Class WSSecEncrypt


  • public class WSSecEncrypt
    extends WSSecEncryptedKey
    Encrypts a parts of a message according to WS Specification, X509 profile, and adds the encryption data.
    • Constructor Detail

      • WSSecEncrypt

        public WSSecEncrypt​(WSSecHeader securityHeader)
      • WSSecEncrypt

        public WSSecEncrypt​(Document doc)
    • Method Detail

      • prepare

        public void prepare​(Crypto crypto,
                            SecretKey symmetricKey)
                     throws WSSecurityException
        Initialize a WSSec Encrypt. The method prepares and initializes a WSSec Encrypt structure after the relevant information was set. After preparation of the token references can be added and encrypted. This method does not add any element to the security header. This must be done explicitly.
        Overrides:
        prepare in class WSSecEncryptedKey
        Parameters:
        crypto - An instance of the Crypto API to handle keystore and certificates
        symmetricKey - The symmetric key to use for encryption
        Throws:
        WSSecurityException
      • build

        public Document build​(Crypto crypto,
                              SecretKey symmetricKey)
                       throws WSSecurityException
        Builds the SOAP envelope with encrypted Body and adds encrypted key. This is a convenience method and for backward compatibility. The method calls the single function methods in order to perform a one shot encryption.
        Parameters:
        crypto - an instance of the Crypto API to handle keystore and Certificates
        symmetricKey - The symmetric key to use for encryption
        Returns:
        the SOAP envelope with encrypted Body as Document
        Throws:
        WSSecurityException
      • encryptForRef

        public Element encryptForRef​(Element dataRef,
                                     List<WSEncryptionPart> references,
                                     SecretKey symmetricKey)
                              throws WSSecurityException
        Encrypt one or more parts or elements of the message. This method takes a list of WSEncryptionPart object that contain information about the elements to encrypt. The method call the encryption method, takes the reference information generated during encryption and add this to the xenc:Reference element. This method can be called after prepare() and can be called multiple times to encrypt a number of parts or elements. The method generates a xenc:Reference element that must be added to this token. See addInternalRefElement(). If the dataRef parameter is null the method creates and initializes a new Reference element.
        Parameters:
        dataRef - A xenc:Reference element or null
        references - A list containing WSEncryptionPart objects
        symmetricKey - The symmetric key to use for encryption
        Returns:
        Returns the updated xenc:Reference element
        Throws:
        WSSecurityException
      • addInternalRefElement

        public void addInternalRefElement​(Element dataRef)
        Adds the internal Reference element to this Encrypt data. The reference element must be created by the encryptForInternalRef() method. The reference element is added to the EncryptedKey element of this encrypt block.
        Parameters:
        dataRef - The internal enc:Reference element
      • addExternalRefElement

        public void addExternalRefElement​(Element dataRef)
        Adds (prepends) the external Reference element to the Security header. The reference element must be created by the encryptForExternalRef() method. The method prepends the reference element in the SecurityHeader.
        Parameters:
        dataRef - The external enc:Reference element
      • addAttachmentEncryptedDataElements

        public void addAttachmentEncryptedDataElements()
      • createDataRefList

        public static Element createDataRefList​(Document doc,
                                                Element referenceList,
                                                List<String> encDataRefs)
        Create DOM subtree for xenc:EncryptedKey
        Parameters:
        doc - the SOAP envelope parent document
        referenceList -
        encDataRefs -
        Returns:
        an xenc:EncryptedKey element
      • getSecurityTokenReference

        public SecurityTokenReference getSecurityTokenReference()
        Returns:
        Return the SecurityTokenRefernce
      • setSecurityTokenReference

        public void setSecurityTokenReference​(SecurityTokenReference reference)
        Parameters:
        reference -
      • isEncryptSymmKey

        public boolean isEncryptSymmKey()
      • setEncryptSymmKey

        public void setEncryptSymmKey​(boolean encryptSymmKey)
      • setCustomReferenceValue

        public void setCustomReferenceValue​(String customReferenceValue)
      • setEncKeyIdDirectId

        public void setEncKeyIdDirectId​(boolean b)
      • setEmbedEncryptedKey

        public void setEmbedEncryptedKey​(boolean embedEncryptedKey)
      • isEmbedEncryptedKey

        public boolean isEmbedEncryptedKey()
      • getAttachmentEncryptedDataElements

        public List<Element> getAttachmentEncryptedDataElements()
      • getEncryptionSerializer

        public org.apache.xml.security.encryption.Serializer getEncryptionSerializer()
      • setEncryptionSerializer

        public void setEncryptionSerializer​(org.apache.xml.security.encryption.Serializer encryptionSerializer)