KeyInfoName Class
Assembly: System.Security (in system.security.dll)
The <KeyName> element contains a string identifier that the party validating or decrypting an XML document uses to identify the corresponding key. For example, if you receive an encrypted or signed XML document that has a <KeyName> element value of "AsymmetricKey1", you will use a key that you and the sender have named "AsymmetricKey1" to decrypt or verify the document. Both parties must agree on a key name mapping ahead of time. Note that the actual key is not imbedded in the XML document.
For more information about the <KeyName> element, see Section 4.4.1 of the XMLDSIG specification, which is available from the World Wide Web Consortium (W3C) at www.w3.org/TR/xmldsig-core/, or see the XML Encryption specification, which is available from the W3C at www.w3.org/TR/xmlenc-core/.
The following code example uses the KeyInfoName object when signing a resource represented by a Universal Resource Identifier (URI). This example saves the signature in a new file.
' ' This example signs a file specified by a URI ' using a detached signature. It then verifies ' the signed XML. ' Imports System Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Imports System.Text Imports System.Xml Class XMLDSIGDetached <STAThread()> _ Overloads Shared Sub Main(args() As String) ' The URI to sign. Dim resourceToSign As String = "http://www.microsoft.com" ' The name of the file to which to save the XML signature. Dim XmlFileName As String = "xmldsig.xml" Try ' Generate a signing key. Dim Key As New RSACryptoServiceProvider() Console.WriteLine("Signing: {0}", resourceToSign) ' Sign the detached resourceand save the signature in an XML file. SignDetachedResource(resourceToSign, XmlFileName, Key) Console.WriteLine("XML signature was succesfully computed and saved to {0}.", XmlFileName) ' Verify the signature of the signed XML. Console.WriteLine("Verifying signature...") 'Verify the XML signature in the XML file. Dim result As Boolean = VerifyDetachedSignature(XmlFileName) ' Display the results of the signature verification to ' the console. If result Then Console.WriteLine("The XML signature is valid.") Else Console.WriteLine("The XML signature is not valid.") End If Catch e As CryptographicException Console.WriteLine(e.Message) End Try End Sub ' Sign an XML file and save the signature in a new file. Public Shared Sub SignDetachedResource(URIString As String, XmlSigFileName As String, Key As RSA) ' Create a SignedXml object. Dim signedXml As New SignedXml() ' Assign the key to the SignedXml object. signedXml.SigningKey = Key ' Create a reference to be signed. Dim reference As New Reference() ' Add the passed URI to the reference object. reference.Uri = URIString ' Add the reference to the SignedXml object. signedXml.AddReference(reference) ' Add an RSAKeyValue KeyInfo (optional; helps recipient find key to validate). Dim keyInfo As New KeyInfo() keyInfo.AddClause(New RSAKeyValue(CType(Key, RSA))) signedXml.KeyInfo = keyInfo ' Compute the signature. signedXml.ComputeSignature() ' Get the XML representation of the signature and save ' it to an XmlElement object. Dim xmlDigitalSignature As XmlElement = signedXml.GetXml() ' Save the signed XML document to a file specified ' using the passed string. Dim xmltw As New XmlTextWriter(XmlSigFileName, New UTF8Encoding(False)) xmlDigitalSignature.WriteTo(xmltw) xmltw.Close() End Sub ' Verify the signature of an XML file and return the result. Public Shared Function VerifyDetachedSignature(XmlSigFileName As String) As [Boolean] ' Create a new XML document. Dim xmlDocument As New XmlDocument() ' Load the passed XML file into the document. xmlDocument.Load(XmlSigFileName) ' Create a new SignedXMl object. Dim signedXml As New SignedXml() ' Find the "Signature" node and create a new ' XmlNodeList object. Dim nodeList As XmlNodeList = xmlDocument.GetElementsByTagName("Signature") ' Load the signature node. signedXml.LoadXml(CType(nodeList(0), XmlElement)) ' Check the signature and return the result. Return signedXml.CheckSignature() End Function End Class
//
// This example signs a file specified by a URI
// using a detached signature. It then verifies
// the signed XML.
//
import System .* ;
import System.Security.Cryptography .* ;
import System.Security.Cryptography.Xml .* ;
import System.Text .* ;
import System.Xml .* ;
class XMLDSIGDetached
{
/** @attribute STAThread()
*/
public static void main(String[] args)
{
// The URI to sign.
String resourceToSign = "http://www.microsoft.com";
// The name of the file to which to save the XML signature.
String xmlFileName = "xmldsig.xml";
try {
// Generate a signing key.
RSACryptoServiceProvider key = new RSACryptoServiceProvider();
Console.WriteLine("Signing: {0}", resourceToSign);
// Sign the detached resourceand save the signature in an XML file.
SignDetachedResource(resourceToSign, xmlFileName, key);
Console.WriteLine("XML signature was succesfully computed "
+ "and saved to {0}.", xmlFileName);
// Verify the signature of the signed XML.
Console.WriteLine("Verifying signature...");
//Verify the XML signature in the XML file.
boolean result = VerifyDetachedSignature(xmlFileName).booleanValue();
// Display the results of the signature verification to
// the console.
if (result) {
Console.WriteLine("The XML signature is valid.");
}
else {
Console.WriteLine("The XML signature is not valid.");
}
}
catch (CryptographicException e) {
Console.WriteLine(e.get_Message());
}
} //main
// Sign an XML file and save the signature in a new file.
public static void SignDetachedResource(String uriString,
String xmlSigFileName, RSA key)
{
// Create a SignedXml object.
SignedXml signedXml = new SignedXml();
// Assign the key to the SignedXml object.
signedXml.set_SigningKey(key);
// Create a reference to be signed.
Reference reference = new Reference();
// Add the passed URI to the reference object.
reference.set_Uri(uriString);
// Add a transformation if the URI is an XML file.
if (uriString.EndsWith("xml")) {
reference.AddTransform(new XmlDsigC14NTransform());
}
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
// Add an RSAKeyValue KeyInfo (optional; helps recipient
// find key to validate).
KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause(new RSAKeyValue(((RSA)(key))));
signedXml.set_KeyInfo(keyInfo);
// Compute the signature.
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();
// Save the signed XML document to a file specified
// using the passed string.
XmlTextWriter xmlTW = new XmlTextWriter(xmlSigFileName,
new UTF8Encoding(false));
xmlDigitalSignature.WriteTo(xmlTW);
xmlTW.Close();
} //SignDetachedResource
// Verify the signature of an XML file and return the result.
public static Boolean VerifyDetachedSignature(String xmlSigFileName)
{
// Create a new XML document.
XmlDocument xmlDocument = new XmlDocument();
// Load the passed XML file into the document.
xmlDocument.Load(xmlSigFileName);
// Create a new SignedXMl object.
SignedXml signedXml = new SignedXml();
// Find the "Signature" node and create a new
// XmlNodeList object.
XmlNodeList nodeList = xmlDocument.GetElementsByTagName("Signature");
// Load the signature node.
signedXml.LoadXml(((XmlElement)(nodeList.get_ItemOf(0))));
// Check the signature and return the result.
return new Boolean(signedXml.CheckSignature());
} //VerifyDetachedSignature
} //XMLDSIGDetached
The following code example uses the KeyInfoName object when signing an XML document. This example saves the signature in a new file.
' ' This example signs an XML file using an ' envelope signature. It then verifies the ' signed XML. ' Imports System Imports System.Security.Cryptography Imports System.Security.Cryptography.X509Certificates Imports System.Security.Cryptography.Xml Imports System.Text Imports System.Xml Public Class SignVerifyEnvelope Overloads Public Shared Sub Main(args() As [String]) Try ' Generate a signing key. Dim Key As New RSACryptoServiceProvider() ' Create an XML file to sign. CreateSomeXml("Example.xml") Console.WriteLine("New XML file created.") ' Sign the XML that was just created and save it in a ' new file. SignXmlFile("Example.xml", "SignedExample.xml", Key) Console.WriteLine("XML file signed.") ' Verify the signature of the signed XML. Console.WriteLine("Verifying signature...") Dim result As Boolean = VerifyXmlFile("SignedExample.xml") ' Display the results of the signature verification to \ ' the console. If result Then Console.WriteLine("The XML signature is valid.") Else Console.WriteLine("The XML signature is not valid.") End If Catch e As CryptographicException Console.WriteLine(e.Message) End Try End Sub ' Sign an XML file and save the signature in a new file. Public Shared Sub SignXmlFile(FileName As String, SignedFileName As String, Key As RSA) ' Create a new XML