Browse DevX
Sign up for e-mail newsletters from DevX


Learn to Use the New XML Encryption Class in .NET 2.0

XML is the most popular technology for structuring data. Encryption of XML data is crucial to ensure end-to-end security for applications that require secure exchange of structured data. .NET 2.0 provides simple mechanisms to encrypt and decrypt data, thereby enabling security of your data.




Building the Right Environment to Support AI, Machine Learning and Deep Learning

ML is the de-facto language of business transactions. It enables structuring data. And the 2.0 version of the .NET framework, heretofore known by its codename, Whidbey, will finally enable you to encrypt and decrypt XML data. In this article I will explore the implementation of XML encryption in .NET 2.0.

Author's Note: Throughout this article when I reference .NET I'm referring to .NET Framework 2.0.

Basics of .NET XML Encryption
The first thing to cheer about Microsoft's implementation of XML encryption is that it's W3C compliant. What this means to you is that you will be able to exchange data with other implementations with ease. No proprietary nonsense here.

The interesting part is that the implementation supports encryption of arbitrary data i.e. non-XML data. You could encrypt binary data; the input needn't be XML. However the output/result will be an XML element.

When you're thinking of encrypting XML data there are two possible scenarios:

  • Encryption of an entire document
  • Encryption of portions of a document
The .NET framework supports both of these scenarios and provides you with multiple types of encryption algorithms:
  • Triple DES
  • AES 128
  • AES 192
  • AES 256
  • RSA
  • X509CertificateEx
XML encryption is driven by the System.Security.Cryptography.Xml.EncryptedXml class.

What You Need
Visual Studio.Net 2005 beta 1 (Whidbey).

Dive into XML Encryption
The XML document, "Order.xml," below, shows a purchase order:

<order> <items> <item quantity="1">.NET Framework Security</item> <item quantity="1">Essential XML Quick Reference</item> </items> <shipping> <to>Joe Smith</to> <street>110 Denny Way</street> <city>Seattle</city> <zip>98109</zip> </shipping> <billing> <paymentInfo type="Visa"> <number>0000-0000-0000-0000</number> <expirationDate>09/15/80</expirationDate> <billingAddress> <who>Microsoft Corporation</who> <street>1 Microsoft Way</street> <city>Redmond</city> <zip>98052</zip> </billingAddress> </paymentInfo> </billing> </order>

This XML file contains order details, including ordered items, customer data present in the shipping tag, and payment information present in the billing tag (customer credit card information).

In order to encrypt this data or portions of it, you need to follow these steps:

  1. Load the XML document
  2. Create an instance of the encryption algorithm provider
  3. Select the XML element you need to encrypt
  4. Create an EncryptedXML object
  5. Encrypt the element using the key generated by the encryption algorithm object
  6. Create an encrypted data object and specify its properties
  7. Assign the encrypted data to the encrypted data object's cipher value
  8. Replace the plain text XML element with the encrypted data object
  9. Save the encrypted data to a file (optional)

In order to decrypt data similarly you have to follow these steps:

  1. Load the XML document
  2. Retrieve the encrypted XML element
  3. Create an encrypted data object
  4. Load the encrypted element into the encrypted data object
  5. Create an encrypted XML object
  6. Decrypt the element using the key
  7. Replace the encrypted element with the plain-text XML element
  8. Save the decrypted data to a file (optional)

Thanks for your registration, follow us on our social networks to keep up-to-date