EncryptedXml クラス
アセンブリ: System.Security (system.security.dll 内)


EncryptedXml クラスは、.NET Framework での XML 暗号化に使用されるメイン クラスです。XML 暗号化は、XML ドキュメントまたは任意のデータの全体または一部を暗号化するための、標準に基づく、相互運用ができる方法です。.NET Framework の XML 暗号化クラスは、XML 暗号化に関する W3C (World Wide Web Consortium) 仕様 (http://www.w3.org/TR/xmlenc-core/) を実装します。
EncryptedXml クラスは、アプリケーション間または組織間で暗号化された XML データを標準的な方法で共有する必要がある場合に必ず使用します。このクラスを使用して暗号化されたデータは、XML 暗号化に関する W3C 仕様の実装によって復号化できます。
XML 暗号化では、平文の XML 要素またはドキュメントが、平文の XML または任意のデータの暗号 (暗号文) 表現を格納する <EncryptedData> 要素に置き換えられます。<EncryptedData> 要素は、暗号文を復号化するためのキーがある場所に関する情報、および平文を暗号化するために使用されている暗号アルゴリズムに関する情報をオプションで格納できます。
<EncryptedKey> 要素は、スタイルや使用法が <EncryptedData> 要素に似ていますが、<EncryptedData> 要素の値を復号化するためのキーを暗号化できるという点が異なります。<EncryptedKey> 要素と <EncryptedData> 要素には暗号化されていないキーを格納できない点に注意してください。
-
キー情報を含めません。このオプションを選択した場合は、暗号化されたデータを交換する前に当事者の双方がアルゴリズムとキーについて合意している必要があります。
-
<RetrievalMethod> 要素の URI (Uniform Resource Identifier) 属性にキーの場所を含めます。当事者の双方がキーの場所についてあらかじめ合意している必要があり、この場所を秘密にしておく必要があります。
-
<KeyName> 要素内に、キーにマッピングされる文字列名を含めます。暗号化されたデータを交換する前に当事者の双方がキー名のマップについて合意している必要があり、このマップを秘密にしておく必要があります。
-
暗号化されたキーを <EncryptedKey> 要素に含めます。暗号化されたデータを交換する前に、当事者の双方が暗号化されたキーを復号化するためのキーについて合意している必要があります。オプションでキーを復号化するためのキーの場所または名前を <EncryptedKey> 要素に含めることができます。

