return token;
}
private EncryptedKey encryptKey(final Document doc, final byte[] encryptedKey, final X509Certificate cert, final String appliesTo, final String keyWrapAlgorithm) throws WSTrustException{
EncryptedKey encKey = null;
try{
final PublicKey pubKey = cert.getPublicKey();
final XMLCipher cipher;
if(keyWrapAlgorithm != null){
cipher = XMLCipher.getInstance(keyWrapAlgorithm);
}else{
cipher = XMLCipher.getInstance(XMLCipher.RSA_OAEP);
}
cipher.init(XMLCipher.WRAP_MODE, pubKey);
encKey = cipher.encryptKey(doc, new SecretKeySpec(encryptedKey, "AES"));
final KeyInfo keyinfo = new KeyInfo(doc);
//KeyIdentifier keyIdentifier = new KeyIdentifierImpl(MessageConstants.ThumbPrintIdentifier_NS,null);
//keyIdentifier.setValue(Base64.encode(X509ThumbPrintIdentifier.getThumbPrintIdentifier(serCert)));
byte[] skid = X509SubjectKeyIdentifier.getSubjectKeyIdentifier(cert);
if (skid != null && skid.length > 0){
final KeyIdentifier keyIdentifier = new KeyIdentifierImpl(MessageConstants.X509SubjectKeyIdentifier_NS,null);
keyIdentifier.setValue(Base64.encode(skid));
final SecurityTokenReference str = new SecurityTokenReferenceImpl(keyIdentifier);
keyinfo.addUnknownElement((Element)doc.importNode(WSTrustElementFactory.newInstance().toElement(str,null), true));
}else{
final X509Data x509data = new X509Data(doc);
x509data.addCertificate(cert);
keyinfo.add(x509data);
}
encKey.setKeyInfo(keyinfo);
} catch (XWSSecurityException ex){
log.log(Level.SEVERE,
LogStringsMessages.WST_0040_ERROR_ENCRYPT_PROOFKEY(appliesTo), ex);
throw new WSTrustException( LogStringsMessages.WST_0040_ERROR_ENCRYPT_PROOFKEY(appliesTo), ex);
} catch (XMLEncryptionException ex) {