org.apache.wss4j.dom.message

Class WSSecEncrypt

java.lang.Object

org.apache.wss4j.dom.message.WSSecBase

org.apache.wss4j.dom.message.WSSecEncryptedKey

org.apache.wss4j.dom.message.WSSecEncrypt

public class WSSecEncrypt
extends WSSecEncryptedKey

Encrypts a parts of a message according to WS Specification, X509 profile, and adds the encryption data.

Field Summary

Fields inherited from class org.apache.wss4j.dom.message.WSSecEncryptedKey

document, encryptedEphemeralKey, symmetricKey

Fields inherited from class org.apache.wss4j.dom.message.WSSecBase

attachmentCallbackHandler, callbackLookup, doDebug, keyIdentifierType, password, storeBytesInAttachment, user

Constructor Summary

Constructors

Constructor and Description
WSSecEncrypt()

Method Summary

Modifier and Type	Method and Description
void	addAttachmentEncryptedDataElements(WSSecHeader secHeader)
void	addExternalRefElement(Element dataRef, WSSecHeader secHeader) Adds (prepends) the external Reference element to the Security header.
void	addInternalRefElement(Element dataRef) Adds the internal Reference element to this Encrypt data.
Document	build(Document doc, Crypto crypto, WSSecHeader secHeader) Builds the SOAP envelope with encrypted Body and adds encrypted key.
static Element	createDataRefList(Document doc, Element referenceList, List<String> encDataRefs) Create DOM subtree for xenc:EncryptedKey
static List<String>	doEncryption(Document doc, WSSecHeader securityHeader, WsuIdAllocator idAllocator, org.apache.xml.security.keys.KeyInfo keyInfo, SecretKey secretKey, String encryptionAlgorithm, List<WSEncryptionPart> references, CallbackLookup callbackLookup) Perform encryption on the SOAP envelope.
static List<String>	doEncryption(Document doc, WSSecHeader securityHeader, WsuIdAllocator idAllocator, org.apache.xml.security.keys.KeyInfo keyInfo, SecretKey secretKey, String encryptionAlgorithm, List<WSEncryptionPart> references, CallbackLookup callbackLookup, CallbackHandler attachmentCallbackHandler, List<Element> attachmentEncryptedDataElements, boolean storeBytesInAttachment)
static List<String>	doEncryption(Document doc, WSSecHeader securityHeader, WsuIdAllocator idAllocator, org.apache.xml.security.keys.KeyInfo keyInfo, SecretKey secretKey, String encryptionAlgorithm, List<WSEncryptionPart> references, CallbackLookup callbackLookup, CallbackHandler attachmentCallbackHandler, List<Element> attachmentEncryptedDataElements, boolean storeBytesInAttachment, org.apache.xml.security.encryption.Serializer encryptionSerializer)
Element	encrypt()
Element	encrypt(WSSecHeader secHeader)
Element	encryptForRef(Element dataRef, List<WSEncryptionPart> references)
Element	encryptForRef(Element dataRef, List<WSEncryptionPart> references, WSSecHeader secHeader) Encrypt one or more parts or elements of the message.
List<Element>	getAttachmentEncryptedDataElements()
org.apache.xml.security.encryption.Serializer	getEncryptionSerializer()
SecurityTokenReference	getSecurityTokenReference()
boolean	isEmbedEncryptedKey()
boolean	isEncryptSymmKey()
void	prepare(Document doc, Crypto crypto) Initialize a WSSec Encrypt.
void	setCustomReferenceValue(String customReferenceValue)
void	setEmbedEncryptedKey(boolean embedEncryptedKey)
void	setEncKeyIdDirectId(boolean b)
void	setEncryptionSerializer(org.apache.xml.security.encryption.Serializer encryptionSerializer)
void	setEncryptSymmKey(boolean encryptSymmKey)
void	setSecurityTokenReference(SecurityTokenReference reference)

