Package org.apache.ws.security.message
Class WSEncryptBody
- java.lang.Object
-
- org.apache.ws.security.message.WSBaseMessage
-
- org.apache.ws.security.message.WSEncryptBody
-
public class WSEncryptBody extends WSBaseMessage
Encrypts a SOAP body inside a SOAP envelope according to WS Specification, X509 profile, and adds the encryption data.- Author:
- Davanum Srinivas (dims@yahoo.com)., Werner Dittmann (Werner.Dittmann@siemens.com).
-
-
Field Summary
Fields Modifier and Type Field Description protected byte[]
embeddedKey
protected java.lang.String
embeddedKeyName
protected java.lang.String
encCanonAlgo
protected javax.crypto.SecretKey
encryptionKey
Symmetric key that's actually used.protected java.lang.String
keyEncAlgo
protected org.w3c.dom.Element
parentNode
Parent node to which the EncryptedKeyElement should be added.protected SecurityTokenReference
securityTokenReference
SecurityTokenReference to be inserted into EncryptedData/keyInfo element.protected java.lang.String
symEncAlgo
protected javax.crypto.SecretKey
symmetricKey
Symmetric key used in the EncrytpedKey.protected java.security.cert.X509Certificate
useThisCert
-
Fields inherited from class org.apache.ws.security.message.WSBaseMessage
actor, doDebug, keyIdentifierType, mustunderstand, parts, password, timeToLive, user, wssConfig
-
-
Constructor Summary
Constructors Constructor Description WSEncryptBody()
Deprecated.replaced byWSSecEncrypt()
WSEncryptBody(java.lang.String actor)
Deprecated.replaced byWSSecEncrypt()
andWSSecHeader
for actor specification.WSEncryptBody(java.lang.String actor, boolean mu)
Deprecated.replaced byWSSecEncrypt()
andWSSecHeader
for actor and mustunderstand specification.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description org.w3c.dom.Document
build(org.w3c.dom.Document doc, Crypto crypto)
Deprecated.static org.w3c.dom.Element
createCipherValue(org.w3c.dom.Document doc, org.w3c.dom.Element encryptedKey)
static org.w3c.dom.Element
createDataRefList(org.w3c.dom.Document doc, org.w3c.dom.Element encryptedKey, java.util.Vector encDataRefs)
static org.w3c.dom.Element
createEnrcyptedKey(org.w3c.dom.Document doc, java.lang.String keyTransportAlgo)
Create DOM subtree forxenc:EncryptedKey
javax.crypto.SecretKey
getEncryptionKey()
Deprecated.replaced byWSSecEncrypt#getEncryptionKey()
SecurityTokenReference
getSecurityTokenReference()
Deprecated.replaced byWSSecEncrypt.getSecurityTokenReference()
java.lang.String
getSymmetricEncAlgorithm()
Deprecated.replaced byWSSecEncrypt.getSymmetricEncAlgorithm()
javax.crypto.SecretKey
getSymmetricKey()
Deprecated.replaced byWSSecEncrypt.getSymmetricKey()
void
setEmbeddedKeyName(java.lang.String embeddedKeyName)
Deprecated.replaced byWSSecEncrypt.setEmbeddedKeyName(String)
void
setEncCanonicalization(java.lang.String algo)
Deprecated.replaced byWSSecEncrypt.setEncCanonicalization(String)
void
setKey(byte[] key)
Deprecated.replaced byWSSecEncrypt.setKey(byte[])
void
setKeyEnc(java.lang.String keyEnc)
Deprecated.replaced byWSSecEncrypt.setKeyEnc(String)
void
setParentNode(org.w3c.dom.Element element)
Deprecated.replaced byWSSecEncrypt#setParentNode(Element)
void
setSecurityTokenReference(SecurityTokenReference reference)
Deprecated.void
setSymmetricEncAlgorithm(java.lang.String algo)
Deprecated.replaced byWSSecEncrypt.setSymmetricEncAlgorithm(String)
void
setSymmetricKey(javax.crypto.SecretKey key)
Deprecated.replaced byWSSecEncrypt.setSymmetricKey(SecretKey)
void
setUserInfo(java.lang.String user)
Deprecated.replaced byWSSecEncryptedKey.setUserInfo(String)
void
setUseThisCert(java.security.cert.X509Certificate cert)
Deprecated.-
Methods inherited from class org.apache.ws.security.message.WSBaseMessage
getKeyIdentifierType, insertSecurityHeader, setActor, setBodyID, setKeyIdentifierType, setMustUnderstand, setParts, setTimeToLive, setUserInfo, setWsConfig, setWsuId
-
-
-
-
Field Detail
-
symEncAlgo
protected java.lang.String symEncAlgo
-
keyEncAlgo
protected java.lang.String keyEncAlgo
-
encCanonAlgo
protected java.lang.String encCanonAlgo
-
embeddedKey
protected byte[] embeddedKey
-
embeddedKeyName
protected java.lang.String embeddedKeyName
-
useThisCert
protected java.security.cert.X509Certificate useThisCert
-
symmetricKey
protected javax.crypto.SecretKey symmetricKey
Symmetric key used in the EncrytpedKey.
