Package org.apache.ws.security.message
Class WSEncryptBody
java.lang.Object
org.apache.ws.security.message.WSBaseMessage
org.apache.ws.security.message.WSEncryptBody
Encrypts a SOAP body inside a SOAP envelope according to WS Specification,
X509 profile, and adds the encryption data.
- Author:
- Davanum Srinivas (dims@yahoo.com)., Werner Dittmann (Werner.Dittmann@siemens.com).
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected byte[]
protected String
protected String
protected SecretKey
Symmetric key that's actually used.protected String
protected Element
Parent node to which the EncryptedKeyElement should be added.protected SecurityTokenReference
SecurityTokenReference to be inserted into EncryptedData/keyInfo element.protected String
protected SecretKey
Symmetric key used in the EncrytpedKey.protected X509Certificate
Fields inherited from class org.apache.ws.security.message.WSBaseMessage
actor, doDebug, keyIdentifierType, mustunderstand, parts, password, timeToLive, user, wssConfig
-
Constructor Summary
ConstructorsConstructorDescriptionDeprecated.WSEncryptBody
(String actor) Deprecated.replaced byWSSecEncrypt()
andWSSecHeader
for actor specification.WSEncryptBody
(String actor, boolean mu) Deprecated.replaced byWSSecEncrypt()
andWSSecHeader
for actor and mustunderstand specification. -
Method Summary
Modifier and TypeMethodDescriptionDeprecated.static Element
createCipherValue
(Document doc, Element encryptedKey) static Element
createDataRefList
(Document doc, Element encryptedKey, Vector encDataRefs) static Element
createEnrcyptedKey
(Document doc, String keyTransportAlgo) Create DOM subtree forxenc:EncryptedKey
Deprecated.replaced byinvalid reference
WSSecEncrypt#getEncryptionKey()
Deprecated.replaced byWSSecEncrypt.getSecurityTokenReference()
Deprecated.replaced byWSSecEncrypt.getSymmetricEncAlgorithm()
Deprecated.replaced byWSSecEncrypt.getSymmetricKey()
void
setEmbeddedKeyName
(String embeddedKeyName) Deprecated.replaced byWSSecEncrypt.setEmbeddedKeyName(String)
void
setEncCanonicalization
(String algo) Deprecated.replaced byWSSecEncrypt.setEncCanonicalization(String)
void
setKey
(byte[] key) Deprecated.replaced byWSSecEncrypt.setKey(byte[])
void
Deprecated.replaced byWSSecEncrypt.setKeyEnc(String)
void
setParentNode
(Element element) Deprecated.replaced byinvalid reference
WSSecEncrypt#setParentNode(Element)
void
setSecurityTokenReference
(SecurityTokenReference reference) Deprecated.void
Deprecated.replaced byWSSecEncrypt.setSymmetricEncAlgorithm(String)
void
setSymmetricKey
(SecretKey key) Deprecated.replaced byWSSecEncrypt.setSymmetricKey(SecretKey)
void
setUserInfo
(String user) Deprecated.replaced byWSSecEncryptedKey.setUserInfo(String)
void
Deprecated.Methods inherited from class org.apache.ws.security.message.WSBaseMessage
getKeyIdentifierType, insertSecurityHeader, setActor, setBodyID, setKeyIdentifierType, setMustUnderstand, setParts, setTimeToLive, setUserInfo, setWsConfig, setWsuId
-
Field Details
-
symEncAlgo
-
keyEncAlgo
-
encCanonAlgo
-
embeddedKey
protected byte[] embeddedKey -
embeddedKeyName
-
useThisCert
-
symmetricKey
Symmetric key used in the EncrytpedKey. -
encryptionKey
Symmetric key that's actually used. -
parentNode
Parent node to which the EncryptedKeyElement should be added. -
securityTokenReference
SecurityTokenReference to be inserted into EncryptedData/keyInfo element.
