SecretKey secretKey,
KeyInfo keyInfo,
Vector references
) throws WSSecurityException {
XMLCipher xmlCipher = null;
try {
xmlCipher = XMLCipher.getInstance(symEncAlgo);
} catch (XMLEncryptionException e3) {
throw new WSSecurityException(
WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, e3
);
}
Vector encDataRef = new Vector();
boolean cloneKeyInfo = false;
for (int part = 0; part < references.size(); part++) {
WSEncryptionPart encPart = (WSEncryptionPart) references.get(part);
String idToEnc = encPart.getId();
String elemName = encPart.getName();
String nmSpace = encPart.getNamespace();
String modifier = encPart.getEncModifier();
//
// Third step: get the data to encrypt.
//
Element body = null;
if (idToEnc != null) {
body =
WSSecurityUtil.findElementById(
document.getDocumentElement(), idToEnc, WSConstants.WSU_NS
);
if (body == null) {
body =
WSSecurityUtil.findElementById(document.getDocumentElement(), idToEnc, null);
}
} else {
body = (Element) WSSecurityUtil.findElement(document, elemName, nmSpace);
}
if (body == null) {
throw new WSSecurityException(
WSSecurityException.FAILURE,
"noEncElement",
new Object[] {"{" + nmSpace + "}" + elemName}
);
}
boolean content = modifier.equals("Content") ? true : false;
String xencEncryptedDataId = wssConfig.getIdAllocator().createId("EncDataId-", body);
encPart.setEncId(xencEncryptedDataId);
cloneKeyInfo = true;
if (keyInfo == null) {
keyInfo = new KeyInfo(document);
SecurityTokenReference secToken = new SecurityTokenReference(document);
if (useKeyIdentifier &&
SecurityTokenReference.SAML_ID_URI.equals(customReferenceValue)) {
secToken.setSAMLKeyIdentifier((encKeyIdDirectId ? "":"#") + encKeyId);
} else {
Reference ref = new Reference(document);
if (encKeyIdDirectId) {
ref.setURI(encKeyId);
} else {
ref.setURI("#" + encKeyId);
}
if (encKeyValueType != null) {
ref.setValueType(encKeyValueType);
}
secToken.setReference(ref);
}
keyInfo.addUnknownElement(secToken.getElement());
Element keyInfoElement = keyInfo.getElement();
keyInfoElement.setAttributeNS(
WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS
);
}
//
// Fourth step: encrypt data, and set necessary attributes in
// xenc:EncryptedData
//
try {
if (modifier.equals("Header")) {
Element elem =
doc.createElementNS(
WSConstants.WSSE11_NS, "wsse11:" + WSConstants.ENCRYPTED_HEADER
);
WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
String wsuPrefix =
WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
elem.setAttributeNS(
WSConstants.WSU_NS, wsuPrefix + ":Id",
wssConfig.getIdAllocator().createId("EncHeader-", body)
);
NamedNodeMap map = body.getAttributes();
for (int i = 0 ; i < map.getLength() ; i++) {
Attr attr = (Attr)map.item(i);
if (attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
|| attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) {
String soapEnvPrefix =
WSSecurityUtil.setNamespace(
elem, attr.getNamespaceURI(), WSConstants.DEFAULT_SOAP_PREFIX
);
elem.setAttributeNS(
attr.getNamespaceURI(),
soapEnvPrefix + ":" + attr.getLocalName(),
attr.getValue()
);
}
}
xmlCipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
EncryptedData encData = xmlCipher.getEncryptedData();
encData.setId(xencEncryptedDataId);
encData.setKeyInfo(keyInfo);
xmlCipher.doFinal(doc, body, content);
Element encDataElem =
WSSecurityUtil.findElementById(
document.getDocumentElement(), xencEncryptedDataId, null
);
Node clone = encDataElem.cloneNode(true);
elem.appendChild(clone);
encDataElem.getParentNode().appendChild(elem);
encDataElem.getParentNode().removeChild(encDataElem);
} else {
xmlCipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
EncryptedData encData = xmlCipher.getEncryptedData();
encData.setId(xencEncryptedDataId);
encData.setKeyInfo(keyInfo);
xmlCipher.doFinal(doc, body, content);
}
if (cloneKeyInfo) {
keyInfo = new KeyInfo((Element) keyInfo.getElement().cloneNode(true), null);
}
} catch (Exception e2) {