public class WSSecEncryptedKey extends WSSecBase
EncryptedKey
has to be used to sign and encrypt the message In
such a situation this builder will add the EncryptedKey
to the
security header and we can use the information form the builder to provide to
other builders to reference to the tokenModifier and Type | Field and Description |
---|---|
protected byte[] |
encryptedEphemeralKey
Encrypted bytes of the ephemeral key
|
protected SecretKey |
symmetricKey
Symmetric key used in the EncryptedKey.
|
attachmentCallbackHandler, callbackLookup, expandXopInclude, keyIdentifierType, password, storeBytesInAttachment, user
Constructor and Description |
---|
WSSecEncryptedKey(Document doc) |
WSSecEncryptedKey(Document doc,
Provider provider) |
WSSecEncryptedKey(WSSecHeader securityHeader) |
Modifier and Type | Method and Description |
---|---|
void |
appendBSTElementToHeader()
Append the BinarySecurityToken to the elements already in the Security
header.
|
void |
appendToHeader()
Append the EncryptedKey element to the elements already in the Security
header.
|
void |
clean() |
protected Element |
createCipherValue(Document doc,
Element encryptedKey) |
protected Element |
createEncryptedKey(Document doc,
String keyTransportAlgo)
Create DOM subtree for
xenc:EncryptedKey |
Element |
getBinarySecurityTokenElement() |
String |
getBSTTokenId()
Get the id of the BSt generated during
prepare() . |
Element |
getCustomEKKeyInfoElement() |
String |
getDigestAlgorithm()
Get the digest algorithm to use with the RSA-OAEP key transport algorithm.
|
byte[] |
getEncryptedEphemeralKey() |
Element |
getEncryptedKeyElement() |
byte[] |
getEphemeralKey() |
String |
getId()
Get the id generated during
prepare() . |
String |
getKeyEncAlgo() |
String |
getMGFAlgorithm()
Get the MGF algorithm to use with the RSA-OAEP key transport algorithm.
|
String |
getSymmetricEncAlgorithm()
Get the name of symmetric encryption algorithm to use.
|
SecretKey |
getSymmetricKey() |
X509Certificate |
getUseThisCert() |
PublicKey |
getUseThisPublicKey() |
boolean |
isCertSet() |
boolean |
isIncludeEncryptionToken() |
void |
prepare(Crypto crypto)
Prepare the ephemeralKey and the tokens required to be added to the
security header
|
protected void |
prepareInternal(SecretKey secretKey) |
protected void |
prepareInternal(SecretKey secretKey,
PublicKey remoteKey,
Crypto crypto) |
protected void |
prepareInternal(SecretKey secretKey,
X509Certificate remoteCert,
Crypto crypto)
Encrypt the symmetric key data and prepare the EncryptedKey element
This method does the most work for to prepare the EncryptedKey element.
|
void |
prependBSTElementToHeader()
Prepend the BinarySecurityToken to the elements already in the Security
header.
|
void |
prependToHeader()
Prepend the EncryptedKey element to the elements already in the Security
header.
|
void |
setCustomEKKeyInfoElement(Element customEKKeyInfoElement) |
void |
setCustomEKTokenId(String customEKTokenId) |
void |
setCustomEKTokenValueType(String customEKTokenValueType) |
void |
setDigestAlgorithm(String digestAlgorithm)
Set the digest algorithm to use with the RSA-OAEP key transport algorithm.
|
void |
setEncKeyId(String encKeyId) |
void |
setEncryptedEphemeralKey(byte[] encryptedKey) |
void |
setEncryptedKeyElement(Element encryptedKeyElement)
Set the encrypted key element when a pre prepared encrypted key is used
|
void |
setEphemeralKey(byte[] ephemeralKey) |
void |
setIncludeEncryptionToken(boolean includeEncryptionToken) |
void |
setKeyEncAlgo(String keyEncAlgo) |
void |
setMGFAlgorithm(String mgfAlgorithm)
Set the MGF algorithm to use with the RSA-OAEP key transport algorithm.
|
void |
setSymmetricEncAlgorithm(String algo)
Set the name of the symmetric encryption algorithm to use.
|
void |
setSymmetricKey(SecretKey key)
Set the symmetric key to be used for encryption
|
void |
setUserInfo(String user)
Set the user name to get the encryption certificate.
|
void |
setUseThisCert(X509Certificate cert)
Set the X509 Certificate to use for encryption.
|
void |
setUseThisPublicKey(PublicKey key)
Set the PublicKey to use for encryption.
|
getDocument, getIdAllocator, getKeyIdentifierType, getParts, getSecurityHeader, getWsDocInfo, isExpandXopInclude, setAttachmentCallbackHandler, setBodyID, setCallbackLookup, setExpandXopInclude, setIdAllocator, setKeyIdentifierType, setStoreBytesInAttachment, setUserInfo, setWsDocInfo, setWsuId
protected byte[] encryptedEphemeralKey
protected SecretKey symmetricKey
public WSSecEncryptedKey(WSSecHeader securityHeader)
public WSSecEncryptedKey(Document doc)
public void setUserInfo(String user)
user
- public String getId()
prepare()
.
