Example 6 with EncryptedData
use of org.apache.xml.security.encryption.EncryptedData in project santuario-java by apache.
the class XMLCipherTest method testMultipleKEKs.
@org.junit.Test
public void testMultipleKEKs() throws Exception {
// source
Document d = document();
Document ed = null;
Document dd = null;
Element e = (Element) d.getElementsByTagName(element()).item(index());
Element ee = null;
String source = null;
String target = null;
if (haveISOPadding && haveKeyWraps) {
source = toString(d);
// Set up Key Encryption Key no. 1
KeyGenerator keygen = KeyGenerator.getInstance("AES");
keygen.init(192);
Key kek1 = keygen.generateKey();
// Set up Key Encryption Key no. 2
Key kek2 = keygen.generateKey();
// Generate a traffic key
keygen = KeyGenerator.getInstance("AES");
keygen.init(128);
Key key = keygen.generateKey();
cipher = XMLCipher.getInstance(XMLCipher.AES_192_KeyWrap);
cipher.init(XMLCipher.WRAP_MODE, kek1);
EncryptedKey encryptedKey1 = cipher.encryptKey(d, key);
cipher.init(XMLCipher.WRAP_MODE, kek2);
EncryptedKey encryptedKey2 = cipher.encryptKey(d, key);
// encrypt
cipher = XMLCipher.getInstance(XMLCipher.AES_128);
cipher.init(XMLCipher.ENCRYPT_MODE, key);
EncryptedData builder = cipher.getEncryptedData();
KeyInfo builderKeyInfo = builder.getKeyInfo();
if (builderKeyInfo == null) {
builderKeyInfo = new KeyInfo(d);
builder.setKeyInfo(builderKeyInfo);
}
builderKeyInfo.add(encryptedKey1);
builderKeyInfo.add(encryptedKey2);
ed = cipher.doFinal(d, e);
// decrypt
key = null;
ee = (Element) ed.getElementsByTagName("xenc:EncryptedData").item(0);
cipher = XMLCipher.getInstance(XMLCipher.AES_128);
cipher.init(XMLCipher.DECRYPT_MODE, null);
cipher.setKEK(kek2);
dd = cipher.doFinal(ed, ee);
target = toString(dd);
assertEquals(source, target);
} else {
LOG.warn("Test testAES128ElementAES192KWCipherUsingKEK skipped as " + "necessary algorithms not available");
}
}
Also used :
EncryptedKey(org.apache.xml.security.encryption.EncryptedKey)
KeyInfo(org.apache.xml.security.keys.KeyInfo)
Element(org.w3c.dom.Element)
EncryptedData(org.apache.xml.security.encryption.EncryptedData)
Document(org.w3c.dom.Document)
KeyGenerator(javax.crypto.KeyGenerator)
PublicKey(java.security.PublicKey)
EncryptedKey(org.apache.xml.security.encryption.EncryptedKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
SecretKey(javax.crypto.SecretKey)
Example 7 with EncryptedData
use of org.apache.xml.security.encryption.EncryptedData in project santuario-java by apache.
the class XMLCipherTest method testAes128ElementCipher.
@org.junit.Test
public void testAes128ElementCipher() throws Exception {
byte[] bits128 = { (byte) 0x10, (byte) 0x11, (byte) 0x12, (byte) 0x13, (byte) 0x14, (byte) 0x15, (byte) 0x16, (byte) 0x17, (byte) 0x18, (byte) 0x19, (byte) 0x1A, (byte) 0x1B, (byte) 0x1C, (byte) 0x1D, (byte) 0x1E, (byte) 0x1F };
Key key = new SecretKeySpec(bits128, "AES");
// source
Document d = document();
// target
Document ed = null;
// target
Document dd = null;
Element e = (Element) d.getElementsByTagName(element()).item(index());
Element ee = null;
String source = null;
String target = null;
if (haveISOPadding) {
source = toString(d);
// encrypt
cipher = XMLCipher.getInstance(XMLCipher.AES_128);
cipher.init(XMLCipher.ENCRYPT_MODE, key);
ed = cipher.doFinal(d, e);
// decrypt
cipher = XMLCipher.getInstance(XMLCipher.AES_128);
cipher.init(XMLCipher.DECRYPT_MODE, key);
ee = (Element) ed.getElementsByTagName("xenc:EncryptedData").item(0);
EncryptedData encryptedData = cipher.loadEncryptedData(ed, ee);
String algorithm = encryptedData.getEncryptionMethod().getAlgorithm();
assertEquals(XMLCipher.AES_128, algorithm);
dd = cipher.doFinal(ed, ee);
target = toString(dd);
assertEquals(source, target);
} else {
LOG.warn("Test testAes128ElementCipher skipped as necessary algorithms not available");
}
}
Also used :
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
Element(org.w3c.dom.Element)
EncryptedData(org.apache.xml.security.encryption.EncryptedData)
Document(org.w3c.dom.Document)
PublicKey(java.security.PublicKey)
EncryptedKey(org.apache.xml.security.encryption.EncryptedKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
SecretKey(javax.crypto.SecretKey)
Example 8 with EncryptedData
use of org.apache.xml.security.encryption.EncryptedData in project santuario-java by apache.
the class XMLCipherTest method testEncryptionProperties.
