Examples with XMLCipher org.apache.xml.security.encryption.XMLCipher used on opensource projects

Example 66 with XMLCipher

use of org.apache.xml.security.encryption.XMLCipher in project santuario-java by apache.

the class BaltimoreEncTest method decryptData.

/**
 * Method decryptData
 *
 * Take a file, find an encrypted element decrypt it and return the
 * resulting byte array
 *
 * @param filename File to decrypt from
 */
private byte[] decryptData(String filename) throws Exception {
    XMLCipher cipher;
    // Parse the document in question
    String basedir = System.getProperty("basedir");
    if (basedir != null && !"".equals(basedir)) {
        filename = basedir + "/" + filename;
    }
    File f = new File(filename);
    DocumentBuilder db = XMLUtils.createDocumentBuilder(false);
    Document doc = db.parse(new java.io.FileInputStream(f));
    // Now we have the document, lets build the XMLCipher element
    Element ee = null;
    // Create the XMLCipher element
    cipher = XMLCipher.getInstance();
    // Need to pre-load the Encrypted Data so we can get the key info
    ee = (Element) doc.getElementsByTagName("EncryptedData").item(0);
    cipher.init(XMLCipher.DECRYPT_MODE, null);
    EncryptedData encryptedData = cipher.loadEncryptedData(doc, ee);
    Key key = findKey(encryptedData);
    cipher.init(XMLCipher.DECRYPT_MODE, key);
    return cipher.decryptToByteArray(ee);
}

Example 67 with XMLCipher

use of org.apache.xml.security.encryption.XMLCipher in project santuario-java by apache.

the class EncryptContentTest method testContentRemoved.

@org.junit.Test
public void testContentRemoved() throws Exception {
    if (!haveISOPadding) {
        LOG.warn("Test testContentRemoved skipped as necessary algorithms not available");
        return;
    }
    Document doc = null;
    try (InputStream is = new ByteArrayInputStream(DATA.getBytes(StandardCharsets.UTF_8))) {
        doc = db.parse(is);
    }
    NodeList dataToEncrypt = doc.getElementsByTagName("user");
    XMLCipher dataCipher = XMLCipher.getInstance(XMLCipher.TRIPLEDES);
    dataCipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
    for (int i = 0; i < dataToEncrypt.getLength(); i++) {
        dataCipher.doFinal(doc, (Element) dataToEncrypt.item(i), true);
    }
    // Check that user content has been removed
    Element user = (Element) dataToEncrypt.item(0);
    Node child = user.getFirstChild();
    while (child != null && child.getNodeType() != Node.ELEMENT_NODE) {
        child = child.getNextSibling();
    }
    // child should be EncryptedData, if not throw exception
    Element childElem = (Element) child;
    if (!childElem.getLocalName().equals("EncryptedData")) {
        // t.transform(new DOMSource(doc), new StreamResult(System.out));
        throw new Exception("Element content not replaced");
    }
    // there shouldn't be any more children elements
    Node sibling = childElem.getNextSibling();
    while (sibling != null && sibling.getNodeType() != Node.ELEMENT_NODE) {
        sibling = sibling.getNextSibling();
    }
    if (sibling != null) {
        // t.transform(new DOMSource(doc), new StreamResult(System.out));
        throw new Exception("Sibling element content not replaced");
    }
// t.transform(new DOMSource(doc), new StreamResult(System.out));
}

Example 68 with XMLCipher

use of org.apache.xml.security.encryption.XMLCipher in project santuario-java by apache.

the class EncryptContentTest method testMultipleKeyInfoElements.

/**
 * See SANTUARIO-301:
 * https://issues.apache.org/jira/browse/SANTUARIO-301
 */
@org.junit.Test
public void testMultipleKeyInfoElements() throws Exception {
    if (!haveISOPadding) {
        LOG.warn("Test testMultipleKeyInfoElements skipped as necessary algorithms not available");
        return;
    }
    Document doc = null;
    try (InputStream is = new ByteArrayInputStream(MULTIPLE_USER_DATA.getBytes(StandardCharsets.UTF_8))) {
        doc = db.parse(is);
    }
    NodeList dataToEncrypt = doc.getElementsByTagName("user");
    XMLCipher dataCipher = XMLCipher.getInstance(XMLCipher.TRIPLEDES);
    dataCipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
    KeyInfo keyInfo = new KeyInfo(doc);
    keyInfo.addKeyName("mykey");
    EncryptedData encryptedData = dataCipher.getEncryptedData();
    encryptedData.setKeyInfo(keyInfo);
    for (int i = 0; i < dataToEncrypt.getLength(); i++) {
        dataCipher.doFinal(doc, (Element) dataToEncrypt.item(i), true);
    }
    NodeList keyInfoList = doc.getElementsByTagNameNS(Constants.SignatureSpecNS, "KeyInfo");
    assertEquals(keyInfoList.getLength(), 2);
}

Example 69 with XMLCipher

use of org.apache.xml.security.encryption.XMLCipher in project santuario-java by apache.

the class KeyWrapEncryptionAlgorithmTest method testAES192KW.

@org.junit.Test
public void testAES192KW() throws Exception {
    // Read in plaintext document
    InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
    DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
    Document document = builder.parse(sourceDocument);
    // Set up the Key
    KeyGenerator keygen = KeyGenerator.getInstance("AES");
    keygen.init(192);
    SecretKey key = keygen.generateKey();
    // Set up the Key Wrapping Key
    XMLCipher cipher = XMLCipher.getInstance(XMLCipher.AES_192_KeyWrap);
    keygen = KeyGenerator.getInstance("AES");
    keygen.init(192);
    SecretKey keyWrappingKey = keygen.generateKey();
    cipher.init(XMLCipher.WRAP_MODE, keyWrappingKey);
    EncryptedKey encryptedKey = cipher.encryptKey(document, key);
    List<String> localNames = new ArrayList<>();
    localNames.add("PaymentInfo");
    String encryptionAlgorithm = XMLCipher.AES_192;
    encrypt(encryptedKey, encryptionAlgorithm, document, localNames, key);
    // Check the CreditCard encrypted ok
    NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
    Assert.assertEquals(nodeList.getLength(), 0);
    // XMLUtils.outputDOM(document, System.out);
    document = decrypt(document, keyWrappingKey);
    // Check the CreditCard decrypted ok
    nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
    Assert.assertEquals(nodeList.getLength(), 1);
}

Example 70 with XMLCipher

use of org.apache.xml.security.encryption.XMLCipher in project santuario-java by apache.

the class KeyWrapEncryptionAlgorithmTest method testRSAOAEP11KW.

@org.junit.Test
public void testRSAOAEP11KW() throws Exception {
    // Read in plaintext document
    InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
    DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
    Document document = builder.parse(sourceDocument);
    // Set up the Key
    KeyGenerator keygen = KeyGenerator.getInstance("DESede");
    SecretKey key = keygen.generateKey();
    // Set up the Key Wrapping Key
    XMLCipher cipher = XMLCipher.getInstance(XMLCipher.RSA_OAEP_11);
    cipher.init(XMLCipher.WRAP_MODE, rsaKeyPair.getPublic());
    EncryptedKey encryptedKey = cipher.encryptKey(document, key);
    List<String> localNames = new ArrayList<>();
    localNames.add("PaymentInfo");
    String encryptionAlgorithm = XMLCipher.TRIPLEDES;
    encrypt(encryptedKey, encryptionAlgorithm, document, localNames, key);
    // Check the CreditCard encrypted ok
    NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
    Assert.assertEquals(nodeList.getLength(), 0);
    // XMLUtils.outputDOM(document, System.out);
    document = decrypt(document, rsaKeyPair.getPrivate());
    // Check the CreditCard decrypted ok
    nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
    Assert.assertEquals(nodeList.getLength(), 1);
}