Package org.apache.wss4j.dom.message
Class WSSecDKEncrypt
- java.lang.Object
-
- org.apache.wss4j.dom.message.WSSecBase
-
- org.apache.wss4j.dom.message.WSSecSignatureBase
-
- org.apache.wss4j.dom.message.WSSecDerivedKeyBase
-
- org.apache.wss4j.dom.message.WSSecDKEncrypt
-
public class WSSecDKEncrypt extends WSSecDerivedKeyBase
Encrypts and signs parts of a message with derived keys derived from a symmetric key. This symmetric key will be included as an EncryptedKey
-
-
Field Summary
-
Fields inherited from class org.apache.wss4j.dom.message.WSSecBase
addWSUNamespace, attachmentCallbackHandler, callbackLookup, expandXopInclude, keyIdentifierType, password, storeBytesInAttachment, user
-
-
Constructor Summary
Constructors Constructor Description WSSecDKEncrypt(WSSecHeader securityHeader)
WSSecDKEncrypt(Document doc)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addAttachmentEncryptedDataElements()
void
addExternalRefElement(Element referenceList)
Adds (prepends) the external Reference element to the Security header.Document
build(byte[] ephemeralKey)
Element
encrypt()
Element
encryptForExternalRef(Element dataRef, List<WSEncryptionPart> references)
Encrypt one or more parts or elements of the message (external).List<Element>
getAttachmentEncryptedDataElements()
protected int
getDerivedKeyLength()
The derived key will change depending on the sig/encr algorithm.org.apache.xml.security.encryption.Serializer
getEncryptionSerializer()
void
prepare(byte[] ephemeralKey)
Initialize a WSSec Derived key.void
setDerivedKeyLength(int keyLength)
void
setEncryptionSerializer(org.apache.xml.security.encryption.Serializer encryptionSerializer)
void
setSymmetricEncAlgorithm(String algo)
Set the symmetric encryption algorithm URI to use-
Methods inherited from class org.apache.wss4j.dom.message.WSSecDerivedKeyBase
appendDKElementToHeader, clean, getDerivedKey, getdktElement, getId, getStrElem, getTokenIdentifier, getWscVersion, prependDKElementToHeader, setClientLabel, setCrypto, setCustomValueType, setServiceLabel, setStrElem, setTokenIdDirectId, setTokenIdentifier, setWscVersion, setX509Certificate
-
Methods inherited from class org.apache.wss4j.dom.message.WSSecSignatureBase
addReferencesToSign, cleanup, createSTRParameter, getInclusivePrefixes, getInclusivePrefixes
-
Methods inherited from class org.apache.wss4j.dom.message.WSSecBase
getDocument, getIdAllocator, getKeyIdentifierType, getParts, getSecurityHeader, getWsDocInfo, isExpandXopInclude, setAttachmentCallbackHandler, setBodyID, setCallbackLookup, setExpandXopInclude, setIdAllocator, setKeyIdentifierType, setStoreBytesInAttachment, setUserInfo, setWsDocInfo, setWsuId
-
-
-
-
Constructor Detail
-
WSSecDKEncrypt
public WSSecDKEncrypt(WSSecHeader securityHeader)
-
WSSecDKEncrypt
public WSSecDKEncrypt(Document doc)
-
-
Method Detail
-
prepare
public void prepare(byte[] ephemeralKey) throws WSSecurityException
Description copied from class:WSSecDerivedKeyBase
Initialize a WSSec Derived key. The method prepares and initializes a WSSec derived key structure after the relevant information was set. This method also creates and initializes the derived token using the ephemeral key. After preparation references can be added, encrypted and signed as required. This method does not add any element to the security header. This must be done explicitly.- Overrides:
prepare
in classWSSecDerivedKeyBase
- Parameters:
ephemeralKey
- The ephemeral key to use for derivation- Throws:
WSSecurityException
-
build
public Document build(byte[] ephemeralKey) throws WSSecurityException
- Throws:
WSSecurityException
-
addAttachmentEncryptedDataElements
public void addAttachmentEncryptedDataElements()
-
encrypt
public Element encrypt() throws WSSecurityException
- Throws:
WSSecurityException
-
encryptForExternalRef
public Element encryptForExternalRef(Element dataRef, List<WSEncryptionPart> references) throws WSSecurityException
Encrypt one or more parts or elements of the message (external). This method takes a vector ofWSEncryptionPart
object that contain information about the elements to encrypt. The method call the encryption method, takes the reference information generated during encryption and add this to thexenc:Reference
element. This method can be called afterprepare()
and can be called multiple times to encrypt a number of parts or elements. The method generates axenc:Reference
element that must be added to the SecurityHeader. SeeaddExternalRefElement()
. If thedataRef
parameter isnull
the method creates and initializes a new Reference element.- Parameters:
dataRef
- Axenc:Reference
element ornull
references
- A list containing WSEncryptionPart objects- Returns:
- Returns the updated
xenc:Reference
element - Throws:
WSSecurityException
-
addExternalRefElement
public void addExternalRefElement(Element referenceList)
Adds (prepends) the external Reference element to the Security header. The reference element must be created by theencryptForExternalRef()
method. The method adds the reference element in the SecurityHeader.- Parameters:
referenceList
- The externalenc:Reference
element
-
setSymmetricEncAlgorithm
public void setSymmetricEncAlgorithm(String algo)
Set the symmetric encryption algorithm URI to use- Parameters:
algo
- the symmetric encryption algorithm URI to use
-
getDerivedKeyLength
protected int getDerivedKeyLength() throws WSSecurityException
Description copied from class:WSSecDerivedKeyBase
The derived key will change depending on the sig/encr algorithm. Therefore the child classes are expected to provide this value.- Specified by:
getDerivedKeyLength
in classWSSecDerivedKeyBase
- Returns:
- the derived key length
- Throws:
WSSecurityException
-
setDerivedKeyLength
public void setDerivedKeyLength(int keyLength)
-
getEncryptionSerializer
public org.apache.xml.security.encryption.Serializer getEncryptionSerializer()
-
setEncryptionSerializer
public void setEncryptionSerializer(org.apache.xml.security.encryption.Serializer encryptionSerializer)
-
-