Package org.apache.wss4j.dom.message
Class WSSecEncrypt
- java.lang.Object
-
- org.apache.wss4j.dom.message.WSSecBase
-
- org.apache.wss4j.dom.message.WSSecEncryptedKey
-
- org.apache.wss4j.dom.message.WSSecEncrypt
-
public class WSSecEncrypt extends WSSecEncryptedKey
Encrypts a parts of a message according to WS Specification, X509 profile, and adds the encryption data.
-
-
Field Summary
-
Fields inherited from class org.apache.wss4j.dom.message.WSSecBase
addWSUNamespace, attachmentCallbackHandler, callbackLookup, expandXopInclude, keyIdentifierType, password, storeBytesInAttachment, user
-
-
Constructor Summary
Constructors Constructor Description WSSecEncrypt(WSSecHeader securityHeader)
WSSecEncrypt(Document doc)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addAttachmentEncryptedDataElements()
void
addExternalRefElement(Element dataRef)
Adds (prepends) the external Reference element to the Security header.void
addInternalRefElement(Element dataRef)
Adds the internal Reference element to this Encrypt data.Document
build(Crypto crypto, SecretKey symmetricKey)
Builds the SOAP envelope with encrypted Body and adds encrypted key.static Element
createDataRefList(Document doc, Element referenceList, List<String> encDataRefs)
Create DOM subtree forxenc:EncryptedKey
Element
encrypt(SecretKey symmetricKey)
Perform encryption using the given symmetric keyElement
encryptForRef(Element dataRef, List<WSEncryptionPart> references, SecretKey symmetricKey)
Encrypt one or more parts or elements of the message.List<Element>
getAttachmentEncryptedDataElements()
org.apache.xml.security.encryption.Serializer
getEncryptionSerializer()
SecurityTokenReference
getSecurityTokenReference()
String
getSymmetricEncAlgorithm()
Get the name of symmetric encryption algorithm to use.boolean
isEmbedEncryptedKey()
boolean
isEncryptSymmKey()
void
prepare(Crypto crypto, SecretKey symmetricKey)
Initialize a WSSec Encrypt.void
setCustomReferenceValue(String customReferenceValue)
void
setEmbedEncryptedKey(boolean embedEncryptedKey)
void
setEncKeyIdDirectId(boolean b)
void
setEncryptionSerializer(org.apache.xml.security.encryption.Serializer encryptionSerializer)
void
setEncryptSymmKey(boolean encryptSymmKey)
void
setSecurityTokenReference(SecurityTokenReference reference)
void
setSymmetricEncAlgorithm(String algo)
Set the name of the symmetric encryption algorithm to use.-
Methods inherited from class org.apache.wss4j.dom.message.WSSecEncryptedKey
addCipherValueElement, appendBSTElementToHeader, appendToHeader, createCipherValue, createEncryptedKeyElement, createEncryptedKeyElement, encryptSymmetricKey, getBinarySecurityTokenElement, getBSTTokenId, getCustomEKKeyInfoElement, getDigestAlgorithm, getEncryptedKeyElement, getEncryptedKeySHA1, getId, getKeyEncAlgo, getMGFAlgorithm, getUseThisCert, getUseThisPublicKey, isCertSet, isIncludeEncryptionToken, prependBSTElementToHeader, prependToHeader, setCustomEKKeyInfoElement, setCustomEKTokenId, setCustomEKTokenValueType, setDigestAlgorithm, setEncKeyId, setEncryptedKeyElement, setEncryptedKeySHA1, setIncludeEncryptionToken, setKeyEncAlgo, setMGFAlgorithm, setUserInfo, setUseThisCert, setUseThisPublicKey
-
Methods inherited from class org.apache.wss4j.dom.message.WSSecBase
clean, getDocument, getIdAllocator, getKeyIdentifierType, getParts, getSecurityHeader, getWsDocInfo, isExpandXopInclude, setAttachmentCallbackHandler, setBodyID, setCallbackLookup, setExpandXopInclude, setIdAllocator, setKeyIdentifierType, setStoreBytesInAttachment, setUserInfo, setWsDocInfo, setWsuId
-
-
-
-
Constructor Detail
-
WSSecEncrypt
public WSSecEncrypt(WSSecHeader securityHeader)
-
WSSecEncrypt
public WSSecEncrypt(Document doc)
-
-
Method Detail
-
prepare
public void prepare(Crypto crypto, SecretKey symmetricKey) throws WSSecurityException
Initialize a WSSec Encrypt. The method prepares and initializes a WSSec Encrypt structure after the relevant information was set. After preparation of the token references can be added and encrypted. This method does not add any element to the security header. This must be done explicitly.- Overrides:
prepare
in classWSSecEncryptedKey
- Parameters:
crypto
- An instance of the Crypto API to handle keystore and certificatessymmetricKey
- The symmetric key to use for encryption- Throws:
WSSecurityException
-
build
public Document build(Crypto crypto, SecretKey symmetricKey) throws WSSecurityException
