public class Encrypter extends Object
Various overloaded method variants are supplied for encrypting XMLObjects and their contents (with or without encryption of the associated data encryption key), as well as for encrypting keys separately.
The parameters for data encryption are specified with an instance of EncryptionParameters
. The parameters
for key encryption are specified with one or more instances of KeyEncryptionParameters
.
The data encryption credential supplied by EncryptionParameters.getEncryptionCredential()
is mandatory unless
key encryption is also being performed and all associated key encryption parameters contain a valid key encryption
credential containing a valid key encryption key. In this case the data encryption key will be randomly generated
based on the algorithm URI supplied by EncryptionParameters.getAlgorithm()
.
If encryption of the data encryption key is being performed using the overloaded methods for elements or content, the resulting EncryptedKey(s) will be placed inline within the KeyInfo of the resulting EncryptedData. If this is not the desired behavior, the XMLObject and the data encryption key should be encrypted separately, and the placement of EncryptedKey(s) handled by the caller. Specialized subclasses of this class maybe also handle key placement in an application-specific manner.
Constructor and Description |
---|
Encrypter()
Constructor.
|
Modifier and Type | Method and Description |
---|---|
protected void |
checkAndMarshall(XMLObject xmlObject)
Ensure that the XMLObject is marshalled.
|
protected void |
checkParams(EncryptionParameters encParams)
Check data encryption parameters for consistency and required values.
|
protected void |
checkParams(EncryptionParameters encParams,
List<KeyEncryptionParameters> kekParamsList)
Check the encryption parameters and key encryption parameters for valid combinations of options.
|
protected void |
checkParams(KeyEncryptionParameters kekParams,
boolean allowEmpty)
Check key encryption parameters for consistency and required values.
|
protected void |
checkParams(List<KeyEncryptionParameters> kekParamsList,
boolean allowEmpty)
Check a list of key encryption parameters for consistency and required values.
|
EncryptedData |
encryptElement(XMLObject xmlObject,
EncryptionParameters encParams)
Encrypts the DOM representation of the XMLObject.
|
EncryptedData |
encryptElement(XMLObject xmlObject,
EncryptionParameters encParams,
KeyEncryptionParameters kekParams)
Encrypts the DOM representation of the XMLObject, encrypts the encryption key using the specified key encryption
parameters and places the resulting EncryptedKey within the EncryptedData's KeyInfo.
|
EncryptedData |
encryptElement(XMLObject xmlObject,
EncryptionParameters encParams,
List<KeyEncryptionParameters> kekParamsList)
Encrypts the DOM representation of the XMLObject, encrypts the encryption key using the specified key encryption
parameters and places the resulting EncryptedKey(s) within the EncryptedData's KeyInfo.
|
protected EncryptedData |
encryptElement(XMLObject xmlObject,
Key encryptionKey,
String encryptionAlgorithmURI,
boolean encryptContentMode)
Encrypts the given XMLObject using the specified encryption key, algorithm URI and content mode flag.
|
EncryptedData |
encryptElementContent(XMLObject xmlObject,
EncryptionParameters encParams)
Encrypts the DOM representation of the content of an XMLObject.
|
EncryptedData |
encryptElementContent(XMLObject xmlObject,
EncryptionParameters encParams,
KeyEncryptionParameters kekParams)
Encrypts the DOM representation of the content of an XMLObject, encrypts the encryption key using the specified
key encryption parameters and places the resulting EncryptedKey within the EncryptedData's KeyInfo..
|
EncryptedData |
encryptElementContent(XMLObject xmlObject,
EncryptionParameters encParams,
List<KeyEncryptionParameters> kekParamsList)
Encrypts the DOM representation of the content of an XMLObject, encrypts the encryption key using the specified
key encryption parameters and places the resulting EncryptedKey(s) within the EncryptedData's KeyInfo..
|
EncryptedKey |
encryptKey(Key key,
KeyEncryptionParameters kekParams,
Document containingDocument)
Encrypts a key.
|
protected EncryptedKey |
encryptKey(Key targetKey,
Key encryptionKey,
String encryptionAlgorithmURI,
Document containingDocument)
Encrypts a key using the specified encryption key and algorithm URI.
|
List<EncryptedKey> |
encryptKey(Key key,
List<KeyEncryptionParameters> kekParamsList,
Document containingDocument)
Encrypts a key once for each key encryption parameters set that is supplied.
|
protected SecretKey |
generateEncryptionKey(String encryptionAlgorithmURI)
Generate a random symmetric encryption key.
|
String |
getJCAProviderName()
Get the Java Cryptography Architecture (JCA) security provider name that should be used to provide the encryption
support.
|
protected void |
postProcessApacheEncryptedKey(org.apache.xml.security.encryption.EncryptedKey apacheEncryptedKey,
Key targetKey,
Key encryptionKey,
String encryptionAlgorithmURI,
Document containingDocument)
Post-process the Apache EncryptedKey, prior to marshalling to DOM and unmarshalling into an XMLObject.
|
void |
setJCAProviderName(String providerName)
Set the Java Cryptography Architecture (JCA) security provider name that should be used to provide the encryption
support.
