|
PicketLink Federation Core 2.1.6.Final-redhat-2 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.picketlink.identity.federation.core.util.XMLEncryptionUtil
public class XMLEncryptionUtil
Utility for XML Encryption Note: This utility is currently using Apache XML Security library API. JSR-106 is not yet final. Until that happens,we rely on the non-standard API.
Field Summary | |
---|---|
static String |
CIPHER_DATA_LOCALNAME
|
static String |
DS_KEY_INFO
|
static String |
ENCRYPTED_KEY_LOCALNAME
|
static String |
XMLENC_NS
|
static String |
XMLNS
|
static String |
XMLSIG_NS
|
Constructor Summary | |
---|---|
XMLEncryptionUtil()
|
Method Summary | |
---|---|
static Element |
decryptElementInDocument(Document documentWithEncryptedElement,
PrivateKey privateKey)
Decrypt an encrypted element inside a document |
static void |
encryptElement(Document document,
Element element,
PublicKey publicKey,
SecretKey secretKey,
int keySize)
Encrypts an element in a XML document using the specified public key, secret key, and key size. |
static void |
encryptElement(QName elementQName,
Document document,
PublicKey publicKey,
SecretKey secretKey,
int keySize,
QName wrappingElementQName,
boolean addEncryptedKeyInKeyInfo)
Given an element in a Document, encrypt the element and replace the element in the document with the encrypted data |
static Element |
encryptElementInDocument(Document document,
PublicKey publicKey,
SecretKey secretKey,
int keySize,
QName wrappingElementQName,
boolean addEncryptedKeyInKeyInfo)
Encrypt the root document element inside a Document. |
static org.apache.xml.security.encryption.EncryptedKey |
encryptKey(Document document,
SecretKey keyToBeEncrypted,
PublicKey keyUsedToEncryptSecretKey,
int keySize)
Encrypt the Key to be transported |
static int |
getEncryptionKeySize(String certAlgo)
Given the JCE algorithm, get the XML Encryption KeySize |
static String |
getEncryptionURL(String certAlgo)
Given the JCE algorithm, get the XML Encryption URL |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String CIPHER_DATA_LOCALNAME
public static final String ENCRYPTED_KEY_LOCALNAME
public static final String DS_KEY_INFO
public static final String XMLNS
public static String XMLSIG_NS
public static String XMLENC_NS
Constructor Detail |
---|
public XMLEncryptionUtil()
Method Detail |
---|
public static String getEncryptionURL(String certAlgo)
certAlgo
-
public static int getEncryptionKeySize(String certAlgo)
certAlgo
-
public static org.apache.xml.security.encryption.EncryptedKey encryptKey(Document document, SecretKey keyToBeEncrypted, PublicKey keyUsedToEncryptSecretKey, int keySize) throws ProcessingException
Encrypt the Key to be transported
Data is encrypted with a SecretKey. Then the key needs to be transported to the other end where it is needed for decryption. For the Key transport, the SecretKey is encrypted with the recipient's public key. At the receiving end, the receiver can decrypt the Secret Key using his private key.s
document
- keyToBeEncrypted
- Symmetric Key (SecretKey)keyUsedToEncryptSecretKey
- Asymmetric Key (Public Key)keySize
- Length of the key
ProcessingException
public static void encryptElement(QName elementQName, Document document, PublicKey publicKey, SecretKey secretKey, int keySize, QName wrappingElementQName, boolean addEncryptedKeyInKeyInfo) throws ProcessingException
elementQName
- QName of the element that we like to encryptpublicKey
- secretKey
- keySize
- wrappingElementQName
- A QName of an element that will wrap the encrypted elementaddEncryptedKeyInKeyInfo
- Need for the EncryptedKey to be placed in ds:KeyInfo
ProcessingException
public static void encryptElement(Document document, Element element, PublicKey publicKey, SecretKey secretKey, int keySize) throws ProcessingException
Encrypts an element in a XML document using the specified public key, secret key, and key size. This method doesn't wrap the encrypted element in a new element. Instead, it replaces the element with its encrypted version.
For example, calling this method to encrypt the inner element in the following XML document
<root> <outer> <inner> ... </inner> </outer> </root>would result in a document similar to
<root> <outer> <xenc:EncryptedData xmlns:xenc="..."> ... </xenc:EncryptedData> </outer> </root>
document
- the Document
that contains the element to be encrypted.element
- the Element
to be encrypted.publicKey
- the PublicKey
that must be used to encrypt the secret key.secretKey
- the SecretKey
used to encrypt the specified element.keySize
- the size (in bits) of the secret key.
ProcessingException
- if an error occurs while encrypting the element with the specified params.public static Element encryptElementInDocument(Document document, PublicKey publicKey, SecretKey secretKey, int keySize, QName wrappingElementQName, boolean addEncryptedKeyInKeyInfo) throws ProcessingException, ConfigurationException
document
- Document that contains an element to encryptpublicKey
- The Public Key used to encrypt the secret encryption keysecretKey
- The secret encryption keykeySize
- Length of keywrappingElementQName
- QName of the element to be used to wrap around the cipher data.addEncryptedKeyInKeyInfo
- Should the encrypted key be inside a KeyInfo or added as a peer of Cipher Data
ProcessingException
ConfigurationException
public static Element decryptElementInDocument(Document documentWithEncryptedElement, PrivateKey privateKey) throws ProcessingException
documentWithEncryptedElement
- privateKey
- key need to unwrap the encryption key
org.apache.xml.security.encryption.XMLEncryptionException
ProcessingException
|
PicketLink Federation Core 2.1.6.Final-redhat-2 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |