protected void createEncryptionInfoEntry(DirectoryNode dir) throws IOException {
AgileEncryptionVerifier ver = builder.getVerifier();
AgileEncryptionHeader header = builder.getHeader();
EncryptionDocument ed = EncryptionDocument.Factory.newInstance();
CTEncryption edRoot = ed.addNewEncryption();
CTKeyData keyData = edRoot.addNewKeyData();
CTKeyEncryptors keyEncList = edRoot.addNewKeyEncryptors();
CTKeyEncryptor keyEnc = keyEncList.addNewKeyEncryptor();
keyEnc.setUri(CTKeyEncryptor.Uri.HTTP_SCHEMAS_MICROSOFT_COM_OFFICE_2006_KEY_ENCRYPTOR_PASSWORD);
CTPasswordKeyEncryptor keyPass = keyEnc.addNewEncryptedPasswordKey();
keyPass.setSpinCount(ver.getSpinCount());
keyData.setSaltSize(header.getBlockSize());
keyPass.setSaltSize(header.getBlockSize());
keyData.setBlockSize(header.getBlockSize());
keyPass.setBlockSize(header.getBlockSize());
keyData.setKeyBits(header.getKeySize());
keyPass.setKeyBits(header.getKeySize());
HashAlgorithm hashAlgo = header.getHashAlgorithmEx();
keyData.setHashSize(hashAlgo.hashSize);
keyPass.setHashSize(hashAlgo.hashSize);
STCipherAlgorithm.Enum xmlCipherAlgo = STCipherAlgorithm.Enum.forString(header.getCipherAlgorithm().xmlId);
if (xmlCipherAlgo == null) {
throw new EncryptedDocumentException("CipherAlgorithm "+header.getCipherAlgorithm()+" not supported.");
}
keyData.setCipherAlgorithm(xmlCipherAlgo);
keyPass.setCipherAlgorithm(xmlCipherAlgo);
switch (header.getChainingMode()) {
case cbc:
keyData.setCipherChaining(STCipherChaining.CHAINING_MODE_CBC);
keyPass.setCipherChaining(STCipherChaining.CHAINING_MODE_CBC);
break;
case cfb:
keyData.setCipherChaining(STCipherChaining.CHAINING_MODE_CFB);
keyPass.setCipherChaining(STCipherChaining.CHAINING_MODE_CFB);
break;
default:
throw new EncryptedDocumentException("ChainingMode "+header.getChainingMode()+" not supported.");
}
STHashAlgorithm.Enum xmlHashAlgo = STHashAlgorithm.Enum.forString(hashAlgo.ecmaString);
if (xmlHashAlgo == null) {
throw new EncryptedDocumentException("HashAlgorithm "+hashAlgo+" not supported.");
}
keyData.setHashAlgorithm(xmlHashAlgo);
keyPass.setHashAlgorithm(xmlHashAlgo);
keyData.setSaltValue(header.getKeySalt());
keyPass.setSaltValue(ver.getSalt());
keyPass.setEncryptedVerifierHashInput(ver.getEncryptedVerifier());
keyPass.setEncryptedVerifierHashValue(ver.getEncryptedVerifierHash());
keyPass.setEncryptedKeyValue(ver.getEncryptedKey());
CTDataIntegrity hmacData = edRoot.addNewDataIntegrity();
hmacData.setEncryptedHmacKey(header.getEncryptedHmacKey());
hmacData.setEncryptedHmacValue(header.getEncryptedHmacValue());
for (AgileCertificateEntry ace : ver.getCertificates()) {
keyEnc = keyEncList.addNewKeyEncryptor();