Package org.apache.ws.security.message
Class WSSecEncrypt
- java.lang.Object
-
- org.apache.ws.security.message.WSSecBase
-
- org.apache.ws.security.message.WSSecEncryptedKey
-
- org.apache.ws.security.message.WSSecEncrypt
-
public class WSSecEncrypt extends WSSecEncryptedKey
Encrypts a parts of a message according to WS Specification, X509 profile, and adds the encryption data.- Author:
- Davanum Srinivas (dims@yahoo.com)., Werner Dittmann (Werner.Dittmann@apache.org).
-
-
Field Summary
Fields Modifier and Type Field Description protected byte[]
embeddedKey
protected java.lang.String
embeddedKeyName
protected java.lang.String
encCanonAlgo
protected SecurityTokenReference
securityTokenReference
SecurityTokenReference to be inserted into EncryptedData/keyInfo element.protected java.lang.String
symEncAlgo
protected javax.crypto.SecretKey
symmetricKey
Symmetric key used in the EncrytpedKey.-
Fields inherited from class org.apache.ws.security.message.WSSecEncryptedKey
bstToken, document, encKeyId, encrUser, encryptedKeyElement, envelope, ephemeralKey, keyEncAlgo, keySize, useThisCert
-
-
Constructor Summary
Constructors Constructor Description WSSecEncrypt()
Constructor.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addExternalRefElement(org.w3c.dom.Element dataRef, WSSecHeader secHeader)
Adds (prepends) the external Reference element to the Security header.void
addInternalRefElement(org.w3c.dom.Element dataRef)
Adds the internal Reference element to this Encrypt data.org.w3c.dom.Document
build(org.w3c.dom.Document doc, Crypto crypto, WSSecHeader secHeader)
Builds the SOAP envelope with encrypted Body and adds encrypted key.static org.w3c.dom.Element
createDataRefList(org.w3c.dom.Document doc, org.w3c.dom.Element referenceList, java.util.Vector encDataRefs)
Create DOM subtree forxenc:EncryptedKey
org.w3c.dom.Element
encryptForExternalRef(org.w3c.dom.Element dataRef, java.util.Vector references)
Encrypt one or more parts or elements of the message (external).org.w3c.dom.Element
encryptForInternalRef(org.w3c.dom.Element dataRef, java.util.Vector references)
Encrypt one or more parts or elements of the message (internal).SecurityTokenReference
getSecurityTokenReference()
java.lang.String
getSymmetricEncAlgorithm()
Get the name of symmetric encryption algorithm to use.javax.crypto.SecretKey
getSymmetricKey()
void
prepare(org.w3c.dom.Document doc, Crypto crypto)
Initialize a WSSec Encrypt.void
setEmbeddedKeyName(java.lang.String embeddedKeyName)
Set the key name for EMBEDDED_KEYNAMEvoid
setEncCanonicalization(java.lang.String algo)
Set the name of an optional canonicalization algorithm to use before encryption.void
setKey(byte[] key)
Sets the key to use during embedded encryption.void
setKeyEnc(java.lang.String keyEnc)
Sets the algorithm to encode the symmetric key.void
setSecurityTokenReference(SecurityTokenReference reference)
void
setSymmetricEncAlgorithm(java.lang.String algo)
Set the name of the symmetric encryption algorithm to use.void
setSymmetricKey(javax.crypto.SecretKey key)
Set the symmetric key to be used for encryption-
Methods inherited from class org.apache.ws.security.message.WSSecEncryptedKey
appendBSTElementToHeader, appendToHeader, createCipherValue, createEnrcyptedKey, generateEphemeralKey, getBinarySecurityTokenElement, getBSTTokenId, getEncryptedKeyElement, getEphemeralKey, getId, prepareInternal, prependBSTElementToHeader, prependToHeader, setDocument, setEncKeyId, setEphemeralKey, setKeyEncAlgo, setKeySize, setUserInfo, setUseThisCert
-
Methods inherited from class org.apache.ws.security.message.WSSecBase
getKeyIdentifierType, setBodyID, setKeyIdentifierType, setParts, setUserInfo, setWsConfig, setWsuId
-
-
-
-
Field Detail
-
symEncAlgo
protected java.lang.String symEncAlgo
-
encCanonAlgo
protected java.lang.String encCanonAlgo
-
embeddedKey
protected byte[] embeddedKey
-
embeddedKeyName
protected java.lang.String embeddedKeyName
-
symmetricKey
protected javax.crypto.SecretKey symmetricKey
Symmetric key used in the EncrytpedKey.
-
securityTokenReference
protected SecurityTokenReference securityTokenReference
SecurityTokenReference to be inserted into EncryptedData/keyInfo element.
