Package org.keycloak.saml.processing.core.util

Class XMLEncryptionUtil

java.lang.Object

org.keycloak.saml.processing.core.util.XMLEncryptionUtil

public class XMLEncryptionUtil
extends Object

Utility for XML Encryption Note: This utility is currently using Apache XML Security library API. JSR-106 is not yet final. Until that happens,we rely on the non-standard API.

Since:

May 4, 2009

Author:

Anil.Saldhana@redhat.com

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static interface	XMLEncryptionUtil.DecryptionKeyLocator

Field Summary

Fields

Modifier and Type	Field	Description
static String	DS_KEY_INFO

Constructor Summary

Constructors

Constructor	Description
XMLEncryptionUtil()

Method Summary

Modifier and Type	Method	Description
static Element	decryptElementInDocument(Document documentWithEncryptedElement, XMLEncryptionUtil.DecryptionKeyLocator decryptionKeyLocator)	Decrypts an encrypted element inside a document.
static void	encryptElement(QName elementQName, Document document, PublicKey publicKey, SecretKey secretKey, int keySize, QName wrappingElementQName, boolean addEncryptedKeyInKeyInfo)
static void	encryptElement(QName elementQName, Document document, PublicKey publicKey, SecretKey secretKey, int keySize, QName wrappingElementQName, boolean addEncryptedKeyInKeyInfo, String encryptionUrlForKeyUnwrap)	Given an element in a Document, encrypt the element and replace the element in the document with the encrypted data

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DS_KEY_INFO

public static final String DS_KEY_INFO

See Also:

Constant Field Values

Constructor Detail

XMLEncryptionUtil

public XMLEncryptionUtil()

Method Detail

encryptElement

public static void encryptElement(QName elementQName,
                                  Document document,
                                  PublicKey publicKey,
                                  SecretKey secretKey,
                                  int keySize,
                                  QName wrappingElementQName,
                                  boolean addEncryptedKeyInKeyInfo)
                           throws ProcessingException

Throws:

ProcessingException

encryptElement

public static void encryptElement(QName elementQName,
                                  Document document,
                                  PublicKey publicKey,
                                  SecretKey secretKey,
                                  int keySize,
                                  QName wrappingElementQName,
                                  boolean addEncryptedKeyInKeyInfo,
                                  String encryptionUrlForKeyUnwrap)
                           throws ProcessingException

Given an element in a Document, encrypt the element and replace the element in the document with the encrypted data

Parameters:

elementQName - QName of the element that we like to encrypt

document -

publicKey -

secretKey -

keySize -

wrappingElementQName - A QName of an element that will wrap the encrypted element

addEncryptedKeyInKeyInfo - Need for the EncryptedKey to be placed in ds:KeyInfo

Throws:

ProcessingException

decryptElementInDocument

public static Element decryptElementInDocument(Document documentWithEncryptedElement,
                                               XMLEncryptionUtil.DecryptionKeyLocator decryptionKeyLocator)
                                        throws ProcessingException

Decrypts an encrypted element inside a document. It tries to use all keys provided by decryptionKeyLocator and if it does not succeed it throws ProcessingException.

Parameters:

documentWithEncryptedElement - document containing encrypted element

decryptionKeyLocator - decryption key locator

Returns:

the document with the encrypted element replaced by the data element

Throws:

ProcessingException - when decrypting was not successful