EncryptedXml.DecryptDocument 메서드
정의
중요
일부 정보는 릴리스되기 전에 상당 부분 수정될 수 있는 시험판 제품과 관련이 있습니다. Microsoft는 여기에 제공된 정보에 대해 어떠한 명시적이거나 묵시적인 보증도 하지 않습니다.
EncryptedXml 클래스를 초기화하는 동안 지정된 XML 문서의 모든 <EncryptedData>
요소를 해독합니다.
public:
void DecryptDocument();
public void DecryptDocument ();
member this.DecryptDocument : unit -> unit
Public Sub DecryptDocument ()
예외
문서를 해독하는 데 사용된 암호화 키를 찾을 수 없는 경우
예제
다음 코드 예제에서는 비대칭 키를 사용하여 XML 문서를 암호화하는 방법을 보여 줍니다. 이 예제에서는 대칭 세션 키를 만들어 문서를 암호화한 다음 비대칭 키를 사용하여 암호화된 버전의 세션 키를 XML 문서에 포함합니다.
#using <System.Xml.dll>
#using <System.Security.dll>
#using <System.dll>
using namespace System;
using namespace System::Xml;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::Xml;
static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, RSA^ Alg, String^ KeyName )
{
// Check the arguments.
if ( Doc == nullptr )
throw gcnew ArgumentNullException( L"Doc" );
if ( ElementToEncrypt == nullptr )
throw gcnew ArgumentNullException( L"ElementToEncrypt" );
if ( Alg == nullptr )
throw gcnew ArgumentNullException( L"Alg" );
////////////////////////////////////////////////
// Find the specified element in the XmlDocument
// object and create a new XmlElemnt object.
////////////////////////////////////////////////
XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 ));
// Throw an XmlException if the element was not found.
if ( elementToEncrypt == nullptr )
{
throw gcnew XmlException( L"The specified element was not found" );
}
//////////////////////////////////////////////////
// Create a new instance of the EncryptedXml class
// and use it to encrypt the XmlElement with the
// a new random symmetric key.
//////////////////////////////////////////////////
// Create a 256 bit Aes key.
Aes^ sessionKey = Aes::Create();
sessionKey->KeySize = 256;
EncryptedXml^ eXml = gcnew EncryptedXml;
array<Byte>^encryptedElement = eXml->EncryptData( elementToEncrypt, sessionKey, false );
////////////////////////////////////////////////
// Construct an EncryptedData object and populate
// it with the desired encryption information.
////////////////////////////////////////////////
EncryptedData^ edElement = gcnew EncryptedData;
edElement->Type = EncryptedXml::XmlEncElementUrl;
// Create an EncryptionMethod element so that the
// receiver knows which algorithm to use for decryption.
edElement->EncryptionMethod = gcnew EncryptionMethod( EncryptedXml::XmlEncAES256Url );
// Encrypt the session key and add it to an EncryptedKey element.
EncryptedKey^ ek = gcnew EncryptedKey;
array<Byte>^encryptedKey = EncryptedXml::EncryptKey( sessionKey->Key, Alg, false );
ek->CipherData = gcnew CipherData( encryptedKey );
ek->EncryptionMethod = gcnew EncryptionMethod( EncryptedXml::XmlEncRSA15Url );
// Set the KeyInfo element to specify the
// name of the RSA key.
// Create a new KeyInfo element.
edElement->KeyInfo = gcnew KeyInfo;
// Create a new KeyInfoName element.
KeyInfoName^ kin = gcnew KeyInfoName;
// Specify a name for the key.
kin->Value = KeyName;
// Add the KeyInfoName element to the
// EncryptedKey object.
ek->KeyInfo->AddClause( kin );
// Add the encrypted key to the
// EncryptedData object.
edElement->KeyInfo->AddClause( gcnew KeyInfoEncryptedKey( ek ) );
// Add the encrypted element data to the
// EncryptedData object.
edElement->CipherData->CipherValue = encryptedElement;
////////////////////////////////////////////////////
// Replace the element from the original XmlDocument
// object with the EncryptedData element.
////////////////////////////////////////////////////
EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false );
}
static void Decrypt( XmlDocument^ Doc, RSA^ Alg, String^ KeyName )
{
// Check the arguments.
if ( Doc == nullptr )
throw gcnew ArgumentNullException( L"Doc" );
if ( Alg == nullptr )
throw gcnew ArgumentNullException( L"Alg" );
if ( KeyName == nullptr )
throw gcnew ArgumentNullException( L"KeyName" );
// Create a new EncryptedXml object.
EncryptedXml^ exml = gcnew EncryptedXml( Doc );
// Add a key-name mapping.
// This method can only decrypt documents
// that present the specified key name.
exml->AddKeyNameMapping( KeyName, Alg );
// Decrypt the element.
exml->DecryptDocument();
}
int main()
{
// Create an XmlDocument object.
XmlDocument^ xmlDoc = gcnew XmlDocument;
// Load an XML file into the XmlDocument object.
try
{
xmlDoc->PreserveWhitespace = true;
xmlDoc->Load( L"test.xml" );
}
catch ( Exception^ e )
{
Console::WriteLine( e->Message );
return 0;
}
// Create a new RSA key. This key will encrypt a symmetric key,
// which will then be imbedded in the XML document.
RSA^ rsaKey = RSA::Create();
try
{
// Encrypt the "creditcard" element.
Encrypt( xmlDoc, L"creditcard", rsaKey, L"rsaKey" );
// Display the encrypted XML to the console.
Console::WriteLine( L"Encrypted XML:" );
Console::WriteLine();
Console::WriteLine( xmlDoc->OuterXml );
xmlDoc->Save( L"test.xml" );
// Decrypt the "creditcard" element.
Decrypt( xmlDoc, rsaKey, L"rsaKey" );
// Display the encrypted XML to the console.
Console::WriteLine();
Console::WriteLine( L"Decrypted XML:" );
Console::WriteLine();
Console::WriteLine( xmlDoc->OuterXml );
xmlDoc->Save( L"test.xml" );
}
catch ( Exception^ e )
{
Console::WriteLine( e->Message );
}
finally
{
// Clear the RSA key.
rsaKey->Clear();
}
return 1;
}
using System;
using System.Xml;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
class Program
{
static void Main(string[] args)
{
// Create an XmlDocument object.
XmlDocument xmlDoc = new XmlDocument();
// Load an XML file into the XmlDocument object.
try
{
xmlDoc.PreserveWhitespace = true;
xmlDoc.Load("test.xml");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return;
}
// Create a new RSA key. This key will encrypt a symmetric key,
// which will then be imbedded in the XML document.
RSA rsaKey = RSA.Create();
try
{
// Encrypt the "creditcard" element.
Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey");
// Display the encrypted XML to the console.
Console.WriteLine("Encrypted XML:");
Console.WriteLine();
Console.WriteLine(xmlDoc.OuterXml);
xmlDoc.Save("test.xml");
// Decrypt the "creditcard" element.
Decrypt(xmlDoc, rsaKey, "rsaKey");
xmlDoc.Save("test.xml");
// Display the encrypted XML to the console.
Console.WriteLine();
Console.WriteLine("Decrypted XML:");
Console.WriteLine();
Console.WriteLine(xmlDoc.OuterXml);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
finally
{
// Clear the RSA key.
rsaKey.Clear();
}
}
public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, RSA Alg, string KeyName)
{
// Check the arguments.
if (Doc == null)
throw new ArgumentNullException("Doc");
if (ElementToEncrypt == null)
throw new ArgumentNullException("ElementToEncrypt");
if (Alg == null)
throw new ArgumentNullException("Alg");
////////////////////////////////////////////////
// Find the specified element in the XmlDocument
// object and create a new XmlElemnt object.
////////////////////////////////////////////////
XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement;
// Throw an XmlException if the element was not found.
if (elementToEncrypt == null)
{
throw new XmlException("The specified element was not found");
}
//////////////////////////////////////////////////
// Create a new instance of the EncryptedXml class
// and use it to encrypt the XmlElement with the
// a new random symmetric key.
//////////////////////////////////////////////////
// Create a 256 bit Aes key.
