Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX


Learn to Use the New XML Encryption Class in .NET 2.0 : Page 2

XML is the most popular technology for structuring data. Encryption of XML data is crucial to ensure end-to-end security for applications that require secure exchange of structured data. .NET 2.0 provides simple mechanisms to encrypt and decrypt data, thereby enabling security of your data.




Full Text Search: The Key to Better Natural Language Queries for NoSQL in Node.js

Encrypting and Decrypting an XML Element
Open up VS.NET 2005 Whidbey, and create a new console project. Add references to the following:
  • System.Security
  • System.XML

Now create a new module called "EncryptDecrypt," and add the following imports statements:

Imports System Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Imports System.XML

You need to follow the steps below to write code to encrypt a portion of the XML document.

Author's Note: The Source code for this article includes the final EncryptDecrypt program for your reference.

Encrypting the XML Document

  1. Add a sub main to the module and write code to load the XML document.
  2. 'load the XML Document Dim xmldoc As New XmlDocument() Try xmldoc.Load("order.xml") Catch ex As Exception Console.WriteLine(ex.Message) End Try

  3. Choose an encryption algorithm provider and create an instance. For the sample application I'm using TripleDES.
  4. Dim tDESkey As New TripleDESCryptoServiceProvider()

  5. Select the element (billing) to be encrypted. You need to explicitly cast it to the type XmlElement, as SelectSingleNode returns an XMLNode Type.
  6. Dim billingElem As XmlElement = _ CType(xmldoc.SelectSingleNode("/order/billing"), XmlElement)

  7. Create an EncryptedXML object.
  8. Dim exml As EncryptedXml = New EncryptedXml(xmldoc)

  9. Encrypt the billing element. The EncryptedXML object has an EncryptData method, which encrypts the element using the algorithm provided and returns an array of bytes. Here I've used the TripleDES algorithm.
  10. Dim encryptedBilling As Byte() = _ exml.EncryptData(billingElem, tDESkey, False)

  11. Create an encrypted data object and specify its properties. This encrypted data object represents data that will finally be placed in the XML document. You need to specify properties such as the type of encrypted data and the namespace URI for the algorithm used.
  12. Dim ed As New EncryptedData() ' Specify the namespace URI for XML encryption elements. ed.Type = EncryptedXml.XmlEncElementUrl ' Specify the namespace URI for the TrippleDES algorithm. ed.EncryptionMethod = _ New EncryptionMethod(EncryptedXml.XmlEncTripleDESUrl) ' Create a CipherData element. ed.CipherData = New CipherData()

  13. Assign the encrypted data to the encrypted data object's cipher value.
  14. ed.CipherData.CipherValue = encryptedBilling

  15. Replace the plain text XML element with the encrypted data object.
  16. EncryptedXml.ReplaceElement(billingElem, ed, False)

  17. Save the encrypted data to file.
  18. xmldoc.Save("encryptedorder.xml")

You need to build the solution, so don't run it as yet. Create a file called Orders.xml and populate it as shown in Order.xml (see page 1). Place this file in the bin directory of your solution.

Run the program. When the program has finished running, the "encryptedorder.xml" file will be generated. Then open the file "encryptedorder.xml," which is shown below, with the billing element encrypted. (Note: You could encrypt the entire file by replacing the element to encrypt, in step 3.)

Editor's Note: The CipherValue element in the code below should hold a single line of characters, but it's been wrapped into several lines for this article.

<order> <items> <item quantity="1">.NET Framework Security</item> <item quantity="1">Essential XML Quick Reference</item> </items> <shipping> <to>Joe Smith</to> <street>110 Denny Way</street> <city>Seattle</city> <zip>98109</zip> </shipping> <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns= "http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /> <CipherData> <CipherValue>jmXS8BnRupLdjLndM1wpMaKiuKCUZQt6jyK8pnz0t/iqMQ3eNC8xnIsHXvrLvVVF1hr7 y9WeqM7OzbjZODIJzvPkH/KmsQjA69AIOoIKu4DXYMWXdhYtCojFtoxPpICao0w3GTDhCV2DuZ+Cjn kV7uDJ5QNTSbsR5q4QbPaYp7uTqAjxX6tAmMZBil2K/I5PUh8TDMf/lsKdk8P21uKZmR+9DBA5gQZ+ MykDFKgaQwa3TkGjf9V+NcpRCjr1I4dI+WkURmNyjXlUAXaai0cdAkBctLi7jK74SGQE+TjLeSKu7gB fB6lBGolM8CjvpQx0F6WCn8bm6K9oiYpvVvNIYxQfslwwS2OXEDhkOweIs17zpz5MwmzWSQ== </CipherValue> </CipherData> </EncryptedData> </order>

Understanding the Encrypted XML Document
Any encrypted data in the document is stored in the EncryptedData element. The EncryptionMethod element specifies the kind of encryption used; the CipherValue element contains the encrypted data

Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date