Fatal编程技术网
  • .net/
  • .net 加密一个xml文档的多个元素

.net 加密一个xml文档的多个元素

.net xml vb.net encryption

.net 加密一个xml文档的多个元素,.net,xml,vb.net,encryption,.net,Xml,Vb.net,Encryption,我通过加密一个元素,然后用加密的数据替换该元素来管理对xml文档的加密。A如下面的示例代码所示 Public Shared Sub Encrypt(ByVal textReader As TextReader, ByVal textWriter As TextWriter, ByVal certificateName As String) Dim xmlDoc As New XmlDocument() xmlDoc.Load(textReader) ' Add the s

我通过加密一个元素,然后用加密的数据替换该元素来管理对xml文档的加密。A如下面的示例代码所示

Public Shared Sub Encrypt(ByVal textReader As TextReader, ByVal textWriter As TextWriter, ByVal certificateName As String)
    Dim xmlDoc As New XmlDocument()
    xmlDoc.Load(textReader)
    ' Add the schema from Resources
    AddSchema(xmlDoc)
    ' Get all elements to encrypt
    Dim elementsToEncrypt As List(Of XmlElement) = FindElementsToEncrypt(xmlDoc.DocumentElement)

    ' Get the certificate
    Dim certificate As X509Certificate2 = FindTrustedCertificate(certificateName)
    If certificate Is Nothing Then
        Throw New ArgumentException(String.Format("Certificate {0} not found", certificateName), "certificateName")
    End If

    Dim xmlEncrypter As New EncryptedXml(xmlDoc)

    ' Itterate all elelemts to encrypt
    For Each elementToEncrypt As XmlElement In elementsToEncrypt
        ' Encrypt the elements with the given certificate
        Dim encryptedData As EncryptedData = xmlEncrypter.Encrypt(elementToEncrypt, certificate)
        EncryptedXml.ReplaceElement(elementToEncrypt, encryptedData, False)
    Next

    ' Return the encrypted XmlDocument
    xmlDoc.Save(textWriter)
End Sub
这将生成一个xml,其中元素具有EncryptedData,持有X509证书,就像我删除了批量数据一样:

      <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
      <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
        <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
        <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
          <X509Data>
            <X509Certificate>MIIFU......</X509Certificate>
          </X509Data>
        </KeyInfo>
        <CipherData>
          <CipherValue>dQOzeY81I9XAz......</CipherValue>
        </CipherData>
      </EncryptedKey>
    </KeyInfo>
    <CipherData>
      <CipherValue>qfmuwmyrpMOK.....</CipherValue>
    </CipherData>
  </EncryptedData>
如果我加密其中的两个元素,那么同一个X509证书将包含两次

有人知道引用证书的解决方案吗

谢谢

伯特·海斯宾

太糟糕了,没人给我答案。 这花了我一些时间,但我自己做到了

我编写了生成Rijndael会话密钥的代码。对每个元素使用此密钥来加密和引用此密钥。在最后一个EncryptedData元素中,我包括rsa加密的sessionkey和对x509证书的引用

这很有效。 伯特