@org.junit.Test
public void testEncryptionProperties() throws Exception {
// source
Document d = document();
// target
Document ed = null;
// target
Document dd = null;
Element e = d.getDocumentElement();
Element ee = null;
String source = null;
String target = null;
if (haveISOPadding) {
source = toString(d);
// prepare for encryption
byte[] passPhrase = "24 Bytes per DESede key!".getBytes();
DESedeKeySpec keySpec = new DESedeKeySpec(passPhrase);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");
SecretKey key = keyFactory.generateSecret(keySpec);
// encrypt
cipher = XMLCipher.getInstance(XMLCipher.TRIPLEDES);
cipher.init(XMLCipher.ENCRYPT_MODE, key);
// Add EncryptionProperties
Element elem = d.createElement("CustomInformation");
elem.setTextContent("Some text content");
EncryptionProperties eps = cipher.createEncryptionProperties();
EncryptionProperty ep = cipher.createEncryptionProperty();
ep.addEncryptionInformation(elem);
ep.setId("_124124");
ep.setTarget("http://localhost/");
ep.setAttribute("xml:lang", "en");
eps.addEncryptionProperty(ep);
EncryptedData encData = cipher.getEncryptedData();
encData.setEncryptionProperties(eps);
ed = cipher.doFinal(d, e);
// XMLUtils.outputDOM(ed, System.out);
// decrypt
cipher = XMLCipher.getInstance(XMLCipher.TRIPLEDES);
cipher.init(XMLCipher.DECRYPT_MODE, key);
ee = (Element) ed.getElementsByTagName("xenc:EncryptedData").item(0);
dd = cipher.doFinal(ed, ee);
target = toString(dd);
assertEquals(source, target);
} else {
LOG.warn("Test testTripleDesDocumentCipher skipped as " + "necessary algorithms not available");
}
}
Also used :
EncryptionProperty(org.apache.xml.security.encryption.EncryptionProperty)
SecretKey(javax.crypto.SecretKey)
Element(org.w3c.dom.Element)
DESedeKeySpec(javax.crypto.spec.DESedeKeySpec)
EncryptionProperties(org.apache.xml.security.encryption.EncryptionProperties)
EncryptedData(org.apache.xml.security.encryption.EncryptedData)
Document(org.w3c.dom.Document)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
Example 9 with EncryptedData
use of org.apache.xml.security.encryption.EncryptedData in project santuario-java by apache.
the class XMLCipherTest method testAes265ElementCipher.
@org.junit.Test
public void testAes265ElementCipher() throws Exception {
byte[] bits256 = { (byte) 0x00, (byte) 0x01, (byte) 0x02, (byte) 0x03, (byte) 0x04, (byte) 0x05, (byte) 0x06, (byte) 0x07, (byte) 0x08, (byte) 0x09, (byte) 0x0A, (byte) 0x0B, (byte) 0x0C, (byte) 0x0D, (byte) 0x0E, (byte) 0x0F, (byte) 0x10, (byte) 0x11, (byte) 0x12, (byte) 0x13, (byte) 0x14, (byte) 0x15, (byte) 0x16, (byte) 0x17, (byte) 0x18, (byte) 0x19, (byte) 0x1A, (byte) 0x1B, (byte) 0x1C, (byte) 0x1D, (byte) 0x1E, (byte) 0x1F };
Key key = new SecretKeySpec(bits256, "AES");
// source
Document d = document();
// target
Document ed = null;
// target
Document dd = null;
Element e = (Element) d.getElementsByTagName(element()).item(index());
Element ee = null;
String source = null;
String target = null;
if (haveISOPadding) {
source = toString(d);
// encrypt
cipher = XMLCipher.getInstance(XMLCipher.AES_256);
cipher.init(XMLCipher.ENCRYPT_MODE, key);
ed = cipher.doFinal(d, e);
// decrypt
cipher = XMLCipher.getInstance(XMLCipher.AES_256);
cipher.init(XMLCipher.DECRYPT_MODE, key);
ee = (Element) ed.getElementsByTagName("xenc:EncryptedData").item(0);
EncryptedData encryptedData = cipher.loadEncryptedData(ed, ee);
String algorithm = encryptedData.getEncryptionMethod().getAlgorithm();
assertEquals(XMLCipher.AES_256, algorithm);
dd = cipher.doFinal(ed, ee);
target = toString(dd);
assertEquals(source, target);
} else {
LOG.warn("Test testAes265ElementCipher skipped as necessary algorithms not available");
}
}
Also used :
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
Element(org.w3c.dom.Element)
EncryptedData(org.apache.xml.security.encryption.EncryptedData)
Document(org.w3c.dom.Document)
PublicKey(java.security.PublicKey)
EncryptedKey(org.apache.xml.security.encryption.EncryptedKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
SecretKey(javax.crypto.SecretKey)
Example 10 with EncryptedData
use of org.apache.xml.security.encryption.EncryptedData in project santuario-java by apache.
the class XMLCipherTest method testSameDocumentCipherReference.
