2 // EncryptedXml.cs - EncryptedXml implementation for XML Encryption
5 // Tim Coleman (tim@timcoleman.com)
7 // Copyright (C) Tim Coleman, 2004
11 using System.Collections;
13 using System.Security.Cryptography;
14 using System.Security.Policy;
18 namespace System.Security.Cryptography.Xml {
19 public class EncryptedXml {
23 public const string XmlEncAES128KeyWrapUrl = XmlEncNamespaceUrl + "kw-aes128";
24 public const string XmlEncAES128Url = XmlEncNamespaceUrl + "aes128-cbc";
25 public const string XmlEncAES192KeyWrapUrl = XmlEncNamespaceUrl + "kw-aes192";
26 public const string XmlEncAES192Url = XmlEncNamespaceUrl + "aes192-cbc";
27 public const string XmlEncAES256KeyWrapUrl = XmlEncNamespaceUrl + "kw-aes256";
28 public const string XmlEncAES256Url = XmlEncNamespaceUrl + "aes256-cbc";
29 public const string XmlEncDESUrl = XmlEncNamespaceUrl + "des-cbc";
30 public const string XmlEncElementContentUrl = XmlEncNamespaceUrl + "ElementContent";
31 public const string XmlEncElementUrl = XmlEncNamespaceUrl + "element";
32 public const string XmlEncEncryptedKeyUrl = XmlEncNamespaceUrl + "EncryptedKey";
33 public const string XmlEncNamespaceUrl = "http://www.w3.org/2001/04/xmlenc#";
34 public const string XmlEncRSA1_5Url = XmlEncNamespaceUrl + "rsa-1_5";
35 public const string XmlEncRSAOAEPUrl = XmlEncNamespaceUrl + "rsa-oaep-mgf1p";
36 public const string XmlEncSHA256Url = XmlEncNamespaceUrl + "sha256";
37 public const string XmlEncSHA512Url = XmlEncNamespaceUrl + "sha512";
38 public const string XmlEncTripleDESKeyWrapUrl = XmlEncNamespaceUrl + "kw-tripledes";
39 public const string XmlEncTripleDESUrl = XmlEncNamespaceUrl + "tripledes-cbc";
41 Evidence documentEvidence;
42 Encoding encoding = Encoding.UTF8;
43 Hashtable keyNameMapping = new Hashtable ();
44 CipherMode mode = CipherMode.CBC;
45 PaddingMode padding = PaddingMode.ISO10126;
54 public EncryptedXml ()
59 public EncryptedXml (XmlDocument document)
64 public EncryptedXml (XmlDocument document, Evidence evidence)
66 DocumentEvidence = evidence;
69 #endregion // Constructors
73 public Evidence DocumentEvidence {
74 get { return documentEvidence; }
75 set { documentEvidence = value; }
78 public Encoding Encoding {
79 get { return encoding; }
80 set { encoding = value; }
83 public CipherMode Mode {
88 public PaddingMode Padding {
89 get { return padding; }
90 set { padding = value; }
93 public string Recipient {
94 get { return recipient; }
95 set { recipient = value; }
98 public XmlResolver Resolver {
99 get { return resolver; }
100 set { resolver = value; }
103 #endregion // Properties
107 public void AddKeyNameMapping (string keyName, object keyObject)
109 keyNameMapping [keyName] = keyObject;
112 public void ClearKeyNameMappings ()
114 keyNameMapping.Clear ();
117 public byte[] DecryptData (EncryptedData encryptedData, SymmetricAlgorithm symAlg)
119 return Transform (encryptedData.CipherData.CipherValue, symAlg.CreateDecryptor ());
123 public void DecryptDocument ()
125 throw new NotImplementedException ();
129 public virtual byte[] DecryptEncryptedKey (EncryptedKey encryptedKey)
131 throw new NotImplementedException ();
135 public static byte[] DecryptKey (byte[] keyData, SymmetricAlgorithm symAlg)
137 if (symAlg is TripleDES)
138 return SymmetricKeyWrap.TripleDESKeyWrapDecrypt (symAlg.Key, keyData);
139 if (symAlg is Rijndael)
140 return SymmetricKeyWrap.TripleDESKeyWrapDecrypt (symAlg.Key, keyData);
142 throw new CryptographicException ("The specified cryptographic transform is not supported.");
146 public static byte[] DecryptKey (byte[] keyData, RSA rsa, bool fOAEP)
148 throw new NotImplementedException ();
151 public byte[] EncryptData (XmlElement inputElement, SymmetricAlgorithm symAlg, bool content)
154 return Transform (Encoding.GetBytes (inputElement.InnerXml), symAlg.CreateEncryptor ());
156 return Transform (Encoding.GetBytes (inputElement.OuterXml), symAlg.CreateEncryptor ());
159 [MonoTODO ("Do we need to support more algorithms?")]
160 public static byte[] EncryptKey (byte[] keyData, SymmetricAlgorithm symAlg)
162 if (symAlg is TripleDES)
163 return SymmetricKeyWrap.TripleDESKeyWrapEncrypt (symAlg.Key, keyData);
164 if (symAlg is Rijndael)
165 return SymmetricKeyWrap.AESKeyWrapEncrypt (symAlg.Key, keyData);
167 throw new CryptographicException ("The specified cryptographic transform is not supported.");
170 [MonoTODO ("Not sure what this is for.")]
171 public static byte[] EncryptKey (byte[] keyData, RSA rsa, bool fOAEP)
173 throw new NotImplementedException ();
176 private static SymmetricAlgorithm GetAlgorithm (string symAlgUri)
178 SymmetricAlgorithm symAlg = null;
181 case XmlEncAES128Url:
182 symAlg = SymmetricAlgorithm.Create ("Rijndael");
183 symAlg.KeySize = 128;
185 case XmlEncAES192Url:
186 symAlg = SymmetricAlgorithm.Create ("Rijndael");
187 symAlg.KeySize = 192;
189 case XmlEncAES256Url:
190 symAlg = SymmetricAlgorithm.Create ("Rijndael");
191 symAlg.KeySize = 256;
194 symAlg = SymmetricAlgorithm.Create ("DES");
196 case XmlEncTripleDESUrl:
197 symAlg = SymmetricAlgorithm.Create ("TripleDES");
200 throw new ArgumentException ("symAlgUri");
207 public virtual byte[] GetDecryptionIV (EncryptedData encryptedData, string symAlgUri)
209 SymmetricAlgorithm symAlg = GetAlgorithm (symAlgUri);
211 throw new NotImplementedException ();
215 public virtual SymmetricAlgorithm GetDecryptionKey (EncryptedData encryptedData, string symAlgUri)
217 SymmetricAlgorithm symAlg = GetAlgorithm (symAlgUri);
219 throw new NotImplementedException ();
222 public virtual XmlElement GetIdElement (XmlDocument document, string idValue)
224 // this works only if there's a DTD or XSD available to define the ID
225 XmlElement xel = document.GetElementById (idValue);
227 // search an "undefined" ID
228 xel = (XmlElement) document.SelectSingleNode ("//*[@Id='" + idValue + "']");
234 public static void ReplaceElement (XmlElement inputElement, EncryptedData encryptedData, bool content)
236 throw new NotImplementedException ();
239 private byte[] Transform (byte[] data, ICryptoTransform transform)
241 MemoryStream output = new MemoryStream ();
242 CryptoStream crypto = new CryptoStream (output, transform, CryptoStreamMode.Write);
243 crypto.Write (data, 0, data.Length);
247 return output.ToArray ();
250 #endregion // Methods