.XmlEncryption();
var cspParams = new CspParameters {
KeyContainerName = "XML_DSIG_RSA_KEY"
};
//This variable is use to proof that Verification works, if we try to verify with this rasKey2 var it will fail
var rsaKey2 = new RSACryptoServiceProvider(cspParams);
var xmlDoc = new XmlDocument {
PreserveWhitespace = true
};
xmlDoc.Load("test.xml");
var signedContent = xmlEncryption.Sign(xmlDoc.OuterXml, rsaKey);
var xmlSigned = new XmlDocument {
PreserveWhitespace = true
};
xmlSigned.LoadXml(signedContent);
XmlNode docNode = xmlSigned.CreateXmlDeclaration("1.0", "UTF-8", null);
xmlSigned.InsertBefore(docNode, xmlSigned.FirstChild);
Console.WriteLine("XML file signed.");
xmlSigned.Save("test-signed.xml");
Console.WriteLine($"The signature is {xmlEncryption.VerifyXml(signedContent, rsaKey)}");
}