Methods inherited from class org.apache.wss4j.dom.message.WSSecEncryptedKey

appendBSTElementToHeader, appendToHeader, clean, createCipherValue, createEncryptedKey, getBinarySecurityTokenElement, getBSTTokenId, getCustomEKKeyInfoElement, getDigestAlgorithm, getEncryptedEphemeralKey, getEncryptedKeyElement, getEphemeralKey, getId, getKeyEncAlgo, getMGFAlgorithm, getSymmetricEncAlgorithm, getSymmetricKey, getUseThisCert, getUseThisPublicKey, isCertSet, isIncludeEncryptionToken, prepareInternal, prepareInternal, prepareInternal, prependBSTElementToHeader, prependToHeader, setCustomEKKeyInfoElement, setCustomEKTokenId, setCustomEKTokenValueType, setDigestAlgorithm, setDocument, setEncKeyId, setEncryptedEphemeralKey, setEncryptedKeyElement, setEphemeralKey, setIncludeEncryptionToken, setKeyEncAlgo, setMGFAlgorithm, setSymmetricEncAlgorithm, setSymmetricKey, setUserInfo, setUseThisCert, setUseThisPublicKey

Methods inherited from class org.apache.wss4j.dom.message.WSSecBase

getIdAllocator, getKeyIdentifierType, getParts, setAttachmentCallbackHandler, setBodyID, setCallbackLookup, setIdAllocator, setKeyIdentifierType, setStoreBytesInAttachment, setUserInfo, setWsuId

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

WSSecEncrypt

public WSSecEncrypt()

Method Detail

prepare

public void prepare(Document doc,
                    Crypto crypto)
             throws WSSecurityException

Initialize a WSSec Encrypt. The method prepares and initializes a WSSec Encrypt structure after the relevant information was set. After preparation of the token references can be added and encrypted. This method does not add any element to the security header. This must be done explicitly.

Overrides:

prepare in class WSSecEncryptedKey

Parameters:

doc - The SOAP envelope as Document

crypto - An instance of the Crypto API to handle keystore and certificates

Throws:

WSSecurityException

build

public Document build(Document doc,
                      Crypto crypto,
                      WSSecHeader secHeader)
               throws WSSecurityException

Builds the SOAP envelope with encrypted Body and adds encrypted key. This is a convenience method and for backward compatibility. The method calls the single function methods in order to perform a one shot encryption. This method is compatible with the build method of the previous version with the exception of the additional WSSecHeader parameter.

Parameters:

doc - the SOAP envelope as Document with plain text Body

crypto - an instance of the Crypto API to handle keystore and Certificates

secHeader - the security header element to hold the encrypted key element.

Returns:

the SOAP envelope with encrypted Body as Document

Throws:

WSSecurityException

encrypt

public Element encrypt()
                throws WSSecurityException

Throws:

WSSecurityException

encrypt

public Element encrypt(WSSecHeader secHeader)
                throws WSSecurityException

Throws:

WSSecurityException

encryptForRef

public Element encryptForRef(Element dataRef,
                             List<WSEncryptionPart> references)
                      throws WSSecurityException

Throws:

WSSecurityException

encryptForRef

public Element encryptForRef(Element dataRef,
                             List<WSEncryptionPart> references,
                             WSSecHeader secHeader)
                      throws WSSecurityException

Encrypt one or more parts or elements of the message. This method takes a vector of WSEncryptionPart object that contain information about the elements to encrypt. The method call the encryption method, takes the reference information generated during encryption and add this to the xenc:Reference element. This method can be called after prepare() and can be called multiple times to encrypt a number of parts or elements. The method generates a xenc:Reference element that must be added to this token. See addInternalRefElement(). If the dataRef parameter is null the method creates and initializes a new Reference element.

Parameters:

dataRef - A xenc:Reference element or null

references - A list containing WSEncryptionPart objects

secHeader - The WSSecHeader instance

Returns:

Returns the updated xenc:Reference element

Throws:

WSSecurityException

addInternalRefElement

public void addInternalRefElement(Element dataRef)

Adds the internal Reference element to this Encrypt data. The reference element must be created by the encryptForInternalRef() method. The reference element is added to the EncryptedKey element of this encrypt block.

