Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX


Learn to Use the New XML Encryption Class in .NET 2.0 : Page 3

XML is the most popular technology for structuring data. Encryption of XML data is crucial to ensure end-to-end security for applications that require secure exchange of structured data. .NET 2.0 provides simple mechanisms to encrypt and decrypt data, thereby enabling security of your data.




Application Security Testing: An Integral Part of DevOps

Decrypting the XML Document
You need to go through the following steps to decrypt the XML element that you earlier encrypted:
  1. Load the XML document "encryptedorder.xml." Note that this time around you need to load the encrypted document you generated earlier, not "order.xml."
  2. Dim encryptedDoc As New XmlDocument() encryptedDoc.Load("encryptedorder.xml")

  3. Retrieve the encrypted XML element by retrieving the EncryptedData tag. The EncryptedData tag is used to store any encrypted data.
  4. Dim encryptedElement As XmlElement = _ CType(encryptedDoc.GetElementsByTagName("EncryptedData")(0), _ XmlElement)

    Here you need to do a type cast to XmlElement. Because the GetElementsByTagName returns a NodeList, I decided to take the first element by specifying (0).

  5. Create an encrypted data object and
  6. Load the encrypted element into it.
  7. Dim ed2 As New EncryptedData() ed2.LoadXml(encryptedElement)

  8. Create an encrypted XML object.
  9. Dim exml2 As New EncryptedXml()

  10. Decrypt the encrypted data element using the key and calling the DecryptData method of the EncryptedXML object.
  11. Dim decryptedBilling As Byte() = exml2.DecryptData(ed2, tDESkey)

  12. Replace the encrypted element with the plain-text XML element.
  13. exml2.ReplaceData(encryptedElement, decryptedBilling)

  14. Save the decrypted data to a file.
  15. encryptedDoc.Save("DecryptedOrder.xml")

Build the project and run it. You now have three files: the original "Order.xml," the encrypted "encryptedorder.xml," and the new "DecryptedOrder.xml" document, which would be created when the program runs.

You're just encrypted and decrypted a portion of an XML file and at the same time if you desire you could encrypt/decrypt the entire file. The EncryptedXML class makes this extremely easy to do.

Storing the Key
The above example encrypted and decrypted the "order.xml" file in the same module. You might want to store the key used to encrypt the file in a text file that is shared between the sender and the receiver of the encrypted data.

The key generated by the TripleDESCryptoServiceProvider is a byte array. Hence, to store it to a file one would need to convert it to an equivalent string representation (as shown below) first, and then store it to a text file.

Dim sharedkey As New TripleDESCryptoServiceProvider() 'sharedkey.GenerateKey() 'Save this key to disk to enable the recipient to decrypt Dim writer2 As IO.StreamWriter =_ New IO.StreamWriter("SharedTDESKey.txt") Dim str As String = Convert.ToBase64String(sharedkey.Key) writer2.WriteLine(str) writer2.Close()

While decrypting you would have to similarly retrieve this shared key from the file and then use it as the key to decrypt the XML document. In the source code provided with this article (see left column), I've included an example to illustrate this method. There are two separate files: one to encrypt the XML and one to decrypt it.

Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date