Aes sessionKey = Aes.Create();
sessionKey.KeySize = 256;
EncryptedXml eXml = new EncryptedXml();
byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, sessionKey, false);
////////////////////////////////////////////////
// Construct an EncryptedData object and populate
// it with the desired encryption information.
////////////////////////////////////////////////
EncryptedData edElement = new EncryptedData();
edElement.Type = EncryptedXml.XmlEncElementUrl;
// Create an EncryptionMethod element so that the
// receiver knows which algorithm to use for decryption.
edElement.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);
// Encrypt the session key and add it to an EncryptedKey element.
EncryptedKey ek = new EncryptedKey();
byte[] encryptedKey = EncryptedXml.EncryptKey(sessionKey.Key, Alg, false);
ek.CipherData = new CipherData(encryptedKey);
ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
// Set the KeyInfo element to specify the
// name of the RSA key.
// Create a new KeyInfo element.
edElement.KeyInfo = new KeyInfo();
// Create a new KeyInfoName element.
KeyInfoName kin = new KeyInfoName();
// Specify a name for the key.
kin.Value = KeyName;
// Add the KeyInfoName element to the
// EncryptedKey object.
ek.KeyInfo.AddClause(kin);
// Add the encrypted key to the
// EncryptedData object.
edElement.KeyInfo.AddClause(new KeyInfoEncryptedKey(ek));
// Add the encrypted element data to the
// EncryptedData object.
edElement.CipherData.CipherValue = encryptedElement;
////////////////////////////////////////////////////
// Replace the element from the original XmlDocument
// object with the EncryptedData element.
////////////////////////////////////////////////////
EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false);
}
public static void Decrypt(XmlDocument Doc, RSA Alg, string KeyName)
{
// Check the arguments.
if (Doc == null)
throw new ArgumentNullException("Doc");
if (Alg == null)
throw new ArgumentNullException("Alg");
if (KeyName == null)
throw new ArgumentNullException("KeyName");
// Create a new EncryptedXml object.
EncryptedXml exml = new EncryptedXml(Doc);
// Add a key-name mapping.
// This method can only decrypt documents
// that present the specified key name.
exml.AddKeyNameMapping(KeyName, Alg);
// Decrypt the element.
exml.DecryptDocument();
}
}
Imports System.Xml
Imports System.Security.Cryptography
Imports System.Security.Cryptography.Xml
Module Program
Sub Main(ByVal args() As String)
' Create an XmlDocument object.
Dim xmlDoc As New XmlDocument()
' Load an XML file into the XmlDocument object.
Try
xmlDoc.PreserveWhitespace = True
xmlDoc.Load("test.xml")
Catch e As Exception
Console.WriteLine(e.Message)
Return
End Try
' Create a new RSA key. This key will encrypt a symmetric key,
' which will then be imbedded in the XML document.
Dim rsaKey = RSA = RSA.Create()
Try
' Encrypt the "creditcard" element.
Encrypt(xmlDoc, "creditcard", rsaKey, "rsaKey")
' Display the encrypted XML to the console.
Console.WriteLine("Encrypted XML:")
Console.WriteLine()
Console.WriteLine(xmlDoc.OuterXml)
xmlDoc.Save("test.xml")
' Decrypt the "creditcard" element.
Decrypt(xmlDoc, rsaKey, "rsaKey")
' Display the encrypted XML to the console.
Console.WriteLine()
Console.WriteLine("Decrypted XML:")
Console.WriteLine()
Console.WriteLine(xmlDoc.OuterXml)
xmlDoc.Save("test.xml")
Catch e As Exception
Console.WriteLine(e.Message)
Finally
' Clear the RSA key.
rsaKey.Clear()
End Try
End Sub
Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Alg As RSA, ByVal KeyName As String)
' Check the arguments.
If Doc Is Nothing Then
Throw New ArgumentNullException("Doc")
End If
If ElementToEncrypt Is Nothing Then
Throw New ArgumentNullException("ElementToEncrypt")
End If
If Alg Is Nothing Then
Throw New ArgumentNullException("Alg")
End If
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Find the specified element in the XmlDocument
' object and create a new XmlElemnt object.
