PicketLink Federation Core 2.1.6.Final-redhat-2

org.picketlink.identity.federation.core.util
Class XMLEncryptionUtil

java.lang.Object
  extended by org.picketlink.identity.federation.core.util.XMLEncryptionUtil

public class XMLEncryptionUtil
extends Object

Utility for XML Encryption Note: This utility is currently using Apache XML Security library API. JSR-106 is not yet final. Until that happens,we rely on the non-standard API.

Since:
May 4, 2009
Author:
Anil.Saldhana@redhat.com

Field Summary
static String CIPHER_DATA_LOCALNAME
           
static String DS_KEY_INFO
           
static String ENCRYPTED_KEY_LOCALNAME
           
static String XMLENC_NS
           
static String XMLNS
           
static String XMLSIG_NS
           
 
Constructor Summary
XMLEncryptionUtil()
           
 
Method Summary
static Element decryptElementInDocument(Document documentWithEncryptedElement, PrivateKey privateKey)
          Decrypt an encrypted element inside a document
static void encryptElement(Document document, Element element, PublicKey publicKey, SecretKey secretKey, int keySize)
           Encrypts an element in a XML document using the specified public key, secret key, and key size.
static void encryptElement(QName elementQName, Document document, PublicKey publicKey, SecretKey secretKey, int keySize, QName wrappingElementQName, boolean addEncryptedKeyInKeyInfo)
          Given an element in a Document, encrypt the element and replace the element in the document with the encrypted data
static Element encryptElementInDocument(Document document, PublicKey publicKey, SecretKey secretKey, int keySize, QName wrappingElementQName, boolean addEncryptedKeyInKeyInfo)
          Encrypt the root document element inside a Document.
static org.apache.xml.security.encryption.EncryptedKey encryptKey(Document document, SecretKey keyToBeEncrypted, PublicKey keyUsedToEncryptSecretKey, int keySize)
           Encrypt the Key to be transported
static int getEncryptionKeySize(String certAlgo)
          Given the JCE algorithm, get the XML Encryption KeySize
static String getEncryptionURL(String certAlgo)
          Given the JCE algorithm, get the XML Encryption URL
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CIPHER_DATA_LOCALNAME

public static final String CIPHER_DATA_LOCALNAME
See Also:
Constant Field Values

ENCRYPTED_KEY_LOCALNAME

public static final String ENCRYPTED_KEY_LOCALNAME
See Also:
Constant Field Values

DS_KEY_INFO

public static final String DS_KEY_INFO
See Also:
Constant Field Values

XMLNS

public static final String XMLNS
See Also:
Constant Field Values

XMLSIG_NS

public static String XMLSIG_NS

XMLENC_NS

public static String XMLENC_NS
Constructor Detail

XMLEncryptionUtil

public XMLEncryptionUtil()
Method Detail

getEncryptionURL

public static String getEncryptionURL(String certAlgo)
Given the JCE algorithm, get the XML Encryption URL

Parameters:
certAlgo -
Returns:

getEncryptionKeySize

public static int getEncryptionKeySize(String certAlgo)
Given the JCE algorithm, get the XML Encryption KeySize

Parameters:
certAlgo -
Returns:

encryptKey

public static org.apache.xml.security.encryption.EncryptedKey encryptKey(Document document,
                                                                         SecretKey keyToBeEncrypted,
                                                                         PublicKey keyUsedToEncryptSecretKey,
                                                                         int keySize)
                                                                  throws ProcessingException

Encrypt the Key to be transported

Data is encrypted with a SecretKey. Then the key needs to be transported to the other end where it is needed for decryption. For the Key transport, the SecretKey is encrypted with the recipient's public key. At the receiving end, the receiver can decrypt the Secret Key using his private key.s

Parameters:
document -
keyToBeEncrypted - Symmetric Key (SecretKey)
keyUsedToEncryptSecretKey - Asymmetric Key (Public Key)
keySize - Length of the key
Returns:
Throws:
ProcessingException

encryptElement

public static void encryptElement(QName elementQName,
                                  Document document,
                                  PublicKey publicKey,
                                  SecretKey secretKey,
                                  int keySize,
                                  QName wrappingElementQName,
                                  boolean addEncryptedKeyInKeyInfo)
                           throws ProcessingException
Given an element in a Document, encrypt the element and replace the element in the document with the encrypted data

Parameters:
elementQName - QName of the element that we like to encrypt
publicKey -
secretKey -
keySize -
wrappingElementQName - A QName of an element that will wrap the encrypted element
addEncryptedKeyInKeyInfo - Need for the EncryptedKey to be placed in ds:KeyInfo
Throws:
ProcessingException

encryptElement

public static void encryptElement(Document document,
                                  Element element,
                                  PublicKey publicKey,
                                  SecretKey secretKey,
                                  int keySize)
                           throws ProcessingException

Encrypts an element in a XML document using the specified public key, secret key, and key size. This method doesn't wrap the encrypted element in a new element. Instead, it replaces the element with its encrypted version.

For example, calling this method to encrypt the inner element in the following XML document

    <root>
       <outer>
          <inner>
             ...
          </inner>
       </outer>
    </root>
 
would result in a document similar to
    <root>
       <outer>
          <xenc:EncryptedData xmlns:xenc="...">
             ...
          </xenc:EncryptedData>
       </outer>
    </root>
 

Parameters:
document - the Document that contains the element to be encrypted.
element - the Element to be encrypted.
publicKey - the PublicKey that must be used to encrypt the secret key.
secretKey - the SecretKey used to encrypt the specified element.
keySize - the size (in bits) of the secret key.
Throws:
ProcessingException - if an error occurs while encrypting the element with the specified params.

encryptElementInDocument

public static Element encryptElementInDocument(Document document,
                                               PublicKey publicKey,
                                               SecretKey secretKey,
                                               int keySize,
                                               QName wrappingElementQName,
                                               boolean addEncryptedKeyInKeyInfo)
                                        throws ProcessingException,
                                               ConfigurationException
Encrypt the root document element inside a Document. NOTE: The document root element will be replaced by the wrapping element.

Parameters:
document - Document that contains an element to encrypt
publicKey - The Public Key used to encrypt the secret encryption key
secretKey - The secret encryption key
keySize - Length of key
wrappingElementQName - QName of the element to be used to wrap around the cipher data.
addEncryptedKeyInKeyInfo - Should the encrypted key be inside a KeyInfo or added as a peer of Cipher Data
Returns:
An element that has the wrappingElementQName
Throws:
ProcessingException
ConfigurationException

decryptElementInDocument

public static Element decryptElementInDocument(Document documentWithEncryptedElement,
                                               PrivateKey privateKey)
                                        throws ProcessingException
Decrypt an encrypted element inside a document

Parameters:
documentWithEncryptedElement -
privateKey - key need to unwrap the encryption key
Returns:
the document with the encrypted element replaced by the data element
Throws:
org.apache.xml.security.encryption.XMLEncryptionException
ProcessingException

PicketLink Federation Core 2.1.6.Final-redhat-2

Copyright © 2013 JBoss by Red Hat. All Rights Reserved.