次に示すコード例では、TripleDES アルゴリズムを使用して XML ドキュメントを暗号化する単純なユーティリティ クラスを作成しています。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new TripleDES key. Dim tDESkey As New TripleDESCryptoServiceProvider() ' Create a new instance of the TrippleDESDocumentEncryption object ' defined in this sample. Dim xmlTDES As New TrippleDESDocumentEncryption(xmlDoc, tDESkey) Try ' Encrypt the "creditcard" element. xmlTDES.Encrypt("creditcard") ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlTDES.Doc.OuterXml) ' Decrypt the "creditcard" element. xmlTDES.Decrypt() ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlTDES.Doc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the TripleDES key. xmlTDES.Clear() End Try End Sub 'Main End Module 'Program Class TrippleDESDocumentEncryption Protected docValue As XmlDocument Protected algValue As TripleDES Public Sub New(ByVal Doc As XmlDocument, ByVal Key As TripleDES) If Not (Doc Is Nothing) Then docValue = Doc Else Throw New ArgumentNullException("Doc") End If If Not (Key Is Nothing) Then algValue = Key Else Throw New ArgumentNullException("Key") End If End Sub Public Property Doc() As XmlDocument Get Return docValue End Get Set(ByVal value As XmlDocument) docValue = value End Set End Property Public Property Alg() As TripleDES Get Return algValue End Get Set(ByVal value As TripleDES) algValue = value End Set End Property Public Sub Clear() If Not (algValue Is Nothing) Then algValue.Clear() Else Throw New Exception("No TripleDES key was found to clear.") End If End Sub Public Sub Encrypt(ByVal Element As String) ' Find the element by name and create a new ' XmlElement object. Dim inputElement As XmlElement = docValue.GetElementsByTagName(Element)(0) ' If the element was not found, throw an exception. If inputElement Is Nothing Then Throw New Exception("The element was not found.") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(docValue) ' Encrypt the element using the symmetric key. Dim rgbOutput As Byte() = exml.EncryptData(inputElement, algValue, False) ' Create an EncryptedData object and populate it. Dim ed As New EncryptedData() ' Specify the namespace URI for XML encryption elements. ed.Type = EncryptedXml.XmlEncElementUrl ' Specify the namespace URI for the TrippleDES algorithm. ed.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncTripleDESUrl) ' Create a CipherData element. ed.CipherData = New CipherData() ' Set the CipherData element to the value of the encrypted XML element. ed.CipherData.CipherValue = rgbOutput ' Replace the plaintext XML elemnt with an EncryptedData element. EncryptedXml.ReplaceElement(inputElement, ed, False) End Sub Public Sub Decrypt() ' XmlElement object. Dim encryptedElement As XmlElement = docValue.GetElementsByTagName("EncryptedData")(0) ' If the EncryptedData element was not found, throw an exception. If encryptedElement Is Nothing Then Throw New Exception("The EncryptedData element was not found.") End If ' Create an EncryptedData object and populate it. Dim ed As New EncryptedData() ed.LoadXml(encryptedElement) ' Create a new EncryptedXml object. Dim exml As New EncryptedXml() ' Decrypt the element using the symmetric key. Dim rgbOutput As Byte() = exml.DecryptData(ed, algValue) ' Replace the encryptedData element with the plaintext XML elemnt. exml.ReplaceData(encryptedElement, rgbOutput) End Sub End Class
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); // Create a new instance of the TrippleDESDocumentEncryption object // defined in this sample. TrippleDESDocumentEncryption xmlTDES = new TrippleDESDocumentEncryption(xmlDoc, tDESkey); try { // Encrypt the "creditcard" element. xmlTDES.Encrypt("creditcard"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlTDES.Doc.OuterXml); // Decrypt the "creditcard" element. xmlTDES.Decrypt(); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlTDES.Doc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } finally { // Clear the TripleDES key. xmlTDES.Clear(); } } } class TrippleDESDocumentEncryption { protected XmlDocument docValue; protected TripleDES algValue; public TrippleDESDocumentEncryption(XmlDocument Doc, TripleDES Key) { if (Doc != null) { docValue = Doc; } else { throw new ArgumentNullException("Doc"); } if (Key != null) { algValue = Key; } else { throw new ArgumentNullException("Key"); } } public XmlDocument Doc { set { docValue = value; } get { return docValue; } } public TripleDES Alg { set { algValue = value; } get { return algValue; } } public void Clear() { if (algValue != null) { algValue.Clear(); } else { throw new Exception("No TripleDES key was found to clear."); } } public void Encrypt(string Element) { // Find the element by name and create a new // XmlElement object. XmlElement inputElement = docValue.GetElementsByTagName(Element)[0] as XmlElement; // If the element was not found, throw an exception. if (inputElement == null) { throw new Exception("The element was not found."); } // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(docValue); // Encrypt the element using the symmetric key. byte[] rgbOutput = exml.EncryptData(inputElement, algValue, false); // Create an EncryptedData object and populate it. EncryptedData ed = new EncryptedData(); // Specify the namespace URI for XML encryption elements. ed.Type = EncryptedXml.XmlEncElementUrl; // Specify the namespace URI for the TrippleDES algorithm. ed.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncTripleDESUrl); // Create a CipherData element. ed.CipherData = new CipherData(); // Set the CipherData element to the value of the encrypted XML element. ed.CipherData.CipherValue = rgbOutput; // Replace the plaintext XML elemnt with an EncryptedData element. EncryptedXml.ReplaceElement(inputElement, ed, false); } public void Decrypt() { // XmlElement object. XmlElement encryptedElement = docValue.GetElementsByTagName("EncryptedData")[0] as XmlElement; // If the EncryptedData element was not found, throw an exception. if (encryptedElement == null) { throw new Exception("The EncryptedData element was not found."); } // Create an EncryptedData object and populate it. EncryptedData ed = new EncryptedData(); ed.LoadXml(encryptedElement); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(); // Decrypt the element using the symmetric key. byte[] rgbOutput = exml.DecryptData(ed, algValue); // Replace the encryptedData element with the plaintext XML elemnt. exml.ReplaceData(encryptedElement, rgbOutput); } }
#using <System.Security.dll> #using <System.dll> #using <System.Xml.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; ref class TrippleDESDocumentEncryption { protected: XmlDocument^ docValue; TripleDES^ algValue; public: TrippleDESDocumentEncryption( XmlDocument^ Doc, TripleDES^ Key ) { if ( Doc != nullptr ) { docValue = Doc; } else { throw gcnew ArgumentNullException( L"Doc" ); } if ( Key != nullptr ) { algValue = Key; } else { throw gcnew ArgumentNullException( L"Key" ); } } property XmlDocument^ Doc { XmlDocument^ get() { return docValue; } void set( XmlDocument^ value ) { docValue = value; } } property TripleDES^ Alg { TripleDES^ get() { return algValue; } void set( TripleDES^ value ) { algValue = value; } } void Clear() { if ( algValue != nullptr ) { algValue->Clear(); } else { throw gcnew Exception( L"No TripleDES key was found to clear." ); } } void Encrypt( String^ Element ) { // Find the element by name and create a new // XmlElement object. XmlElement^ inputElement = dynamic_cast<XmlElement^>(docValue->GetElementsByTagName( Element )->Item( 0 )); // If the element was not found, throw an exception. if ( inputElement == nullptr ) { throw gcnew Exception( L"The element was not found." ); } // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml( docValue ); // Encrypt the element using the symmetric key. array<Byte>^rgbOutput = exml->EncryptData( inputElement, algValue, false ); // Create an EncryptedData object and populate it. EncryptedData^ ed = gcnew EncryptedData; // Specify the namespace URI for XML encryption elements. ed->Type = EncryptedXml::XmlEncElementUrl; // Specify the namespace URI for the TrippleDES algorithm. ed->EncryptionMethod = gcnew EncryptionMethod( EncryptedXml::XmlEncTripleDESUrl ); // Create a CipherData element. ed->CipherData = gcnew CipherData; // Set the CipherData element to the value of the encrypted XML element. ed->CipherData->CipherValue = rgbOutput; // Replace the plaintext XML elemnt with an EncryptedData element. EncryptedXml::ReplaceElement( inputElement, ed, false ); } void Decrypt() { // XmlElement object. XmlElement^ encryptedElement = dynamic_cast<XmlElement^>(docValue->GetElementsByTagName( L"EncryptedData" )->Item( 0 )); // If the EncryptedData element was not found, throw an exception. if ( encryptedElement == nullptr ) { throw gcnew Exception( L"The EncryptedData element was not found." ); } // Create an EncryptedData object and populate it. EncryptedData^ ed = gcnew EncryptedData; ed->LoadXml( encryptedElement ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml; // Decrypt the element using the symmetric key. array<Byte>^rgbOutput = exml->DecryptData( ed, algValue ); // Replace the encryptedData element with the plaintext XML elemnt. exml->ReplaceData( encryptedElement, rgbOutput ); } }; int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new TripleDES key. TripleDESCryptoServiceProvider^ tDESkey = gcnew TripleDESCryptoServiceProvider; // Create a new instance of the TrippleDESDocumentEncryption object // defined in this sample. TrippleDESDocumentEncryption^ xmlTDES = gcnew TrippleDESDocumentEncryption( xmlDoc,tDESkey ); try { // Encrypt the "creditcard" element. xmlTDES->Encrypt( L"creditcard" ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlTDES->Doc->OuterXml ); // Decrypt the "creditcard" element. xmlTDES->Decrypt(); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlTDES->Doc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } finally { // Clear the TripleDES key. xmlTDES->Clear(); } return 1; }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; class Program { public static void main(String[] args) throws Exception { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); // Create a new instance of the TrippleDESDocumentEncryption object // defined in this sample. TrippleDESDocumentEncryption xmlTDES = new TrippleDESDocumentEncryption(xmlDoc, tDESkey); try { // Encrypt the "creditcard" element. xmlTDES.Encrypt("creditcard"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlTDES.get_Doc().get_OuterXml()); // Decrypt the "creditcard" element. xmlTDES.Decrypt(); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlTDES.get_Doc().get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } finally { // Clear the TripleDES key. xmlTDES.Clear(); } } //main } //Program class TrippleDESDocumentEncryption { protected XmlDocument docValue; protected TripleDES algValue; public TrippleDESDocumentEncryption(XmlDocument doc, TripleDES key) { if (doc != null) { docValue = doc; } else { throw new ArgumentNullException("doc"); } if (key != null) { algValue = key; } else { throw new ArgumentNullException("key"); } } //TrippleDESDocumentEncryption /** @property */ public XmlDocument get_Doc() { return docValue; } //get_Doc /** @property */ public void set_Doc(XmlDocument value) { docValue = value; } //set_Doc /** @property */ public TripleDES get_Alg() { return algValue; } //get_Alg /** @property */ public void set_Alg(TripleDES value) { algValue = value; } //set_Alg public void Clear() throws Exception { if (algValue != null) { algValue.Clear(); } else { throw new Exception("No TripleDES key was found to clear."); } } //Clear public void Encrypt(String element) throws Exception { // Find the element by name and create a new // XmlElement object. XmlElement inputElement = (XmlElement)docValue.GetElementsByTagName( element).get_ItemOf(0); // If the element was not found, throw an exception. if (inputElement == null) { throw new Exception("The element was not found."); } // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(docValue); // Encrypt the element using the symmetric key. ubyte rgbOutput[] = eXml.EncryptData(inputElement, algValue, false); // Create an EncryptedData object and populate it. EncryptedData ed = new EncryptedData(); // Specify the namespace URI for XML encryption elements. ed.set_Type(EncryptedXml.XmlEncElementUrl); // Specify the namespace URI for the TrippleDES algorithm. ed.set_EncryptionMethod(new EncryptionMethod(EncryptedXml. XmlEncTripleDESUrl)); // Create a CipherData element. ed.set_CipherData(new CipherData()); // Set the CipherData element to the value of the encrypted XML element. ed.get_CipherData().set_CipherValue(rgbOutput); // Replace the plaintext XML elemnt with an EncryptedData element. EncryptedXml.ReplaceElement(inputElement, ed, false); } //Encrypt public void Decrypt() throws Exception { // XmlElement object. XmlElement encryptedElement = (XmlElement)docValue. GetElementsByTagName("EncryptedData").get_ItemOf(0); // If the EncryptedData element was not found, throw an exception. if (encryptedElement == null) { throw new Exception("The EncryptedData element was not found."); } // Create an EncryptedData object and populate it. EncryptedData ed = new EncryptedData(); ed.LoadXml(encryptedElement); // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(); // Decrypt the element using the symmetric key. ubyte rgbOutput[] = eXml.DecryptData(ed, algValue); // Replace the encryptedData element with the plaintext XML elemnt. eXml.ReplaceData(encryptedElement, rgbOutput); } //Decrypt } //TrippleDESDocumentEncryption
共通キーを使用して、XML ドキュメントを暗号化するコード例を次に示します。この例では、暗号化された XML ドキュメントのキー情報は含まれません。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new TripleDES key. Dim tDESkey As New TripleDESCryptoServiceProvider() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey) ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey) ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the TripleDES key. tDESkey.Clear() End Try End Sub Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As SymmetricAlgorithm) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If ElementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' symmetric key. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim eXml As New EncryptedXml() Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, Alg, False) ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Construct an EncryptedData object and populate ' it with the desired encryption information. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim edElement As New EncryptedData() edElement.Type = EncryptedXml.XmlEncElementUrl ' Create an EncryptionMethod element so that the ' receiver knows which algorithm to use for decryption. ' Determine what kind of algorithm is being used and ' supply the appropriate URL to the EncryptionMethod element. Dim encryptionMethod As String = Nothing If TypeOf Alg Is TripleDES Then encryptionMethod = EncryptedXml.XmlEncTripleDESUrl ElseIf TypeOf Alg Is DES Then encryptionMethod = EncryptedXml.XmlEncDESUrl ElseIf TypeOf Alg Is Rijndael Then Select Case Alg.KeySize Case 128 encryptionMethod = EncryptedXml.XmlEncAES128Url Case 192 encryptionMethod = EncryptedXml.XmlEncAES192Url Case 256 encryptionMethod = EncryptedXml.XmlEncAES256Url End Select Else ' Throw an exception if the transform is not in the previous categories Throw New CryptographicException("The specified algorithm is not supported for XML Encryption.") End If edElement.EncryptionMethod = New EncryptionMethod(encryptionMethod) ' Add the encrypted element data to the ' EncryptedData object. edElement.CipherData.CipherValue = encryptedElement ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub 'Encrypt Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As SymmetricAlgorithm) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ' Find the EncryptedData element in the XmlDocument. Dim encryptedElement As XmlElement = Doc.GetElementsByTagName("EncryptedData")(0) ' If the EncryptedData element was not found, throw an exception. If encryptedElement Is Nothing Then Throw New XmlException("The EncryptedData element was not found.") End If ' Create an EncryptedData object and populate it. Dim edElement As New EncryptedData() edElement.LoadXml(encryptedElement) ' Create a new EncryptedXml object. Dim exml As New EncryptedXml() ' Decrypt the element using the symmetric key. Dim rgbOutput As Byte() = exml.DecryptData(edElement, Alg) ' Replace the encryptedData element with the plaintext XML element. exml.ReplaceData(encryptedElement, rgbOutput) End Sub End Module
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); // Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } finally { // Clear the TripleDES key. tDESkey.Clear(); } } public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, SymmetricAlgorithm Alg) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (ElementToEncrypt == null) throw new ArgumentNullException("ElementToEncrypt"); if (Alg == null) throw new ArgumentNullException("Alg"); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, Alg, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.Type = EncryptedXml.XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. string encryptionMethod = null; if (Alg is TripleDES) { encryptionMethod = EncryptedXml.XmlEncTripleDESUrl; } else if (Alg is DES) { encryptionMethod = EncryptedXml.XmlEncDESUrl; } else if (Alg is Rijndael) { switch (Alg.KeySize) { case 128: encryptionMethod = EncryptedXml.XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml.XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml.XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the previous categories throw new CryptographicException("The specified algorithm is not supported for XML Encryption."); } edElement.EncryptionMethod = new EncryptionMethod(encryptionMethod); // Add the encrypted element data to the // EncryptedData object. edElement.CipherData.CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); } public static void Decrypt(XmlDocument Doc, SymmetricAlgorithm Alg) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (Alg == null) throw new ArgumentNullException("Alg"); // Find the EncryptedData element in the XmlDocument. XmlElement encryptedElement = Doc.GetElementsByTagName("EncryptedData")[0] as XmlElement; // If the EncryptedData element was not found, throw an exception. if (encryptedElement == null) { throw new XmlException("The EncryptedData element was not found."); } // Create an EncryptedData object and populate it. EncryptedData edElement = new EncryptedData(); edElement.LoadXml(encryptedElement); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(); // Decrypt the element using the symmetric key. byte[] rgbOutput = exml.DecryptData(edElement, Alg); // Replace the encryptedData element with the plaintext XML element. exml.ReplaceData(encryptedElement, rgbOutput); } }
