Package org.apache.wss4j.dom.message

Class WSSecEncrypt

java.lang.Object
org.apache.wss4j.dom.message.WSSecBase
org.apache.wss4j.dom.message.WSSecEncryptedKey
org.apache.wss4j.dom.message.WSSecEncrypt
public class WSSecEncrypt extends WSSecEncryptedKey
Encrypts a parts of a message according to WS Specification, X509 profile, and adds the encryption data.

  • Constructor Details

    • WSSecEncrypt

      public WSSecEncrypt(WSSecHeader securityHeader)

    • WSSecEncrypt

      public WSSecEncrypt(Document doc)

    • WSSecEncrypt

      public WSSecEncrypt(Document doc, Provider provider)

  • Method Details

    • prepare

      public void prepare(Crypto crypto, SecretKey symmetricKey) throws WSSecurityException
      Initialize a WSSec Encrypt. The method prepares and initializes a WSSec Encrypt structure after the relevant information was set. After preparation of the token references can be added and encrypted. This method does not add any element to the security header. This must be done explicitly.
      Overrides:
      prepare in class WSSecEncryptedKey
      Parameters:
      crypto - An instance of the Crypto API to handle keystore and certificates
      symmetricKey - The symmetric key to use for encryption
      Throws:
      WSSecurityException

    • build

      public Document build(Crypto crypto, SecretKey symmetricKey) throws WSSecurityException
      Builds the SOAP envelope with encrypted Body and adds encrypted key. This is a convenience method and for backward compatibility. The method calls the single function methods in order to perform a one shot encryption.
      Parameters:
      crypto - an instance of the Crypto API to handle keystore and Certificates
      symmetricKey - The symmetric key to use for encryption
      Returns:
      the SOAP envelope with encrypted Body as Document
      Throws:
      WSSecurityException

    • encrypt

      public Element encrypt(SecretKey symmetricKey) throws WSSecurityException
      Perform encryption using the given symmetric key
      Parameters:
      symmetricKey - The symmetric key to use for encryption
      Returns:
      the EncryptedData element
      Throws:
      WSSecurityException

    • encryptForRef

      public Element encryptForRef(Element dataRef, List<WSEncryptionPart> references, SecretKey symmetricKey) throws WSSecurityException
      Encrypt one or more parts or elements of the message. This method takes a list of WSEncryptionPart object that contain information about the elements to encrypt. The method call the encryption method, takes the reference information generated during encryption and add this to the xenc:Reference element. This method can be called after prepare() and can be called multiple times to encrypt a number of parts or elements. The method generates a xenc:Reference element that must be added to this token. See addInternalRefElement(). If the dataRef parameter is null the method creates and initializes a new Reference element.
      Parameters:
      dataRef - A xenc:Reference element or null
      references - A list containing WSEncryptionPart objects
      symmetricKey - The symmetric key to use for encryption
      Returns:
      Returns the updated xenc:Reference element
      Throws:
      WSSecurityException

    • addInternalRefElement

      public void addInternalRefElement(Element dataRef)
      Adds the internal Reference element to this Encrypt data. The reference element must be created by the encryptForInternalRef() method. The reference element is added to the EncryptedKey element of this encrypt block.
      Parameters:
      dataRef - The internal enc:Reference element

    • addExternalRefElement

      public void addExternalRefElement(Element dataRef)
      Adds (prepends) the external Reference element to the Security header. The reference element must be created by the encryptForExternalRef() method. The method prepends the reference element in the SecurityHeader.
      Parameters:
      dataRef - The external enc:Reference element

    • addAttachmentEncryptedDataElements

      public void addAttachmentEncryptedDataElements()

    • createDataRefList

      public static Element createDataRefList(Document doc, Element referenceList, List<String> encDataRefs)
      Create DOM subtree for xenc:EncryptedKey
      Parameters:
      doc - the SOAP envelope parent document
      referenceList -
      encDataRefs -
      Returns:
      an xenc:EncryptedKey element

    • getSecurityTokenReference

      public SecurityTokenReference getSecurityTokenReference()
      Returns:
      Return the SecurityTokenRefernce

    • setSecurityTokenReference

      public void setSecurityTokenReference(SecurityTokenReference reference)
      Parameters:
      reference -

    • isEncryptSymmKey

      public boolean isEncryptSymmKey()

    • setEncryptSymmKey

      public void setEncryptSymmKey(boolean encryptSymmKey)

    • setCustomReferenceValue

      public void setCustomReferenceValue(String customReferenceValue)

    • setEncKeyIdDirectId

      public void setEncKeyIdDirectId(boolean b)

    • setEmbedEncryptedKey

      public void setEmbedEncryptedKey(boolean embedEncryptedKey)

    • isEmbedEncryptedKey

      public boolean isEmbedEncryptedKey()

    • getAttachmentEncryptedDataElements

      public List<Element> getAttachmentEncryptedDataElements()

    • getEncryptionSerializer

      public org.apache.xml.security.encryption.Serializer getEncryptionSerializer()

    • setEncryptionSerializer

      public void setEncryptionSerializer(org.apache.xml.security.encryption.Serializer encryptionSerializer)

    • setSymmetricEncAlgorithm

      public void setSymmetricEncAlgorithm(String algo)
      Set the name of the symmetric encryption algorithm to use. This encryption algorithm is used to encrypt the data. If the algorithm is not set then AES128 is used. Refer to WSConstants which algorithms are supported.
      Parameters:
      algo - Is the name of the encryption algorithm
      See Also:

    • getSymmetricEncAlgorithm

      public String getSymmetricEncAlgorithm()
      Get the name of symmetric encryption algorithm to use. The name of the encryption algorithm to encrypt the data, i.e. the SOAP Body. Refer to WSConstants which algorithms are supported.
      Returns:
      the name of the currently selected symmetric encryption algorithm
      See Also: