Class XMLCipher
- java.lang.Object
-
- org.apache.xml.security.encryption.XMLCipher
-
public class XMLCipher extends Object
XMLCipher
encrypts and decrypts the contents ofDocument
s,Element
s andElement
contents. It was designed to resemblejavax.crypto.Cipher
in order to facilitate understanding of its functioning.- Author:
- Axl Mattheus (Sun Microsystems), Christian Geuer-Pollmann
-
-
Field Summary
Fields Modifier and Type Field Description static String
AES_128
AES 128 Cipherstatic String
AES_128_GCM
AES 128 GCM Cipherstatic String
AES_128_KeyWrap
AES 128 Cipher KeyWrapstatic String
AES_192
AES 192 Cipherstatic String
AES_192_GCM
AES 192 GCM Cipherstatic String
AES_192_KeyWrap
AES 192 Cipher KeyWrapstatic String
AES_256
AES 256 Cipherstatic String
AES_256_GCM
AES 256 GCM Cipherstatic String
AES_256_KeyWrap
AES 256 Cipher KeyWrapstatic String
BASE64_ENCODING
Base64 encodingstatic String
CAMELLIA_128
CAMELLIA 128 Cipherstatic String
CAMELLIA_128_KeyWrap
CAMELLIA 128 Cipher KeyWrapstatic String
CAMELLIA_192
CAMELLIA 192 Cipherstatic String
CAMELLIA_192_KeyWrap
CAMELLIA 192 Cipher KeyWrapstatic String
CAMELLIA_256
CAMELLIA 256 Cipherstatic String
CAMELLIA_256_KeyWrap
CAMELLIA 256 Cipher KeyWrapstatic int
DECRYPT_MODE
DECRYPT Modestatic String
DIFFIE_HELLMAN
DIFFIE_HELLMAN Cipherstatic int
ENCRYPT_MODE
ENCRYPT Modestatic String
EXCL_XML_N14C
N14C_XML exclusivestatic String
EXCL_XML_N14C_WITH_COMMENTS
N14C_XML exclusive with commentsstatic String
N14C_XML
N14C_XMLstatic String
N14C_XML_WITH_COMMENTS
N14C_XML with commentsstatic String
PHYSICAL_XML_N14C
N14C_PHYSICAL preserve the physical representationstatic String
RIPEMD_160
RIPEMD Cipherstatic String
RSA_OAEP
RSA OAEP Cipherstatic String
RSA_OAEP_11
RSA OAEP Cipherstatic String
RSA_v1dot5
RSA 1.5 Cipherstatic String
SEED_128
SEED 128 Cipherstatic String
SEED_128_KeyWrap
SEED 128 Cipher KeyWrapstatic String
SHA1
SHA1 Cipherstatic String
SHA256
SHA256 Cipherstatic String
SHA512
SHA512 Cipherstatic String
TRIPLEDES
Triple DES EDE (192 bit key) in CBC modestatic String
TRIPLEDES_KeyWrap
Triple DES EDE (192 bit key) in CBC mode KEYWRAPstatic int
UNWRAP_MODE
UNWRAP Modestatic int
WRAP_MODE
WRAP Modestatic String
XML_DSIG
XML Signature NS
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description AgreementMethod
createAgreementMethod(String algorithm)
Create an AgreementMethod objectCipherData
createCipherData(int type)
Create a CipherData objectCipherReference
createCipherReference(String uri)
Create a CipherReference objectCipherValue
createCipherValue(String value)
Create a CipherValue elementEncryptedData
createEncryptedData(int type, String value)
Creates anEncryptedData
Element
.EncryptedKey
createEncryptedKey(int type, String value)
Creates anEncryptedKey
Element
.EncryptionMethod
createEncryptionMethod(String algorithm)
Create an EncryptionMethod objectEncryptionProperties
createEncryptionProperties()
Create an EncryptionProperties elementEncryptionProperty
createEncryptionProperty()
Create a new EncryptionProperty elementReferenceList
createReferenceList(int type)
Create a new ReferenceList objectTransforms
createTransforms()
Create a new Transforms objectTransforms
createTransforms(Document doc)
Create a new Transforms object Because the handling of Transforms is currently done in the signature code, the creation of a Transforms object requires a context document.Key
decryptKey(EncryptedKey encryptedKey)
Decrypt a key from a passed in EncryptedKey structure.Key
decryptKey(EncryptedKey encryptedKey, String algorithm)
Decrypt a key from a passed in EncryptedKey structurebyte[]
decryptToByteArray(Element element)
Decrypt an EncryptedData element to a byte array.Document
doFinal(Document context, Document source)
Process a DOMDocument
node.Document
doFinal(Document context, Element element)
Process a DOMElement
node.Document
doFinal(Document context, Element element, boolean content)
Process the contents of a DOMElement
node.EncryptedData
encryptData(Document context, String type, InputStream serializedData)
Returns anEncryptedData
interface.EncryptedData
encryptData(Document context, Element element)
Returns anEncryptedData
interface.EncryptedData
encryptData(Document context, Element element, boolean contentMode)
Returns anEncryptedData
interface.EncryptedKey
encryptKey(Document doc, Key key)
Encrypts a key to an EncryptedKey structureEncryptedKey
encryptKey(Document doc, Key key, String mgfAlgorithm, byte[] oaepParams)
Encrypts a key to an EncryptedKey structureEncryptedData
getEncryptedData()
Get the EncryptedData being builtEncryptedKey
getEncryptedKey()
Get the EncryptedData being build Returns the EncryptedData being built during an ENCRYPT operation.static XMLCipher
getInstance()
Returns anXMLCipher
that implements no specific transformation, and can therefore only be used for decrypt or unwrap operations where the encryption method is defined in theEncryptionMethod
element.static XMLCipher
getInstance(String transformation)
Returns anXMLCipher
that implements the specified transformation and operates on the specified context document.static XMLCipher
getInstance(String transformation, String canon)
Returns anXMLCipher
that implements the specified transformation, operates on the specified context document and serializes the document with the specified canonicalization algorithm before it encrypts the document.static XMLCipher
getInstance(String transformation, String canon, String digestMethod)
Returns anXMLCipher
that implements the specified transformation, operates on the specified context document and serializes the document with the specified canonicalization algorithm before it encrypts the document.static XMLCipher
getProviderInstance(String provider)
Returns anXMLCipher
that implements no specific transformation, and can therefore only be used for decrypt or unwrap operations where the encryption method is defined in theEncryptionMethod
element.static XMLCipher
getProviderInstance(String transformation, String provider)
Returns anXMLCipher
that implements the specified transformation and operates on the specified context document.static XMLCipher
getProviderInstance(String transformation, String provider, String canon)
Returns anXMLCipher
that implements the specified transformation, operates on the specified context document and serializes the document with the specified canonicalization algorithm before it encrypts the document.static XMLCipher
getProviderInstance(String transformation, String provider, String canon, String digestMethod)
Returns anXMLCipher
that implements the specified transformation, operates on the specified context document and serializes the document with the specified canonicalization algorithm before it encrypts the document.Serializer
getSerializer()
Get the Serializer algorithm to usevoid
init(int opmode, Key key)
Initializes this cipher with a key.EncryptedData