document. Dim doc As New XmlDocument() ' Format the document to ignore white spaces. doc.PreserveWhitespace = False ' Load the passed XML file using it's name. doc.Load(New XmlTextReader(FileName)) ' Create a SignedXml object. Dim signedXml As New SignedXml(doc) ' Add the key to the SignedXml document. signedXml.SigningKey = Key ' Create a reference to be signed. Dim reference As New Reference() reference.Uri = "" ' Add an enveloped transformation to the reference. Dim env As New XmlDsigEnvelopedSignatureTransform() reference.AddTransform(env) ' Add the reference to the SignedXml object. signedXml.AddReference(reference) ' Add an RSAKeyValue KeyInfo (optional; helps recipient find key to validate). Dim keyInfo As New KeyInfo() keyInfo.AddClause(New RSAKeyValue(CType(Key, RSA))) signedXml.KeyInfo = keyInfo ' Compute the signature. signedXml.ComputeSignature() ' Get the XML representation of the signature and save ' it to an XmlElement object. Dim xmlDigitalSignature As XmlElement = signedXml.GetXml() ' Append the element to the XML document. doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, True)) If TypeOf doc.FirstChild Is XmlDeclaration Then doc.RemoveChild(doc.FirstChild) End If ' Save the signed XML document to a file specified ' using the passed string. Dim xmltw As New XmlTextWriter(SignedFileName, New UTF8Encoding(False)) doc.WriteTo(xmltw) xmltw.Close() End Sub ' Verify the signature of an XML file and return the result. Public Shared Function VerifyXmlFile(Name As [String]) As [Boolean] ' Create a new XML document. Dim xmlDocument As New XmlDocument() ' Format using white spaces. xmlDocument.PreserveWhitespace = True ' Load the passed XML file into the document. xmlDocument.Load(Name) ' Create a new SignedXml object and pass it ' the XML document class. Dim signedXml As New SignedXml(xmlDocument) ' Find the "Signature" node and create a new ' XmlNodeList object. Dim nodeList As XmlNodeList = xmlDocument.GetElementsByTagName("Signature") ' Load the signature node. signedXml.LoadXml(CType(nodeList(0), XmlElement)) ' Check the signature and return the result. Return signedXml.CheckSignature() End Function ' Create example data to sign. Public Shared Sub CreateSomeXml(FileName As String) ' Create a new XmlDocument object. Dim document As New XmlDocument() ' Create a new XmlNode object. Dim node As XmlNode = document.CreateNode(XmlNodeType.Element, "", "MyElement", "samples") ' Add some text to the node. node.InnerText = "Example text to be signed." ' Append the node to the document. document.AppendChild(node) ' Save the XML document to the file name specified. Dim xmltw As New XmlTextWriter(FileName, New UTF8Encoding(False)) document.WriteTo(xmltw) xmltw.Close() End Sub End Class
//
// This example signs an XML file using an
// envelope signature. It then verifies the
// signed XML.
//
import System.*;
import System.Security.Cryptography.*;
import System.Security.Cryptography.X509Certificates.*;
import System.Security.Cryptography.Xml.*;
import System.Text.*;
import System.Xml.*;
public class SignVerifyEnvelope
{
public static void main(String[] args)
{
try {
// Generate a signing key.
RSACryptoServiceProvider key = new RSACryptoServiceProvider();
// Create an XML file to sign.
CreateSomeXml("Example.xml");
Console.WriteLine("New XML file created.");
// Sign the XML that was just created and save it in a
// new file.
SignXmlFile("Example.xml", "SignedExample.xml", key);
Console.WriteLine("XML file signed.");
// Verify the signature of the signed XML.
Console.WriteLine("Verifying signature...");
boolean result = VerifyXmlFile("SignedExample.xml").booleanValue();
// Display the results of the signature verification to \
// the console.
if (result) {
Console.WriteLine("The XML signature is valid.");
}
else {
Console.WriteLine("The XML signature is not valid.");
}
}
catch (CryptographicException e) {
Console.WriteLine(e.get_Message());
}
} //main
// Sign an XML file and save the signature in a new file.
public static void SignXmlFile(String fileName, String signedFileName,
RSA key)
{
// Create a new XML document.
XmlDocument doc = new XmlDocument();
// Format the document to ignore white spaces.
doc.set_PreserveWhitespace(false);
// Load the passed XML file using it's name.
doc.Load(new XmlTextReader(fileName));
// Create a SignedXml object.
SignedXml signedXml = new SignedXml(doc);
// Add the key to the SignedXml document.
signedXml.set_SigningKey(key);
// Create a reference to be signed.
Reference reference = new Reference();
reference.set_Uri("");
// Add a transformation to the reference.
Transform trns = new XmlDsigC14NTransform();
reference.AddTransform(trns);
// Add an enveloped transformation to the reference.
XmlDsigEnvelopedSignatureTransform env =
new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
// Add an RSAKeyValue KeyInfo (optional; helps recipient
// find key to validate).
KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause(new RSAKeyValue(((RSA)(key))));
signedXml.set_KeyInfo(keyInfo);
// Compute the signature.
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();
// Append the element to the XML document.
doc.get_DocumentElement().AppendChild(doc.ImportNode(
xmlDigitalSignature, true));
if (doc.get_FirstChild() instanceof XmlDeclaration) {
doc.RemoveChild(doc.get_FirstChild());
}
// Save the signed XML document to a file specified
// using the passed string.
XmlTextWriter xmlTW = new XmlTextWriter(signedFileName,
new UTF8Encoding(false));
doc.WriteTo(xmlTW);
xmlTW.Close();
} //SignXmlFile
// Verify the signature of an XML file and return the result.
public static Boolean VerifyXmlFile(String name)
{
// Create a new XML document.
XmlDocument xmlDocument = new XmlDocument();
// Format using white spaces.
xmlDocument.set_PreserveWhitespace(true);
// Load the passed XML file into the document.
xmlDocument.Load(name);
// Create a new SignedXml object and pass it
// the XML document class.
SignedXml signedXml = new SignedXml(xmlDocument);
// Find the "Signature" node and create a new
// XmlNodeList object.
XmlNodeList nodeList = xmlDocument.GetElementsByTagName("Signature");
// Load the signature node.
signedXml.LoadXml(((XmlElement)(nodeList.get_ItemOf(0))));
// Check the signature and return the result.
return new Boolean(signedXml.CheckSignature());
} //VerifyXmlFile
// Create example data to sign.
public static void CreateSomeXml(String fileName)
{
// Create a new XmlDocument object.
XmlDocument document = new XmlDocument();
// Create a new XmlNode object.
XmlNode node = document.CreateNode(XmlNodeType.Element, "",
"MyElement", "samples");
// Add some text to the node.
node.set_InnerText("Example text to be signed.");
// Append the node to the document.
document.AppendChild(node);
// Save the XML document to the file name specified.
XmlTextWriter xmlTW = new XmlTextWriter(fileName,
new UTF8Encoding(false));
document.WriteTo(xmlTW);
xmlTW.Close();
} //CreateSomeXml
} //SignVerifyEnvelope
The following code example uses the KeyInfoName object when encrypting an XML document. This example embeds an encrypted key within the encrypted XML document.
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) Return End Try ' Create a new RSA key. This key will encrypt a symmetric key, ' which will then be imbedded in the XML document. Dim rsaKey = New RSACryptoServiceProvider() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey") ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc, rsaKey, "rsaKey") ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the RSA key. rsaKey.Clear() End Try End Sub Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As RSA, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If elementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' a new random symmetric key. ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a 256 bit Rijndael key. Dim sessionKey As New RijndaelManaged() sessionKey.KeySize = 256 Dim eXml As New EncryptedXml() Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, sessionKey, False) ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Construct an EncryptedData object and populate ' it with the desired encryption information. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim edElement As New EncryptedData() edElement.Type = EncryptedXml.XmlEncElementUrl ' Create an EncryptionMethod element so that the ' receiver knows which algorithm to use for decryption. edElement.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncAES256Url) ' Encrypt the session key and add it to an EncryptedKey element. Dim ek As New EncryptedKey() Dim encryptedKey As Byte() = EncryptedXml.EncryptKey(sessionKey.Key, Alg, False) ek.CipherData = New CipherData(encryptedKey) ek.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncRSA15Url) ' Set the KeyInfo element to specify the ' name of the RSA key. ' Create a new KeyInfo element. edElement.KeyInfo = New KeyInfo() ' Create a new KeyInfoName element. Dim kin As New KeyInfoName() ' Specify a name for the key. kin.Value = KeyName ' Add the KeyInfoName element to the ' EncryptedKey object. ek.KeyInfo.AddClause(kin) ' Add the encrypted key to the ' EncryptedData object. edElement.KeyInfo.AddClause(New KeyInfoEncryptedKey(ek)) ' Add the encrypted element data to the ' EncryptedData object. edElement.CipherData.CipherValue = encryptedElement ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As RSA, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If If KeyName Is Nothing Then Throw New ArgumentNullException("KeyName") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(Doc) ' Add a key-name mapping. ' This method can only decrypt documents ' that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg) ' Decrypt the element. exml.DecryptDocument() End Sub End Module
import System.*;
import System.Xml.*;
import System.Security.Cryptography.*;
import System.Security.Cryptography.Xml.*;
class Program
{
public static void main(String[] args)
{
// Create an XmlDocument object.
XmlDocument xmlDoc = new XmlDocument();
// Load an XML file into the XmlDocument object.
try {
xmlDoc.set_PreserveWhitespace(true);
xmlDoc.Load("test.xml");
}
catch (System.Exception e) {
Console.WriteLine(e.get_Message());
return;
}
// Create a new RSA key. This key will encrypt a symmetric key,
// which will then be imbedded in the XML document.
RSA rsaKey = new RSACryptoServiceProvider();
try {
// Encrypt the "creditcard" element.
Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey");
// Display the encrypted XML to the console.
Console.WriteLine("Encrypted XML:");
Console.WriteLine();
Console.WriteLine(xmlDoc.get_OuterXml());
// Decrypt the "creditcard" element.
Decrypt(xmlDoc, rsaKey, "rsaKey");
// Display the encrypted XML to the console.
Console.WriteLine();
Console.WriteLine("Decrypted XML:");
Console.WriteLine();
Console.WriteLine(xmlDoc.get_OuterXml());
}
catch (System.Exception e) {
Console.WriteLine(e.get_Message());
}
finally {
// Clear the RSA key.
rsaKey.Clear();
}
} //main
public static void Encrypt(XmlDocument doc, String elementToEncrypt,
RSA alg, String keyName) throws ArgumentNullException,XmlException
{
// Check the arguments.
if (doc == null) {
throw new ArgumentNullException("doc");
}
if (elementToEncrypt == null) {
throw new ArgumentNullException("elementToEncrypt");
}
if (alg == null) {
throw new ArgumentNullException("alg");
}
////////////////////////////////////////////////
// Find the specified element in the XmlDocument
// object and create a new XmlElemnt object.
////////////////////////////////////////////////
XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName(
elementToEncrypt).get_ItemOf(0);
// Throw an XmlException if the element was not found.
if (elementToEncrypt1 == null) {
throw new XmlException("The specified element was not found");
}
//////////////////////////////////////////////////
// Create a new instance of the EncryptedXml class
// and use it to encrypt the XmlElement with the
// a new random symmetric key.
//////////////////////////////////////////////////
// Create a 256 bit Rijndael key.
RijndaelManaged sessionKey = new RijndaelManaged();
sessionKey.set_KeySize(256);
EncryptedXml eXml = new EncryptedXml();
ubyte encryptedElement[] = eXml.EncryptData(elementToEncrypt1,
sessionKey, false);
////////////////////////////////////////////////
// Construct an EncryptedData object and populate
// it with the desired encryption information.
////////////////////////////////////////////////
EncryptedData edElement = new EncryptedData();
edElement.set_Type(EncryptedXml.XmlEncElementUrl);
// Create an EncryptionMethod element so that the
// receiver knows which algorithm to use for decryption.
edElement.set_EncryptionMethod(new EncryptionMethod(
EncryptedXml.XmlEncAES256Url));
// Encrypt the session key and add it to an EncryptedKey element.
EncryptedKey ek = new EncryptedKey();
ubyte encryptedKey[] = EncryptedXml.EncryptKey(sessionKey.get_Key(),
alg, false);
ek.set_CipherData(new CipherData(encryptedKey));
ek.set_EncryptionMethod(new EncryptionMethod(EncryptedXml.
XmlEncRSA15Url));
// Set the KeyInfo element to specify the
// name of the RSA key.
// Create a new KeyInfo element.
edElement.set_KeyInfo(new KeyInfo());
// Create a new KeyInfoName element.
KeyInfoName kin = new KeyInfoName();
// Specify a name for the key.
kin.set_Value(keyName);
// Add the KeyInfoName element to the
// EncryptedKey object.
ek.get_KeyInfo().AddClause(kin);
// Add the encrypted key to the
// EncryptedData object.
edElement.get_KeyInfo().AddClause(new KeyInfoEncryptedKey(ek));
// Add the encrypted element data to the
// EncryptedData object.
edElement.get_CipherData().set_CipherValue(encryptedElement);
////////////////////////////////////////////////////
// Replace the element from the original XmlDocument
// object with the EncryptedData element.
