Earlier this week, I posted about using cipher references to refer to data stored in the same document. Today I'll use the same technique, but instead of storing the encrypted data elsewhere in the document, I'm going to store it on a seperate server. Of course, I'll be using the familiar order.xml sample to work with. The samples all assume that I have a webserver with a shared root folder on \\webserver\wwwroot, which is accessed at http://webserver.
Encrypting the data to store on a server is very similar to the encryption step for storing locally. However, since my data will be in a seperate file, and not embedded in XML, I've decided to not base64 encode it. Instead, I'll just write the bytes out to a binary file.
Creating a cipher reference for this data will be much easier than it was when I was referencing the local data. Since the local data was base64 encoded, and stored within an XML element, I needed to apply a transform chain. However, the data this time is stored as raw bytes, so no transforms are needed. This means I can just use the CipherReference constructor to point to the URI where the data is stored, without having to hand-craft the CipherReference XML myself. Once I have the CipherReference, setting up the EncryptedData object is relativly straight forward, and very similar to the standard XML encryption case.
This creates the following XML:
Once again, after this is run, the XML document contained in the doc variable is exactly the same as the original order XML.