loadEncryptedData(Document context, Element element)
Returns anEncryptedData
interface.EncryptedKey
loadEncryptedKey(Document context, Element element)
Returns anEncryptedKey
interface.EncryptedKey
loadEncryptedKey(Element element)
Returns anEncryptedKey
interface.Element
martial(EncryptedData encryptedData)
Martial an EncryptedData Takes an EncryptedData object and returns a DOM Element that represents the appropriateEncryptedData
Element
martial(EncryptedKey encryptedKey)
Martial an EncryptedKey Takes an EncryptedKey object and returns a DOM Element that represents the appropriateEncryptedKey
Element
martial(ReferenceList referenceList)
Martial a ReferenceList Takes a ReferenceList object and returns a DOM Element that represents the appropriateReferenceList
Element
martial(Document context, EncryptedData encryptedData)
Martial an EncryptedData Takes an EncryptedData object and returns a DOM Element that represents the appropriateEncryptedData
Element
martial(Document context, EncryptedKey encryptedKey)
Martial an EncryptedKey Takes an EncryptedKey object and returns a DOM Element that represents the appropriateEncryptedKey
Element
martial(Document context, ReferenceList referenceList)
Martial a ReferenceList Takes a ReferenceList object and returns a DOM Element that represents the appropriateReferenceList
void
registerInternalKeyResolver(KeyResolverSpi keyResolver)
This method is used to add a customKeyResolverSpi
to an XMLCipher.void
setKEK(Key kek)
Set a Key Encryption Key.void
setSecureValidation(boolean secureValidation)
Set whether secure validation is enabled or not.void
setSerializer(Serializer serializer)
Set the Serializer algorithm to use
-
-
-
Field Detail
-
TRIPLEDES
public static final String TRIPLEDES
Triple DES EDE (192 bit key) in CBC mode- See Also:
- Constant Field Values
-
AES_128
public static final String AES_128
AES 128 Cipher- See Also:
- Constant Field Values
-
AES_256
public static final String AES_256
AES 256 Cipher- See Also:
- Constant Field Values
-
AES_192
public static final String AES_192
AES 192 Cipher- See Also:
- Constant Field Values
-
AES_128_GCM
public static final String AES_128_GCM
AES 128 GCM Cipher- See Also:
- Constant Field Values
-
AES_192_GCM
public static final String AES_192_GCM
AES 192 GCM Cipher- See Also:
- Constant Field Values
-
AES_256_GCM
public static final String AES_256_GCM
AES 256 GCM Cipher- See Also:
- Constant Field Values
-
SEED_128
public static final String SEED_128
SEED 128 Cipher- See Also:
- Constant Field Values
-
CAMELLIA_128
public static final String CAMELLIA_128
CAMELLIA 128 Cipher- See Also:
- Constant Field Values
-
CAMELLIA_192
public static final String CAMELLIA_192
CAMELLIA 192 Cipher- See Also:
- Constant Field Values
-
CAMELLIA_256
public static final String CAMELLIA_256
CAMELLIA 256 Cipher- See Also:
- Constant Field Values
-
RSA_v1dot5
public static final String RSA_v1dot5
RSA 1.5 Cipher- See Also:
- Constant Field Values
-
RSA_OAEP
public static final String RSA_OAEP
RSA OAEP Cipher- See Also:
- Constant Field Values
-
RSA_OAEP_11
public static final String RSA_OAEP_11
RSA OAEP Cipher- See Also:
- Constant Field Values
-
DIFFIE_HELLMAN
public static final String DIFFIE_HELLMAN
DIFFIE_HELLMAN Cipher- See Also:
- Constant Field Values
-
TRIPLEDES_KeyWrap
public static final String TRIPLEDES_KeyWrap
Triple DES EDE (192 bit key) in CBC mode KEYWRAP- See Also:
- Constant Field Values
-
AES_128_KeyWrap
public static final String AES_128_KeyWrap
AES 128 Cipher KeyWrap- See Also:
- Constant Field Values
-
AES_256_KeyWrap
public static final String AES_256_KeyWrap
AES 256 Cipher KeyWrap- See Also:
- Constant Field Values
-
AES_192_KeyWrap
public static final String AES_192_KeyWrap
AES 192 Cipher KeyWrap- See Also:
- Constant Field Values
-
CAMELLIA_128_KeyWrap
public static final String CAMELLIA_128_KeyWrap
CAMELLIA 128 Cipher KeyWrap- See Also:
- Constant Field Values
-
CAMELLIA_192_KeyWrap
public static final String CAMELLIA_192_KeyWrap
CAMELLIA 192 Cipher KeyWrap- See Also:
- Constant Field Values
-
CAMELLIA_256_KeyWrap
public static final String CAMELLIA_256_KeyWrap
CAMELLIA 256 Cipher KeyWrap- See Also:
- Constant Field Values
-
SEED_128_KeyWrap
public static final String SEED_128_KeyWrap
SEED 128 Cipher KeyWrap- See Also:
- Constant Field Values
-
SHA1
public static final String SHA1
SHA1 Cipher- See Also:
- Constant Field Values
-
SHA256
public static final String SHA256
SHA256 Cipher- See Also:
- Constant Field Values
-
SHA512
public static final String SHA512
SHA512 Cipher- See Also:
- Constant Field Values
-
RIPEMD_160
public static final String RIPEMD_160
RIPEMD Cipher- See Also:
- Constant Field Values
-
XML_DSIG
public static final String XML_DSIG
XML Signature NS- See Also:
- Constant Field Values
-
N14C_XML
public static final String N14C_XML
N14C_XML- See Also:
- Constant Field Values
-
N14C_XML_WITH_COMMENTS
public static final String N14C_XML_WITH_COMMENTS
N14C_XML with comments- See Also:
- Constant Field Values
-
EXCL_XML_N14C
public static final String EXCL_XML_N14C
N14C_XML exclusive- See Also:
- Constant Field Values
-
EXCL_XML_N14C_WITH_COMMENTS
public static final String EXCL_XML_N14C_WITH_COMMENTS
N14C_XML exclusive with comments- See Also:
- Constant Field Values
-
PHYSICAL_XML_N14C
public static final String PHYSICAL_XML_N14C
N14C_PHYSICAL preserve the physical representation- See Also:
- Constant Field Values
-
BASE64_ENCODING
public static final String BASE64_ENCODING
Base64 encoding- See Also:
- Constant Field Values
-
ENCRYPT_MODE
public static final int ENCRYPT_MODE
ENCRYPT Mode- See Also:
- Constant Field Values
-
DECRYPT_MODE
public static final int DECRYPT_MODE
DECRYPT Mode- See Also:
- Constant Field Values
-
UNWRAP_MODE
public static final int UNWRAP_MODE
UNWRAP Mode- See Also:
- Constant Field Values
-
WRAP_MODE
public static final int WRAP_MODE
WRAP Mode- See Also:
- Constant Field Values
-
-
Method Detail
-
setSerializer
public void setSerializer(Serializer serializer)
Set the Serializer algorithm to use
-
getSerializer
public Serializer getSerializer()
Get the Serializer algorithm to use
-
getInstance
public static XMLCipher getInstance(String transformation) throws XMLEncryptionException
Returns anXMLCipher
that implements the specified transformation and operates on the specified context document.If the default provider package supplies an implementation of the requested transformation, an instance of Cipher containing that implementation is returned. If the transformation is not available in the default provider package, other provider packages are searched.
NOTE1: The transformation name does not follow the same pattern as that outlined in the Java Cryptography Extension Reference Guide but rather that specified by the XML Encryption Syntax and Processing document. The rational behind this is to make it easier for a novice at writing Java Encryption software to use the library.
NOTE2:
getInstance()
does not follow the same pattern regarding exceptional conditions as that used injavax.crypto.Cipher
. Instead, it only throws anXMLEncryptionException
which wraps an underlying exception. The stack trace from the exception should be self explanatory.- Parameters:
transformation
- the name of the transformation, e.g.,XMLCipher.TRIPLEDES
which is shorthand for "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"- Returns:
- the XMLCipher
- Throws:
XMLEncryptionException
- See Also:
Cipher.getInstance(java.lang.String)
-
getInstance
public static XMLCipher getInstance(String transformation, String canon) throws XMLEncryptionException
Returns anXMLCipher
that implements the specified transformation, operates on the specified context document and serializes the document with the specified canonicalization algorithm before it encrypts the document.- Parameters:
transformation
- the name of the transformationcanon
- the name of the c14n algorithm, ifnull
use standard serializer- Returns:
- the XMLCipher
- Throws:
XMLEncryptionException
-
getInstance
public static XMLCipher getInstance(String transformation, String canon, String digestMethod) throws XMLEncryptionException
Returns anXMLCipher
that implements the specified transformation, operates on the specified context document and serializes the document with the specified canonicalization algorithm before it encrypts the document.- Parameters:
transformation
- the name of the transformationcanon
- the name of the c14n algorithm, ifnull
use standard serializerdigestMethod
- An optional digestMethod to use- Returns:
- the XMLCipher
- Throws:
XMLEncryptionException
-
getProviderInstance
public static XMLCipher getProviderInstance(String transformation, String provider) throws XMLEncryptionException
Returns anXMLCipher
that implements the specified transformation and operates on the specified context document.- Parameters:
transformation
- the name of the transformationprovider
- the JCE provider that supplies the transformation- Returns:
- the XMLCipher
- Throws:
XMLEncryptionException
-
getProviderInstance
public static XMLCipher getProviderInstance(String transformation, String provider, String canon) throws XMLEncryptionException
Returns anXMLCipher
that implements the specified transformation, operates on the specified context document and serializes the document with the specified canonicalization algorithm before it encrypts the document.- Parameters:
transformation
- the name of the transformationprovider
- the JCE provider that supplies the transformationcanon
- the name of the c14n algorithm, ifnull
use standard serializer- Returns:
- the XMLCipher
- Throws:
XMLEncryptionException
-
getProviderInstance
public static XMLCipher getProviderInstance(String transformation, String provider, String canon, String digestMethod) throws XMLEncryptionException
Returns anXMLCipher
that implements the specified transformation, operates on the specified context document and serializes the document with the specified canonicalization algorithm before it encrypts the document.- Parameters:
transformation
- the name of the transformationprovider
- the JCE provider that supplies the transformationcanon
- the name of the c14n algorithm, ifnull
use standard serializerdigestMethod
- An optional digestMethod to use- Returns:
- the XMLCipher
- Throws:
XMLEncryptionException
-
getInstance
public static XMLCipher getInstance() throws XMLEncryptionException
Returns anXMLCipher
that implements no specific transformation, and can therefore only be used for decrypt or unwrap operations where the encryption method is defined in theEncryptionMethod
element.- Returns:
- The XMLCipher
- Throws:
XMLEncryptionException
-
getProviderInstance
public static XMLCipher getProviderInstance(String provider) throws XMLEncryptionException
Returns anXMLCipher
that implements no specific transformation, and can therefore only be used for decrypt or unwrap operations where the encryption method is defined in theEncryptionMethod
element. Allows the caller to specify a provider that will be used for cryptographic operations.- Parameters:
provider
- the JCE provider that supplies the transformation- Returns:
- the XMLCipher
- Throws:
XMLEncryptionException
-
init
public void init(int opmode, Key key) throws XMLEncryptionException
Initializes this cipher with a key.The cipher is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of opmode. For WRAP and ENCRYPT modes, this also initialises the internal EncryptedKey or EncryptedData (with a CipherValue) structure that will be used during the ensuing operations. This can be obtained (in order to modify KeyInfo elements etc. prior to finalising the encryption) by calling
getEncryptedData()
orgetEncryptedKey()
.- Parameters:
opmode
- the operation mode of this cipher (this is one of the following: ENCRYPT_MODE, DECRYPT_MODE, WRAP_MODE or UNWRAP_MODE)key
-- Throws:
XMLEncryptionException
- See Also:
Cipher.init(int, java.security.Key)
-
setSecureValidation
public void setSecureValidation(boolean secureValidation)
Set whether secure validation is enabled or not. The default is false.
-
registerInternalKeyResolver
public void registerInternalKeyResolver(KeyResolverSpi keyResolver)
This method is used to add a customKeyResolverSpi
to an XMLCipher. These KeyResolvers are used in KeyInfo objects in DECRYPT and UNWRAP modes.- Parameters:
keyResolver
-
-
getEncryptedData
public EncryptedData getEncryptedData()
Get the EncryptedData being builtReturns the EncryptedData being built during an ENCRYPT operation. This can then be used by applications to add KeyInfo elements and set other parameters.
- Returns:
- The EncryptedData being built
-
getEncryptedKey
public EncryptedKey getEncryptedKey()
Get the EncryptedData being build Returns the EncryptedData being built during an ENCRYPT operation. This can then be used by applications to add KeyInfo elements and set other parameters.- Returns:
- The EncryptedData being built
-
setKEK
public void setKEK(Key kek)
Set a Key Encryption Key.The Key Encryption Key (KEK) is used for encrypting/decrypting EncryptedKey elements. By setting this separately, the XMLCipher class can know whether a key applies to the data part or wrapped key part of an encrypted object.
- Parameters:
kek
- The key to use for de/encrypting key data
-
martial
public Element martial(EncryptedData encryptedData)
Martial an EncryptedData Takes an EncryptedData object and returns a DOM Element that represents the appropriateEncryptedData
Note: This should only be used in cases where the context document has been passed in via a call to doFinal.
- Parameters:
encryptedData
- EncryptedData object to martial- Returns:
- the DOM
Element
representing the passed in object
-
martial
public Element martial(Document context, EncryptedData encryptedData)
Martial an EncryptedData Takes an EncryptedData object and returns a DOM Element that represents the appropriateEncryptedData
- Parameters:
context
- The document that will own the returned nodesencryptedData
- EncryptedData object to martial- Returns:
- the DOM
Element
representing the passed in object
-
martial
public Element martial(EncryptedKey encryptedKey)
Martial an EncryptedKey Takes an EncryptedKey object and returns a DOM Element that represents the appropriateEncryptedKey
Note: This should only be used in cases where the context document has been passed in via a call to doFinal.
- Parameters:
encryptedKey
- EncryptedKey object to martial- Returns:
- the DOM
Element
representing the passed in object
-
martial
public Element martial(Document context, EncryptedKey encryptedKey)
Martial an EncryptedKey Takes an EncryptedKey object and returns a DOM Element that represents the appropriateEncryptedKey
- Parameters:
context
- The document that will own the created nodesencryptedKey
- EncryptedKey object to martial- Returns:
- the DOM
Element
representing the passed in object
-
martial
public Element martial(ReferenceList referenceList)
Martial a ReferenceList Takes a ReferenceList object and returns a DOM Element that represents the appropriateReferenceList
Note: This should only be used in cases where the context document has been passed in via a call to doFinal.
- Parameters:
referenceList
- ReferenceList object to martial- Returns:
- the DOM
Element
representing the passed in object
-
martial
public Element martial(Document context, ReferenceList referenceList)
Martial a ReferenceList Takes a ReferenceList object and returns a DOM Element that represents the appropriateReferenceList
- Parameters:
context
- The document that will own the created nodesreferenceList
- ReferenceList object to martial- Returns:
- the DOM
Element
representing the passed in object
-
doFinal
public Document doFinal(Document context, Document source) throws Exception
Process a DOMDocument
node. The processing depends on the initialization parameters ofinit()
.- Parameters:
context
- the contextDocument
.source
- theDocument
to be encrypted or decrypted.- Returns:
- the processed
Document
. - Throws:
Exception
- to indicate any exceptional conditions.
-
doFinal
public Document doFinal(Document context, Element element) throws Exception
Process a DOMElement
node. The processing depends on the initialization parameters ofinit()
.- Parameters:
context
- the contextDocument
.element
- theElement
to be encrypted.- Returns:
- the processed
Document
. - Throws:
Exception
- to indicate any exceptional conditions.
-
doFinal
public Document doFinal(Document context, Element element, boolean content) throws Exception
Process the contents of a DOMElement
node. The processing depends on the initialization parameters ofinit()
.- Parameters:
context
- the contextDocument
.element
- theElement
which contents is to be encrypted.content
-- Returns:
- the processed
Document
. - Throws:
Exception
- to indicate any exceptional conditions.
