CryptoSys Home >
xmlsq >
Using xmlsq and CryptoSys PKI to decrypt XMLENC documents
Here is an example C# program using xmlsq and CryptoSys PKI to decrypt some sample XMLENC documents.
Source code: XmlEncDecrypt.cs (version 2). MSVS C# Project: XmlEncDecrypt.zip.
The code uses xmlsq to query the XMLENC documents for the relevant information, then uses the CryptoSys PKI cryptographic functions to decrypt the cipher value.
This is a C# Console Application. In your project, add references to the .NET library files diXmlsqNet.dll and diCrSysPKINet.dll
(you should find these in C:\Program Files (x86)\xmlsq\DotNet and C:\Program Files (x86)\CryptoSysPKI\DotNet).
For more details, see the comments in the code source. Test files are here.
2020-12-07:
For a more detailed look at encryption in XML documents see
Using CryptoSys PKI to encrypt and decrypt using XMLENC
and its companion explanatory page
Encryption in XML documents using XMLENC.
FILE: encrypt-data-aes192-cbc-kw-aes256.xml
<?xml version="1.0" encoding="UTF-8"?>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" MimeType="text/plain">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyName>jed</KeyName>
</KeyInfo>
<CipherData>
<CipherValue>
4AAgyi3M7xNdBimbQZKdGJLn3/cS4Yv8QKuA01+gUnY=
</CipherValue>
</CipherData>
</EncryptedKey>
</KeyInfo>
<CipherData>
<CipherValue>
50lv94d/DFJirJXYOUXaBlrO+7gIXpx8cqH+G2xvE4mueoIxmGs8RH7FBXwjuMgf
</CipherValue>
</CipherData>
</EncryptedData>
:: How many EncryptedKeys? We expect at least one or we quit. > xmlsq --count //EncryptedKey encrypt-data-aes192-cbc-kw-aes256.xml 1 :: Get encryption algorithm used for encrypted key-encryption key > xmlsq "//EncryptedKey/EncryptionMethod/@Algorithm" encrypt-data-aes192-cbc-kw-aes256.xml http://www.w3.org/2001/04/xmlenc#kw-aes256 :: Get KeyName for intended recipient > xmlsq "//EncryptedKey/KeyInfo/KeyName" encrypt-data-aes192-cbc-kw-aes256.xml jed :: Get encrypted key value > xmlsq --trim "//EncryptedKey/CipherData/CipherValue" encrypt-data-aes192-cbc-kw-aes256.xml 4AAgyi3M7xNdBimbQZKdGJLn3/cS4Yv8QKuA01+gUnY= :: Use jed's secret AES-256 key to decrypt and get the content-encryption key (CEK)... :: Get encryption algorithm used to encrypt the data > xmlsq "//EncryptedData/EncryptionMethod/@Algorithm" encrypt-data-aes192-cbc-kw-aes256.xml http://www.w3.org/2001/04/xmlenc#aes192-cbc :: Get encrypted data > xmlsq --trim "//EncryptedData/CipherData/CipherValue" encrypt-data-aes192-cbc-kw-aes256.xml 50lv94d/DFJirJXYOUXaBlrO+7gIXpx8cqH+G2xvE4mueoIxmGs8RH7FBXwjuMgf :: Use the CEK to decrypt the content...
See the C# code above to see how to do the same using the .NET interface to xmlsq
To contact us or comment on this page, please send us a message.
This page last updated 10 September 2025