-
encryptionKey
protected javax.crypto.SecretKey encryptionKey
Symmetric key that's actually used.
-
parentNode
protected org.w3c.dom.Element parentNode
Parent node to which the EncryptedKeyElement should be added.
-
securityTokenReference
protected SecurityTokenReference securityTokenReference
SecurityTokenReference to be inserted into EncryptedData/keyInfo element.
-
-
Constructor Detail
-
WSEncryptBody
public WSEncryptBody()
Deprecated.replaced byWSSecEncrypt()
Constructor.
-
WSEncryptBody
public WSEncryptBody(java.lang.String actor)
Deprecated.replaced byWSSecEncrypt()
andWSSecHeader
for actor specification.Constructor.- Parameters:
actor
- The actor name of thewsse:Security
header
-
WSEncryptBody
public WSEncryptBody(java.lang.String actor, boolean mu)
Deprecated.replaced byWSSecEncrypt()
andWSSecHeader
for actor and mustunderstand specification.Constructor.- Parameters:
actor
- The actor name of thewsse:Security
headermu
- SetmustUnderstand
to true or false
-
-
Method Detail
-
setKey
public void setKey(byte[] key)
Deprecated.replaced byWSSecEncrypt.setKey(byte[])
Sets the key to use during embedded encryption.- Parameters:
key
- to use during encryption. The key must fit the selected symmetrical encryption algorithm
-
setKeyEnc
public void setKeyEnc(java.lang.String keyEnc)
Deprecated.replaced byWSSecEncrypt.setKeyEnc(String)
Sets the algorithm to encode the symmetric key. Default is theWSConstants.KEYTRANSPORT_RSA15
algorithm.- Parameters:
keyEnc
- specifies the key encoding algorithm.- See Also:
WSConstants.KEYTRANSPORT_RSA15
,WSConstants.KEYTRANSPORT_RSAOEP
-
setUserInfo
public void setUserInfo(java.lang.String user)
Deprecated.replaced byWSSecEncryptedKey.setUserInfo(String)
Set the user name to get the encryption certificate. The public key of this certificate is used, thus no password necessary. The user name is a keystore alias usually.- Parameters:
user
-
-
setEmbeddedKeyName
public void setEmbeddedKeyName(java.lang.String embeddedKeyName)
Deprecated.replaced byWSSecEncrypt.setEmbeddedKeyName(String)
Set the key name for EMBEDDED_KEYNAME- Parameters:
embeddedKeyName
-
-
setUseThisCert
public void setUseThisCert(java.security.cert.X509Certificate cert)
Deprecated.Set the X509 Certificate to use for encryption. If this is set and the key identifier is set toDirectReference
then use this certificate to get the public key for encryption.- Parameters:
cert
- is the X509 certificate to use for encryption
-
setSymmetricEncAlgorithm
public void setSymmetricEncAlgorithm(java.lang.String algo)
Deprecated.replaced byWSSecEncrypt.setSymmetricEncAlgorithm(String)
Set the name of the symmetric encryption algorithm to use. This encryption alogrithm is used to encrypt the data, i.e. the SOAP Body. If the algorithm is not set then Triple DES is used. Refer to WSConstants which algorithms are supported.- Parameters:
algo
- Is the name of the encryption algorithm- See Also:
WSConstants.TRIPLE_DES
,WSConstants.AES_128
,WSConstants.AES_192
,WSConstants.AES_256
-
setEncCanonicalization
public void setEncCanonicalization(java.lang.String algo)
Deprecated.replaced byWSSecEncrypt.setEncCanonicalization(String)
Set the name of an optional canonicalization algorithm to use before encryption. This c14n alogrithm is used to serialize the data before encryption, i.e. the SOAP Body. If the algorithm is not set then a standard serialization is used (provided by XMLCipher, usually a XMLSerializer according to DOM 3 specification).- Parameters:
algo
- Is the name of the canonicalization algorithm
-
getSymmetricEncAlgorithm
public java.lang.String getSymmetricEncAlgorithm()
Deprecated.replaced byWSSecEncrypt.getSymmetricEncAlgorithm()
Get the name of symmetric encryption algorithm to use. The name of the encryption alogrithm to encrypt the data, i.e. the SOAP Body. Refer to WSConstants which algorithms are supported.- Returns:
- the name of the currently selected symmetric encryption algorithm
- See Also:
WSConstants.TRIPLE_DES
,WSConstants.AES_128
,WSConstants.AES_192
,WSConstants.AES_256
-
build
public org.w3c.dom.Document build(org.w3c.dom.Document doc, Crypto crypto) throws WSSecurityException
Deprecated.Builds the SOAP envelope with encrypted Body and adds encrypted key. This function performs several steps:- First step: set the encoding namespace in the SOAP:Envelope
- Second step: generate a symmetric key (session key) for the selected symmetric encryption alogrithm, and set the cipher into encryption mode.
- Third step: get the data to encrypt. We always encrypt the complete first child element of the SOAP Body element
- Forth step: encrypt data, and set neccessary attributes in
xenc:EncryptedData
- Fifth step: get the certificate that contains the public key for the public key algorithm that will encrypt the generated symmetric (session) key. Up to now we support RSA 1-5 as public key algorithm.
- Sixth step: setup the
wsse:Security
header block
- Parameters:
doc
- the SOAP envelope asDocument
with plaintext Bodycrypto
- an instance of the Crypto API to handle keystore and Certificates- Returns:
- the SOAP envelope with encrypted Body as
Document
- Throws:
WSSecurityException
-
createEnrcyptedKey
public static org.w3c.dom.Element createEnrcyptedKey(org.w3c.dom.Document doc, java.lang.String keyTransportAlgo)
Create DOM subtree forxenc:EncryptedKey
- Parameters:
doc
- the SOAP enevelope parent documentkeyTransportAlgo
- specifies which alogrithm to use to encrypt the symmetric key- Returns:
- an
xenc:EncryptedKey
element
-
createCipherValue
public static org.w3c.dom.Element createCipherValue(org.w3c.dom.Document doc, org.w3c.dom.Element encryptedKey)
-
createDataRefList
public static org.w3c.dom.Element createDataRefList(org.w3c.dom.Document doc, org.w3c.dom.Element encryptedKey, java.util.Vector encDataRefs)
-
setParentNode
public void setParentNode(org.w3c.dom.Element element)
Deprecated.replaced byWSSecEncrypt#setParentNode(Element)
Sets the parent node of the EncryptedKeyElement- Parameters:
element
-
-
getSymmetricKey
public javax.crypto.SecretKey getSymmetricKey()
Deprecated.replaced byWSSecEncrypt.getSymmetricKey()
- Returns:
- TODO
-
setSymmetricKey
public void setSymmetricKey(javax.crypto.SecretKey key)
Deprecated.replaced byWSSecEncrypt.setSymmetricKey(SecretKey)
Set the symmetric key to be used for encryption- Parameters:
key
-
-
getEncryptionKey
public javax.crypto.SecretKey getEncryptionKey()
Deprecated.replaced byWSSecEncrypt#getEncryptionKey()
Get the symmetric key used for encryption. This may be the same as the symmetric key field.- Returns:
- The symmetric key
-
getSecurityTokenReference
public SecurityTokenReference getSecurityTokenReference()
Deprecated.replaced byWSSecEncrypt.getSecurityTokenReference()
- Returns:
- TODO
-
setSecurityTokenReference
public void setSecurityTokenReference(SecurityTokenReference reference)
Deprecated.- Parameters:
reference
-
-
-