'''''''''''''''''''''''''''''''''''''''''''''''''''
Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0)
' Throw an XmlException if the element was not found.
If elementToEncrypt Is Nothing Then
Throw New XmlException("The specified element was not found")
End If
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Create a new instance of the EncryptedXml class
' and use it to encrypt the XmlElement with the
' a new random symmetric key.
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Create a 256 bit Aes key.
Dim sessionKey As Aes = Aes.Create()
sessionKey.KeySize = 256
Dim eXml As New EncryptedXml()
Dim encryptedElement As Byte() = eXml.EncryptData(elementEncrypt, sessionKey, False)
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Construct an EncryptedData object and populate
' it with the desired encryption information.
'''''''''''''''''''''''''''''''''''''''''''''''''''
Dim edElement As New EncryptedData()
edElement.Type = EncryptedXml.XmlEncElementUrl
' Create an EncryptionMethod element so that the
' receiver knows which algorithm to use for decryption.
edElement.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncAES256Url)
' Encrypt the session key and add it to an EncryptedKey element.
Dim ek As New EncryptedKey()
Dim encryptedKey As Byte() = EncryptedXml.EncryptKey(sessionKey.Key, Alg, False)
ek.CipherData = New CipherData(encryptedKey)
ek.EncryptionMethod = New EncryptionMethod(EncryptedXml.XmlEncRSA15Url)
' Set the KeyInfo element to specify the
' name of the RSA key.
' Create a new KeyInfo element.
edElement.KeyInfo = New KeyInfo()
' Create a new KeyInfoName element.
Dim kin As New KeyInfoName()
' Specify a name for the key.
kin.Value = KeyName
' Add the KeyInfoName element to the
' EncryptedKey object.
ek.KeyInfo.AddClause(kin)
' Add the encrypted key to the
' EncryptedData object.
edElement.KeyInfo.AddClause(New KeyInfoEncryptedKey(ek))
' Add the encrypted element data to the
' EncryptedData object.
edElement.CipherData.CipherValue = encryptedElement
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Replace the element from the original XmlDocument
' object with the EncryptedData element.
'''''''''''''''''''''''''''''''''''''''''''''''''''
EncryptedXml.ReplaceElement(elementEncrypt, edElement, False)
End Sub
Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As RSA, ByVal KeyName As String)
' Check the arguments.
If Doc Is Nothing Then
Throw New ArgumentNullException("Doc")
End If
If Alg Is Nothing Then
Throw New ArgumentNullException("Alg")
End If
If KeyName Is Nothing Then
Throw New ArgumentNullException("KeyName")
End If
' Create a new EncryptedXml object.
Dim exml As New EncryptedXml(Doc)
' Add a key-name mapping.
' This method can only decrypt documents
' that present the specified key name.
exml.AddKeyNameMapping(KeyName, Alg)
' Decrypt the element.
exml.DecryptDocument()
End Sub
End Module
다음 코드 예제에서는 X.509 인증서를 사용하여 XML 문서를 암호화하는 방법을 보여 줍니다. 다음은 문서를 암호화하는 대칭 세션 키를 만든 다음 X.509 인증서를 사용하여 암호화된 버전의 세션 키를 XML 문서에 포함하는 예제입니다.
#using <System.Security.dll>
#using <System.dll>
#using <System.Xml.dll>
using namespace System;
using namespace System::Xml;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::Xml;
using namespace System::Security::Cryptography::X509Certificates;
static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, X509Certificate2^ Cert )
{
// Check the arguments.
if ( Doc == nullptr )
throw gcnew ArgumentNullException( L"Doc" );
if ( ElementToEncrypt == nullptr )
throw gcnew ArgumentNullException( L"ElementToEncrypt" );
if ( Cert == nullptr )
throw gcnew ArgumentNullException( L"Cert" );
////////////////////////////////////////////////
// Find the specified element in the XmlDocument
// object and create a new XmlElemnt object.
////////////////////////////////////////////////
XmlElement^ elementToEncrypt = dynamic_cast<XmlElement^>(Doc->GetElementsByTagName( ElementToEncrypt )->Item( 0 ));
// Throw an XmlException if the element was not found.
if ( elementToEncrypt == nullptr )
{
throw gcnew XmlException( L"The specified element was not found" );
}
//////////////////////////////////////////////////
// Create a new instance of the EncryptedXml class
// and use it to encrypt the XmlElement with the
// X.509 Certificate.
//////////////////////////////////////////////////
EncryptedXml^ eXml = gcnew EncryptedXml;
// Encrypt the element.
EncryptedData^ edElement = eXml->Encrypt( elementToEncrypt, Cert );
////////////////////////////////////////////////////
// Replace the element from the original XmlDocument
// object with the EncryptedData element.
////////////////////////////////////////////////////
EncryptedXml::ReplaceElement( elementToEncrypt, edElement, false );
}
static void Decrypt( XmlDocument^ Doc )
{
// Check the arguments.
if ( Doc == nullptr )
throw gcnew ArgumentNullException( L"Doc" );
// Create a new EncryptedXml object.
EncryptedXml^ exml = gcnew EncryptedXml( Doc );
// Decrypt the XML document.
exml->DecryptDocument();
}
int main()
{
// Create an XmlDocument object.
XmlDocument^ xmlDoc = gcnew XmlDocument;
// Load an XML file into the XmlDocument object.
try
{
xmlDoc->PreserveWhitespace = true;
xmlDoc->Load( L"test.xml" );
}
catch ( Exception^ e )
{
Console::WriteLine( e->Message );
return 0;
}
// Create a new X509Certificate2 object by loading
// an X.509 certificate file. To use XML encryption
// with an X.509 certificate, use an X509Certificate2
// object to encrypt, but use a certificate in a certificate
// store to decrypt.
// You can create a new test certificate file using the
// makecert.exe tool.
// Create an X509Certificate2 object for encryption.
X509Certificate2^ cert = gcnew X509Certificate2( L"test.pfx" );
// Put the certificate in certificate store for decryption.
X509Store^ store = gcnew X509Store( StoreLocation::CurrentUser );
store->Open( OpenFlags::ReadWrite );
store->Add( cert );
store->Close();
try
{
// Encrypt the "creditcard" element.
Encrypt( xmlDoc, L"creditcard", cert );
// Display the encrypted XML to the console.
Console::WriteLine( L"Encrypted XML:" );
Console::WriteLine();
Console::WriteLine( xmlDoc->OuterXml );
// Decrypt the "creditcard" element.
Decrypt( xmlDoc );
// Display the encrypted XML to the console.
Console::WriteLine();
Console::WriteLine( L"Decrypted XML:" );
Console::WriteLine();
Console::WriteLine( xmlDoc->OuterXml );
}
catch ( Exception^ e )
{
Console::WriteLine( e->Message );
}
return 1;
}
using System;
using System.Xml;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Security.Cryptography.X509Certificates;
class Program
{
static void Main(string[] args)
{
// Create an XmlDocument object.
XmlDocument xmlDoc = new XmlDocument();
// Load an XML file into the XmlDocument object.
try
{
xmlDoc.PreserveWhitespace = true;
xmlDoc.Load("test.xml");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return;
}
// Create a new X509Certificate2 object by loading
// an X.509 certificate file. To use XML encryption
// with an X.509 certificate, use an X509Certificate2
// object to encrypt, but use a certificate in a certificate
// store to decrypt.
// You can create a new test certificate file using the
// makecert.exe tool.
// Create an X509Certificate2 object for encryption.
X509Certificate2 cert = new X509Certificate2("test.pfx");
// Put the certificate in certificate store for decryption.
X509Store store = new X509Store(StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadWrite);
store.Add(cert);
store.Close();
try
{
// Encrypt the "creditcard" element.
Encrypt(xmlDoc, "creditcard", cert);
// Display the encrypted XML to the console.
Console.WriteLine("Encrypted XML:");
Console.WriteLine();
Console.WriteLine(xmlDoc.OuterXml);
// Decrypt the "creditcard" element.
Decrypt(xmlDoc);
// Display the encrypted XML to the console.
Console.WriteLine();
Console.WriteLine("Decrypted XML:");
Console.WriteLine();
Console.WriteLine(xmlDoc.OuterXml);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, X509Certificate2 Cert)
{
// Check the arguments.
if (Doc == null)
throw new ArgumentNullException("Doc");
if (ElementToEncrypt == null)
throw new ArgumentNullException("ElementToEncrypt");
if (Cert == null)
throw new ArgumentNullException("Cert");
////////////////////////////////////////////////
// Find the specified element in the XmlDocument
// object and create a new XmlElemnt object.
////////////////////////////////////////////////
XmlElement elementToEncrypt = Doc.GetElementsByTagName(ElementToEncrypt)[0] as XmlElement;
// Throw an XmlException if the element was not found.
if (elementToEncrypt == null)
{
throw new XmlException("The specified element was not found");
}
//////////////////////////////////////////////////
// Create a new instance of the EncryptedXml class
// and use it to encrypt the XmlElement with the
// X.509 Certificate.
//////////////////////////////////////////////////
EncryptedXml eXml = new EncryptedXml();
// Encrypt the element.
EncryptedData edElement = eXml.Encrypt(elementToEncrypt, Cert);
////////////////////////////////////////////////////
// Replace the element from the original XmlDocument
// object with the EncryptedData element.
////////////////////////////////////////////////////
EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false);
}
public static void Decrypt(XmlDocument Doc)
{
// Check the arguments.
if (Doc == null)
throw new ArgumentNullException("Doc");
// Create a new EncryptedXml object.
EncryptedXml exml = new EncryptedXml(Doc);
// Decrypt the XML document.
exml.DecryptDocument();
}
}
Imports System.Xml
Imports System.Security.Cryptography
Imports System.Security.Cryptography.Xml
Imports System.Security.Cryptography.X509Certificates
Module Program
Sub Main(ByVal args() As String)
' Create an XmlDocument object.
Dim xmlDoc As New XmlDocument()
' Load an XML file into the XmlDocument object.
Try
xmlDoc.PreserveWhitespace = True
xmlDoc.Load("test.xml")
Catch e As Exception
Console.WriteLine(e.Message)
Return
End Try
' Create a new X509Certificate2 object by loading
' an X.509 certificate file. To use XML encryption
' with an X.509 certificate, use an X509Certificate2
' object to encrypt, but use a certificate in a certificate
' store to decrypt.
' You can create a new test certificate file using the
' makecert.exe tool.
' Create an X509Certificate2 object for encryption.
Dim cert As New X509Certificate2("test.pfx")
' Put the certificate in certificate store for decryption.
Dim store As New X509Store(StoreLocation.CurrentUser)
store.Open(OpenFlags.ReadWrite)
store.Add(cert)
store.Close()
Try
' Encrypt the "creditcard" element.
Encrypt(xmlDoc, "creditcard", cert)
' Display the encrypted XML to the console.
Console.WriteLine("Encrypted XML:")
Console.WriteLine()
Console.WriteLine(xmlDoc.OuterXml)
' Decrypt the "creditcard" element.
Decrypt(xmlDoc)
' Display the encrypted XML to the console.
Console.WriteLine()
Console.WriteLine("Decrypted XML:")
Console.WriteLine()
Console.WriteLine(xmlDoc.OuterXml)
Catch e As Exception
Console.WriteLine(e.Message)
End Try
End Sub
Sub Encrypt(ByVal Doc As XmlDocument, ByVal ElementToEncrypt As String, ByVal Cert As X509Certificate2)
' Check the arguments.
If Doc Is Nothing Then
Throw New ArgumentNullException("Doc")
End If
If ElementToEncrypt Is Nothing Then
Throw New ArgumentNullException("ElementToEncrypt")
End If
If Cert Is Nothing Then
Throw New ArgumentNullException("Cert")
End If
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Find the specified element in the XmlDocument
' object and create a new XmlElemnt object.
'''''''''''''''''''''''''''''''''''''''''''''''''''
Dim elementEncrypt As XmlElement = Doc.GetElementsByTagName(ElementToEncrypt)(0)
' Throw an XmlException if the element was not found.
If elementToEncrypt Is Nothing Then
Throw New XmlException("The specified element was not found")
End If
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Create a new instance of the EncryptedXml class
' and use it to encrypt the XmlElement with the
' X.509 Certificate.
'''''''''''''''''''''''''''''''''''''''''''''''''''
Dim eXml As New EncryptedXml()
' Encrypt the element.
Dim edElement As EncryptedData = eXml.Encrypt(elementEncrypt, Cert)
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Replace the element from the original XmlDocument
' object with the EncryptedData element.
'''''''''''''''''''''''''''''''''''''''''''''''''''
EncryptedXml.ReplaceElement(elementEncrypt, edElement, False)
End Sub
Sub Decrypt(ByVal Doc As XmlDocument)
' Check the arguments.
If Doc Is Nothing Then
Throw New ArgumentNullException("Doc")
End If
' Create a new EncryptedXml object.
Dim exml As New EncryptedXml(Doc)
' Decrypt the XML document.
exml.DecryptDocument()
End Sub
End Module
다음 코드 예제에서는 다른 암호화된 <EncryptedData>
태그를 포함하는 상위 수준 <EncryptedData>
태그의 암호를 해독하는 방법을 보여 줍니다.
static void Decrypt(XmlDocument Doc, RSA Alg, string KeyName)
{
// Check the arguments.
if (Doc == null)
throw new ArgumentNullException("Doc");
if (Alg == null)
throw new ArgumentNullException("Alg");
if (KeyName == null)
throw new ArgumentNullException("KeyName");
// Create a new EncryptedXml object.
var exml = new EncryptedXml(Doc);
// Add a key-name mapping.
// This method can only decrypt documents
// that present the specified key name.
exml.AddKeyNameMapping(KeyName, Alg);
while (Doc.GetElementsByTagName("EncryptedData", EncryptedXml.XmlEncNamespaceUrl).Count > 0)
{
// Decrypt the element.
exml.DecryptDocument();
}
}
Sub Decrypt(ByVal Doc As XmlDocument, ByVal Alg As RSA, ByVal KeyName As String)
' Check the arguments.
If Doc Is Nothing Then
Throw New ArgumentNullException("Doc")
End If
If Alg Is Nothing Then
Throw New ArgumentNullException("Alg")
End If
If KeyName Is Nothing Then
Throw New ArgumentNullException("KeyName")
End If
' Create a new EncryptedXml object.
Dim exml As New EncryptedXml(Doc)
' Add a key-name mapping.
' This method can only decrypt documents
' that present the specified key name.
exml.AddKeyNameMapping(KeyName, Alg)
While Doc.GetElementsByTagName("EncryptedData", EncryptedXml.XmlEncNamespaceUrl).Count > 0
' Decrypt the element.
exml.DecryptDocument()
End While
End Sub
설명
메서드는 DecryptDocument 초기화 중에 로드된 XML 문서의 모든 <EncryptedData>
요소를 해독합니다. 이 메서드를 호출하면 문서의 모든 <EncryptedData>
요소가 일반 텍스트 버전으로 대체됩니다.
메서드는 DecryptDocument 최상위 <EncryptedData>
요소만 암호 해독합니다. 슈퍼 암호화된 문서(두 번 이상 암호화된 문서)의 암호를 해독해야 하는 경우 모든 요소가 암호 해독될 때까지 메서드를 <EncryptedData>
반복적으로 호출 DecryptDocument 해야 합니다.
참고
메서드는 DecryptDocument 유효한 XML 데이터만 암호 해독합니다. 임의의 데이터의 암호를 해독하려면 메서드를 DecryptData 사용합니다.
X.509 인증서와 함께 XML 암호화를 사용하려면 Microsoft 고급 암호화 공급자가 설치되어 있어야 하며 X.509 인증서는 고급 공급자를 사용해야 합니다. Microsoft 고급 암호화 공급자가 설치되어 있지 않거나 X.509 인증서가 고급 공급자 CryptographicException 를 사용하지 않는 경우 XML 문서의 암호를 해독할 때 "알 수 없는 오류"가 throw됩니다.
적용 대상
.NET