|
public String getJCAProviderName()
null
, which means that the first registered provider which supports the requested
encryption algorithm URI will be used.public void setJCAProviderName(String providerName)
null
, which means that the first registered provider which supports the requested
encryption algorithm URI will be used.providerName
- the JCA provider name to usepublic EncryptedData encryptElement(XMLObject xmlObject, EncryptionParameters encParams) throws EncryptionException
xmlObject
- the XMLObject to be encryptedencParams
- parameters for encrypting the dataEncryptionException
- exception thrown on encryption errorspublic EncryptedData encryptElement(XMLObject xmlObject, EncryptionParameters encParams, KeyEncryptionParameters kekParams) throws EncryptionException
xmlObject
- the XMLObject to be encryptedencParams
- parameters for encrypting the datakekParams
- parameters for encrypting the encryption keyEncryptionException
- exception thrown on encryption errorspublic EncryptedData encryptElement(XMLObject xmlObject, EncryptionParameters encParams, List<KeyEncryptionParameters> kekParamsList) throws EncryptionException
xmlObject
- the XMLObject to be encryptedencParams
- parameters for encrypting the datakekParamsList
- parameters for encrypting the encryption keyEncryptionException
- exception thrown on encryption errorspublic EncryptedData encryptElementContent(XMLObject xmlObject, EncryptionParameters encParams) throws EncryptionException
xmlObject
- the XMLObject to be encryptedencParams
- parameters for encrypting the dataEncryptionException
- exception thrown on encryption errorspublic EncryptedData encryptElementContent(XMLObject xmlObject, EncryptionParameters encParams, KeyEncryptionParameters kekParams) throws EncryptionException
xmlObject
- the XMLObject to be encryptedencParams
- parameters for encrypting the datakekParams
- parameters for encrypting the encryption keyEncryptionException
- exception thrown on encryption errorspublic EncryptedData encryptElementContent(XMLObject xmlObject, EncryptionParameters encParams, List<KeyEncryptionParameters> kekParamsList) throws EncryptionException
xmlObject
- the XMLObject to be encryptedencParams
- parameters for encrypting the datakekParamsList
- parameters for encrypting the encryption keyEncryptionException
- exception thrown on encryption errorspublic List<EncryptedKey> encryptKey(Key key, List<KeyEncryptionParameters> kekParamsList, Document containingDocument) throws EncryptionException
key
- the key to encryptkekParamsList
- a list parameters for encrypting the keycontainingDocument
- the document that will own the DOM element underlying the resulting EncryptedKey
objectsEncryptionException
- exception thrown on encryption errorspublic EncryptedKey encryptKey(Key key, KeyEncryptionParameters kekParams, Document containingDocument) throws EncryptionException
key
- the key to encryptkekParams
- parameters for encrypting the keycontainingDocument
- the document that will own the DOM element underlying the resulting EncryptedKey objectEncryptionException
- exception thrown on encryption errorsprotected EncryptedKey encryptKey(Key targetKey, Key encryptionKey, String encryptionAlgorithmURI, Document containingDocument) throws EncryptionException
targetKey
- the key to encryptencryptionKey
- the key with which to encrypt the target keyencryptionAlgorithmURI
- the XML Encryption algorithm URI corresponding to the encryption keycontainingDocument
- the document that will own the resulting elementEncryptionException
- exception thrown on encryption errorsprotected void postProcessApacheEncryptedKey(org.apache.xml.security.encryption.EncryptedKey apacheEncryptedKey, Key targetKey, Key encryptionKey, String encryptionAlgorithmURI, Document containingDocument) throws EncryptionException
apacheEncryptedKey
- the Apache EncryptedKeyObject to post-processtargetKey
- the key to encryptencryptionKey
- the key with which to encrypt the target keyencryptionAlgorithmURI
- the XML Encryption algorithm URI corresponding to the encryption keycontainingDocument
- the document that will own the resulting elementEncryptionException
- exception thrown on encryption errorsprotected EncryptedData encryptElement(XMLObject xmlObject, Key encryptionKey, String encryptionAlgorithmURI, boolean encryptContentMode) throws EncryptionException
xmlObject
- the XMLObject to be encryptedencryptionKey
- the key with which to encrypt the XMLObjectencryptionAlgorithmURI
- the XML Encryption algorithm URI corresponding to the encryption keyencryptContentMode
- whether just the content of the XMLObject should be encryptedEncryptionException
- exception thrown on encryption errorsprotected void checkAndMarshall(XMLObject xmlObject) throws EncryptionException
xmlObject
- the object to check and marshallEncryptionException
- thrown if there is an error when marshalling the XMLObjectprotected void checkParams(EncryptionParameters encParams) throws EncryptionException
encParams
- the data encryption parameters to checkEncryptionException
- thrown if any parameters are missing or have invalid valuesprotected void checkParams(KeyEncryptionParameters kekParams, boolean allowEmpty) throws EncryptionException
kekParams
- the key encryption parameters to checkallowEmpty
- if false, a null parameter is treated as an errorEncryptionException
- thrown if any parameters are missing or have invalid valuesprotected void checkParams(List<KeyEncryptionParameters> kekParamsList, boolean allowEmpty) throws EncryptionException
kekParamsList
- the key encryption parameters list to checkallowEmpty
- if false, a null or empty list is treated as an errorEncryptionException
- thrown if any parameters are missing or have invalid valuesprotected void checkParams(EncryptionParameters encParams, List<KeyEncryptionParameters> kekParamsList) throws EncryptionException
encParams
- the encryption parameters to usekekParamsList
- the key encryption parameters to useEncryptionException
- exception thrown on encryption errorsprotected SecretKey generateEncryptionKey(String encryptionAlgorithmURI) throws EncryptionException
encryptionAlgorithmURI
- the encryption algorithm URIEncryptionException
- thrown if the key can not be generated based on the specified algorithm URICopyright © 2018 JBoss by Red Hat. All rights reserved.