-
-
Method Detail
-
setKey
public void setKey(byte[] key)
Sets the key to use during embedded encryption.- Parameters:
key
- to use during encryption. The key must fit the selected symmetrical encryption algorithm
-
setKeyEnc
public void setKeyEnc(java.lang.String keyEnc)
Sets the algorithm to encode the symmetric key. Default is theWSConstants.KEYTRANSPORT_RSA15
algorithm.- Parameters:
keyEnc
- specifies the key encoding algorithm.- See Also:
WSConstants.KEYTRANSPORT_RSA15
,WSConstants.KEYTRANSPORT_RSAOEP
-
setEmbeddedKeyName
public void setEmbeddedKeyName(java.lang.String embeddedKeyName)
Set the key name for EMBEDDED_KEYNAME- Parameters:
embeddedKeyName
-
-
setSymmetricEncAlgorithm
public void setSymmetricEncAlgorithm(java.lang.String algo)
Set the name of the symmetric encryption algorithm to use. This encryption alogrithm is used to encrypt the data. If the algorithm is not set then AES128 is used. Refer to WSConstants which algorithms are supported.- Parameters:
algo
- Is the name of the encryption algorithm- See Also:
WSConstants.TRIPLE_DES
,WSConstants.AES_128
,WSConstants.AES_192
,WSConstants.AES_256
-
setEncCanonicalization
public void setEncCanonicalization(java.lang.String algo)
Set the name of an optional canonicalization algorithm to use before encryption. This c14n alogrithm is used to serialize the data before encryption. If the algorithm is not set then a standard serialization is used (provided by XMLCipher, usually a XMLSerializer according to DOM 3 specification).- Parameters:
algo
- Is the name of the canonicalization algorithm
-
getSymmetricEncAlgorithm
public java.lang.String getSymmetricEncAlgorithm()
Get the name of symmetric encryption algorithm to use. The name of the encryption alogrithm to encrypt the data, i.e. the SOAP Body. Refer to WSConstants which algorithms are supported.- Returns:
- the name of the currently selected symmetric encryption algorithm
- See Also:
WSConstants.TRIPLE_DES
,WSConstants.AES_128
,WSConstants.AES_192
,WSConstants.AES_256
-
prepare
public void prepare(org.w3c.dom.Document doc, Crypto crypto) throws WSSecurityException
Initialize a WSSec Encrypt. The method prepares and initializes a WSSec Encrypt structure after the relevant information was set. After preparartion of the token references can be added and encrypted. This method does not add any element to the security header. This must be done explicitly.- Overrides:
prepare
in classWSSecEncryptedKey
- Parameters:
doc
- The SOAP envelope asDocument
crypto
- An instance of the Crypto API to handle keystore and certificates- Throws:
WSSecurityException
-
build
public org.w3c.dom.Document build(org.w3c.dom.Document doc, Crypto crypto, WSSecHeader secHeader) throws WSSecurityException
Builds the SOAP envelope with encrypted Body and adds encrypted key. This is a convenience method and for backward compatibility. The method calls the single function methods in order to perform a one shot encryption. This method is compatible with the build method of the previous version with the exception of the additional WSSecHeader parameter.- Parameters:
doc
- the SOAP envelope asDocument
with plaintext Bodycrypto
- an instance of the Crypto API to handle keystore and CertificatessecHeader
- the security header element to hold the encrypted key element.- Returns:
- the SOAP envelope with encrypted Body as
Document
- Throws:
WSSecurityException
-
encryptForInternalRef
public org.w3c.dom.Element encryptForInternalRef(org.w3c.dom.Element dataRef, java.util.Vector references) throws WSSecurityException
Encrypt one or more parts or elements of the message (internal). This method takes a vector ofWSEncryptionPart
object that contain information about the elements to encrypt. The method call the encryption method, takes the reference information generated during encryption and add this to thexenc:Reference
element. This method can be called afterprepare()
and can be called multiple times to encrypt a number of parts or elements. The method generates axenc:Reference
element that must be added to this token. SeeaddInternalRefElement()
. If thedataRef
parameter isnull
the method creates and initializes a new Reference element.- Parameters:
dataRef
- Axenc:Reference
element ornull
references
- A vector containing WSEncryptionPart objects- Returns:
- Returns the updated
xenc:Reference
element - Throws:
WSSecurityException
-
encryptForExternalRef
public org.w3c.dom.Element encryptForExternalRef(org.w3c.dom.Element dataRef, java.util.Vector references) throws WSSecurityException
Encrypt one or more parts or elements of the message (external). This method takes a vector ofWSEncryptionPart
object that contain information about the elements to encrypt. The method call the encryption method, takes the reference information generated during encryption and add this to thexenc:Reference
element. This method can be called afterprepare()
and can be called multiple times to encrypt a number of parts or elements. The method generates axenc:Reference
element that must be added to the SecurityHeader. SeeaddExternalRefElement()
. If thedataRef
parameter isnull
the method creates and initializes a new Reference element.- Parameters:
dataRef
- Axenc:Reference
element ornull
references
- A vector containing WSEncryptionPart objects- Returns:
- Returns the updated
xenc:Reference
element - Throws:
WSSecurityException
-
addInternalRefElement
public void addInternalRefElement(org.w3c.dom.Element dataRef)
Adds the internal Reference element to this Encrypt data. The refernce element must be created by theencryptForInternalRef()
method. The refernce element is added to theEncryptedKey
element of this encrypt block.- Parameters:
dataRef
- The internalenc:Reference
element
-
addExternalRefElement
public void addExternalRefElement(org.w3c.dom.Element dataRef, WSSecHeader secHeader)
Adds (prepends) the external Reference element to the Security header. The refernce element must be created by theencryptForExternalRef()
method. The method prepends the reference element in the SecurityHeader.- Parameters:
dataRef
- The externalenc:Reference
elementsecHeader
- The security header.
-
createDataRefList
public static org.w3c.dom.Element createDataRefList(org.w3c.dom.Document doc, org.w3c.dom.Element referenceList, java.util.Vector encDataRefs)
Create DOM subtree forxenc:EncryptedKey
- Parameters:
doc
- the SOAP enevelope parent documentkeyTransportAlgo
- specifies which alogrithm to use to encrypt the symmetric key- Returns:
- an
xenc:EncryptedKey
element
-
getSymmetricKey
public javax.crypto.SecretKey getSymmetricKey()
- Returns:
- The symmetric key
-
setSymmetricKey
public void setSymmetricKey(javax.crypto.SecretKey key)
Set the symmetric key to be used for encryption- Parameters:
key
-
-
getSecurityTokenReference
public SecurityTokenReference getSecurityTokenReference()
- Returns:
- Return the SecurityTokenRefernce
-
setSecurityTokenReference
public void setSecurityTokenReference(SecurityTokenReference reference)
- Parameters:
reference
-
-
-