-
encryptData
public EncryptedData encryptData(Document context, Element element) throws Exception
Returns anEncryptedData
interface. Use this operation if you want to have full control over the contents of theEncryptedData
structure. This does not change the source document in any way.- Parameters:
context
- the contextDocument
.element
- theElement
that will be encrypted.- Returns:
- the
EncryptedData
- Throws:
Exception
-
encryptData
public EncryptedData encryptData(Document context, String type, InputStream serializedData) throws Exception
Returns anEncryptedData
interface. Use this operation if you want to have full control over the serialization of the element or element content. This does not change the source document in any way.- Parameters:
context
- the contextDocument
.type
- a URI identifying type information about the plaintext form of the encrypted content (may benull
)serializedData
- the serialized data- Returns:
- the
EncryptedData
- Throws:
Exception
-
encryptData
public EncryptedData encryptData(Document context, Element element, boolean contentMode) throws Exception
Returns anEncryptedData
interface. Use this operation if you want to have full control over the contents of theEncryptedData
structure. This does not change the source document in any way.- Parameters:
context
- the contextDocument
.element
- theElement
that will be encrypted.contentMode
-true
to encrypt element's content only,false
otherwise- Returns:
- the
EncryptedData
- Throws:
Exception
-
loadEncryptedData
public EncryptedData loadEncryptedData(Document context, Element element) throws XMLEncryptionException
Returns anEncryptedData
interface. Use this operation if you want to load anEncryptedData
structure from a DOM structure and manipulate the contents.- Parameters:
context
- the contextDocument
.element
- theElement
that will be loaded- Returns:
- the
EncryptedData
- Throws:
XMLEncryptionException
-
loadEncryptedKey
public EncryptedKey loadEncryptedKey(Document context, Element element) throws XMLEncryptionException
Returns anEncryptedKey
interface. Use this operation if you want to load anEncryptedKey
structure from a DOM structure and manipulate the contents.- Parameters:
context
- the contextDocument
.element
- theElement
that will be loaded- Returns:
- the
EncryptedKey
- Throws:
XMLEncryptionException
-
loadEncryptedKey
public EncryptedKey loadEncryptedKey(Element element) throws XMLEncryptionException
Returns anEncryptedKey
interface. Use this operation if you want to load anEncryptedKey
structure from a DOM structure and manipulate the contents. Assumes that the context document is the document that owns the element- Parameters:
element
- theElement
that will be loaded- Returns:
- the
EncryptedKey
- Throws:
XMLEncryptionException
-
encryptKey
public EncryptedKey encryptKey(Document doc, Key key) throws XMLEncryptionException
Encrypts a key to an EncryptedKey structure- Parameters:
doc
- the Context document that will be used to general DOMkey
- Key to encrypt (will use previously set KEK to perform encryption- Returns:
- the
EncryptedKey
- Throws:
XMLEncryptionException
-
encryptKey
public EncryptedKey encryptKey(Document doc, Key key, String mgfAlgorithm, byte[] oaepParams) throws XMLEncryptionException
Encrypts a key to an EncryptedKey structure- Parameters:
doc
- the Context document that will be used to general DOMkey
- Key to encrypt (will use previously set KEK to perform encryptionmgfAlgorithm
- The xenc11 MGF Algorithm to useoaepParams
- The OAEPParams to use- Returns:
- the
EncryptedKey
- Throws:
XMLEncryptionException
-
decryptKey
public Key decryptKey(EncryptedKey encryptedKey, String algorithm) throws XMLEncryptionException
Decrypt a key from a passed in EncryptedKey structure- Parameters:
encryptedKey
- Previously loaded EncryptedKey that needs to be decrypted.algorithm
- Algorithm for the decrypted key- Returns:
- a key corresponding to the given type
- Throws:
XMLEncryptionException
-
decryptKey
public Key decryptKey(EncryptedKey encryptedKey) throws XMLEncryptionException
Decrypt a key from a passed in EncryptedKey structure. This version is used mainly internally, when the cipher already has an EncryptedData loaded. The algorithm URI will be read from the EncryptedData- Parameters:
