tags:

views:

417

answers:

0
+2  Q: 

X509Certificate encryption/decryption

I'm just starting to learn XML security. We have VS-2005 & ASP.Net 2.0. I want to send XML to a outside URL and it needs to be encrypted. I'm doing exactly what the MSDN articles ms229744 & ms229943 are doing, but when doing the DecryptDocument() method, I keep getting the "Unable to retrieve the decryption key." I'm using our SSL web certificate, and I currently use X509Certificate to digitally sign the XML and it works fine.

I also asked somebody else to try this from a different shop and they are getting the same error. Is there a documented problem with the X509 decryption methods? In test code below, I'm posting the XML to another web page that is attempting to decrypt the XML. What I don't understand is how the DecryptDocument() method can work if it doesn't even check to see if the Public key is embedded. Is this the problem? If so, how do I check to make sure it is embedded in the XML? Any help is appreciated. Thanks! 

Private Function EncryptXml(ByVal xmlDoc As XmlDocument, ByVal Cert As X509Certificates.X509Certificate2) As XmlDocument

   Dim dataNodes As XmlNodeList = xmlDoc.SelectNodes("Agency")
   If dataNodes.Count <> 1 Then
       Return Nothing 
   End If  
   Dim elementToEncrypt As XmlElement = CType(xmlDoc.GetElementsByTagName("Agency")(0), XmlElement)
   Dim eXml As New EncryptedXml()
   Dim Key As RSACryptoServiceProvider = CType(Cert.PrivateKey, RSACryptoServiceProvider)
   Dim edElement As EncryptedData = eXml.Encrypt(elementToEncrypt, Cert)
   EncryptedXml.ReplaceElement(elementToEncrypt, edElement, False)
   Return xmlDoc 
End Function



Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load 
If Not IsPostBack Then
   If Request.Form("hdnSignedXML") IsNot Nothing Then
   Dim strXML As String = Request.Form("hdnSignedXML")
   Dim xmlDoc As New XmlDocument
   xmlDoc.LoadXml(strXML)
   xmlDoc.PreserveWhitespace = True
   Response.ContentType = "text/plain"
   Response.Write(strXML)

   Dim exml As New Xml.EncryptedXml(xmlDoc)
   exml.DecryptDocument()
   xmlDoc.Save("C:/inetpub/TestExampleDecrypted.xml")


   Response.End()

End If

End Sub

jP

related questions

Load an XmlNodeList into an XmlDocument without looping?
Does System.Xml use MSXML?
Using an XML catalog with Python's lxml?
Why Are People Still Creating RSS Feeds?
Pretty printing XML files on Emacs
Application configuration files
What is the best XML editor?
How much extra overhead is generated when sending a file over a web service as a byte array?
XPATHS and Default Namespaces
How to parse XML in VBA
Small modification to an XML document using StAX
how to use xpath in python
Best binary XML format for JavaME
How can I split an XML document into thirds (or, even better, n pieces)?
Test serialization encoding
Is it "bad practice" to be sensitive to linebreaks in XML documents?
HTML comments break down
Authoritative source on XML-sig
Best way to get InnerXml of an XElement?
HTML version choice
SQL 2005 For XML Explicit - Need help formatting
Any experiences with Protocol Buffers?
XML Editing/Viewing Software
XML Processing in Python
Converting CSV File to XML in Java