#using <System.Security.dll> #using <System.dll> #using <System.Xml.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, SymmetricAlgorithm^ Alg ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( ElementToEncrypt == nullptr ) throw gcnew ArgumentNullException( L"ElementToEncrypt" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 )); // Throw an XmlException if the element was not found. if ( elementToEncrypt == nullptr ) { throw gcnew XmlException( L"The specified element was not found" ); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml^ eXml = gcnew EncryptedXml; array<Byte>^encryptedElement = eXml->EncryptData( elementToEncrypt, Alg, false ); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData^ edElement = gcnew EncryptedData; edElement->Type = EncryptedXml::XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. String^ encryptionMethod = nullptr; if ( dynamic_cast<TripleDES^>(Alg) ) { encryptionMethod = EncryptedXml::XmlEncTripleDESUrl; } else if ( dynamic_cast<DES^>(Alg) ) { encryptionMethod = EncryptedXml::XmlEncDESUrl; } else if ( dynamic_cast<Rijndael^>(Alg) ) { switch ( Alg->KeySize ) { case 128: encryptionMethod = EncryptedXml::XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml::XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml::XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the previous categories throw gcnew CryptographicException( L"The specified algorithm is not supported for XML Encryption." ); } edElement->EncryptionMethod = gcnew EncryptionMethod( encryptionMethod ); // Add the encrypted element data to the // EncryptedData object. edElement->CipherData->CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false ); } static void Decrypt( XmlDocument^ Doc, SymmetricAlgorithm^ Alg ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); // Find the EncryptedData element in the XmlDocument. XmlElement^ encryptedElement = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( L"EncryptedData" )->Item( 0 )); // If the EncryptedData element was not found, throw an exception. if ( encryptedElement == nullptr ) { throw gcnew XmlException( L"The EncryptedData element was not found." ); } // Create an EncryptedData object and populate it. EncryptedData^ edElement = gcnew EncryptedData; edElement->LoadXml( encryptedElement ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml; // Decrypt the element using the symmetric key. array<Byte>^rgbOutput = exml->DecryptData( edElement, Alg ); // Replace the encryptedData element with the plaintext XML element. exml->ReplaceData( encryptedElement, rgbOutput ); } int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new TripleDES key. TripleDESCryptoServiceProvider^ tDESkey = gcnew TripleDESCryptoServiceProvider; try { // Encrypt the "creditcard" element. Encrypt( xmlDoc, L"creditcard", tDESkey ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); // Decrypt the "creditcard" element. Decrypt( xmlDoc, tDESkey ); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } finally { // Clear the TripleDES key. tDESkey->Clear(); } }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; class Program { public static void main(String[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); // Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } finally { // Clear the TripleDES key. tDESkey.Clear(); } } //main public static void Encrypt(XmlDocument doc, String elementToEncrypt, SymmetricAlgorithm alg) throws XmlException,CryptographicException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (elementToEncrypt == null) { throw new ArgumentNullException("elementToEncrypt"); } if (alg == null) { throw new ArgumentNullException("alg"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName( elementToEncrypt).get_ItemOf(0); // Throw an XmlException if the element was not found. if (elementToEncrypt1 == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); ubyte encryptedElement[] = eXml.EncryptData(elementToEncrypt1, alg, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.set_Type(EncryptedXml.XmlEncElementUrl); // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. String encryptionMethod = null; if (alg instanceof TripleDES) { encryptionMethod = EncryptedXml.XmlEncTripleDESUrl; } else { if (alg instanceof DES) { encryptionMethod = EncryptedXml.XmlEncDESUrl; } else { if (alg instanceof Rijndael) { switch (alg.get_KeySize()) { case 128: encryptionMethod = EncryptedXml.XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml.XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml.XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the // previous categories throw new CryptographicException("The specified algorithm" +" is not supported for XML Encryption."); } } } edElement.set_EncryptionMethod(new EncryptionMethod(encryptionMethod)); // Add the encrypted element data to the // EncryptedData object. edElement.get_CipherData().set_CipherValue(encryptedElement); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false); } //Encrypt public static void Decrypt(XmlDocument doc, SymmetricAlgorithm alg) throws XmlException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (alg == null) { throw new ArgumentNullException("alg"); } // Find the EncryptedData element in the XmlDocument. XmlElement encryptedElement = (XmlElement)doc.GetElementsByTagName( "EncryptedData").get_ItemOf(0); // If the EncryptedData element was not found, throw an exception. if (encryptedElement == null) { throw new XmlException("The EncryptedData element was not found."); } // Create an EncryptedData object and populate it. EncryptedData edElement = new EncryptedData(); edElement.LoadXml(encryptedElement); // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(); // Decrypt the element using the symmetric key. ubyte rgbOutput[] = eXml.DecryptData(edElement, alg); // Replace the encryptedData element with the plaintext XML element. eXml.ReplaceData(encryptedElement, rgbOutput); } //Decrypt } //Program
共通キーを使用して、XML ドキュメントを暗号化するコード例を次に示します。この例では、暗号化された XML ドキュメントに対し、復号化処理が適切な復号化キーを検索するために使用するキー名を埋め込みます。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new TripleDES key. Dim tDESkey As New TripleDESCryptoServiceProvider() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey") ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey, "tDESKey") ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the TripleDES key. tDESkey.Clear() End Try End Sub 'Main Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As SymmetricAlgorithm, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If elementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' symmetric key. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim eXml As New EncryptedXml() Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, Alg, False) ''''''''''''''''''''''''''''''''''''''''''''''''' ' Construct an EncryptedData object and populate ' it with the desired encryption information. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim edElement As New EncryptedData() edElement.Type = EncryptedXml.XmlEncElementUrl ' Create an EncryptionMethod element so that the ' receiver knows which algorithm to use for decryption. ' Determine what kind of algorithm is being used and ' supply the appropriate URL to the EncryptionMethod element. Dim encryptionMethod As String = Nothing If TypeOf Alg Is TripleDES Then encryptionMethod = EncryptedXml.XmlEncTripleDESUrl ElseIf TypeOf Alg Is DES Then encryptionMethod = EncryptedXml.XmlEncDESUrl ElseIf TypeOf Alg Is Rijndael Then Select Case Alg.KeySize Case 128 encryptionMethod = EncryptedXml.XmlEncAES128Url Case 192 encryptionMethod = EncryptedXml.XmlEncAES192Url Case 256 encryptionMethod = EncryptedXml.XmlEncAES256Url End Select Else ' Throw an exception if the transform is not in the previous categories Throw New CryptographicException("The specified algorithm is not supported for XML Encryption.") End If edElement.EncryptionMethod = New EncryptionMethod(encryptionMethod) ' Set the KeyInfo element to specify the ' name of a key. ' Create a new KeyInfo element. edElement.KeyInfo = New KeyInfo() ' Create a new KeyInfoName element. Dim kin As New KeyInfoName() ' Specify a name for the key. kin.Value = KeyName ' Add the KeyInfoName element. edElement.KeyInfo.AddClause(kin) ' Add the encrypted element data to the ' EncryptedData object. edElement.CipherData.CipherValue = encryptedElement ''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As SymmetricAlgorithm, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If If KeyName Is Nothing Then Throw New ArgumentNullException("KeyName") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(Doc) ' Add a key-name mapping. ' This method can only decrypt documents ' that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg) ' Decrypt the element. exml.DecryptDocument() End Sub End Module
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); // Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } finally { // Clear the TripleDES key. tDESkey.Clear(); } } public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, SymmetricAlgorithm Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (ElementToEncrypt == null) throw new ArgumentNullException("ElementToEncrypt"); if (Alg == null) throw new ArgumentNullException("Alg"); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, Alg, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.Type = EncryptedXml.XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. string encryptionMethod = null; if (Alg is TripleDES) { encryptionMethod = EncryptedXml.XmlEncTripleDESUrl; } else if (Alg is DES) { encryptionMethod = EncryptedXml.XmlEncDESUrl; } else if (Alg is Rijndael) { switch (Alg.KeySize) { case 128: encryptionMethod = EncryptedXml.XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml.XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml.XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the previous categories throw new CryptographicException("The specified algorithm is not supported for XML Encryption."); } edElement.EncryptionMethod = new EncryptionMethod(encryptionMethod); // Set the KeyInfo element to specify the // name of a key. // Create a new KeyInfo element. edElement.KeyInfo = new KeyInfo(); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.Value = KeyName; // Add the KeyInfoName element. edElement.KeyInfo.AddClause(kin); // Add the encrypted element data to the // EncryptedData object. edElement.CipherData.CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); } public static void Decrypt(XmlDocument Doc, SymmetricAlgorithm Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (Alg == null) throw new ArgumentNullException("Alg"); if (KeyName == null) throw new ArgumentNullException("KeyName"); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(Doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg); // Decrypt the element. exml.DecryptDocument(); } }
#using <System.Security.dll> #using <System.dll> #using <System.Xml.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, SymmetricAlgorithm^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( ElementToEncrypt == nullptr ) throw gcnew ArgumentNullException( L"ElementToEncrypt" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 )); // Throw an XmlException if the element was not found. if ( elementToEncrypt == nullptr ) { throw gcnew XmlException( L"The specified element was not found" ); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml^ eXml = gcnew EncryptedXml; array<Byte>^encryptedElement = eXml->EncryptData( elementToEncrypt, Alg, false ); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData^ edElement = gcnew EncryptedData; edElement->Type = EncryptedXml::XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. String^ encryptionMethod = nullptr; if ( dynamic_cast<TripleDES^>(Alg) ) { encryptionMethod = EncryptedXml::XmlEncTripleDESUrl; } else if ( dynamic_cast<DES^>(Alg) ) { encryptionMethod = EncryptedXml::XmlEncDESUrl; } else if ( dynamic_cast<Rijndael^>(Alg) ) { switch ( Alg->KeySize ) { case 128: encryptionMethod = EncryptedXml::XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml::XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml::XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the previous categories throw gcnew CryptographicException( L"The specified algorithm is not supported for XML Encryption." ); } edElement->EncryptionMethod = gcnew EncryptionMethod( encryptionMethod ); // Set the KeyInfo element to specify the // name of a key. // Create a new KeyInfo element. edElement->KeyInfo = gcnew KeyInfo; // Create a new KeyInfoName element. KeyInfoName^ kin = gcnew KeyInfoName; // Specify a name for the key. kin->Value = KeyName; // Add the KeyInfoName element. edElement->KeyInfo->AddClause( kin ); // Add the encrypted element data to the // EncryptedData object. edElement->CipherData->CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false ); } static void Decrypt( XmlDocument^ Doc, SymmetricAlgorithm^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); if ( KeyName == nullptr ) throw gcnew ArgumentNullException( L"KeyName" ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml( Doc ); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml->AddKeyNameMapping( KeyName, Alg ); // Decrypt the element. exml->DecryptDocument(); } int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new TripleDES key. TripleDESCryptoServiceProvider^ tDESkey = gcnew TripleDESCryptoServiceProvider; try { // Encrypt the "creditcard" element. Encrypt( xmlDoc, L"creditcard", tDESkey, L"tDESKey" ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); // Decrypt the "creditcard" element. Decrypt( xmlDoc, tDESkey, L"tDESKey" ); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } finally { // Clear the TripleDES key. tDESkey->Clear(); } return 1; }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; class Program { public static void main(String[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); // Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } finally { // Clear the TripleDES key. tDESkey.Clear(); } } //main public static void Encrypt(XmlDocument doc, String elementToEncrypt, SymmetricAlgorithm alg, String keyName) throws XmlException, CryptographicException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (elementToEncrypt == null) { throw new ArgumentNullException("elementToEncrypt"); } if (alg == null) { throw new ArgumentNullException("alg"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName( elementToEncrypt).get_ItemOf(0); // Throw an XmlException if the element was not found. if (elementToEncrypt1 == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); ubyte encryptedElement[] = eXml.EncryptData(elementToEncrypt1, alg, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.set_Type(EncryptedXml.XmlEncElementUrl); // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. String encryptionMethod = null; if (alg instanceof TripleDES) { encryptionMethod = EncryptedXml.XmlEncTripleDESUrl; } else { if (alg instanceof DES) { encryptionMethod = EncryptedXml.XmlEncDESUrl; } else { if (alg instanceof Rijndael) { switch (alg.get_KeySize()) { case 128: encryptionMethod = EncryptedXml.XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml.XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml.XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the // previous categories throw new CryptographicException("The specified algorithm" +" is not supported for XML Encryption."); } } } edElement.set_EncryptionMethod(new EncryptionMethod(encryptionMethod)); // Set the KeyInfo element to specify the // name of a key. // Create a new KeyInfo element. edElement.set_KeyInfo(new KeyInfo()); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.set_Value(keyName); // Add the KeyInfoName element. edElement.get_KeyInfo().AddClause(kin); // Add the encrypted element data to the // EncryptedData object. edElement.get_CipherData().set_CipherValue(encryptedElement); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false); } //Encrypt public static void Decrypt(XmlDocument doc, SymmetricAlgorithm alg, String keyName) { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (alg == null) { throw new ArgumentNullException("alg"); } if (keyName == null) { throw new ArgumentNullException("keyName"); } // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. eXml.AddKeyNameMapping(keyName, alg); // Decrypt the element. eXml.DecryptDocument(); } //Decrypt } //Program
非対称キーを使用して、XML ドキュメントを暗号化するコード例を次に示します。この例は、対称セッション キーを作成して文書を暗号化した後、非対称キーを使用して暗号化済みのセッション キーを XML ドキュメントに埋め込みます。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new RSA key. This key will encrypt a symmetric key , ' which will then be imbedded in the XML document. Dim rsaKey = New RSACryptoServiceProvider() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey") ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc, rsaKey, "rsaKey") ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the RSA key. rsaKey.Clear() End Try End Sub Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As RSA, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If elementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' a new random symmetric key. ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a 256 bit Rijndael key. Dim sessionKey As New RijndaelManaged() sessionKey.KeySize = 256 Dim eXml As New EncryptedXml() Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, sessionKey, False) ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Construct an EncryptedData object and populate ' it with the desired encryption information. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim edElement As New EncryptedData() edElement.Type = EncryptedXml.XmlEncElementUrl ' Create an EncryptionMethod element so that the ' receiver knows which algorithm to use for decryption. edElement.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncAES256Url) ' Encrypt the session key and add it to an EncryptedKey element. Dim ek As New EncryptedKey() Dim encryptedKey As Byte() = EncryptedXml.EncryptKey(sessionKey.Key, Alg, False) ek.CipherData = New CipherData(encryptedKey) ek.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncRSA15Url) ' Set the KeyInfo element to specify the ' name of the RSA key. ' Create a new KeyInfo element. edElement.KeyInfo = New KeyInfo() ' Create a new KeyInfoName element. Dim kin As New KeyInfoName() ' Specify a name for the key. kin.Value = KeyName ' Add the KeyInfoName element to the ' EncryptedKey object. ek.KeyInfo.AddClause(kin) ' Add the encrypted key to the ' EncryptedData object. edElement.KeyInfo.AddClause(New KeyInfoEncryptedKey(ek)) ' Add the encrypted element data to the ' EncryptedData object. edElement.CipherData.CipherValue = encryptedElement ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As RSA, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If If KeyName Is Nothing Then Throw New ArgumentNullException("KeyName") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(Doc) ' Add a key-name mapping. ' This method can only decrypt documents ' that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg) ' Decrypt the element. exml.DecryptDocument() End Sub End Module
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new RSA key. This key will encrypt a symmetric key, // which will then be imbedded in the XML document. RSA rsaKey = new RSACryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); // Decrypt the "creditcard" element. Decrypt(xmlDoc, rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } finally { // Clear the RSA key. rsaKey.Clear(); } } public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, RSA Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (ElementToEncrypt == null) throw new ArgumentNullException("ElementToEncrypt"); if (Alg == null) throw new ArgumentNullException("Alg"); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // a new random symmetric key. ////////////////////////////////////////////////// // Create a 256 bit Rijndael key. RijndaelManaged sessionKey = new RijndaelManaged(); sessionKey.KeySize = 256; EncryptedXml eXml = new EncryptedXml(); byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, sessionKey, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.Type = EncryptedXml.XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. edElement.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url); // Encrypt the session key and add it to an EncryptedKey element. EncryptedKey ek = new EncryptedKey(); byte[] encryptedKey = EncryptedXml.EncryptKey(sessionKey.Key, Alg, false); ek.CipherData = new CipherData(encryptedKey); ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url); // Set the KeyInfo element to specify the // name of the RSA key. // Create a new KeyInfo element. edElement.KeyInfo = new KeyInfo(); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.Value = KeyName; // Add the KeyInfoName element to the // EncryptedKey object. ek.KeyInfo.AddClause(kin); // Add the encrypted key to the // EncryptedData object. edElement.KeyInfo.AddClause(new KeyInfoEncryptedKey(ek)); // Add the encrypted element data to the // EncryptedData object. edElement.CipherData.CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); } public static void Decrypt(XmlDocument Doc, RSA Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (Alg == null) throw new ArgumentNullException("Alg"); if (KeyName == null) throw new ArgumentNullException("KeyName"); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(Doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg); // Decrypt the element. exml.DecryptDocument(); } }
#using <System.Xml.dll> #using <System.Security.dll> #using <System.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, RSA^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( ElementToEncrypt == nullptr ) throw gcnew ArgumentNullException( L"ElementToEncrypt" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 )); // Throw an XmlException if the element was not found. if ( elementToEncrypt == nullptr ) { throw gcnew XmlException( L"The specified element was not found" ); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // a new random symmetric key. ////////////////////////////////////////////////// // Create a 256 bit Rijndael key. RijndaelManaged^ sessionKey = gcnew RijndaelManaged; sessionKey->KeySize = 256; EncryptedXml^ eXml = gcnew EncryptedXml; array<Byte>^encryptedElement = eXml->EncryptData( elementToEncrypt, sessionKey, false ); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData^ edElement = gcnew EncryptedData; edElement->Type = EncryptedXml::XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. edElement->EncryptionMethod = gcnew EncryptionMethod( EncryptedXml::XmlEncAES256Url ); // Encrypt the session key and add it to an EncryptedKey element. EncryptedKey^ ek = gcnew EncryptedKey; array<Byte>^encryptedKey = EncryptedXml::EncryptKey( sessionKey->Key, Alg, false ); ek->CipherData = gcnew CipherData( encryptedKey ); ek->EncryptionMethod = gcnew EncryptionMethod( EncryptedXml::XmlEncRSA15Url ); // Set the KeyInfo element to specify the // name of the RSA key. // Create a new KeyInfo element. edElement->KeyInfo = gcnew KeyInfo; // Create a new KeyInfoName element. KeyInfoName^ kin = gcnew KeyInfoName; // Specify a name for the key. kin->Value = KeyName; // Add the KeyInfoName element to the // EncryptedKey object. ek->KeyInfo->AddClause( kin ); // Add the encrypted key to the // EncryptedData object. edElement->KeyInfo->AddClause( gcnew KeyInfoEncryptedKey( ek ) ); // Add the encrypted element data to the // EncryptedData object. edElement->CipherData->CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false ); } static void Decrypt( XmlDocument^ Doc, RSA^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); if ( KeyName == nullptr ) throw gcnew ArgumentNullException( L"KeyName" ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml( Doc ); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml->AddKeyNameMapping( KeyName, Alg ); // Decrypt the element. exml->DecryptDocument(); } int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new RSA key. This key will encrypt a symmetric key, // which will then be imbedded in the XML document. RSA^ rsaKey = gcnew RSACryptoServiceProvider; try { // Encrypt the "creditcard" element. Encrypt( xmlDoc, L"creditcard", rsaKey, L"rsaKey" ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); // Decrypt the "creditcard" element. Decrypt( xmlDoc, rsaKey, L"rsaKey" ); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } finally { // Clear the RSA key. rsaKey->Clear(); } return 1; }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; class Program { public static void main(String[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new RSA key. This key will encrypt a symmetric key, // which will then be imbedded in the XML document. RSA rsaKey = new RSACryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); // Decrypt the "creditcard" element. Decrypt(xmlDoc, rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } finally { // Clear the RSA key. rsaKey.Clear(); } } //main public static void Encrypt(XmlDocument doc, String elementToEncrypt, RSA alg, String keyName) throws ArgumentNullException,XmlException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (elementToEncrypt == null) { throw new ArgumentNullException("elementToEncrypt"); } if (alg == null) { throw new ArgumentNullException("alg"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName( elementToEncrypt).get_ItemOf(0); // Throw an XmlException if the element was not found. if (elementToEncrypt1 == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // a new random symmetric key. ////////////////////////////////////////////////// // Create a 256 bit Rijndael key. RijndaelManaged sessionKey = new RijndaelManaged(); sessionKey.set_KeySize(256); EncryptedXml eXml = new EncryptedXml(); ubyte encryptedElement[] = eXml.EncryptData(elementToEncrypt1, sessionKey, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.set_Type(EncryptedXml.XmlEncElementUrl); // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. edElement.set_EncryptionMethod(new EncryptionMethod( EncryptedXml.XmlEncAES256Url)); // Encrypt the session key and add it to an EncryptedKey element. EncryptedKey ek = new EncryptedKey(); ubyte encryptedKey[] = EncryptedXml.EncryptKey(sessionKey.get_Key(), alg, false); ek.set_CipherData(new CipherData(encryptedKey)); ek.set_EncryptionMethod(new EncryptionMethod(EncryptedXml. XmlEncRSA15Url)); // Set the KeyInfo element to specify the // name of the RSA key. // Create a new KeyInfo element. edElement.set_KeyInfo(new KeyInfo()); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.set_Value(keyName); // Add the KeyInfoName element to the // EncryptedKey object. ek.get_KeyInfo().AddClause(kin); // Add the encrypted key to the // EncryptedData object. edElement.get_KeyInfo().AddClause(new KeyInfoEncryptedKey(ek)); // Add the encrypted element data to the // EncryptedData object. edElement.get_CipherData().set_CipherValue(encryptedElement); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false); } //Encrypt public static void Decrypt(XmlDocument doc, RSA alg, String keyName) { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (alg == null) { throw new ArgumentNullException("alg"); } if (keyName == null) { throw new ArgumentNullException("keyName"); } // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. eXml.AddKeyNameMapping(keyName, alg); // Decrypt the element. eXml.DecryptDocument(); } //Decrypt } //Program
X.509 証明書を使用して、XML ドキュメントを暗号化するコード例を次に示します。この例は、共通セッション キーを作成して文書を暗号化した後、X.509 証明書を使用して暗号化済みのセッション キーを XML ドキュメントに埋め込みます。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Imports System.Security.Cryptography.X509Certificates Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new X509Certificate2 object by loading ' an X.509 certificate file. To use XML encryption ' with an X.509 certificate, use an X509Certificate2 ' object to encrypt, but use a certificate in a certificate ' store to decrypt. ' You can create a new test certificate file using the ' makecert.exe tool. ' Create an X509Certificate2 object for encryption. Dim cert As New X509Certificate2("test.pfx") ' Put the certificate in certificate store for decryption. Dim store As New X509Store(StoreLocation.CurrentUser) store.Open(OpenFlags.ReadWrite) store.Add(cert) store.Close() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", cert) ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc) ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) End Try End Sub Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Cert As X509Certificate2) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Cert Is Nothing Then Throw New ArgumentNullException("Cert") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If elementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' X.509 Certificate. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim eXml As New EncryptedXml() ' Encrypt the element. Dim edElement As EncryptedData = eXml.Encrypt(elementEncrypt, Cert) ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub Sub Decrypt(ByVal Doc As XmlDocument) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(Doc) ' Decrypt the XML document. exml.DecryptDocument() End Sub End Module
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; using System.Security.Cryptography.X509Certificates; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new X509Certificate2 object by loading // an X.509 certificate file. To use XML encryption // with an X.509 certificate, use an X509Certificate2 // object to encrypt, but use a certificate in a certificate // store to decrypt. // You can create a new test certificate file using the // makecert.exe tool. // Create an X509Certificate2 object for encryption. X509Certificate2 cert = new X509Certificate2("test.pfx"); // Put the certificate in certificate store for decryption. X509Store store = new X509Store(StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); store.Add(cert); store.Close(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", cert); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); // Decrypt the "creditcard" element. Decrypt(xmlDoc); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } } public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, X509Certificate2 Cert) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (ElementToEncrypt == null) throw new ArgumentNullException("ElementToEncrypt"); if (Cert == null) throw new ArgumentNullException("Cert"); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // X.509 Certificate. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); // Encrypt the element. EncryptedData edElement = eXml.Encrypt(elementToEncrypt, Cert); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); } public static void Decrypt(XmlDocument Doc) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(Doc); // Decrypt the XML document. exml.DecryptDocument(); } }
#using <System.Security.dll> #using <System.dll> #using <System.Xml.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; using namespace System::Security::Cryptography::X509Certificates; static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, X509Certificate2^ Cert ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( ElementToEncrypt == nullptr ) throw gcnew ArgumentNullException( L"ElementToEncrypt" ); if ( Cert == nullptr ) throw gcnew ArgumentNullException( L"Cert" ); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 )); // Throw an XmlException if the element was not found. if ( elementToEncrypt == nullptr ) { throw gcnew XmlException( L"The specified element was not found" ); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // X.509 Certificate. ////////////////////////////////////////////////// EncryptedXml^ eXml = gcnew EncryptedXml; // Encrypt the element. EncryptedData^ edElement = eXml->Encrypt( elementToEncrypt, Cert ); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false ); } static void Decrypt( XmlDocument^ Doc ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml( Doc ); // Decrypt the XML document. exml->DecryptDocument(); } int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new X509Certificate2 object by loading // an X.509 certificate file. To use XML encryption // with an X.509 certificate, use an X509Certificate2 // object to encrypt, but use a certificate in a certificate // store to decrypt. // You can create a new test certificate file using the // makecert.exe tool. // Create an X509Certificate2 object for encryption. X509Certificate2^ cert = gcnew X509Certificate2( L"test.pfx" ); // Put the certificate in certificate store for decryption. X509Store^ store = gcnew X509Store( StoreLocation::CurrentUser ); store->Open( OpenFlags::ReadWrite ); store->Add( cert ); store->Close(); try { // Encrypt the "creditcard" element. Encrypt( xmlDoc, L"creditcard", cert ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); // Decrypt the "creditcard" element. Decrypt( xmlDoc ); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } return 1; }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; import System.Security.Cryptography.X509Certificates.*; class Program { public static void main(String[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new X509Certificate2 object by loading // an X.509 certificate file. To use XML encryption // with an X.509 certificate, use an X509Certificate2 // object to encrypt, but use a certificate in a certificate // store to decrypt. // You can create a new test certificate file using the // makecert.exe tool. // Create an X509Certificate2 object for encryption. X509Certificate2 cert = new X509Certificate2("test.pfx"); // Put the certificate in certificate store for decryption. X509Store store = new X509Store(StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); store.Add(cert); store.Close(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", cert); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); // Decrypt the "creditcard" element. Decrypt(xmlDoc); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } } //main public static void Encrypt(XmlDocument doc, String elementToEncrypt, X509Certificate2 cert) throws XmlException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (elementToEncrypt == null) { throw new ArgumentNullException("elementToEncrypt"); } if (cert == null) { throw new ArgumentNullException("cert"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName( elementToEncrypt).get_ItemOf(0); // Throw an XmlException if the element was not found. if (elementToEncrypt1 == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // X.509 Certificate. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); // Encrypt the element. EncryptedData edElement = eXml.Encrypt(elementToEncrypt1, cert); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false); } //Encrypt public static void Decrypt(XmlDocument doc) { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(doc); // Decrypt the XML document. eXml.DecryptDocument(); } //Decrypt } //Program

