Package com.sun.org.apache.xml.internal.security.encryption

Examples of com.sun.org.apache.xml.internal.security.encryption.XMLCipher

107
108
109
110
111
112
113
114
115
116
117
118
119
120
                              EncryptionConstants._TAG_ENCRYPTEDKEY);

      if (isEncryptedKey) {
                  if (log.isLoggable(java.util.logging.Level.FINE))                                     log.log(java.util.logging.Level.FINE, "Passed an Encrypted Key");
                  try {
                          XMLCipher cipher = XMLCipher.getInstance();
                          cipher.init(XMLCipher.UNWRAP_MODE, _kek);
                          EncryptedKey ek = cipher.loadEncryptedKey(element);
                          _key = cipher.decryptKey(ek, _algorithm);
                  }
                  catch (Exception e) {}
      }

      return (_key != null);
View Full Code Here
321
322
323
324
325
326
327
328
329
330
        public void add(EncryptedKey encryptedKey)
                throws XMLEncryptionException {

                if (this._state == MODE_SIGN) {
                        XMLCipher cipher = XMLCipher.getInstance();
                        this._constructionElement.appendChild(cipher.martial(encryptedKey));
                }

        }
View Full Code Here
573
574
575
576
577
578
579
580
581
582
583
                Element e =
                        XMLUtils.selectXencNode(this._constructionElement.getFirstChild(),
                                                                                  EncryptionConstants._TAG_ENCRYPTEDKEY,i);

                if (e != null) {
                        XMLCipher cipher = XMLCipher.getInstance();
                        cipher.init(XMLCipher.UNWRAP_MODE, null);
                        return cipher.loadEncryptedKey(e);
                }
                return null;
   }
View Full Code Here
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
                        strategy.setCertificate(cert);
                        strategy.insertKey(keyInfoBlock, secureMessage, x509TokenId);
                        com.sun.org.apache.xml.internal.security.keys.KeyInfo apacheKeyInfo = keyInfoBlock.getKeyInfo();
                        //create an encrypted Key
                        EncryptedKey encryptedKey = null;
                        XMLCipher keyEncryptor = null;
                        try{
                            keyEncryptor = XMLCipher.getInstance(keyEncAlgo);
                            keyEncryptor.init(XMLCipher.WRAP_MODE, cert.getPublicKey());
                            if (keyEncryptor != null) {
                                encryptedKey = keyEncryptor.encryptKey(secureMessage.getSOAPPart(), signingKey);
                            }
                        }catch(Exception e){
                            logger.log(Level.SEVERE, LogStringsMessages.WSS_1334_ERROR_CREATING_ENCRYPTEDKEY());
                            throw new XWSSecurityException(e);
                        }
                        id = secureMessage.generateId();
                        encryptedKey.setId(id);
                        ekCache.put(x509TokenId, id);
                        // set its KeyInfo
                        encryptedKey.setKeyInfo(apacheKeyInfo);
                       
                        // insert the EK into the SOAPMessage
                        SOAPElement se = (SOAPElement)keyEncryptor.martial(encryptedKey);
                        if (insertedx509 == null) {
                            secureMessage.findOrCreateSecurityHeader().insertHeaderBlockElement(se);
                        } else {
                            secureMessage.findOrCreateSecurityHeader().insertBefore(se,insertedx509.getNextSibling());
                        }
View Full Code Here
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
                        }
                        String nonce = Base64.encode(dkt.getNonce());
                        HashMap ekCache = context.getEncryptedKeyCache();
                        String ekId = (String)ekCache.get(x509TokenId);
                        EncryptedKey encryptedKey = null;
                        XMLCipher keyEncryptor = null;
                        if(!tokenInserted){
                            //Store SymmetricKey generated in ProcessingContext
                            context.setExtraneousProperty("SecretKey", originalKey); //this is the originalKey
                            //keyinfo for encryptedKey
                            keyInfoBlock = new KeyInfoHeaderBlock(secureMessage.getSOAPPart());
                            strategy.setCertificate(cert);
                            strategy.insertKey(keyInfoBlock, secureMessage, x509TokenId);
                            com.sun.org.apache.xml.internal.security.keys.KeyInfo apacheKeyInfo = keyInfoBlock.getKeyInfo();
                           
                           
                            //create an encrypted Key --- it encrypts the original key
                            try{
                                keyEncryptor = XMLCipher.getInstance(keyEncAlgo);
                                keyEncryptor.init(XMLCipher.WRAP_MODE, cert.getPublicKey());
                                if (keyEncryptor != null) {
                                    encryptedKey = keyEncryptor.encryptKey(secureMessage.getSOAPPart(), originalKey);
                                }
                            }catch(Exception e){
                                logger.log(Level.SEVERE, LogStringsMessages.WSS_1335_UNSUPPORTED_KEYBINDING_SIGNATUREPOLICY());
                                throw new XWSSecurityException(e);
                            }
                            ekId = secureMessage.generateId();
                            ekCache.put(x509TokenId, ekId);
                            encryptedKey.setId(ekId);
                            // set its KeyInfo
                            encryptedKey.setKeyInfo(apacheKeyInfo);
                        }
                       
                        //STR for DerivedKeyToken
                        SecurityTokenReference tokenRef = new SecurityTokenReference(secureMessage.getSOAPPart());
                        DirectReference reference = new DirectReference();
                        //TODO: PLUGFEST commenting this as Microsoft puts Value type on reference itself
                        //tokenRef.setTokenType(MessageConstants.EncryptedKey_NS);
                        //set id of encrypted key in STR of DKT
                        reference.setValueType(MessageConstants.EncryptedKey_NS);
                        reference.setURI("#"+ekId);
                        tokenRef.setReference(reference);
                        DerivedKeyTokenHeaderBlock dktHeadrBlock =
                                new DerivedKeyTokenHeaderBlock(securityHeader.getOwnerDocument(), tokenRef, nonce, dkt.getOffset(), dkt.getLength() ,dktId);
                       
                        if(!tokenInserted){
                            Node nsX509 = null;
                            if (insertedx509 != null) {
                                nsX509 = insertedx509.getNextSibling();
                            }
                            // move DKT below X509 if present
                            if (nsX509 == null) {
                                secureMessage.findOrCreateSecurityHeader().insertHeaderBlock(dktHeadrBlock);
                            } else {
                                secureMessage.findOrCreateSecurityHeader().insertBefore(dktHeadrBlock, nsX509);
                            }
                            // move EK above DKT but below X509
                            if (insertedx509 != null) {
                                nsX509 = insertedx509.getNextSibling();
                            }
                           
                            // insert the EK into the SOAPMessage -  this goes on top of DKT Header block
                            SOAPElement se = (SOAPElement)keyEncryptor.martial(encryptedKey);
                            if (nsX509 == null) {
                                secureMessage.findOrCreateSecurityHeader().insertHeaderBlockElement(se);
                            }else {
                                secureMessage.findOrCreateSecurityHeader().insertBefore(se, nsX509);
                            }
View Full Code Here
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
        return date;
    }
   
    public static EncryptedKey encryptKey(final Document doc, final byte[] encryptedKey, final X509Certificate cert, final String keyWrapAlgorithm) throws Exception{
        final PublicKey pubKey = cert.getPublicKey();
        final XMLCipher cipher;
        if(keyWrapAlgorithm != null){
            cipher = XMLCipher.getInstance(keyWrapAlgorithm);
        }else{
            cipher = XMLCipher.getInstance(XMLCipher.RSA_OAEP);
        }
        cipher.init(XMLCipher.WRAP_MODE, pubKey);

        EncryptedKey encKey = cipher.encryptKey(doc, new SecretKeySpec(encryptedKey, "AES"));
        final KeyInfo keyinfo = new KeyInfo(doc);

        byte[] skid = X509SubjectKeyIdentifier.getSubjectKeyIdentifier(cert);
        if (skid != null && skid.length > 0){
            final KeyIdentifier keyIdentifier = new KeyIdentifierImpl(MessageConstants.X509SubjectKeyIdentifier_NS,null);
View Full Code Here
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
            else{
                throw new XWSSecurityException("Unsupported Key Information");
            }
        // Decrypt the encrypted secret key and return
            String algorithmURI = encryptedKey.getEncryptionMethod().getAlgorithm();
            XMLCipher xmlCipher = XMLCipher.getInstance();
            xmlCipher.init(XMLCipher.UNWRAP_MODE, null);
            xmlCipher.setKEK(kek);
       
            return xmlCipher.decryptKey(encryptedKey, algorithmURI);
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
       
    }
View Full Code Here
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
   
    private EncryptedKey encryptKey(final Document doc, final byte[] encryptedKey, final X509Certificate cert, final String appliesTo, final String keyWrapAlgorithm) throws WSTrustException{
        EncryptedKey encKey = null;
        try{
            final PublicKey pubKey = cert.getPublicKey();
            final XMLCipher cipher;
            if(keyWrapAlgorithm != null){
                cipher = XMLCipher.getInstance(keyWrapAlgorithm);
            }else{
                cipher = XMLCipher.getInstance(XMLCipher.RSA_OAEP);
            }
            cipher.init(XMLCipher.WRAP_MODE, pubKey);

            encKey = cipher.encryptKey(doc, new SecretKeySpec(encryptedKey, "AES"));
            final KeyInfo keyinfo = new KeyInfo(doc);
            //KeyIdentifier keyIdentifier = new KeyIdentifierImpl(MessageConstants.ThumbPrintIdentifier_NS,null);
            //keyIdentifier.setValue(Base64.encode(X509ThumbPrintIdentifier.getThumbPrintIdentifier(serCert)));
            byte[] skid = X509SubjectKeyIdentifier.getSubjectKeyIdentifier(cert);
            if (skid != null && skid.length > 0){
View Full Code Here
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
   
    private Element encryptToken(final Element assertion,  final X509Certificate serCert, final String appliesTo, final String encryptionAlgorithm, final String keyWrapAlgorithm) throws WSTrustException{
        Element encDataEle = null;
        // Create the encryption key
        try{
            final XMLCipher cipher;
            if(encryptionAlgorithm != null){
                cipher = XMLCipher.getInstance(encryptionAlgorithm);
            }else{
                cipher = XMLCipher.getInstance(XMLCipher.AES_256);
            }
            final int keysizeInBytes = 32;
            final byte[] skey = WSTrustUtil.generateRandomSecret(keysizeInBytes);
            cipher.init(XMLCipher.ENCRYPT_MODE, new SecretKeySpec(skey, "AES"));
               
            // Encrypt the assertion and return the Encrypteddata
            final Document owner = assertion.getOwnerDocument();
            final EncryptedData encData = cipher.encryptData(owner, assertion);
            final String id = "uuid-" + UUID.randomUUID().toString();
            encData.setId(id);
               
            final KeyInfo encKeyInfo = new KeyInfo(owner);
            final EncryptedKey encKey = encryptKey(owner, skey, serCert, appliesTo, keyWrapAlgorithm);
            encKeyInfo.add(encKey);
            encData.setKeyInfo(encKeyInfo);
           
            encDataEle = cipher.martial(encData);
         } catch (XMLEncryptionException ex) {
            log.log(Level.SEVERE,
                            LogStringsMessages.WST_0044_ERROR_ENCRYPT_ISSUED_TOKEN(appliesTo), ex);
            throw new WSTrustException( LogStringsMessages.WST_0040_ERROR_ENCRYPT_PROOFKEY(appliesTo), ex);
        } catch (Exception ex) {
View Full Code Here
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
        this.elem = elem;
    }
   
    public Key getSecretKey(Key privKey, String dataEncAlgo) throws XWSSecurityException {
        try {
            XMLCipher xmlc = null;
            String algorithm = null;
            if(elem != null){
                NodeList nl = elem.getElementsByTagNameNS(MessageConstants.XENC_NS, "EncryptionMethod");
                if (nl != null)
                    algorithm = ((Element)nl.item(0)).getAttribute("Algorithm");
                xmlc = XMLCipher.getInstance(algorithm);
                if ( encryptedKey == null)
                    encryptedKey = xmlc.loadEncryptedKey(elem);
            }
            if (xmlc == null){
                throw new XWSSecurityException("XMLCipher is null while getting SecretKey from EncryptedKey");
            }
            xmlc.init(XMLCipher.UNWRAP_MODE, privKey);
            SecretKey symmetricKey = (SecretKey) xmlc.decryptKey(encryptedKey, dataEncAlgo);
            return symmetricKey;
        } catch (Exception ex) {
            ex.printStackTrace();
            throw new XWSSecurityException("Error while getting SecretKey from EncryptedKey");
        }
View Full Code Here
TOP

Related Classes of com.sun.org.apache.xml.internal.security.encryption.XMLCipher

  • com.sun.org.apache.xml.internal.security.keys.KeyInfo
  • com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.EncryptedKeyResolver
  • com.sun.org.apache.xml.internal.utils.URI
  • com.sun.xml.ws.security.impl.IssuedTokenContextImpl
  • com.sun.xml.ws.security.trust.impl.IssueSamlTokenContractImpl
  • com.sun.xml.ws.security.trust.impl.WSTrustContractImpl
  • com.sun.xml.ws.security.trust.util.WSTrustUtil
  • com.sun.xml.wss.core.EncryptedKeyToken
  • com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor
  • com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.