-
-
Constructor Details
-
WSEncryptBody
public WSEncryptBody()Deprecated.replaced byWSSecEncrypt()
Constructor. -
WSEncryptBody
Deprecated.replaced byWSSecEncrypt()
andWSSecHeader
for actor specification.Constructor.- Parameters:
actor
- The actor name of thewsse:Security
header
-
WSEncryptBody
Deprecated.replaced byWSSecEncrypt()
andWSSecHeader
for actor and mustunderstand specification.Constructor.- Parameters:
actor
- The actor name of thewsse:Security
headermu
- SetmustUnderstand
to true or false
-
-
Method Details
-
setKey
public void setKey(byte[] key) Deprecated.replaced byWSSecEncrypt.setKey(byte[])
Sets the key to use during embedded encryption.- Parameters:
key
- to use during encryption. The key must fit the selected symmetrical encryption algorithm
-
setKeyEnc
Deprecated.replaced byWSSecEncrypt.setKeyEnc(String)
Sets the algorithm to encode the symmetric key. Default is theWSConstants.KEYTRANSPORT_RSA15
algorithm.- Parameters:
keyEnc
- specifies the key encoding algorithm.- See Also:
-
setUserInfo
Deprecated.replaced byWSSecEncryptedKey.setUserInfo(String)
Set the user name to get the encryption certificate. The public key of this certificate is used, thus no password necessary. The user name is a keystore alias usually.- Parameters:
user
-
-
setEmbeddedKeyName
Deprecated.replaced byWSSecEncrypt.setEmbeddedKeyName(String)
Set the key name for EMBEDDED_KEYNAME- Parameters:
embeddedKeyName
-
-
setUseThisCert
Deprecated.Set the X509 Certificate to use for encryption. If this is set and the key identifier is set toDirectReference
then use this certificate to get the public key for encryption.- Parameters:
cert
- is the X509 certificate to use for encryption
-
setSymmetricEncAlgorithm
Deprecated.replaced byWSSecEncrypt.setSymmetricEncAlgorithm(String)
Set the name of the symmetric encryption algorithm to use. This encryption alogrithm is used to encrypt the data, i.e. the SOAP Body. If the algorithm is not set then Triple DES is used. Refer to WSConstants which algorithms are supported.- Parameters:
algo
- Is the name of the encryption algorithm- See Also:
-
setEncCanonicalization
Deprecated.replaced byWSSecEncrypt.setEncCanonicalization(String)
Set the name of an optional canonicalization algorithm to use before encryption. This c14n alogrithm is used to serialize the data before encryption, i.e. the SOAP Body. If the algorithm is not set then a standard serialization is used (provided by XMLCipher, usually a XMLSerializer according to DOM 3 specification).- Parameters:
algo
- Is the name of the canonicalization algorithm
-
getSymmetricEncAlgorithm
Deprecated.replaced byWSSecEncrypt.getSymmetricEncAlgorithm()
Get the name of symmetric encryption algorithm to use. The name of the encryption alogrithm to encrypt the data, i.e. the SOAP Body. Refer to WSConstants which algorithms are supported.- Returns:
- the name of the currently selected symmetric encryption algorithm
- See Also:
-
build
Deprecated.Builds the SOAP envelope with encrypted Body and adds encrypted key. This function performs several steps:- First step: set the encoding namespace in the SOAP:Envelope
- Second step: generate a symmetric key (session key) for the selected symmetric encryption alogrithm, and set the cipher into encryption mode.
- Third step: get the data to encrypt. We always encrypt the complete first child element of the SOAP Body element
- Forth step: encrypt data, and set neccessary attributes in
xenc:EncryptedData
- Fifth step: get the certificate that contains the public key for the public key algorithm that will encrypt the generated symmetric (session) key. Up to now we support RSA 1-5 as public key algorithm.
- Sixth step: setup the
wsse:Security
header block
- Parameters:
doc
- the SOAP envelope asDocument
with plaintext Bodycrypto
- an instance of the Crypto API to handle keystore and Certificates- Returns:
- the SOAP envelope with encrypted Body as
Document
- Throws:
WSSecurityException
-
createEnrcyptedKey
Create DOM subtree forxenc:EncryptedKey
- Parameters:
doc
- the SOAP enevelope parent documentkeyTransportAlgo
- specifies which alogrithm to use to encrypt the symmetric key- Returns:
- an
xenc:EncryptedKey
element
-
createCipherValue
-
createDataRefList
-
setParentNode
Deprecated.replaced byinvalid reference
WSSecEncrypt#setParentNode(Element)
Sets the parent node of the EncryptedKeyElement- Parameters:
element
-
-
getSymmetricKey
Deprecated.replaced byWSSecEncrypt.getSymmetricKey()
- Returns:
- TODO
-
setSymmetricKey
Deprecated.replaced byWSSecEncrypt.setSymmetricKey(SecretKey)
Set the symmetric key to be used for encryption- Parameters:
key
-
-
getEncryptionKey
Deprecated.replaced byinvalid reference
WSSecEncrypt#getEncryptionKey()
Get the symmetric key used for encryption. This may be the same as the symmetric key field.- Returns:
- The symmetric key
-
getSecurityTokenReference
Deprecated.replaced byWSSecEncrypt.getSecurityTokenReference()
- Returns:
- TODO
-
setSecurityTokenReference
Deprecated.- Parameters:
reference
-
-
WSSecEncrypt()