System.Security.Cryptography.Xml.EncryptedXml


Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
開発プラットフォームの中には、.NET Framework によってサポートされていないバージョンがあります。サポートされているバージョンについては、「システム要件」を参照してください。


EncryptedXml コンストラクタ ()
アセンブリ: System.Security (system.security.dll 内)


これは、.NET Framework の XML 暗号化のためのメイン クラスの既定のコンストラクタです。

共通キーを使用して、XML ドキュメントを暗号化するコード例を次に示します。この例では、暗号化された XML ドキュメントのキー情報は含まれません。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new TripleDES key. Dim tDESkey As New TripleDESCryptoServiceProvider() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey) ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey) ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the TripleDES key. tDESkey.Clear() End Try End Sub Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As SymmetricAlgorithm) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If ElementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' symmetric key. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim eXml As New EncryptedXml() Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, Alg, False) ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Construct an EncryptedData object and populate ' it with the desired encryption information. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim edElement As New EncryptedData() edElement.Type = EncryptedXml.XmlEncElementUrl ' Create an EncryptionMethod element so that the ' receiver knows which algorithm to use for decryption. ' Determine what kind of algorithm is being used and ' supply the appropriate URL to the EncryptionMethod element. Dim encryptionMethod As String = Nothing If TypeOf Alg Is TripleDES Then encryptionMethod = EncryptedXml.XmlEncTripleDESUrl ElseIf TypeOf Alg Is DES Then encryptionMethod = EncryptedXml.XmlEncDESUrl ElseIf TypeOf Alg Is Rijndael Then Select Case Alg.KeySize Case 128 encryptionMethod = EncryptedXml.XmlEncAES128Url Case 192 encryptionMethod = EncryptedXml.XmlEncAES192Url Case 256 encryptionMethod = EncryptedXml.XmlEncAES256Url End Select Else ' Throw an exception if the transform is not in the previous categories Throw New CryptographicException("The specified algorithm is not supported for XML Encryption.") End If edElement.EncryptionMethod = New EncryptionMethod(encryptionMethod) ' Add the encrypted element data to the ' EncryptedData object. edElement.CipherData.CipherValue = encryptedElement ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub 'Encrypt Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As SymmetricAlgorithm) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ' Find the EncryptedData element in the XmlDocument. Dim encryptedElement As XmlElement = Doc.GetElementsByTagName("EncryptedData")(0) ' If the EncryptedData element was not found, throw an exception. If encryptedElement Is Nothing Then Throw New XmlException("The EncryptedData element was not found.") End If ' Create an EncryptedData object and populate it. Dim edElement As New EncryptedData() edElement.LoadXml(encryptedElement) ' Create a new EncryptedXml object. Dim exml As New EncryptedXml() ' Decrypt the element using the symmetric key. Dim rgbOutput As Byte() = exml.DecryptData(edElement, Alg) ' Replace the encryptedData element with the plaintext XML element. exml.ReplaceData(encryptedElement, rgbOutput) End Sub End Module
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); // Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } finally { // Clear the TripleDES key. tDESkey.Clear(); } } public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, SymmetricAlgorithm Alg) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (ElementToEncrypt == null) throw new ArgumentNullException("ElementToEncrypt"); if (Alg == null) throw new ArgumentNullException("Alg"); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, Alg, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.Type = EncryptedXml.XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. string encryptionMethod = null; if (Alg is TripleDES) { encryptionMethod = EncryptedXml.XmlEncTripleDESUrl; } else if (Alg is DES) { encryptionMethod = EncryptedXml.XmlEncDESUrl; } else if (Alg is Rijndael) { switch (Alg.KeySize) { case 128: encryptionMethod = EncryptedXml.XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml.XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml.XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the previous categories throw new CryptographicException("The specified algorithm is not supported for XML Encryption."); } edElement.EncryptionMethod = new EncryptionMethod(encryptionMethod); // Add the encrypted element data to the // EncryptedData object. edElement.CipherData.CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); } public static void Decrypt(XmlDocument Doc, SymmetricAlgorithm Alg) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (Alg == null) throw new ArgumentNullException("Alg"); // Find the EncryptedData element in the XmlDocument. XmlElement encryptedElement = Doc.GetElementsByTagName("EncryptedData")[0] as XmlElement; // If the EncryptedData element was not found, throw an exception. if (encryptedElement == null) { throw new XmlException("The EncryptedData element was not found."); } // Create an EncryptedData object and populate it. EncryptedData edElement = new EncryptedData(); edElement.LoadXml(encryptedElement); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(); // Decrypt the element using the symmetric key. byte[] rgbOutput = exml.DecryptData(edElement, Alg); // Replace the encryptedData element with the plaintext XML element. exml.ReplaceData(encryptedElement, rgbOutput); } }
#using <System.Security.dll> #using <System.dll> #using <System.Xml.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, SymmetricAlgorithm^ Alg ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( ElementToEncrypt == nullptr ) throw gcnew ArgumentNullException( L"ElementToEncrypt" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 )); // Throw an XmlException if the element was not found. if ( elementToEncrypt == nullptr ) { throw gcnew XmlException( L"The specified element was not found" ); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml^ eXml = gcnew EncryptedXml; array<Byte>^encryptedElement = eXml->EncryptData( elementToEncrypt, Alg, false ); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData^ edElement = gcnew EncryptedData; edElement->Type = EncryptedXml::XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. String^ encryptionMethod = nullptr; if ( dynamic_cast<TripleDES^>(Alg) ) { encryptionMethod = EncryptedXml::XmlEncTripleDESUrl; } else if ( dynamic_cast<DES^>(Alg) ) { encryptionMethod = EncryptedXml::XmlEncDESUrl; } else if ( dynamic_cast<Rijndael^>(Alg) ) { switch ( Alg->KeySize ) { case 128: encryptionMethod = EncryptedXml::XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml::XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml::XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the previous categories throw gcnew CryptographicException( L"The specified algorithm is not supported for XML Encryption." ); } edElement->EncryptionMethod = gcnew EncryptionMethod( encryptionMethod ); // Add the encrypted element data to the // EncryptedData object. edElement->CipherData->CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false ); } static void Decrypt( XmlDocument^ Doc, SymmetricAlgorithm^ Alg ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); // Find the EncryptedData element in the XmlDocument. XmlElement^ encryptedElement = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( L"EncryptedData" )->Item( 0 )); // If the EncryptedData element was not found, throw an exception. if ( encryptedElement == nullptr ) { throw gcnew XmlException( L"The EncryptedData element was not found." ); } // Create an EncryptedData object and populate it. EncryptedData^ edElement = gcnew EncryptedData; edElement->LoadXml( encryptedElement ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml; // Decrypt the element using the symmetric key. array<Byte>^rgbOutput = exml->DecryptData( edElement, Alg ); // Replace the encryptedData element with the plaintext XML element. exml->ReplaceData( encryptedElement, rgbOutput ); } int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new TripleDES key. TripleDESCryptoServiceProvider^ tDESkey = gcnew TripleDESCryptoServiceProvider; try { // Encrypt the "creditcard" element. Encrypt( xmlDoc, L"creditcard", tDESkey ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); // Decrypt the "creditcard" element. Decrypt( xmlDoc, tDESkey ); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } finally { // Clear the TripleDES key. tDESkey->Clear(); } }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; class Program { public static void main(String[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); // Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } finally { // Clear the TripleDES key. tDESkey.Clear(); } } //main public static void Encrypt(XmlDocument doc, String elementToEncrypt, SymmetricAlgorithm alg) throws XmlException,CryptographicException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (elementToEncrypt == null) { throw new ArgumentNullException("elementToEncrypt"); } if (alg == null) { throw new ArgumentNullException("alg"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName( elementToEncrypt).get_ItemOf(0); // Throw an XmlException if the element was not found. if (elementToEncrypt1 == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); ubyte encryptedElement[] = eXml.EncryptData(elementToEncrypt1, alg, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.set_Type(EncryptedXml.XmlEncElementUrl); // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. String encryptionMethod = null; if (alg instanceof TripleDES) { encryptionMethod = EncryptedXml.XmlEncTripleDESUrl; } else { if (alg instanceof DES) { encryptionMethod = EncryptedXml.XmlEncDESUrl; } else { if (alg instanceof Rijndael) { switch (alg.get_KeySize()) { case 128: encryptionMethod = EncryptedXml.XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml.XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml.XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the // previous categories throw new CryptographicException("The specified algorithm" +" is not supported for XML Encryption."); } } } edElement.set_EncryptionMethod(new EncryptionMethod(encryptionMethod)); // Add the encrypted element data to the // EncryptedData object. edElement.get_CipherData().set_CipherValue(encryptedElement); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false); } //Encrypt public static void Decrypt(XmlDocument doc, SymmetricAlgorithm alg) throws XmlException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (alg == null) { throw new ArgumentNullException("alg"); } // Find the EncryptedData element in the XmlDocument. XmlElement encryptedElement = (XmlElement)doc.GetElementsByTagName( "EncryptedData").get_ItemOf(0); // If the EncryptedData element was not found, throw an exception. if (encryptedElement == null) { throw new XmlException("The EncryptedData element was not found."); } // Create an EncryptedData object and populate it. EncryptedData edElement = new EncryptedData(); edElement.LoadXml(encryptedElement); // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(); // Decrypt the element using the symmetric key. ubyte rgbOutput[] = eXml.DecryptData(edElement, alg); // Replace the encryptedData element with the plaintext XML element. eXml.ReplaceData(encryptedElement, rgbOutput); } //Decrypt } //Program
共通キーを使用して、XML ドキュメントを暗号化するコード例を次に示します。この例では、暗号化された XML ドキュメントに対し、復号化処理が適切な復号化キーを検索するために使用するキー名を埋め込みます。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new TripleDES key. Dim tDESkey As New TripleDESCryptoServiceProvider() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey") ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey, "tDESKey") ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the TripleDES key. tDESkey.Clear() End Try End Sub 'Main Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As SymmetricAlgorithm, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If elementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' symmetric key. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim eXml As New EncryptedXml() Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, Alg, False) ''''''''''''''''''''''''''''''''''''''''''''''''' ' Construct an EncryptedData object and populate ' it with the desired encryption information. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim edElement As New EncryptedData() edElement.Type = EncryptedXml.XmlEncElementUrl ' Create an EncryptionMethod element so that the ' receiver knows which algorithm to use for decryption. ' Determine what kind of algorithm is being used and ' supply the appropriate URL to the EncryptionMethod element. Dim encryptionMethod As String = Nothing If TypeOf Alg Is TripleDES Then encryptionMethod = EncryptedXml.XmlEncTripleDESUrl ElseIf TypeOf Alg Is DES Then encryptionMethod = EncryptedXml.XmlEncDESUrl ElseIf TypeOf Alg Is Rijndael Then Select Case Alg.KeySize Case 128 encryptionMethod = EncryptedXml.XmlEncAES128Url Case 192 encryptionMethod = EncryptedXml.XmlEncAES192Url Case 256 encryptionMethod = EncryptedXml.XmlEncAES256Url End Select Else ' Throw an exception if the transform is not in the previous categories Throw New CryptographicException("The specified algorithm is not supported for XML Encryption.") End If edElement.EncryptionMethod = New EncryptionMethod(encryptionMethod) ' Set the KeyInfo element to specify the ' name of a key. ' Create a new KeyInfo element. edElement.KeyInfo = New KeyInfo() ' Create a new KeyInfoName element. Dim kin As New KeyInfoName() ' Specify a name for the key. kin.Value = KeyName ' Add the KeyInfoName element. edElement.KeyInfo.AddClause(kin) ' Add the encrypted element data to the ' EncryptedData object. edElement.CipherData.CipherValue = encryptedElement ''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As SymmetricAlgorithm, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If If KeyName Is Nothing Then Throw New ArgumentNullException("KeyName") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(Doc) ' Add a key-name mapping. ' This method can only decrypt documents ' that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg) ' Decrypt the element. exml.DecryptDocument() End Sub End Module
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); // Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } finally { // Clear the TripleDES key. tDESkey.Clear(); } } public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, SymmetricAlgorithm Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (ElementToEncrypt == null) throw new ArgumentNullException("ElementToEncrypt"); if (Alg == null) throw new ArgumentNullException("Alg"); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, Alg, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.Type = EncryptedXml.XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. string encryptionMethod = null; if (Alg is TripleDES) { encryptionMethod = EncryptedXml.XmlEncTripleDESUrl; } else if (Alg is DES) { encryptionMethod = EncryptedXml.XmlEncDESUrl; } else if (Alg is Rijndael) { switch (Alg.KeySize) { case 128: encryptionMethod = EncryptedXml.XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml.XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml.XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the previous categories throw new CryptographicException("The specified algorithm is not supported for XML Encryption."); } edElement.EncryptionMethod = new EncryptionMethod(encryptionMethod); // Set the KeyInfo element to specify the // name of a key. // Create a new KeyInfo element. edElement.KeyInfo = new KeyInfo(); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.Value = KeyName; // Add the KeyInfoName element. edElement.KeyInfo.AddClause(kin); // Add the encrypted element data to the // EncryptedData object. edElement.CipherData.CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); } public static void Decrypt(XmlDocument Doc, SymmetricAlgorithm Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (Alg == null) throw new ArgumentNullException("Alg"); if (KeyName == null) throw new ArgumentNullException("KeyName"); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(Doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg); // Decrypt the element. exml.DecryptDocument(); } }
#using <System.Security.dll> #using <System.dll> #using <System.Xml.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, SymmetricAlgorithm^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( ElementToEncrypt == nullptr ) throw gcnew ArgumentNullException( L"ElementToEncrypt" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 )); // Throw an XmlException if the element was not found. if ( elementToEncrypt == nullptr ) { throw gcnew XmlException( L"The specified element was not found" ); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml^ eXml = gcnew EncryptedXml; array<Byte>^encryptedElement = eXml->EncryptData( elementToEncrypt, Alg, false ); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData^ edElement = gcnew EncryptedData; edElement->Type = EncryptedXml::XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. String^ encryptionMethod = nullptr; if ( dynamic_cast<TripleDES^>(Alg) ) { encryptionMethod = EncryptedXml::XmlEncTripleDESUrl; } else if ( dynamic_cast<DES^>(Alg) ) { encryptionMethod = EncryptedXml::XmlEncDESUrl; } else if ( dynamic_cast<Rijndael^>(Alg) ) { switch ( Alg->KeySize ) { case 128: encryptionMethod = EncryptedXml::XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml::XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml::XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the previous categories throw gcnew CryptographicException( L"The specified algorithm is not supported for XML Encryption." ); } edElement->EncryptionMethod = gcnew EncryptionMethod( encryptionMethod ); // Set the KeyInfo element to specify the // name of a key. // Create a new KeyInfo element. edElement->KeyInfo = gcnew KeyInfo; // Create a new KeyInfoName element. KeyInfoName^ kin = gcnew KeyInfoName; // Specify a name for the key. kin->Value = KeyName; // Add the KeyInfoName element. edElement->KeyInfo->AddClause( kin ); // Add the encrypted element data to the // EncryptedData object. edElement->CipherData->CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false ); } static void Decrypt( XmlDocument^ Doc, SymmetricAlgorithm^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); if ( KeyName == nullptr ) throw gcnew ArgumentNullException( L"KeyName" ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml( Doc ); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml->AddKeyNameMapping( KeyName, Alg ); // Decrypt the element. exml->DecryptDocument(); } int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new TripleDES key. TripleDESCryptoServiceProvider^ tDESkey = gcnew TripleDESCryptoServiceProvider; try { // Encrypt the "creditcard" element. Encrypt( xmlDoc, L"creditcard", tDESkey, L"tDESKey" ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); // Decrypt the "creditcard" element. Decrypt( xmlDoc, tDESkey, L"tDESKey" ); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } finally { // Clear the TripleDES key. tDESkey->Clear(); } return 1; }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; class Program { public static void main(String[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); // Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } finally { // Clear the TripleDES key. tDESkey.Clear(); } } //main public static void Encrypt(XmlDocument doc, String elementToEncrypt, SymmetricAlgorithm alg, String keyName) throws XmlException, CryptographicException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (elementToEncrypt == null) { throw new ArgumentNullException("elementToEncrypt"); } if (alg == null) { throw new ArgumentNullException("alg"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName( elementToEncrypt).get_ItemOf(0); // Throw an XmlException if the element was not found. if (elementToEncrypt1 == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); ubyte encryptedElement[] = eXml.EncryptData(elementToEncrypt1, alg, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.set_Type(EncryptedXml.XmlEncElementUrl); // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. String encryptionMethod = null; if (alg instanceof TripleDES) { encryptionMethod = EncryptedXml.XmlEncTripleDESUrl; } else { if (alg instanceof DES) { encryptionMethod = EncryptedXml.XmlEncDESUrl; } else { if (alg instanceof Rijndael) { switch (alg.get_KeySize()) { case 128: encryptionMethod = EncryptedXml.XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml.XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml.XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the // previous categories throw new CryptographicException("The specified algorithm" +" is not supported for XML Encryption."); } } } edElement.set_EncryptionMethod(new EncryptionMethod(encryptionMethod)); // Set the KeyInfo element to specify the // name of a key. // Create a new KeyInfo element. edElement.set_KeyInfo(new KeyInfo()); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.set_Value(keyName); // Add the KeyInfoName element. edElement.get_KeyInfo().AddClause(kin); // Add the encrypted element data to the // EncryptedData object. edElement.get_CipherData().set_CipherValue(encryptedElement); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false); } //Encrypt public static void Decrypt(XmlDocument doc, SymmetricAlgorithm alg, String keyName) { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (alg == null) { throw new ArgumentNullException("alg"); } if (keyName == null) { throw new ArgumentNullException("keyName"); } // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. eXml.AddKeyNameMapping(keyName, alg); // Decrypt the element. eXml.DecryptDocument(); } //Decrypt } //Program