Parameters:

dataRef - The internal enc:Reference element

addExternalRefElement

public void addExternalRefElement(Element dataRef,
                                  WSSecHeader secHeader)

Adds (prepends) the external Reference element to the Security header. The reference element must be created by the encryptForExternalRef() method. The method prepends the reference element in the SecurityHeader.

Parameters:

dataRef - The external enc:Reference element

secHeader - The security header.

addAttachmentEncryptedDataElements

public void addAttachmentEncryptedDataElements(WSSecHeader secHeader)

doEncryption

public static List<String> doEncryption(Document doc,
                                        WSSecHeader securityHeader,
                                        WsuIdAllocator idAllocator,
                                        org.apache.xml.security.keys.KeyInfo keyInfo,
                                        SecretKey secretKey,
                                        String encryptionAlgorithm,
                                        List<WSEncryptionPart> references,
                                        CallbackLookup callbackLookup)
                                 throws WSSecurityException

Perform encryption on the SOAP envelope.

Parameters:

doc - The document containing the SOAP envelope as document element

idAllocator - A WsuIdAllocator used to generate wsu:ID's

keyInfo - The KeyInfo object to set in EncryptedData

secretKey - The SecretKey object with which to encrypt data

encryptionAlgorithm - The encryption algorithm URI to use

references - The list of references to encrypt

Returns:

a List of references to EncryptedData elements

Throws:

WSSecurityException

doEncryption

public static List<String> doEncryption(Document doc,
                                        WSSecHeader securityHeader,
                                        WsuIdAllocator idAllocator,
                                        org.apache.xml.security.keys.KeyInfo keyInfo,
                                        SecretKey secretKey,
                                        String encryptionAlgorithm,
                                        List<WSEncryptionPart> references,
                                        CallbackLookup callbackLookup,
                                        CallbackHandler attachmentCallbackHandler,
                                        List<Element> attachmentEncryptedDataElements,
                                        boolean storeBytesInAttachment)
                                 throws WSSecurityException

Throws:

WSSecurityException

doEncryption

public static List<String> doEncryption(Document doc,
                                        WSSecHeader securityHeader,
                                        WsuIdAllocator idAllocator,
                                        org.apache.xml.security.keys.KeyInfo keyInfo,
                                        SecretKey secretKey,
                                        String encryptionAlgorithm,
                                        List<WSEncryptionPart> references,
                                        CallbackLookup callbackLookup,
                                        CallbackHandler attachmentCallbackHandler,
                                        List<Element> attachmentEncryptedDataElements,
                                        boolean storeBytesInAttachment,
                                        org.apache.xml.security.encryption.Serializer encryptionSerializer)
                                 throws WSSecurityException

Throws:

WSSecurityException

createDataRefList

public static Element createDataRefList(Document doc,
                                        Element referenceList,
                                        List<String> encDataRefs)

Create DOM subtree for xenc:EncryptedKey

Parameters:

doc - the SOAP envelope parent document

referenceList -

encDataRefs -

Returns:

an xenc:EncryptedKey element

getSecurityTokenReference

public SecurityTokenReference getSecurityTokenReference()

Returns:

Return the SecurityTokenRefernce

setSecurityTokenReference

public void setSecurityTokenReference(SecurityTokenReference reference)

Parameters:

reference -

isEncryptSymmKey

public boolean isEncryptSymmKey()

setEncryptSymmKey

public void setEncryptSymmKey(boolean encryptSymmKey)

setCustomReferenceValue

public void setCustomReferenceValue(String customReferenceValue)

setEncKeyIdDirectId

public void setEncKeyIdDirectId(boolean b)

setEmbedEncryptedKey

public void setEmbedEncryptedKey(boolean embedEncryptedKey)

isEmbedEncryptedKey

public boolean isEmbedEncryptedKey()

getAttachmentEncryptedDataElements

public List<Element> getAttachmentEncryptedDataElements()

getEncryptionSerializer

public org.apache.xml.security.encryption.Serializer getEncryptionSerializer()

setEncryptionSerializer

public void setEncryptionSerializer(org.apache.xml.security.encryption.Serializer encryptionSerializer)