0

Is there an existing .NET API for performing a Triple DES Key Wrap ?
Documentation here.

I have generated 192 bit symmetric key + 64 bit initialization vector (IV) for 256 bit total.

Currently, my code only encrypts the symmetric key as follows: 

        byte[] rawData = ReadFile("C:\\ReceiverTest.crt");
        X509Certificate2 x509 = new X509Certificate2();
        x509.Import(rawData);
        var receiverPublicKey = x509.PublicKey.Key.ToXmlString(false);

        RSACryptoServiceProvider receiverCipher = new RSACryptoServiceProvider();
        receiverCipher.FromXmlString(receiverPublicKey);

        // Encrypt the secret with the receiver's public key (so only they can decrypt)
        byte[] keyEncryptedBytes = receiverCipher.Encrypt(_cryptoHelper.SymmetricKey, false);             
        // Releases all resources
        receiverCipher.Clear();

        return keyEncryptedBytes;

I am using http://www.w3.org/2001/04/xmlenc#tripledes-cbc as the encryption algorithm.
Algorithm for signing the SAML Response - http://www.w3.org/2000/09/xmldsig#rsa-sha1
Encryption key transportation - http://www.w3.org/2001/04/xmlenc#rsa-1_5

The Service Provider is unable to decrypt my digest value until they get the IV wrapped with the symmetric key.

Thank you in advance for any help!
-Carrie

AdventurGurl
  • 141
  • 1
  • 14
  • are you looking for something like this? http://www.dotnetframework.org/default.aspx/Dotnetfx_Win7_3@5@1/Dotnetfx_Win7_3@5@1/3@5@1/DEVDIV/depot/DevDiv/releases/whidbey/NetFXspW7/ndp/clr/src/ManagedLibraries/Security/System/Security/Cryptography/Xml/SymmetricKeyWrap@cs/1/SymmetricKeyWrap@cs – DarkSquirrel42 Sep 09 '13 at 19:53
  • Yes, exactly like that! However, I do not understand where it is in the framework. Do I need to install a SP or something? Object Browser in VS 2012 does not show that class in System.Security.Cryptography.Xml namespace. – AdventurGurl Sep 09 '13 at 21:38
  • the class is "internal" ... means you can't simply access it ... it's meant to be used by some other class in the framework ... however, if you need the implementation, you know where the code is ... – DarkSquirrel42 Sep 10 '13 at 22:12
  • Thanks for your response, @DarkSquirrel42 - Digging further I have discovered if I call the overloaded System.Security.Cryptography.Xml.EncryptedXml.EncryptKey(byte[], System.Security.Cryptography.SymmetricAlgorithm) then under the covers it will call SymmetricKeyWrap.TripleDESKeyWrapEncrypt if the symmetricAlgorithm passed in is of type TripleDES. – AdventurGurl Sep 11 '13 at 15:02

0 Answers0