encryptedKey
- Previously loaded EncryptedKey that needs to be decrypted.- Returns:
- a key corresponding to the given type
- Throws:
XMLEncryptionException
-
decryptToByteArray
public byte[] decryptToByteArray(Element element) throws XMLEncryptionException
Decrypt an EncryptedData element to a byte array. When passed in an EncryptedData node, returns the decryption as a byte array. Does not modify the source document.- Parameters:
element
-- Returns:
- the bytes resulting from the decryption
- Throws:
XMLEncryptionException
-
createEncryptedData
public EncryptedData createEncryptedData(int type, String value) throws XMLEncryptionException
Creates anEncryptedData
Element
. The newEncryptedData and newEncryptedKey methods create fairly complete elements that are immediately useable. All the other create* methods return bare elements that still need to be built upon.An EncryptionMethod will still need to be added however
- Parameters:
type
- Either REFERENCE_TYPE or VALUE_TYPE - defines what kind of CipherData this EncryptedData will contain.value
- the Base 64 encoded, encrypted text to wrap in theEncryptedData
or the URI to set in the CipherReference (usage will depend on thetype
- Returns:
- the
EncryptedData
Element
. - Throws:
XMLEncryptionException
-
createEncryptedKey
public EncryptedKey createEncryptedKey(int type, String value) throws XMLEncryptionException
Creates anEncryptedKey
Element
. The newEncryptedData and newEncryptedKey methods create fairly complete elements that are immediately useable. All the other create* methods return bare elements that still need to be built upon.An EncryptionMethod will still need to be added however
- Parameters:
type
- Either REFERENCE_TYPE or VALUE_TYPE - defines what kind of CipherData this EncryptedData will contain.value
- the Base 64 encoded, encrypted text to wrap in theEncryptedKey
or the URI to set in the CipherReference (usage will depend on thetype
- Returns:
- the
EncryptedKey
Element
. - Throws:
XMLEncryptionException
-
createAgreementMethod
public AgreementMethod createAgreementMethod(String algorithm)
Create an AgreementMethod object- Parameters:
algorithm
- Algorithm of the agreement method- Returns:
- a new
AgreementMethod
-
createCipherData
public CipherData createCipherData(int type)
Create a CipherData object- Parameters:
type
- Type of this CipherData (either VALUE_TUPE or REFERENCE_TYPE)- Returns:
- a new
CipherData
-
createCipherReference
public CipherReference createCipherReference(String uri)
Create a CipherReference object- Parameters:
uri
- The URI that the reference will refer- Returns:
- a new
CipherReference
-
createCipherValue
public CipherValue createCipherValue(String value)
Create a CipherValue element- Parameters:
value
- The value to set the ciphertext to- Returns:
- a new
CipherValue
-
createEncryptionMethod
public EncryptionMethod createEncryptionMethod(String algorithm)
Create an EncryptionMethod object- Parameters:
algorithm
- Algorithm for the encryption- Returns:
- a new
EncryptionMethod
-
createEncryptionProperties
public EncryptionProperties createEncryptionProperties()
Create an EncryptionProperties element- Returns:
- a new
EncryptionProperties
-
createEncryptionProperty
public EncryptionProperty createEncryptionProperty()
Create a new EncryptionProperty element- Returns:
- a new
EncryptionProperty
-
createReferenceList
public ReferenceList createReferenceList(int type)
Create a new ReferenceList object- Parameters:
type
- ReferenceList.DATA_REFERENCE or ReferenceList.KEY_REFERENCE- Returns:
- a new
ReferenceList
-
createTransforms
public Transforms createTransforms()
Create a new Transforms objectNote: A context document must have been set elsewhere (possibly via a call to doFinal). If not, use the createTransforms(Document) method.
- Returns:
- a new
Transforms
-
createTransforms
public Transforms createTransforms(Document doc)
Create a new Transforms object Because the handling of Transforms is currently done in the signature code, the creation of a Transforms object requires a context document.- Parameters:
doc
- Document that will own the created Transforms node- Returns:
- a new
Transforms
-
-