Export (0) Print
Expand All

KeyInfoEncryptedKey Class

Wraps the EncryptedKey class, it to be placed as a subelement of the KeyInfo class.

System.Object
  System.Security.Cryptography.Xml.KeyInfoClause
    System.Security.Cryptography.Xml.KeyInfoEncryptedKey

Namespace:  System.Security.Cryptography.Xml
Assembly:  System.Security (in System.Security.dll)

[HostProtectionAttribute(SecurityAction.LinkDemand, MayLeakOnAbort = true)]
public class KeyInfoEncryptedKey : KeyInfoClause

The KeyInfoEncryptedKey type exposes the following members.

  NameDescription
Public methodKeyInfoEncryptedKey()Initializes a new instance of the KeyInfoEncryptedKey class.
Public methodKeyInfoEncryptedKey(EncryptedKey)Initializes a new instance of the KeyInfoEncryptedKey class using an EncryptedKey object.
Top

  NameDescription
Public propertyEncryptedKeyGets or sets an EncryptedKey object that encapsulates an encrypted key.
Top

  NameDescription
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodGetXmlReturns an XML representation of a KeyInfoEncryptedKey object. (Overrides KeyInfoClause.GetXml().)
Public methodLoadXmlParses the input XmlElement object and configures the internal state of the KeyInfoEncryptedKey object to match. (Overrides KeyInfoClause.LoadXml(XmlElement).)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Top

The KeyInfoEncryptedKey class wraps the EncryptedKey class, which allows you to add the EncryptedKey class as a subelement of the KeyInfo class. Initialize the KeyInfoEncryptedKey class to an instance of the EncryptedKey class when you need to add an encrypted session key to your encrypted XML document.

NoteNote

The HostProtectionAttribute attribute applied to this type or member has the following Resources property value: MayLeakOnAbort. The HostProtectionAttribute does not affect desktop applications (which are typically started by double-clicking an icon, typing a command, or entering a URL in a browser). For more information, see the HostProtectionAttribute class or SQL Server Programming and Host Protection Attributes.

The following code example demonstrates how to encrypt an XML document using an asymmetric key. This example creates a symmetric session key to encrypt the document and then uses the asymmetric key to embed an encrypted version of the session key into the XML document.

using System;
using System.Xml;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;

class Program
{
    static void Main(string[] args)
    {

        // Create an XmlDocument object.
        XmlDocument xmlDoc = new XmlDocument();

        // Load an XML file into the XmlDocument object. 
        try
        {
            xmlDoc.PreserveWhitespace = true;
            xmlDoc.Load("test.xml");
        }
        catch (Exception e)
        {
            Console.WriteLine(e.Message);
            return;
        }

        // Create a new RSA key.  This key will encrypt a symmetric key, 
        // which will then be imbedded in the XML document.  
        RSA rsaKey = new RSACryptoServiceProvider();


        try
        {
            // Encrypt the "creditcard" element.
            Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey");

            // Display the encrypted XML to the console.
            Console.WriteLine("Encrypted XML:");
            Console.WriteLine();
            Console.WriteLine(xmlDoc.OuterXml);
            xmlDoc.Save("test.xml");

            // Decrypt the "creditcard" element.
            Decrypt(xmlDoc, rsaKey, "rsaKey");
            xmlDoc.Save("test.xml");

            // Display the encrypted XML to the console.
            Console.WriteLine();
            Console.WriteLine("Decrypted XML:");
            Console.WriteLine();
            Console.WriteLine(xmlDoc.OuterXml);
        }
        catch (Exception e)
        {
            Console.WriteLine(e.Message);
        }
        finally
        {
            // Clear the RSA key.
            rsaKey.Clear();
        }

    }

    public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, RSA Alg, string KeyName)
    {
        // Check the arguments.   
        if (Doc == null)
            throw new ArgumentNullException("Doc");
        if (ElementToEncrypt == null)
            throw new ArgumentNullException("ElementToEncrypt");
        if (Alg == null)
            throw new ArgumentNullException("Alg");

        //////////////////////////////////////////////// 
        // Find the specified element in the XmlDocument 
        // object and create a new XmlElemnt object. 
        ////////////////////////////////////////////////

        XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement;

        // Throw an XmlException if the element was not found. 
        if (elementToEncrypt == null)
        {
            throw new XmlException("The specified element was not found");

        }

        ////////////////////////////////////////////////// 
        // Create a new instance of the EncryptedXml class  
        // and use it to encrypt the XmlElement with the  
        // a new random symmetric key. 
        ////////////////////////////////////////////////// 

        // Create a 256 bit Rijndael key.
        RijndaelManaged sessionKey = new RijndaelManaged();
        sessionKey.KeySize = 256;

        EncryptedXml eXml = new EncryptedXml();

        byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, sessionKey, false);

        //////////////////////////////////////////////// 
        // Construct an EncryptedData object and populate 
        // it with the desired encryption information. 
        ////////////////////////////////////////////////


        EncryptedData edElement = new EncryptedData();
        edElement.Type = EncryptedXml.XmlEncElementUrl;

        // Create an EncryptionMethod element so that the  
        // receiver knows which algorithm to use for decryption.

        edElement.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);

        // Encrypt the session key and add it to an EncryptedKey element.
        EncryptedKey ek = new EncryptedKey();

        byte[] encryptedKey = EncryptedXml.EncryptKey(sessionKey.Key, Alg, false);

        ek.CipherData = new CipherData(encryptedKey);

        ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);

        // Set the KeyInfo element to specify the 
        // name of the RSA key. 

        // Create a new KeyInfo element.
        edElement.KeyInfo = new KeyInfo();

        // Create a new KeyInfoName element.
        KeyInfoName kin = new KeyInfoName();

        // Specify a name for the key.
        kin.Value = KeyName;

        // Add the KeyInfoName element to the  
        // EncryptedKey object.
        ek.KeyInfo.AddClause(kin);

        // Add the encrypted key to the  
        // EncryptedData object.

        edElement.KeyInfo.AddClause(new KeyInfoEncryptedKey(ek));

        // Add the encrypted element data to the  
        // EncryptedData object.
        edElement.CipherData.CipherValue = encryptedElement;

        //////////////////////////////////////////////////// 
        // Replace the element from the original XmlDocument 
        // object with the EncryptedData element. 
        ////////////////////////////////////////////////////

        EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false);

    }

    public static void Decrypt(XmlDocument Doc, RSA Alg, string KeyName)
    {
        // Check the arguments.   
        if (Doc == null)
            throw new ArgumentNullException("Doc");
        if (Alg == null)
            throw new ArgumentNullException("Alg");
        if (KeyName == null)
            throw new ArgumentNullException("KeyName");

        // Create a new EncryptedXml object.
        EncryptedXml exml = new EncryptedXml(Doc);

        // Add a key-name mapping. 
        // This method can only decrypt documents 
        // that present the specified key name.
        exml.AddKeyNameMapping(KeyName, Alg);

        // Decrypt the element.
        exml.DecryptDocument();

    }

}

.NET Framework

Supported in: 4.5, 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft