Examples with EncryptedData org.apache.xml.security.encryption.EncryptedData used on opensource projects

Example 21 with EncryptedData

use of org.apache.xml.security.encryption.EncryptedData in project santuario-java by apache.

the class KeyWrapEncryptionVerificationTest method encrypt.

private void encrypt(EncryptedKey encryptedKey, String algorithm, Document document, List<String> localNames, Key encryptingKey) throws Exception {
    XMLCipher cipher = XMLCipher.getInstance(algorithm);
    cipher.init(XMLCipher.ENCRYPT_MODE, encryptingKey);
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    EncryptedData builder = cipher.getEncryptedData();
    KeyInfo builderKeyInfo = builder.getKeyInfo();
    if (builderKeyInfo == null) {
        builderKeyInfo = new KeyInfo(document);
        builder.setKeyInfo(builderKeyInfo);
    }
    builderKeyInfo.add(encryptedKey);
    for (String localName : localNames) {
        String expression = "//*[local-name()='" + localName + "']";
        Element elementToEncrypt = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
        Assert.assertNotNull(elementToEncrypt);
        document = cipher.doFinal(document, elementToEncrypt, false);
    }
    NodeList nodeList = document.getElementsByTagNameNS(XMLSecurityConstants.TAG_xenc_EncryptedData.getNamespaceURI(), XMLSecurityConstants.TAG_xenc_EncryptedData.getLocalPart());
    Assert.assertTrue(nodeList.getLength() > 0);
}

Example 22 with EncryptedData

use of org.apache.xml.security.encryption.EncryptedData in project santuario-java by apache.

the class SymmetricEncryptionVerificationTest method encryptUsingDOM.

/**
 * Encrypt the document using DOM APIs and run some tests on the encrypted Document.
 */
private void encryptUsingDOM(String algorithm, SecretKey secretKey, String keyTransportAlgorithm, Key wrappingKey, boolean includeWrappingKeyInfo, Document document, List<String> localNames, boolean content) throws Exception {
    XMLCipher cipher = XMLCipher.getInstance(algorithm);
    cipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
    if (wrappingKey != null) {
        XMLCipher newCipher = XMLCipher.getInstance(keyTransportAlgorithm);
        newCipher.init(XMLCipher.WRAP_MODE, wrappingKey);
        EncryptedKey encryptedKey = newCipher.encryptKey(document, secretKey);
        if (includeWrappingKeyInfo && wrappingKey instanceof PublicKey) {
            // Create a KeyInfo for the EncryptedKey
            KeyInfo encryptedKeyKeyInfo = encryptedKey.getKeyInfo();
            if (encryptedKeyKeyInfo == null) {
                encryptedKeyKeyInfo = new KeyInfo(document);
                encryptedKeyKeyInfo.getElement().setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:dsig", "http://www.w3.org/2000/09/xmldsig#");
                encryptedKey.setKeyInfo(encryptedKeyKeyInfo);
            }
            encryptedKeyKeyInfo.add((PublicKey) wrappingKey);
        }
        EncryptedData builder = cipher.getEncryptedData();
        KeyInfo builderKeyInfo = builder.getKeyInfo();
        if (builderKeyInfo == null) {
            builderKeyInfo = new KeyInfo(document);
            builderKeyInfo.getElement().setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:dsig", "http://www.w3.org/2000/09/xmldsig#");
            builder.setKeyInfo(builderKeyInfo);
        }
        builderKeyInfo.add(encryptedKey);
    }
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    for (String localName : localNames) {
        String expression = "//*[local-name()='" + localName + "']";
        Element elementToEncrypt = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
        Assert.assertNotNull(elementToEncrypt);
        document = cipher.doFinal(document, elementToEncrypt, content);
    }
    NodeList nodeList = document.getElementsByTagNameNS(XMLSecurityConstants.TAG_xenc_EncryptedData.getNamespaceURI(), XMLSecurityConstants.TAG_xenc_EncryptedData.getLocalPart());
    Assert.assertTrue(nodeList.getLength() > 0);
}

Example 23 with EncryptedData

use of org.apache.xml.security.encryption.EncryptedData in project santuario-java by apache.

the class XMLEncryption11Test method decryptElementDOM.

/**
 * Decrypt using DOM API
 */
private Document decryptElementDOM(Document doc, Key rsaKey) throws Exception {
    // Create the XMLCipher element
    XMLCipher cipher = XMLCipher.getInstance();
    // Need to pre-load the Encrypted Data so we can get the key info
    Element ee = (Element) doc.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "EncryptedData").item(0);
    cipher.init(XMLCipher.DECRYPT_MODE, null);
    EncryptedData encryptedData = cipher.loadEncryptedData(doc, ee);
    KeyInfo ki = encryptedData.getKeyInfo();
    EncryptedKey encryptedKey = ki.itemEncryptedKey(0);
    XMLCipher cipher2 = XMLCipher.getInstance();
    cipher2.init(XMLCipher.UNWRAP_MODE, rsaKey);
    Key key = cipher2.decryptKey(encryptedKey, encryptedData.getEncryptionMethod().getAlgorithm());
    cipher.init(XMLCipher.DECRYPT_MODE, key);
    Document dd = cipher.doFinal(doc, ee);
    return dd;
}

Example 24 with EncryptedData

use of org.apache.xml.security.encryption.EncryptedData in project santuario-java by apache.

the class XMLCipherTest method testSerializedData.

@org.junit.Test
public void testSerializedData() throws Exception {
    if (!haveISOPadding) {
        LOG.warn("Test testSerializedData skipped as necessary algorithms not available");
        return;
    }
    byte[] bits128 = { (byte) 0x10, (byte) 0x11, (byte) 0x12, (byte) 0x13, (byte) 0x14, (byte) 0x15, (byte) 0x16, (byte) 0x17, (byte) 0x18, (byte) 0x19, (byte) 0x1A, (byte) 0x1B, (byte) 0x1C, (byte) 0x1D, (byte) 0x1E, (byte) 0x1F };
    Key key = new SecretKeySpec(bits128, "AES");
    // source
    Document d = document();
    Element e = (Element) d.getElementsByTagName(element()).item(index());
    // encrypt
    cipher = XMLCipher.getInstance(XMLCipher.AES_128);
    cipher.init(XMLCipher.ENCRYPT_MODE, key);
    // serialize element ...
    Canonicalizer canon = Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    canon.setWriter(baos);
    canon.notReset();
    canon.canonicalizeSubtree(e);
    baos.close();
    String before = baos.toString(StandardCharsets.UTF_8.name());
    byte[] serialized = baos.toByteArray();
    EncryptedData encryptedData = null;
    try (InputStream is = new ByteArrayInputStream(serialized)) {
        encryptedData = cipher.encryptData(d, EncryptionConstants.TYPE_ELEMENT, is);
    }
    // decrypt
    XMLCipher dcipher = XMLCipher.getInstance(XMLCipher.AES_128);
    dcipher.init(XMLCipher.DECRYPT_MODE, key);
    String algorithm = encryptedData.getEncryptionMethod().getAlgorithm();
    assertEquals(XMLCipher.AES_128, algorithm);
    byte[] bytes = dcipher.decryptToByteArray(dcipher.martial(encryptedData));
    String after = new String(bytes, StandardCharsets.UTF_8);
    assertEquals(before, after);
    // test with null type
    try (InputStream is = new ByteArrayInputStream(serialized)) {
        encryptedData = cipher.encryptData(d, null, is);
    }
}

Example 25 with EncryptedData

use of org.apache.xml.security.encryption.EncryptedData in project santuario-java by apache.

the class XMLCipherTest method testTripleDesElementCipher.

@org.junit.Test
public void testTripleDesElementCipher() throws Exception {
    // source
    Document d = document();
    // target
    Document ed = null;
    // target
    Document dd = null;
    Element e = (Element) d.getElementsByTagName(element()).item(index());
    Element ee = null;
    String source = null;
    String target = null;
    if (haveISOPadding) {
        source = toString(d);
        // prepare for encryption
        byte[] passPhrase = "24 Bytes per DESede key!".getBytes();
        DESedeKeySpec keySpec = new DESedeKeySpec(passPhrase);
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");
        SecretKey key = keyFactory.generateSecret(keySpec);
        // encrypt
        cipher = XMLCipher.getInstance(XMLCipher.TRIPLEDES);
        cipher.init(XMLCipher.ENCRYPT_MODE, key);
        ed = cipher.doFinal(d, e);
        // decrypt
        cipher = XMLCipher.getInstance(XMLCipher.TRIPLEDES);
        cipher.init(XMLCipher.DECRYPT_MODE, key);
        ee = (Element) ed.getElementsByTagName("xenc:EncryptedData").item(0);
        EncryptedData encryptedData = cipher.loadEncryptedData(ed, ee);
        String algorithm = encryptedData.getEncryptionMethod().getAlgorithm();
        assertEquals(XMLCipher.TRIPLEDES, algorithm);
        dd = cipher.doFinal(ed, ee);
        target = toString(dd);
        assertEquals(source, target);
    } else {
        LOG.warn("Test testTripleDesElementCipher skipped as necessary algorithms not available");
    }
}