非対称キーを使用して、XML ドキュメントを暗号化するコード例を次に示します。この例は、対称セッション キーを作成して文書を暗号化した後、非対称キーを使用して暗号化済みのセッション キーを XML ドキュメントに埋め込みます。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new RSA key. This key will encrypt a symmetric key , ' which will then be imbedded in the XML document. Dim rsaKey = New RSACryptoServiceProvider() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey") ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc, rsaKey, "rsaKey") ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the RSA key. rsaKey.Clear() End Try End Sub Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As RSA, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If elementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' a new random symmetric key. ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a 256 bit Rijndael key. Dim sessionKey As New RijndaelManaged() sessionKey.KeySize = 256 Dim eXml As New EncryptedXml() Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, sessionKey, False) ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Construct an EncryptedData object and populate ' it with the desired encryption information. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim edElement As New EncryptedData() edElement.Type = EncryptedXml.XmlEncElementUrl ' Create an EncryptionMethod element so that the ' receiver knows which algorithm to use for decryption. edElement.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncAES256Url) ' Encrypt the session key and add it to an EncryptedKey element. Dim ek As New EncryptedKey() Dim encryptedKey As Byte() = EncryptedXml.EncryptKey(sessionKey.Key, Alg, False) ek.CipherData = New CipherData(encryptedKey) ek.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncRSA15Url) ' Set the KeyInfo element to specify the ' name of the RSA key. ' Create a new KeyInfo element. edElement.KeyInfo = New KeyInfo() ' Create a new KeyInfoName element. Dim kin As New KeyInfoName() ' Specify a name for the key. kin.Value = KeyName ' Add the KeyInfoName element to the ' EncryptedKey object. ek.KeyInfo.AddClause(kin) ' Add the encrypted key to the ' EncryptedData object. edElement.KeyInfo.AddClause(New KeyInfoEncryptedKey(ek)) ' Add the encrypted element data to the ' EncryptedData object. edElement.CipherData.CipherValue = encryptedElement ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As RSA, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If If KeyName Is Nothing Then Throw New ArgumentNullException("KeyName") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(Doc) ' Add a key-name mapping. ' This method can only decrypt documents ' that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg) ' Decrypt the element. exml.DecryptDocument() End Sub End Module
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new RSA key. This key will encrypt a symmetric key, // which will then be imbedded in the XML document. RSA rsaKey = new RSACryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); // Decrypt the "creditcard" element. Decrypt(xmlDoc, rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } finally { // Clear the RSA key. rsaKey.Clear(); } } public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, RSA Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (ElementToEncrypt == null) throw new ArgumentNullException("ElementToEncrypt"); if (Alg == null) throw new ArgumentNullException("Alg"); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // a new random symmetric key. ////////////////////////////////////////////////// // Create a 256 bit Rijndael key. RijndaelManaged sessionKey = new RijndaelManaged(); sessionKey.KeySize = 256; EncryptedXml eXml = new EncryptedXml(); byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, sessionKey, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.Type = EncryptedXml.XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. edElement.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url); // Encrypt the session key and add it to an EncryptedKey element. EncryptedKey ek = new EncryptedKey(); byte[] encryptedKey = EncryptedXml.EncryptKey(sessionKey.Key, Alg, false); ek.CipherData = new CipherData(encryptedKey); ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url); // Set the KeyInfo element to specify the // name of the RSA key. // Create a new KeyInfo element. edElement.KeyInfo = new KeyInfo(); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.Value = KeyName; // Add the KeyInfoName element to the // EncryptedKey object. ek.KeyInfo.AddClause(kin); // Add the encrypted key to the // EncryptedData object. edElement.KeyInfo.AddClause(new KeyInfoEncryptedKey(ek)); // Add the encrypted element data to the // EncryptedData object. edElement.CipherData.CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); } public static void Decrypt(XmlDocument Doc, RSA Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (Alg == null) throw new ArgumentNullException("Alg"); if (KeyName == null) throw new ArgumentNullException("KeyName"); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(Doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg); // Decrypt the element. exml.DecryptDocument(); } }
#using <System.Xml.dll> #using <System.Security.dll> #using <System.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, RSA^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( ElementToEncrypt == nullptr ) throw gcnew ArgumentNullException( L"ElementToEncrypt" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 )); // Throw an XmlException if the element was not found. if ( elementToEncrypt == nullptr ) { throw gcnew XmlException( L"The specified element was not found" ); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // a new random symmetric key. ////////////////////////////////////////////////// // Create a 256 bit Rijndael key. RijndaelManaged^ sessionKey = gcnew RijndaelManaged; sessionKey->KeySize = 256; EncryptedXml^ eXml = gcnew EncryptedXml; array<Byte>^encryptedElement = eXml->EncryptData( elementToEncrypt, sessionKey, false ); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData^ edElement = gcnew EncryptedData; edElement->Type = EncryptedXml::XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. edElement->EncryptionMethod = gcnew EncryptionMethod( EncryptedXml::XmlEncAES256Url ); // Encrypt the session key and add it to an EncryptedKey element. EncryptedKey^ ek = gcnew EncryptedKey; array<Byte>^encryptedKey = EncryptedXml::EncryptKey( sessionKey->Key, Alg, false ); ek->CipherData = gcnew CipherData( encryptedKey ); ek->EncryptionMethod = gcnew EncryptionMethod( EncryptedXml::XmlEncRSA15Url ); // Set the KeyInfo element to specify the // name of the RSA key. // Create a new KeyInfo element. edElement->KeyInfo = gcnew KeyInfo; // Create a new KeyInfoName element. KeyInfoName^ kin = gcnew KeyInfoName; // Specify a name for the key. kin->Value = KeyName; // Add the KeyInfoName element to the // EncryptedKey object. ek->KeyInfo->AddClause( kin ); // Add the encrypted key to the // EncryptedData object. edElement->KeyInfo->AddClause( gcnew KeyInfoEncryptedKey( ek ) ); // Add the encrypted element data to the // EncryptedData object. edElement->CipherData->CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false ); } static void Decrypt( XmlDocument^ Doc, RSA^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); if ( KeyName == nullptr ) throw gcnew ArgumentNullException( L"KeyName" ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml( Doc ); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml->AddKeyNameMapping( KeyName, Alg ); // Decrypt the element. exml->DecryptDocument(); } int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new RSA key. This key will encrypt a symmetric key, // which will then be imbedded in the XML document. RSA^ rsaKey = gcnew RSACryptoServiceProvider; try { // Encrypt the "creditcard" element. Encrypt( xmlDoc, L"creditcard", rsaKey, L"rsaKey" ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); // Decrypt the "creditcard" element. Decrypt( xmlDoc, rsaKey, L"rsaKey" ); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } finally { // Clear the RSA key. rsaKey->Clear(); } return 1; }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; class Program { public static void main(String[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new RSA key. This key will encrypt a symmetric key, // which will then be imbedded in the XML document. RSA rsaKey = new RSACryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); // Decrypt the "creditcard" element. Decrypt(xmlDoc, rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } finally { // Clear the RSA key. rsaKey.Clear(); } } //main public static void Encrypt(XmlDocument doc, String elementToEncrypt, RSA alg, String keyName) throws ArgumentNullException,XmlException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (elementToEncrypt == null) { throw new ArgumentNullException("elementToEncrypt"); } if (alg == null) { throw new ArgumentNullException("alg"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName( elementToEncrypt).get_ItemOf(0); // Throw an XmlException if the element was not found. if (elementToEncrypt1 == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // a new random symmetric key. ////////////////////////////////////////////////// // Create a 256 bit Rijndael key. RijndaelManaged sessionKey = new RijndaelManaged(); sessionKey.set_KeySize(256); EncryptedXml eXml = new EncryptedXml(); ubyte encryptedElement[] = eXml.EncryptData(elementToEncrypt1, sessionKey, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.set_Type(EncryptedXml.XmlEncElementUrl); // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. edElement.set_EncryptionMethod(new EncryptionMethod( EncryptedXml.XmlEncAES256Url)); // Encrypt the session key and add it to an EncryptedKey element. EncryptedKey ek = new EncryptedKey(); ubyte encryptedKey[] = EncryptedXml.EncryptKey(sessionKey.get_Key(), alg, false); ek.set_CipherData(new CipherData(encryptedKey)); ek.set_EncryptionMethod(new EncryptionMethod(EncryptedXml. XmlEncRSA15Url)); // Set the KeyInfo element to specify the // name of the RSA key. // Create a new KeyInfo element. edElement.set_KeyInfo(new KeyInfo()); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.set_Value(keyName); // Add the KeyInfoName element to the // EncryptedKey object. ek.get_KeyInfo().AddClause(kin); // Add the encrypted key to the // EncryptedData object. edElement.get_KeyInfo().AddClause(new KeyInfoEncryptedKey(ek)); // Add the encrypted element data to the // EncryptedData object. edElement.get_CipherData().set_CipherValue(encryptedElement); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false); } //Encrypt public static void Decrypt(XmlDocument doc, RSA alg, String keyName) { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (alg == null) { throw new ArgumentNullException("alg"); } if (keyName == null) { throw new ArgumentNullException("keyName"); } // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. eXml.AddKeyNameMapping(keyName, alg); // Decrypt the element. eXml.DecryptDocument(); } //Decrypt } //Program
X.509 証明書を使用して、XML ドキュメントを暗号化するコード例を次に示します。この例は、共通セッション キーを作成して文書を暗号化した後、X.509 証明書を使用して暗号化済みのセッション キーを XML ドキュメントに埋め込みます。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Imports System.Security.Cryptography.X509Certificates Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new X509Certificate2 object by loading ' an X.509 certificate file. To use XML encryption ' with an X.509 certificate, use an X509Certificate2 ' object to encrypt, but use a certificate in a certificate ' store to decrypt. ' You can create a new test certificate file using the ' makecert.exe tool. ' Create an X509Certificate2 object for encryption. Dim cert As New X509Certificate2("test.pfx") ' Put the certificate in certificate store for decryption. Dim store As New X509Store(StoreLocation.CurrentUser) store.Open(OpenFlags.ReadWrite) store.Add(cert) store.Close() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", cert) ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc) ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) End Try End Sub Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Cert As X509Certificate2) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Cert Is Nothing Then Throw New ArgumentNullException("Cert") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If elementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' X.509 Certificate. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim eXml As New EncryptedXml() ' Encrypt the element. Dim edElement As EncryptedData = eXml.Encrypt(elementEncrypt, Cert) ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub Sub Decrypt(ByVal Doc As XmlDocument) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(Doc) ' Decrypt the XML document. exml.DecryptDocument() End Sub End Module
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; using System.Security.Cryptography.X509Certificates; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new X509Certificate2 object by loading // an X.509 certificate file. To use XML encryption // with an X.509 certificate, use an X509Certificate2 // object to encrypt, but use a certificate in a certificate // store to decrypt. // You can create a new test certificate file using the // makecert.exe tool. // Create an X509Certificate2 object for encryption. X509Certificate2 cert = new X509Certificate2("test.pfx"); // Put the certificate in certificate store for decryption. X509Store store = new X509Store(StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); store.Add(cert); store.Close(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", cert); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); // Decrypt the "creditcard" element. Decrypt(xmlDoc); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } } public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, X509Certificate2 Cert) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (ElementToEncrypt == null) throw new ArgumentNullException("ElementToEncrypt"); if (Cert == null) throw new ArgumentNullException("Cert"); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // X.509 Certificate. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); // Encrypt the element. EncryptedData edElement = eXml.Encrypt(elementToEncrypt, Cert); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); } public static void Decrypt(XmlDocument Doc) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(Doc); // Decrypt the XML document. exml.DecryptDocument(); } }
#using <System.Security.dll> #using <System.dll> #using <System.Xml.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; using namespace System::Security::Cryptography::X509Certificates; static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, X509Certificate2^ Cert ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( ElementToEncrypt == nullptr ) throw gcnew ArgumentNullException( L"ElementToEncrypt" ); if ( Cert == nullptr ) throw gcnew ArgumentNullException( L"Cert" ); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 )); // Throw an XmlException if the element was not found. if ( elementToEncrypt == nullptr ) { throw gcnew XmlException( L"The specified element was not found" ); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // X.509 Certificate. ////////////////////////////////////////////////// EncryptedXml^ eXml = gcnew EncryptedXml; // Encrypt the element. EncryptedData^ edElement = eXml->Encrypt( elementToEncrypt, Cert ); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false ); } static void Decrypt( XmlDocument^ Doc ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml( Doc ); // Decrypt the XML document. exml->DecryptDocument(); } int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new X509Certificate2 object by loading // an X.509 certificate file. To use XML encryption // with an X.509 certificate, use an X509Certificate2 // object to encrypt, but use a certificate in a certificate // store to decrypt. // You can create a new test certificate file using the // makecert.exe tool. // Create an X509Certificate2 object for encryption. X509Certificate2^ cert = gcnew X509Certificate2( L"test.pfx" ); // Put the certificate in certificate store for decryption. X509Store^ store = gcnew X509Store( StoreLocation::CurrentUser ); store->Open( OpenFlags::ReadWrite ); store->Add( cert ); store->Close(); try { // Encrypt the "creditcard" element. Encrypt( xmlDoc, L"creditcard", cert ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); // Decrypt the "creditcard" element. Decrypt( xmlDoc ); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } return 1; }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; import System.Security.Cryptography.X509Certificates.*; class Program { public static void main(String[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new X509Certificate2 object by loading // an X.509 certificate file. To use XML encryption // with an X.509 certificate, use an X509Certificate2 // object to encrypt, but use a certificate in a certificate // store to decrypt. // You can create a new test certificate file using the // makecert.exe tool. // Create an X509Certificate2 object for encryption. X509Certificate2 cert = new X509Certificate2("test.pfx"); // Put the certificate in certificate store for decryption. X509Store store = new X509Store(StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); store.Add(cert); store.Close(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", cert); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); // Decrypt the "creditcard" element. Decrypt(xmlDoc); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } } //main public static void Encrypt(XmlDocument doc, String elementToEncrypt, X509Certificate2 cert) throws XmlException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (elementToEncrypt == null) { throw new ArgumentNullException("elementToEncrypt"); } if (cert == null) { throw new ArgumentNullException("cert"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName( elementToEncrypt).get_ItemOf(0); // Throw an XmlException if the element was not found. if (elementToEncrypt1 == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // X.509 Certificate. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); // Encrypt the element. EncryptedData edElement = eXml.Encrypt(elementToEncrypt1, cert); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false); } //Encrypt public static void Decrypt(XmlDocument doc) { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(doc); // Decrypt the XML document. eXml.DecryptDocument(); } //Decrypt } //Program

Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
開発プラットフォームの中には、.NET Framework によってサポートされていないバージョンがあります。サポートされているバージョンについては、「システム要件」を参照してください。


EncryptedXml コンストラクタ (XmlDocument)
アセンブリ: System.Security (system.security.dll 内)


このコンストラクタは、暗号化する XML ドキュメントを指定するときに EncryptedXml オブジェクトを作成するために使用します。document パラメータは、暗号化された XML を後で形成する XML 要素を構成します。

共通キーを使用して、XML ドキュメントを暗号化するコード例を次に示します。この例では、暗号化された XML ドキュメントに対し、復号化処理が適切な復号化キーを検索するために使用するキー名を埋め込みます。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new TripleDES key. Dim tDESkey As New TripleDESCryptoServiceProvider() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey") ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey, "tDESKey") ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the TripleDES key. tDESkey.Clear() End Try End Sub 'Main Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As SymmetricAlgorithm, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If elementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' symmetric key. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim eXml As New EncryptedXml() Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, Alg, False) ''''''''''''''''''''''''''''''''''''''''''''''''' ' Construct an EncryptedData object and populate ' it with the desired encryption information. ''''''''''''''''''''''''''''''''''''''''''''''''' Dim edElement As New EncryptedData() edElement.Type = EncryptedXml.XmlEncElementUrl ' Create an EncryptionMethod element so that the ' receiver knows which algorithm to use for decryption. ' Determine what kind of algorithm is being used and ' supply the appropriate URL to the EncryptionMethod element. Dim encryptionMethod As String = Nothing If TypeOf Alg Is TripleDES Then encryptionMethod = EncryptedXml.XmlEncTripleDESUrl ElseIf TypeOf Alg Is DES Then encryptionMethod = EncryptedXml.XmlEncDESUrl ElseIf TypeOf Alg Is Rijndael Then Select Case Alg.KeySize Case 128 encryptionMethod = EncryptedXml.XmlEncAES128Url Case 192 encryptionMethod = EncryptedXml.XmlEncAES192Url Case 256 encryptionMethod = EncryptedXml.XmlEncAES256Url End Select Else ' Throw an exception if the transform is not in the previous categories Throw New CryptographicException("The specified algorithm is not supported for XML Encryption.") End If edElement.EncryptionMethod = New EncryptionMethod(encryptionMethod) ' Set the KeyInfo element to specify the ' name of a key. ' Create a new KeyInfo element. edElement.KeyInfo = New KeyInfo() ' Create a new KeyInfoName element. Dim kin As New KeyInfoName() ' Specify a name for the key. kin.Value = KeyName ' Add the KeyInfoName element. edElement.KeyInfo.AddClause(kin) ' Add the encrypted element data to the ' EncryptedData object. edElement.CipherData.CipherValue = encryptedElement ''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As SymmetricAlgorithm, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If If KeyName Is Nothing Then Throw New ArgumentNullException("KeyName") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(Doc) ' Add a key-name mapping. ' This method can only decrypt documents ' that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg) ' Decrypt the element. exml.DecryptDocument() End Sub End Module
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); // Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } finally { // Clear the TripleDES key. tDESkey.Clear(); } } public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, SymmetricAlgorithm Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (ElementToEncrypt == null) throw new ArgumentNullException("ElementToEncrypt"); if (Alg == null) throw new ArgumentNullException("Alg"); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, Alg, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.Type = EncryptedXml.XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. string encryptionMethod = null; if (Alg is TripleDES) { encryptionMethod = EncryptedXml.XmlEncTripleDESUrl; } else if (Alg is DES) { encryptionMethod = EncryptedXml.XmlEncDESUrl; } else if (Alg is Rijndael) { switch (Alg.KeySize) { case 128: encryptionMethod = EncryptedXml.XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml.XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml.XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the previous categories throw new CryptographicException("The specified algorithm is not supported for XML Encryption."); } edElement.EncryptionMethod = new EncryptionMethod(encryptionMethod); // Set the KeyInfo element to specify the // name of a key. // Create a new KeyInfo element. edElement.KeyInfo = new KeyInfo(); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.Value = KeyName; // Add the KeyInfoName element. edElement.KeyInfo.AddClause(kin); // Add the encrypted element data to the // EncryptedData object. edElement.CipherData.CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); } public static void Decrypt(XmlDocument Doc, SymmetricAlgorithm Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (Alg == null) throw new ArgumentNullException("Alg"); if (KeyName == null) throw new ArgumentNullException("KeyName"); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(Doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg); // Decrypt the element. exml.DecryptDocument(); } }
#using <System.Security.dll> #using <System.dll> #using <System.Xml.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, SymmetricAlgorithm^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( ElementToEncrypt == nullptr ) throw gcnew ArgumentNullException( L"ElementToEncrypt" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 )); // Throw an XmlException if the element was not found. if ( elementToEncrypt == nullptr ) { throw gcnew XmlException( L"The specified element was not found" ); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml^ eXml = gcnew EncryptedXml; array<Byte>^encryptedElement = eXml->EncryptData( elementToEncrypt, Alg, false ); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData^ edElement = gcnew EncryptedData; edElement->Type = EncryptedXml::XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. String^ encryptionMethod = nullptr; if ( dynamic_cast<TripleDES^>(Alg) ) { encryptionMethod = EncryptedXml::XmlEncTripleDESUrl; } else if ( dynamic_cast<DES^>(Alg) ) { encryptionMethod = EncryptedXml::XmlEncDESUrl; } else if ( dynamic_cast<Rijndael^>(Alg) ) { switch ( Alg->KeySize ) { case 128: encryptionMethod = EncryptedXml::XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml::XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml::XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the previous categories throw gcnew CryptographicException( L"The specified algorithm is not supported for XML Encryption." ); } edElement->EncryptionMethod = gcnew EncryptionMethod( encryptionMethod ); // Set the KeyInfo element to specify the // name of a key. // Create a new KeyInfo element. edElement->KeyInfo = gcnew KeyInfo; // Create a new KeyInfoName element. KeyInfoName^ kin = gcnew KeyInfoName; // Specify a name for the key. kin->Value = KeyName; // Add the KeyInfoName element. edElement->KeyInfo->AddClause( kin ); // Add the encrypted element data to the // EncryptedData object. edElement->CipherData->CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false ); } static void Decrypt( XmlDocument^ Doc, SymmetricAlgorithm^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); if ( KeyName == nullptr ) throw gcnew ArgumentNullException( L"KeyName" ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml( Doc ); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml->AddKeyNameMapping( KeyName, Alg ); // Decrypt the element. exml->DecryptDocument(); } int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new TripleDES key. TripleDESCryptoServiceProvider^ tDESkey = gcnew TripleDESCryptoServiceProvider; try { // Encrypt the "creditcard" element. Encrypt( xmlDoc, L"creditcard", tDESkey, L"tDESKey" ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); // Decrypt the "creditcard" element. Decrypt( xmlDoc, tDESkey, L"tDESKey" ); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } finally { // Clear the TripleDES key. tDESkey->Clear(); } return 1; }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; class Program { public static void main(String[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new TripleDES key. TripleDESCryptoServiceProvider tDESkey = new TripleDESCryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); // Decrypt the "creditcard" element. Decrypt(xmlDoc, tDESkey, "tDESKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } finally { // Clear the TripleDES key. tDESkey.Clear(); } } //main public static void Encrypt(XmlDocument doc, String elementToEncrypt, SymmetricAlgorithm alg, String keyName) throws XmlException, CryptographicException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (elementToEncrypt == null) { throw new ArgumentNullException("elementToEncrypt"); } if (alg == null) { throw new ArgumentNullException("alg"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName( elementToEncrypt).get_ItemOf(0); // Throw an XmlException if the element was not found. if (elementToEncrypt1 == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // symmetric key. ////////////////////////////////////////////////// EncryptedXml eXml = new EncryptedXml(); ubyte encryptedElement[] = eXml.EncryptData(elementToEncrypt1, alg, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.set_Type(EncryptedXml.XmlEncElementUrl); // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. // Determine what kind of algorithm is being used and // supply the appropriate URL to the EncryptionMethod element. String encryptionMethod = null; if (alg instanceof TripleDES) { encryptionMethod = EncryptedXml.XmlEncTripleDESUrl; } else { if (alg instanceof DES) { encryptionMethod = EncryptedXml.XmlEncDESUrl; } else { if (alg instanceof Rijndael) { switch (alg.get_KeySize()) { case 128: encryptionMethod = EncryptedXml.XmlEncAES128Url; break; case 192: encryptionMethod = EncryptedXml.XmlEncAES192Url; break; case 256: encryptionMethod = EncryptedXml.XmlEncAES256Url; break; } } else { // Throw an exception if the transform is not in the // previous categories throw new CryptographicException("The specified algorithm" +" is not supported for XML Encryption."); } } } edElement.set_EncryptionMethod(new EncryptionMethod(encryptionMethod)); // Set the KeyInfo element to specify the // name of a key. // Create a new KeyInfo element. edElement.set_KeyInfo(new KeyInfo()); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.set_Value(keyName); // Add the KeyInfoName element. edElement.get_KeyInfo().AddClause(kin); // Add the encrypted element data to the // EncryptedData object. edElement.get_CipherData().set_CipherValue(encryptedElement); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false); } //Encrypt public static void Decrypt(XmlDocument doc, SymmetricAlgorithm alg, String keyName) { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (alg == null) { throw new ArgumentNullException("alg"); } if (keyName == null) { throw new ArgumentNullException("keyName"); } // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. eXml.AddKeyNameMapping(keyName, alg); // Decrypt the element. eXml.DecryptDocument(); } //Decrypt } //Program
非対称キーを使用して、XML ドキュメントを暗号化するコード例を次に示します。この例は、対称セッション キーを作成して文書を暗号化した後、非対称キーを使用して暗号化済みのセッション キーを XML ドキュメントに埋め込みます。
Imports System Imports System.Xml Imports System.Security.Cryptography Imports System.Security.Cryptography.Xml Module Program Sub Main(ByVal args() As String) ' Create an XmlDocument object. Dim xmlDoc As New XmlDocument() ' Load an XML file into the XmlDocument object. Try xmlDoc.PreserveWhitespace = True xmlDoc.Load("test.xml") Catch e As Exception Console.WriteLine(e.Message) End Try ' Create a new RSA key. This key will encrypt a symmetric key , ' which will then be imbedded in the XML document. Dim rsaKey = New RSACryptoServiceProvider() Try ' Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey") ' Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) ' Decrypt the "creditcard" element. Decrypt(xmlDoc, rsaKey, "rsaKey") ' Display the encrypted XML to the console. Console.WriteLine() Console.WriteLine("Decrypted XML:") Console.WriteLine() Console.WriteLine(xmlDoc.OuterXml) Catch e As Exception Console.WriteLine(e.Message) Finally ' Clear the RSA key. rsaKey.Clear() End Try End Sub Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As RSA, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If ElementToEncrypt Is Nothing Then Throw New ArgumentNullException("ElementToEncrypt") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Find the specified element in the XmlDocument ' object and create a new XmlElemnt object. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0) ' Throw an XmlException if the element was not found. If elementToEncrypt Is Nothing Then Throw New XmlException("The specified element was not found") End If ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a new instance of the EncryptedXml class ' and use it to encrypt the XmlElement with the ' a new random symmetric key. ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Create a 256 bit Rijndael key. Dim sessionKey As New RijndaelManaged() sessionKey.KeySize = 256 Dim eXml As New EncryptedXml() Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, sessionKey, False) ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Construct an EncryptedData object and populate ' it with the desired encryption information. ''''''''''''''''''''''''''''''''''''''''''''''''''' Dim edElement As New EncryptedData() edElement.Type = EncryptedXml.XmlEncElementUrl ' Create an EncryptionMethod element so that the ' receiver knows which algorithm to use for decryption. edElement.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncAES256Url) ' Encrypt the session key and add it to an EncryptedKey element. Dim ek As New EncryptedKey() Dim encryptedKey As Byte() = EncryptedXml.EncryptKey(sessionKey.Key, Alg, False) ek.CipherData = New CipherData(encryptedKey) ek.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncRSA15Url) ' Set the KeyInfo element to specify the ' name of the RSA key. ' Create a new KeyInfo element. edElement.KeyInfo = New KeyInfo() ' Create a new KeyInfoName element. Dim kin As New KeyInfoName() ' Specify a name for the key. kin.Value = KeyName ' Add the KeyInfoName element to the ' EncryptedKey object. ek.KeyInfo.AddClause(kin) ' Add the encrypted key to the ' EncryptedData object. edElement.KeyInfo.AddClause(New KeyInfoEncryptedKey(ek)) ' Add the encrypted element data to the ' EncryptedData object. edElement.CipherData.CipherValue = encryptedElement ''''''''''''''''''''''''''''''''''''''''''''''''''' ' Replace the element from the original XmlDocument ' object with the EncryptedData element. ''''''''''''''''''''''''''''''''''''''''''''''''''' EncryptedXml.ReplaceElement(elementEncrypt, edElement, False) End Sub Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As RSA, ByVal KeyName As String) ' Check the arguments. If Doc Is Nothing Then Throw New ArgumentNullException("Doc") End If If Alg Is Nothing Then Throw New ArgumentNullException("Alg") End If If KeyName Is Nothing Then Throw New ArgumentNullException("KeyName") End If ' Create a new EncryptedXml object. Dim exml As New EncryptedXml(Doc) ' Add a key-name mapping. ' This method can only decrypt documents ' that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg) ' Decrypt the element. exml.DecryptDocument() End Sub End Module
using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; class Program { static void Main(string[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.PreserveWhitespace = true; xmlDoc.Load("test.xml"); } catch (Exception e) { Console.WriteLine(e.Message); } // Create a new RSA key. This key will encrypt a symmetric key, // which will then be imbedded in the XML document. RSA rsaKey = new RSACryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); // Decrypt the "creditcard" element. Decrypt(xmlDoc, rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.OuterXml); } catch (Exception e) { Console.WriteLine(e.Message); } finally { // Clear the RSA key. rsaKey.Clear(); } } public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, RSA Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (ElementToEncrypt == null) throw new ArgumentNullException("ElementToEncrypt"); if (Alg == null) throw new ArgumentNullException("Alg"); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement; // Throw an XmlException if the element was not found. if (elementToEncrypt == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // a new random symmetric key. ////////////////////////////////////////////////// // Create a 256 bit Rijndael key. RijndaelManaged sessionKey = new RijndaelManaged(); sessionKey.KeySize = 256; EncryptedXml eXml = new EncryptedXml(); byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, sessionKey, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.Type = EncryptedXml.XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. edElement.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url); // Encrypt the session key and add it to an EncryptedKey element. EncryptedKey ek = new EncryptedKey(); byte[] encryptedKey = EncryptedXml.EncryptKey(sessionKey.Key, Alg, false); ek.CipherData = new CipherData(encryptedKey); ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url); // Set the KeyInfo element to specify the // name of the RSA key. // Create a new KeyInfo element. edElement.KeyInfo = new KeyInfo(); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.Value = KeyName; // Add the KeyInfoName element to the // EncryptedKey object. ek.KeyInfo.AddClause(kin); // Add the encrypted key to the // EncryptedData object. edElement.KeyInfo.AddClause(new KeyInfoEncryptedKey(ek)); // Add the encrypted element data to the // EncryptedData object. edElement.CipherData.CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false); } public static void Decrypt(XmlDocument Doc, RSA Alg, string KeyName) { // Check the arguments. if (Doc == null) throw new ArgumentNullException("Doc"); if (Alg == null) throw new ArgumentNullException("Alg"); if (KeyName == null) throw new ArgumentNullException("KeyName"); // Create a new EncryptedXml object. EncryptedXml exml = new EncryptedXml(Doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml.AddKeyNameMapping(KeyName, Alg); // Decrypt the element. exml.DecryptDocument(); } }
#using <System.Xml.dll> #using <System.Security.dll> #using <System.dll> using namespace System; using namespace System::Xml; using namespace System::Security::Cryptography; using namespace System::Security::Cryptography::Xml; static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, RSA^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( ElementToEncrypt == nullptr ) throw gcnew ArgumentNullException( L"ElementToEncrypt" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 )); // Throw an XmlException if the element was not found. if ( elementToEncrypt == nullptr ) { throw gcnew XmlException( L"The specified element was not found" ); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // a new random symmetric key. ////////////////////////////////////////////////// // Create a 256 bit Rijndael key. RijndaelManaged^ sessionKey = gcnew RijndaelManaged; sessionKey->KeySize = 256; EncryptedXml^ eXml = gcnew EncryptedXml; array<Byte>^encryptedElement = eXml->EncryptData( elementToEncrypt, sessionKey, false ); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData^ edElement = gcnew EncryptedData; edElement->Type = EncryptedXml::XmlEncElementUrl; // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. edElement->EncryptionMethod = gcnew EncryptionMethod( EncryptedXml::XmlEncAES256Url ); // Encrypt the session key and add it to an EncryptedKey element. EncryptedKey^ ek = gcnew EncryptedKey; array<Byte>^encryptedKey = EncryptedXml::EncryptKey( sessionKey->Key, Alg, false ); ek->CipherData = gcnew CipherData( encryptedKey ); ek->EncryptionMethod = gcnew EncryptionMethod( EncryptedXml::XmlEncRSA15Url ); // Set the KeyInfo element to specify the // name of the RSA key. // Create a new KeyInfo element. edElement->KeyInfo = gcnew KeyInfo; // Create a new KeyInfoName element. KeyInfoName^ kin = gcnew KeyInfoName; // Specify a name for the key. kin->Value = KeyName; // Add the KeyInfoName element to the // EncryptedKey object. ek->KeyInfo->AddClause( kin ); // Add the encrypted key to the // EncryptedData object. edElement->KeyInfo->AddClause( gcnew KeyInfoEncryptedKey( ek ) ); // Add the encrypted element data to the // EncryptedData object. edElement->CipherData->CipherValue = encryptedElement; //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false ); } static void Decrypt( XmlDocument^ Doc, RSA^ Alg, String^ KeyName ) { // Check the arguments. if ( Doc == nullptr ) throw gcnew ArgumentNullException( L"Doc" ); if ( Alg == nullptr ) throw gcnew ArgumentNullException( L"Alg" ); if ( KeyName == nullptr ) throw gcnew ArgumentNullException( L"KeyName" ); // Create a new EncryptedXml object. EncryptedXml^ exml = gcnew EncryptedXml( Doc ); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. exml->AddKeyNameMapping( KeyName, Alg ); // Decrypt the element. exml->DecryptDocument(); } int main() { // Create an XmlDocument object. XmlDocument^ xmlDoc = gcnew XmlDocument; // Load an XML file into the XmlDocument object. try { xmlDoc->PreserveWhitespace = true; xmlDoc->Load( L"test.xml" ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } // Create a new RSA key. This key will encrypt a symmetric key, // which will then be imbedded in the XML document. RSA^ rsaKey = gcnew RSACryptoServiceProvider; try { // Encrypt the "creditcard" element. Encrypt( xmlDoc, L"creditcard", rsaKey, L"rsaKey" ); // Display the encrypted XML to the console. Console::WriteLine( L"Encrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); // Decrypt the "creditcard" element. Decrypt( xmlDoc, rsaKey, L"rsaKey" ); // Display the encrypted XML to the console. Console::WriteLine(); Console::WriteLine( L"Decrypted XML:" ); Console::WriteLine(); Console::WriteLine( xmlDoc->OuterXml ); } catch ( Exception^ e ) { Console::WriteLine( e->Message ); } finally { // Clear the RSA key. rsaKey->Clear(); } return 1; }
import System.*; import System.Xml.*; import System.Security.Cryptography.*; import System.Security.Cryptography.Xml.*; class Program { public static void main(String[] args) { // Create an XmlDocument object. XmlDocument xmlDoc = new XmlDocument(); // Load an XML file into the XmlDocument object. try { xmlDoc.set_PreserveWhitespace(true); xmlDoc.Load("test.xml"); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } // Create a new RSA key. This key will encrypt a symmetric key, // which will then be imbedded in the XML document. RSA rsaKey = new RSACryptoServiceProvider(); try { // Encrypt the "creditcard" element. Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine("Encrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); // Decrypt the "creditcard" element. Decrypt(xmlDoc, rsaKey, "rsaKey"); // Display the encrypted XML to the console. Console.WriteLine(); Console.WriteLine("Decrypted XML:"); Console.WriteLine(); Console.WriteLine(xmlDoc.get_OuterXml()); } catch (System.Exception e) { Console.WriteLine(e.get_Message()); } finally { // Clear the RSA key. rsaKey.Clear(); } } //main public static void Encrypt(XmlDocument doc, String elementToEncrypt, RSA alg, String keyName) throws ArgumentNullException,XmlException { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (elementToEncrypt == null) { throw new ArgumentNullException("elementToEncrypt"); } if (alg == null) { throw new ArgumentNullException("alg"); } //////////////////////////////////////////////// // Find the specified element in the XmlDocument // object and create a new XmlElemnt object. //////////////////////////////////////////////// XmlElement elementToEncrypt1 = (XmlElement)doc.GetElementsByTagName( elementToEncrypt).get_ItemOf(0); // Throw an XmlException if the element was not found. if (elementToEncrypt1 == null) { throw new XmlException("The specified element was not found"); } ////////////////////////////////////////////////// // Create a new instance of the EncryptedXml class // and use it to encrypt the XmlElement with the // a new random symmetric key. ////////////////////////////////////////////////// // Create a 256 bit Rijndael key. RijndaelManaged sessionKey = new RijndaelManaged(); sessionKey.set_KeySize(256); EncryptedXml eXml = new EncryptedXml(); ubyte encryptedElement[] = eXml.EncryptData(elementToEncrypt1, sessionKey, false); //////////////////////////////////////////////// // Construct an EncryptedData object and populate // it with the desired encryption information. //////////////////////////////////////////////// EncryptedData edElement = new EncryptedData(); edElement.set_Type(EncryptedXml.XmlEncElementUrl); // Create an EncryptionMethod element so that the // receiver knows which algorithm to use for decryption. edElement.set_EncryptionMethod(new EncryptionMethod( EncryptedXml.XmlEncAES256Url)); // Encrypt the session key and add it to an EncryptedKey element. EncryptedKey ek = new EncryptedKey(); ubyte encryptedKey[] = EncryptedXml.EncryptKey(sessionKey.get_Key(), alg, false); ek.set_CipherData(new CipherData(encryptedKey)); ek.set_EncryptionMethod(new EncryptionMethod(EncryptedXml. XmlEncRSA15Url)); // Set the KeyInfo element to specify the // name of the RSA key. // Create a new KeyInfo element. edElement.set_KeyInfo(new KeyInfo()); // Create a new KeyInfoName element. KeyInfoName kin = new KeyInfoName(); // Specify a name for the key. kin.set_Value(keyName); // Add the KeyInfoName element to the // EncryptedKey object. ek.get_KeyInfo().AddClause(kin); // Add the encrypted key to the // EncryptedData object. edElement.get_KeyInfo().AddClause(new KeyInfoEncryptedKey(ek)); // Add the encrypted element data to the // EncryptedData object. edElement.get_CipherData().set_CipherValue(encryptedElement); //////////////////////////////////////////////////// // Replace the element from the original XmlDocument // object with the EncryptedData element. //////////////////////////////////////////////////// EncryptedXml.ReplaceElement(elementToEncrypt1, edElement, false); } //Encrypt public static void Decrypt(XmlDocument doc, RSA alg, String keyName) { // Check the arguments. if (doc == null) { throw new ArgumentNullException("doc"); } if (alg == null) { throw new ArgumentNullException("alg"); } if (keyName == null) { throw new ArgumentNullException("keyName"); } // Create a new EncryptedXml object. EncryptedXml eXml = new EncryptedXml(doc); // Add a key-name mapping. // This method can only decrypt documents // that present the specified key name. eXml.AddKeyNameMapping(keyName, alg); // Decrypt the element. eXml.DecryptDocument(); } //Decrypt } //Program

Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
開発プラットフォームの中には、.NET Framework によってサポートされていないバージョンがあります。サポートされているバージョンについては、「システム要件」を参照してください。


EncryptedXml コンストラクタ (XmlDocument, Evidence)
アセンブリ: System.Security (system.security.dll 内)

Dim document As XmlDocument Dim evidence As Evidence Dim instance As New EncryptedXml(document, evidence)

このコンストラクタは、暗号化する XML ドキュメントを指定してセキュリティ証拠を提供するときに EncryptedXml オブジェクトを作成するために使用します。document パラメータは、暗号化された XML を後で形成する XML 要素を構成します。

Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
開発プラットフォームの中には、.NET Framework によってサポートされていないバージョンがあります。サポートされているバージョンについては、「システム要件」を参照してください。


EncryptedXml コンストラクタ

名前 | 説明 |
---|---|
EncryptedXml () | EncryptedXml クラスの新しいインスタンスを初期化します。 |
EncryptedXml (XmlDocument) | 指定した XML ドキュメントを使用して、EncryptedXml クラスの新しいインスタンスを初期化します。 |
EncryptedXml (XmlDocument, Evidence) | 指定した XML ドキュメントおよび証拠を使用して、EncryptedXml クラスの新しいインスタンスを初期化します。 |

EncryptedXml フィールド


EncryptedXml プロパティ

名前 | 説明 | |
---|---|---|
![]() | DocumentEvidence | 構築する EncryptedXml オブジェクトの元になる XmlDocument オブジェクトの証拠を取得または設定します。 |
![]() | Encoding | XML 暗号化に使用するエンコーディングを取得または設定します。 |
![]() | Mode | XML 暗号化に使用する暗号モードを取得または設定します。 |
![]() | Padding | XML 暗号化に使用する埋め込みモードを取得または設定します。 |
![]() | Recipient | 暗号化されたキー情報の受信者を取得または設定します。 |
![]() | Resolver | 外部 XML 参照を解決するためにドキュメント オブジェクト モデル (DOM: Document Object Model) によって使用される XmlResolver オブジェクトを取得または設定します。 |

EncryptedXml メソッド


名前 | 説明 | |
---|---|---|
![]() | Finalize | Object がガベージ コレクションにより収集される前に、その Object がリソースを解放し、その他のクリーンアップ操作を実行できるようにします。 ( Object から継承されます。) |
![]() | MemberwiseClone | 現在の Object の簡易コピーを作成します。 ( Object から継承されます。) |

EncryptedXml メンバ
EncryptedXml データ型で公開されるメンバを以下の表に示します。



名前 | 説明 | |
---|---|---|
![]() | DocumentEvidence | 構築する EncryptedXml オブジェクトの元になる XmlDocument オブジェクトの証拠を取得または設定します。 |
![]() | Encoding | XML 暗号化に使用するエンコーディングを取得または設定します。 |
![]() | Mode | XML 暗号化に使用する暗号モードを取得または設定します。 |
![]() | Padding | XML 暗号化に使用する埋め込みモードを取得または設定します。 |
![]() | Recipient | 暗号化されたキー情報の受信者を取得または設定します。 |
![]() | Resolver | 外部 XML 参照を解決するためにドキュメント オブジェクト モデル (DOM: Document Object Model) によって使用される XmlResolver オブジェクトを取得または設定します。 |


名前 | 説明 | |
---|---|---|
![]() | Finalize | Object がガベージ コレクションにより収集される前に、その Object がリソースを解放し、その他のクリーンアップ操作を実行できるようにします。 (Object から継承されます。) |
![]() | MemberwiseClone | 現在の Object の簡易コピーを作成します。 (Object から継承されます。) |

- EncryptedXmlのページへのリンク