public class EncryptedKey : IXmlElement {
+ private DecryptionKey dk;
private EncryptionKey ek;
private ReferenceList list;
private string keyex;
private string session;
private SymmetricEncryptionKey key;
+ private byte[] decdata;
internal EncryptedKey ()
{
}
}
+ // note: no default key size is assumed because they could change in the future
+ private SymmetricAlgorithm GetSymmetricAlgorithm (string algorithmURI)
+ {
+ SymmetricAlgorithm sa = null;
+ switch (algorithmURI) {
+ // Reference: http://www.w3.org/2001/04/xmlenc#aes128-cbc [REQUIRED]
+ case XmlEncryption.AlgorithmURI.AES128:
+ sa = Rijndael.Create ();
+ sa.KeySize = 128;
+ break;
+ // Reference: http://www.w3.org/2001/04/xmlenc#aes192-cbc [OPTIONAL]
+ case XmlEncryption.AlgorithmURI.AES192:
+ sa = Rijndael.Create ();
+ sa.KeySize = 192;
+ break;
+ // Reference: http://www.w3.org/2001/04/xmlenc#aes256-cbc [REQUIRED]
+ case XmlEncryption.AlgorithmURI.AES256:
+ sa = Rijndael.Create ();
+ sa.KeySize = 256;
+ break;
+ // Reference: http://www.w3.org/2001/04/xmlenc#tripledes-cbc [REQUIRED]
+ case XmlEncryption.AlgorithmURI.TripleDES:
+ sa = TripleDES.Create ();
+ sa.KeySize = 192;
+ break;
+ default:
+ return null;
+ }
+ // for decryption we must use the decrypted key (from the keyexchange)
+ if ((sa != null) && (decdata != null))
+ sa.Key = decdata;
+ return sa;
+ }
+
internal SymmetricEncryptionKey Key {
get {
if (key == null) {
- SymmetricAlgorithm sa;
- switch (session) {
- case XmlEncryption.AlgorithmURI.AES128:
- sa = Rijndael.Create ();
- sa.KeySize = 128;
- break;
- case XmlEncryption.AlgorithmURI.AES192:
- sa = Rijndael.Create ();
- sa.KeySize = 192;
- break;
- case XmlEncryption.AlgorithmURI.AES256:
- sa = Rijndael.Create ();
- sa.KeySize = 256;
- break;
- default:
- sa = TripleDES.Create ();
- break;
- }
- key = new SymmetricEncryptionKey (sa);
+ key = new SymmetricEncryptionKey (GetSymmetricAlgorithm (session));
}
return key;
}
throw new ArgumentNullException ("element");
if ((element.LocalName != XmlEncryption.ElementNames.EncryptedKey) || (element.NamespaceURI != XmlEncryption.NamespaceURI))
throw new System.ArgumentException ("invalid LocalName or NamespaceURI");
+
+ XmlNodeList xnl = element.GetElementsByTagName (XmlEncryption.ElementNames.EncryptionMethod, XmlEncryption.NamespaceURI);
+ if ((xnl != null) && (xnl.Count > 0)) {
+ XmlAttribute ema = xnl [0].Attributes [XmlEncryption.AttributeNames.Algorithm];
+ if (ema != null)
+ keyex = ema.InnerText;
+ }
+
+ xnl = element.GetElementsByTagName (XmlSignature.ElementNames.KeyInfo, XmlSignature.NamespaceURI);
+ if ((xnl != null) && (xnl.Count > 0)) {
+ KeyInfo ki = new KeyInfo ();
+ ki.LoadXml ((XmlElement) xnl [0]);
+#if WSE1
+ DecryptionKeyProvider dkp = new DecryptionKeyProvider ();
+ dk = dkp.GetDecryptionKey (keyex, ki);
+#else
+ // TODO
+#endif
+ }
+
+ byte[] encdata = null;
+ xnl = element.GetElementsByTagName (XmlEncryption.ElementNames.CipherData, XmlEncryption.NamespaceURI);
+ if ((xnl != null) && (xnl.Count > 0)) {
+ XmlElement cd = (XmlElement) xnl [0];
+ foreach (XmlNode xn in cd.ChildNodes) {
+ if ((xn.LocalName == XmlEncryption.ElementNames.CipherValue) && (xn.NamespaceURI == XmlEncryption.NamespaceURI)) {
+ encdata = Convert.FromBase64String (xn.InnerText);
+ }
+ }
+ }
+
+ xnl = element.GetElementsByTagName (XmlEncryption.ElementNames.ReferenceList, XmlEncryption.NamespaceURI);
+ if ((xnl != null) && (xnl.Count > 0)) {
+ list.LoadXml ((XmlElement) xnl [0]);
+ }
+
+ AsymmetricDecryptionKey adk = (dk as AsymmetricDecryptionKey);
+ if ((adk != null) && (encdata != null)) {
+ AsymmetricKeyExchangeDeformatter def = null;
+ switch (keyex) {
+ case XmlEncryption.AlgorithmURI.RSA15:
+ def = new RSAPKCS1KeyExchangeDeformatter (adk.Algorithm);
+ decdata = def.DecryptKeyExchange (encdata);
+ break;
+ case XmlEncryption.AlgorithmURI.RSAOAEP:
+ // TODO
+ break;
+ }
+ }
// TODO
}
}