////////////////////////////////////////////////////
EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false);
} //Encrypt
public static void Decrypt(XmlDocument doc, RSA alg, String keyName)
{
// Check the arguments.
if (doc == null) {
throw new ArgumentNullException("doc");
}
if (alg == null) {
throw new ArgumentNullException("alg");
}
if (keyName == null) {
throw new ArgumentNullException("keyName");
}
// Create a new EncryptedXml object.
EncryptedXml eXml = new EncryptedXml(doc);
// Add a key-name mapping.
// This method can only decrypt documents
// that present the specified key name.
eXml.AddKeyNameMapping(keyName, alg);
// Decrypt the element.
eXml.DecryptDocument();
} //Decrypt
} //Program
The following code example uses the KeyInfoName object when encrypting an XML document. This example maps a name to a symmetric key to identify it to the decryption method.
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) Return End Try ' Create a new TripleDES key. Dim tDESkey As New TripleDESCryptoServiceProvider() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey") ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey, "tDESKey") ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the TripleDES key. tDESkey.Clear() End Try End Sub 'Main Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As SymmetricAlgorithm, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If elementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' symmetric key. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim eXml As New EncryptedXml() Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, Alg, False) ''''''''''''''''''''''''''''''''''''''''''''''''' ' Construct an EncryptedData object and populate ' it with the desired encryption information. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim edElement As New EncryptedData() edElement.Type = EncryptedXml.XmlEncElementUrl ' Create an EncryptionMethod element so that the ' receiver knows which algorithm to use for decryption. ' Determine what kind of algorithm is being used and ' supply the appropriate URL to the EncryptionMethod element. Dim encryptionMethod As String = Nothing If TypeOf Alg Is TripleDES Then encryptionMethod = EncryptedXml.XmlEncTripleDESUrl ElseIf TypeOf Alg Is DES Then encryptionMethod = EncryptedXml.XmlEncDESUrl ElseIf TypeOf Alg Is Rijndael Then Select Case Alg.KeySize Case 128 encryptionMethod = EncryptedXml.XmlEncAES128Url Case 192 encryptionMethod = EncryptedXml.XmlEncAES192Url Case 256 encryptionMethod = EncryptedXml.XmlEncAES256Url End Select Else ' Throw an exception if the transform is not in the previous categories Throw New CryptographicException("The specified algorithm is not supported for XML Encryption.") End If edElement.EncryptionMethod = New EncryptionMethod(encryptionMethod) ' Set the KeyInfo element to specify the ' name of a key. ' Create a new KeyInfo element. edElement.KeyInfo = New KeyInfo() ' Create a new KeyInfoName element. Dim kin As New KeyInfoName() ' Specify a name for the key. kin.Value = KeyName ' Add the KeyInfoName element. edElement.KeyInfo.AddClause(kin) ' Add the encrypted element data to the ' EncryptedData object. edElement.CipherData.CipherValue = encryptedElement ''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As SymmetricAlgorithm, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If If KeyName Is Nothing Then Throw New ArgumentNullException("KeyName") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(Doc) ' Add a key-name mapping. ' This method can only decrypt documents ' that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg) ' Decrypt the element. exml.DecryptDocument() End Sub End Module
import System.*;
import System.Xml.*;
import System.Security.Cryptography.*;
import System.Security.Cryptography.Xml.*;
class Program
{
public static void main(String[] args)
{
// Create an XmlDocument object.
XmlDocument xmlDoc = new XmlDocument();
// Load an XML file into the XmlDocument object.
try {
xmlDoc.set_PreserveWhitespace(true);
xmlDoc.Load("test.xml");
}
catch (System.Exception e) {
Console.WriteLine(e.get_Message());
return;
}
// Create a new TripleDES key.
TripleDESCryptoServiceProvider tDESkey =
new TripleDESCryptoServiceProvider();
try {
// Encrypt the "creditcard" element.
Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey");
// Display the encrypted XML to the console.
Console.WriteLine("Encrypted XML:");
Console.WriteLine();
Console.WriteLine(xmlDoc.get_OuterXml());
// Decrypt the "creditcard" element.
Decrypt(xmlDoc, tDESkey, "tDESKey");
// Display the encrypted XML to the console.
Console.WriteLine();
Console.WriteLine("Decrypted XML:");
Console.WriteLine();
Console.WriteLine(xmlDoc.get_OuterXml());
}
catch (System.Exception e) {
Console.WriteLine(e.get_Message());
}
finally {
// Clear the TripleDES key.
tDESkey.Clear();
}
} //main
public static void Encrypt(XmlDocument doc, String elementToEncrypt,
SymmetricAlgorithm alg, String keyName) throws XmlException,
CryptographicException
{
// Check the arguments.
if (doc == null) {
throw new ArgumentNullException("doc");
}
if (elementToEncrypt == null) {
throw new ArgumentNullException("elementToEncrypt");
}
if (alg == null) {
throw new ArgumentNullException("alg");
}
////////////////////////////////////////////////
// Find the specified element in the XmlDocument
// object and create a new XmlElemnt object.
////////////////////////////////////////////////
XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName(
elementToEncrypt).get_ItemOf(0);
// Throw an XmlException if the element was not found.
if (elementToEncrypt1 == null) {
throw new XmlException("The specified element was not found");
}
//////////////////////////////////////////////////
// Create a new instance of the EncryptedXml class
// and use it to encrypt the XmlElement with the
// symmetric key.
//////////////////////////////////////////////////
EncryptedXml eXml = new EncryptedXml();
ubyte encryptedElement[] = eXml.EncryptData(elementToEncrypt1, alg,
false);
////////////////////////////////////////////////
// Construct an EncryptedData object and populate
// it with the desired encryption information.
////////////////////////////////////////////////
EncryptedData edElement = new EncryptedData();
edElement.set_Type(EncryptedXml.XmlEncElementUrl);
// Create an EncryptionMethod element so that the
// receiver knows which algorithm to use for decryption.
// Determine what kind of algorithm is being used and
// supply the appropriate URL to the EncryptionMethod element.
String encryptionMethod = null;
if (alg instanceof TripleDES) {
encryptionMethod = EncryptedXml.XmlEncTripleDESUrl;
}
else {
if (alg instanceof DES) {
encryptionMethod = EncryptedXml.XmlEncDESUrl;
}
else {
if (alg instanceof Rijndael) {
switch (alg.get_KeySize()) {
case 128:
encryptionMethod = EncryptedXml.XmlEncAES128Url;
break;
case 192:
encryptionMethod = EncryptedXml.XmlEncAES192Url;
break;
case 256:
encryptionMethod = EncryptedXml.XmlEncAES256Url;
break;
}
}
else {
// Throw an exception if the transform is not in the
// previous categories
throw new CryptographicException("The specified algorithm"
+" is not supported for XML Encryption.");
}
}
}
edElement.set_EncryptionMethod(new EncryptionMethod(encryptionMethod));
// Set the KeyInfo element to specify the
// name of a key.
// Create a new KeyInfo element.
edElement.set_KeyInfo(new KeyInfo());
// Create a new KeyInfoName element.
KeyInfoName kin = new KeyInfoName();
// Specify a name for the key.
kin.set_Value(keyName);
// Add the KeyInfoName element.
edElement.get_KeyInfo().AddClause(kin);
// Add the encrypted element data to the
// EncryptedData object.
edElement.get_CipherData().set_CipherValue(encryptedElement);
////////////////////////////////////////////////////
// Replace the element from the original XmlDocument
// object with the EncryptedData element.
////////////////////////////////////////////////////
EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false);
} //Encrypt
public static void Decrypt(XmlDocument doc, SymmetricAlgorithm alg,
String keyName)
{
// Check the arguments.
if (doc == null) {
throw new ArgumentNullException("doc");
}
if (alg == null) {
throw new ArgumentNullException("alg");
}
if (keyName == null) {
throw new ArgumentNullException("keyName");
}
// Create a new EncryptedXml object.
EncryptedXml eXml = new EncryptedXml(doc);
// Add a key-name mapping.
// This method can only decrypt documents
// that present the specified key name.
eXml.AddKeyNameMapping(keyName, alg);
// Decrypt the element.
eXml.DecryptDocument();
} //Decrypt
} //Program
System.Security.Cryptography.Xml.KeyInfoClause
System.Security.Cryptography.Xml.KeyInfoName
Windows 98, Windows Server 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.