Returns the the value of wsu:Id attribute of the EncryptedKey element.prepare()
was not called before.public void clean()
public void prepare(Crypto crypto) throws WSSecurityException
crypto
- An instance of the Crypto API to handle keystore and certificatesWSSecurityException
protected void prepareInternal(SecretKey secretKey, X509Certificate remoteCert, Crypto crypto) throws WSSecurityException
secretKey
- The symmetric keyremoteCert
- The certificate that contains the public key to encrypt the
symmetric key datacrypto
- An instance of the Crypto API to handle keystore and certificatesWSSecurityException
protected void prepareInternal(SecretKey secretKey, PublicKey remoteKey, Crypto crypto) throws WSSecurityException
WSSecurityException
protected void prepareInternal(SecretKey secretKey) throws WSSecurityException
WSSecurityException
protected Element createEncryptedKey(Document doc, String keyTransportAlgo)
xenc:EncryptedKey
doc
- the SOAP envelope parent documentkeyTransportAlgo
- specifies which algorithm to use to encrypt the symmetric keyxenc:EncryptedKey
elementpublic void prependToHeader()
prepare()
. This
allows to insert the EncryptedKey element at any position in the Security
header.public void appendToHeader()
prepare()
. This
allows to insert the EncryptedKey element at any position in the Security
header.public void prependBSTElementToHeader()
prepare()
. This
allows to insert the BST element at any position in the Security header.public void appendBSTElementToHeader()
prepare()
. This
allows to insert the BST element at any position in the Security header.public byte[] getEphemeralKey()
public void setUseThisCert(X509Certificate cert)
DirectReference
then use this certificate to get the
public key for encryption.cert
- is the X509 certificate to use for encryptionpublic X509Certificate getUseThisCert()
public void setUseThisPublicKey(PublicKey key)
key
- the PublicKey instance to use for encryptionpublic PublicKey getUseThisPublicKey()
public Element getEncryptedKeyElement()
public void setEncryptedKeyElement(Element encryptedKeyElement)
encryptedKeyElement
- EncryptedKey element of the encrypted key usedpublic Element getBinarySecurityTokenElement()
public void setKeyEncAlgo(String keyEncAlgo)
public String getKeyEncAlgo()
public void setEphemeralKey(byte[] ephemeralKey)
ephemeralKey
- The ephemeralKey to set.public String getBSTTokenId()
prepare()
.public void setEncKeyId(String encKeyId)
encKeyId
- The encKeyId to set.public boolean isCertSet()
public byte[] getEncryptedEphemeralKey()
public void setEncryptedEphemeralKey(byte[] encryptedKey)
public void setCustomEKTokenValueType(String customEKTokenValueType)
public void setCustomEKTokenId(String customEKTokenId)
public void setSymmetricEncAlgorithm(String algo)
algo
- Is the name of the encryption algorithmWSS4JConstants.TRIPLE_DES
,
WSS4JConstants.AES_128
,
WSS4JConstants.AES_192
,
WSS4JConstants.AES_256
public String getSymmetricEncAlgorithm()
WSS4JConstants.TRIPLE_DES
,
WSS4JConstants.AES_128
,
WSS4JConstants.AES_192
,
WSS4JConstants.AES_256
public void setDigestAlgorithm(String digestAlgorithm)
digestAlgorithm
- the digest algorithm to use with the RSA-OAEP key transport algorithmpublic String getDigestAlgorithm()
public void setMGFAlgorithm(String mgfAlgorithm)
mgfAlgorithm
- the MGF algorithm to use with the RSA-OAEP key transport algorithmpublic String getMGFAlgorithm()
public SecretKey getSymmetricKey()
public void setSymmetricKey(SecretKey key)
key
- public boolean isIncludeEncryptionToken()
public void setIncludeEncryptionToken(boolean includeEncryptionToken)
public Element getCustomEKKeyInfoElement()
public void setCustomEKKeyInfoElement(Element customEKKeyInfoElement)
Copyright © 2019 JBoss by Red Hat. All rights reserved.