Builds the SOAP envelope with encrypted Body and adds encrypted key. This is a convenience method and for backward compatibility. The method calls the single function methods in order to perform a one shot encryption.- Parameters:
crypto
- an instance of the Crypto API to handle keystore and CertificatessymmetricKey
- The symmetric key to use for encryption- Returns:
- the SOAP envelope with encrypted Body as
Document
- Throws:
WSSecurityException
-
encrypt
public Element encrypt(SecretKey symmetricKey) throws WSSecurityException
Perform encryption using the given symmetric key- Parameters:
symmetricKey
- The symmetric key to use for encryption- Returns:
- the EncryptedData element
- Throws:
WSSecurityException
-
encryptForRef
public Element encryptForRef(Element dataRef, List<WSEncryptionPart> references, SecretKey symmetricKey) throws WSSecurityException
Encrypt one or more parts or elements of the message. This method takes a list ofWSEncryptionPart
object that contain information about the elements to encrypt. The method call the encryption method, takes the reference information generated during encryption and add this to thexenc:Reference
element. This method can be called afterprepare()
and can be called multiple times to encrypt a number of parts or elements. The method generates axenc:Reference
element that must be added to this token. SeeaddInternalRefElement()
. If thedataRef
parameter isnull
the method creates and initializes a new Reference element.- Parameters:
dataRef
- Axenc:Reference
element ornull
references
- A list containing WSEncryptionPart objectssymmetricKey
- The symmetric key to use for encryption- Returns:
- Returns the updated
xenc:Reference
element - Throws:
WSSecurityException
-
addInternalRefElement
public void addInternalRefElement(Element dataRef)
Adds the internal Reference element to this Encrypt data. The reference element must be created by theencryptForInternalRef()
method. The reference element is added to theEncryptedKey
element of this encrypt block.- Parameters:
dataRef
- The internalenc:Reference
element
-
addExternalRefElement
public void addExternalRefElement(Element dataRef)
Adds (prepends) the external Reference element to the Security header. The reference element must be created by theencryptForExternalRef()
method. The method prepends the reference element in the SecurityHeader.- Parameters:
dataRef
- The externalenc:Reference
element
-
addAttachmentEncryptedDataElements
public void addAttachmentEncryptedDataElements()
-
createDataRefList
public static Element createDataRefList(Document doc, Element referenceList, List<String> encDataRefs)
Create DOM subtree forxenc:EncryptedKey
- Parameters:
doc
- the SOAP envelope parent documentreferenceList
-encDataRefs
-- Returns:
- an
xenc:EncryptedKey
element
-
getSecurityTokenReference
public SecurityTokenReference getSecurityTokenReference()
- Returns:
- Return the SecurityTokenRefernce
-
setSecurityTokenReference
public void setSecurityTokenReference(SecurityTokenReference reference)
- Parameters:
reference
-
-
isEncryptSymmKey
public boolean isEncryptSymmKey()
-
setEncryptSymmKey
public void setEncryptSymmKey(boolean encryptSymmKey)
-
setCustomReferenceValue
public void setCustomReferenceValue(String customReferenceValue)
-
setEncKeyIdDirectId
public void setEncKeyIdDirectId(boolean b)
-
setEmbedEncryptedKey
public void setEmbedEncryptedKey(boolean embedEncryptedKey)
-
isEmbedEncryptedKey
public boolean isEmbedEncryptedKey()
-
getEncryptionSerializer
public org.apache.xml.security.encryption.Serializer getEncryptionSerializer()
-
setEncryptionSerializer
public void setEncryptionSerializer(org.apache.xml.security.encryption.Serializer encryptionSerializer)
-
setSymmetricEncAlgorithm
public void setSymmetricEncAlgorithm(String algo)
Set the name of the symmetric encryption algorithm to use. This encryption algorithm is used to encrypt the data. If the algorithm is not set then AES128 is used. Refer to WSConstants which algorithms are supported.- Parameters:
algo
- Is the name of the encryption algorithm- See Also:
WSS4JConstants.TRIPLE_DES
,WSS4JConstants.AES_128
,WSS4JConstants.AES_192
,WSS4JConstants.AES_256
-
getSymmetricEncAlgorithm
public String getSymmetricEncAlgorithm()
Get the name of symmetric encryption algorithm to use. The name of the encryption algorithm to encrypt the data, i.e. the SOAP Body. Refer to WSConstants which algorithms are supported.- Returns:
- the name of the currently selected symmetric encryption algorithm
- See Also:
WSS4JConstants.TRIPLE_DES
,WSS4JConstants.AES_128
,WSS4JConstants.AES_192
,WSS4JConstants.AES_256
-
-