THIS IS AN INTRO FOR NEWBIES TO XML
XML Encryption is a W3C standard for encrypting XML elements. The
encryption process involves taking an element from an xml document,
encrypting it and it's children, and then replacing the original XML
content with the generated encrypted XML in such a way as the document
remains well formed.
Introduction
There are three approaches to Xml Encryption.
1. Encrypt the xml using symmetric encryption only
Only one session key is used and it’s the same key that encrypts the
xml which is used to decrypt it. The key is not stored with the
encrypted xml and so the key needs to be loaded during the process and
protected when stored.
2. Encrypt the xml using a combination of asymmetric and symmetric
encryption
The dual approach requires a symmetric session key to encrypt the data
and an asymmetric key to protect the session key. Both the encrypted
session key and the encrypted data are stored together in the xml
document. The public asymmetric key is used to encrypt the session key
while the private asymmetric key is used to decrypt the key.
This article covers this approach. To learn about the other approaches
please look at the MSDN help for more information.
3. Encrypt the xml using a X.509 Certificate This approach uses a X.
509 certificate as the symmetrical key. X.509 certificates are
provided by a third party vendor such as VeriSign.
Approaches
Xml encryption, regardless of how the encryption is performed, can
store the encrypted data in one of two ways.
1.After encryption the whole element is replaced with an element named
<EncryptedData>
2.After encryption only the data in the element is replaced and its
name remains readable in the document.
The difference is very subtle but it’s rather important. For example:
Your xml document contains a root element called <employee> that
contains a child element called <WrittenWarning> in which details of
disciplinary action is stored. If you were sending this xml and wanted
the <WrittenWarning> elements details protected with approach 1 the
<WrittenWarning> is replaced with an element called <EncryptedData>
and no information can be gathered from the document.
With approach 2 however the <WrittenWarning> element stays and only
the data is encrypted. Anyone who intercepted this document might not
know the specific details of the discipline action but they will still
know that something has happened with that employee. Any attributes on
the <WrittenWarning> element are also not encrypted.
So the approach you take depends on what the data is and how much
information you want to give away. In .NET v2.0 deciding on which
approach to take is specified using a Boolean value and can be easily
modified.
Example of XML Encryption
Below is an example of XML encryption using the asymmetric approach
where the author element in the xml document is replaced with an
<EncryptedData> element.
The XML Document
<?xml version="1.0" standalone="no"?>
<article>
<articleinfo>
<title>XPath Queries on XmlDocument objects in .NET 1.1</title>
<abstract>
<para>This article covers the basics.</para>
</abstract>
<author>
<honorific>Mr.</honorific>
<firstname>George</firstname>
<surname>James</surname>
<email>[email protected]</email>
</author>
</articleinfo>
</article>
XPath expression = /article/articleinfo/author
The encrypted XML Document
<?xml version="1.0" standalone="no"?>
<article>
<articleinfo>
<title>XPath Queries on XmlDocument objects in .NET 1.1</title>
<abstract>
<para>This article covers the basics.</para>
<para>This article does not cover.</para>
</abstract>
<EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element";
xmlns="http://www.w3.org/2001/04/xmlenc#";>
<EncryptionMethod Algorithm="http://www.w3.org/
2001/04/xmlenc#aes256-cbc" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#";>
<EncryptionMethod Algorithm="http://
www.w3.org/2001/04/xmlenc#rsa-1_5" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
<KeyName>session</KeyName>
</KeyInfo>
<CipherData>
<CipherValue>r4f7SI1aZKSvibb…CipherValue>
</CipherData>
</EncryptedKey>
</KeyInfo>
<CipherData>
<CipherValue>sGNhKqcSovipJdOFCFKYEEMRFd…</CipherValue>
</CipherData>
</EncryptedData>
</articleinfo>
</article>
The author element and its children have been replaced with the
<EncryptedData> element which contains a number of other elements that
are used to describe the encrypted data, i.e. the encryption
algorithms used, the session key used, etc.
The <EncryptedData> element
Looking at the tree hierarchy of the <EncryptedData> element you can
see the <EncryptedData> element is broken down into a number of child
elements. The <KeyInfo> element is the same as the <KeyInfo> element
used in XML Digital Signatures.
The EncryptedData element is contained in the "http://www.w3.org/
2001/04/xmlenc#” namespace. It is the root of the encrypted data.
The EncryptionMethod element is used to specify the symmetric method
used when encrypting the data. It does this by using an Algorithm
attribute containing a W3 URL that describes the method used. "http://
www.w3.org/2001/04/xmlenc#aes256-cbc" indicates the data was encrypted
using AES (Rijndael) with a 256k key size.
The KeyInfo element is borrowed from XML Digital Signatures and is
used to store information about the symmetric keys. The KeyInfo
element can store information about more than one key.
The EncryptedKey element and its child elements contain information
about one key stored in a KeyInfo element.
The EncryptionMethod element of the KeyInfo contains the asymmetric
encryption method used to encrypt the session key. It does this using
an Algorithm attribute set to a W3 URL. For example:
http://www.w3.org/2001/04/xmlenc#rsa-1_5 describes that RSA asymmetric
encryption was used to encrypt the session key.
The KeyName element is an identifier used to find the key. You’ll see
the importance of this later when it comes to coding XML Encryption.
The CipherData and CipherValue elements that are found as part of the
EncryptedKey and EncryptedData elements contain the cipher data. The
actual cipher data is stored in the CipherValue element. The
EncryptedKey element stores the encrypted key, while in the encrypted
data is stored in the CipherValue for the EncryptedData element.
Asymmetric XML Encryption Process
The process of XML encryption can be summarized in five steps:
1.Select an element in an XML document (selecting the root will
encrypt the whole document).
2.Encrypt the element using a symmetric encryption key, known as the
session key.
3.Encrypt the session key using asymmetric encryption (the public key
is used).
4.Create an EncryptedData element which will contain the encrypted
data and the encrypted session key.
5.Replace the original element with the EncryptedData element. Most of
the steps are performed automatically for you by .NET v2.0 classes.
Asymmetric XML Decryption Process
The process of decrypting the XML can be summarized into four steps,
1.Select the EncryptedData element in an XML document
2.Decrypt the session key using an asymmetric key (the private key is
used)
3.Decrypt the cipher data using the unencrypted symmetric encryption.
4.Replace the EncryptedData element with the unencrypted element.
Most of the steps are performed automatically for you but .NET v2.0
classes.
Namespaces
The classes needed to perform XML Encryption can be found in three
namespaces.
•System.Xml – contains XML classes that are needed to contain XML
data.
•System.Security.Cryptography – contains encryption classes used to
generate encryption keys.
•System.Security.Cryptography.Xml – contains XML Encryption classes
that are used to perform the encryption.
Encrypting XML with .NET
A working sample application accompanies this article which is similar
to the code we’ll examine in this section. The sample application can
serve as a base for you to add additional functionality, such as
selecting a single node or leading the asymmetric key.
First load the asymmetric public key used to encrypt the session key.
//create asymmetric key for encrypting the session key
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
//load the public keys, to encrypt the XML is the recipients public
key
XmlDocument pubKeys = new XmlDocument();
pubKeys.Load(Application.StartupPath + "\\xml.dev.keys.public");
//use the public key to encrypt the session key
rsa.FromXmlString(pubKeys.OuterXml);
Next load the Xml Document and select the node that’s going to be
encrypted. The following example selects the node to encrypt using an
XPath expression. If no expression is given then the whole document is
encrypted.
//xml document
this.xmlEncDoc = new XmlDocument();
//TODO load some XML into the XmlDocument
XmlElement encElement;
//if there is no xpath value then
if (xpath == string.Empty)
{
//encrypt the document element
encElement = this.xmlEncDoc.DocumentElement;
}
else
{
XmlNamespaceManager xmlns = this.xmlCntrlr.xmlnsManager;
//select only the first matching node (be precise with xpath)
encElement = this.xmlEncDoc.SelectSingleNode(xpath, xmlns) as
XmlElement;
}
Use the EncryptedXml class to encrypt the data and session keys.
//a class to perform encryption on Xml Document
EncryptedXml xmlEnc = new EncryptedXml(this.xmlEncDoc);
//add a "session" key encoded with rsa
xmlEnc.AddKeyNameMapping("session", rsa);
//encrypt the data using the session key
//creates a new session key called "session"
//this is automatically stored in KeyInfo element
EncryptedData encData = xmlEnc.Encrypt(encElement, "session");
Replace the original element with its encrypted equivalent.
//replace the original element with the encrypted element
EncryptedXml.ReplaceElement(encElement, encData, false);
Decrypting XML with .NET
First load the private asymmetric key needed to decrypt the session
key.
//create asymmetric key for decrypting the session key
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
//load the private keys, to decrypt the session keys
XmlDocument privKeys = new XmlDocument();
privKeys.Load(Application.StartupPath + "\\xml.dev.keys.private");
//use the private key to decrypt the session key
rsa.FromXmlString(privKeys.OuterXml);Add a key name mapping to the
encrypted document that specifies which private key should be used to
decrypt the named session key.
//decrypt the document <EncryptedData> elements using the named key
EncryptedXml encXml = new EncryptedXml(xmlEncDoc);
encXml.AddKeyNameMapping("session", rsa);
Then decrypt the document, this will decrypt each of the Encrypted
Data elements with the specified keys.
//decrypts all the <EncryptedData> items,
//with the "session" key that was encrypted with rsa
encXml.DecryptDocument();
Summary
XML Encryption is a W3 Standard to encrypting XML. It does this in
such a way that the encrypted data remains and can be treated as XML.
It uses both asymmetric and symmetric encryption algorithms, symmetric
to encrypt the data and asymmetric to encrypt the symmetric session
key. Both the session key and the cipher data are stored together in
an XML element called EncryptedData. The EncryptedData element
contains a series of child elements that describe the algorithms used
during the encryption process, as well as containing key information
and the cipher data.
