Class XMLEncryptionUtil

java.lang.Object
org.keycloak.saml.processing.core.util.XMLEncryptionUtil

public class XMLEncryptionUtil extends Object
Utility for XML Encryption Note: This utility is currently using Apache XML Security library API. JSR-106 is not yet final. Until that happens,we rely on the non-standard API.
Since:
May 4, 2009
Author:
Anil.Saldhana@redhat.com
  • Field Details

  • Constructor Details

    • XMLEncryptionUtil

      public XMLEncryptionUtil()
  • Method Details

    • encryptElement

      public static void encryptElement(QName elementQName, Document document, PublicKey publicKey, SecretKey secretKey, int keySize, QName wrappingElementQName, boolean addEncryptedKeyInKeyInfo) throws ProcessingException
      Throws:
      ProcessingException
    • encryptElement

      public static void encryptElement(QName elementQName, Document document, PublicKey publicKey, SecretKey secretKey, int keySize, QName wrappingElementQName, boolean addEncryptedKeyInKeyInfo, String keyEncryptionAlgorithm) throws ProcessingException
      Throws:
      ProcessingException
    • encryptElement

      public static void encryptElement(QName elementQName, Document document, PublicKey publicKey, SecretKey secretKey, int keySize, QName wrappingElementQName, boolean addEncryptedKeyInKeyInfo, String keyEncryptionAlgorithm, String keyEncryptionDigestMethod, String keyEncryptionMgfAlgorithm) throws ProcessingException
      Given an element in a Document, encrypt the element and replace the element in the document with the encrypted data
      Parameters:
      elementQName - QName of the element that we like to encrypt
      document - The document with the element to encrypt
      publicKey - The public Key to wrap the secret key
      secretKey - The secret key to use for encryption
      keySize - The size of the public key
      wrappingElementQName - A QName of an element that will wrap the encrypted element
      addEncryptedKeyInKeyInfo - Need for the EncryptedKey to be placed in ds:KeyInfo
      keyEncryptionAlgorithm - The wrap algorithm for the secret key (can be null, default is used depending the publicKey type)
      keyEncryptionDigestMethod - An optional digestMethod to use (can be null)
      keyEncryptionMgfAlgorithm - The xenc11 MGF Algorithm to use (can be null)
      Throws:
      ProcessingException
    • decryptElementInDocument

      public static Element decryptElementInDocument(Document documentWithEncryptedElement, XMLEncryptionUtil.DecryptionKeyLocator decryptionKeyLocator) throws ProcessingException
      Decrypts an encrypted element inside a document. It tries to use all keys provided by decryptionKeyLocator and if it does not succeed it throws ProcessingException.
      Parameters:
      documentWithEncryptedElement - document containing encrypted element
      decryptionKeyLocator - decryption key locator
      Returns:
      the document with the encrypted element replaced by the data element
      Throws:
      ProcessingException - when decrypting was not successful