/*
* Test a Cipher Reference
*/
@org.junit.Test
public void testSameDocumentCipherReference() throws Exception {
if (haveISOPadding) {
DocumentBuilder db = XMLUtils.createDocumentBuilder(false);
Document d = db.newDocument();
Element docElement = d.createElement("EncryptedDoc");
d.appendChild(docElement);
// Create the XMLCipher object
cipher = XMLCipher.getInstance();
EncryptedData ed = cipher.createEncryptedData(CipherData.REFERENCE_TYPE, "#CipherTextId");
EncryptionMethod em = cipher.createEncryptionMethod(XMLCipher.AES_128);
ed.setEncryptionMethod(em);
org.apache.xml.security.encryption.Transforms xencTransforms = cipher.createTransforms(d);
ed.getCipherData().getCipherReference().setTransforms(xencTransforms);
org.apache.xml.security.transforms.Transforms dsTransforms = xencTransforms.getDSTransforms();
// An XPath transform
XPathContainer xpc = new XPathContainer(d);
xpc.setXPath("self::text()[parent::CipherText[@Id=\"CipherTextId\"]]");
dsTransforms.addTransform(org.apache.xml.security.transforms.Transforms.TRANSFORM_XPATH, xpc.getElementPlusReturns());
// Add a Base64 Transforms
dsTransforms.addTransform(org.apache.xml.security.transforms.Transforms.TRANSFORM_BASE64_DECODE);
Element ee = cipher.martial(d, ed);
docElement.appendChild(ee);
// Add the cipher text
Element encryptedElement = d.createElement("CipherText");
encryptedElement.setAttributeNS(null, "Id", "CipherTextId");
encryptedElement.setIdAttributeNS(null, "Id", true);
encryptedElement.appendChild(d.createTextNode(tstBase64EncodedString));
docElement.appendChild(encryptedElement);
// dump(d);
// Now the decrypt, with a brand new cipher
XMLCipher cipherDecrypt = XMLCipher.getInstance();
Key key = new SecretKeySpec("abcdefghijklmnop".getBytes(StandardCharsets.US_ASCII), "AES");
cipherDecrypt.init(XMLCipher.DECRYPT_MODE, key);
byte[] decryptBytes = cipherDecrypt.decryptToByteArray(ee);
assertEquals("A test encrypted secret", new String(decryptBytes, StandardCharsets.US_ASCII));
} else {
LOG.warn("Test testSameDocumentCipherReference skipped as " + "necessary algorithms not available");
}
}
Also used :
Element(org.w3c.dom.Element)
XMLCipher(org.apache.xml.security.encryption.XMLCipher)
EncryptionMethod(org.apache.xml.security.encryption.EncryptionMethod)
Document(org.w3c.dom.Document)
XPathContainer(org.apache.xml.security.transforms.params.XPathContainer)
DocumentBuilder(javax.xml.parsers.DocumentBuilder)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
EncryptedData(org.apache.xml.security.encryption.EncryptedData)
PublicKey(java.security.PublicKey)
EncryptedKey(org.apache.xml.security.encryption.EncryptedKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
SecretKey(javax.crypto.SecretKey)
Aggregations
EncryptedData (org.apache.xml.security.encryption.EncryptedData)30
Element (org.w3c.dom.Element)26
EncryptedKey (org.apache.xml.security.encryption.EncryptedKey)24
XMLCipher (org.apache.xml.security.encryption.XMLCipher)21
Document (org.w3c.dom.Document)21
SecretKey (javax.crypto.SecretKey)20
KeyInfo (org.apache.xml.security.keys.KeyInfo)18
Key (java.security.Key)17
PrivateKey (java.security.PrivateKey)15
PublicKey (java.security.PublicKey)12
NodeList (org.w3c.dom.NodeList)10
SecretKeySpec (javax.crypto.spec.SecretKeySpec)7
XPath (javax.xml.xpath.XPath)5
XPathFactory (javax.xml.xpath.XPathFactory)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4
KeyGenerator (javax.crypto.KeyGenerator)4
DSNamespaceContext (org.apache.xml.security.test.dom.DSNamespaceContext)4
SecretKeyFactory (javax.crypto.SecretKeyFactory)3
DESedeKeySpec (javax.crypto.spec.DESedeKeySpec)3
DocumentBuilder (javax.xml.parsers.DocumentBuilder)3
