Example 11 with XMLX509Certificate
use of org.apache.xml.security.keys.content.x509.XMLX509Certificate in project santuario-java by apache.
the class PrivateKeyResolver method resolveX509Certificate.
/*
* Search for a private key entry in the KeyStore with the same Certificate.
*/
private PrivateKey resolveX509Certificate(XMLX509Certificate x509Cert) throws XMLSecurityException, KeyStoreException {
LOG.debug("Can I resolve X509Certificate?");
byte[] x509CertBytes = x509Cert.getCertificateBytes();
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isKeyEntry(alias)) {
Certificate cert = keyStore.getCertificate(alias);
if (cert instanceof X509Certificate) {
byte[] certBytes = null;
try {
certBytes = cert.getEncoded();
} catch (CertificateEncodingException e1) {
LOG.debug("Cannot recover the key", e1);
}
if (certBytes != null && Arrays.equals(certBytes, x509CertBytes)) {
LOG.debug("match !!! ");
try {
Key key = keyStore.getKey(alias, password);
if (key instanceof PrivateKey) {
return (PrivateKey) key;
}
} catch (Exception e) {
LOG.debug("Cannot recover the key", e);
// Keep searching
}
}
}
}
}
return null;
}
Also used :
PrivateKey(java.security.PrivateKey)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
X509Certificate(java.security.cert.X509Certificate)
XMLX509Certificate(org.apache.xml.security.keys.content.x509.XMLX509Certificate)
PublicKey(java.security.PublicKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
SecretKey(javax.crypto.SecretKey)
KeyStoreException(java.security.KeyStoreException)
KeyResolverException(org.apache.xml.security.keys.keyresolver.KeyResolverException)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
X509Certificate(java.security.cert.X509Certificate)
XMLX509Certificate(org.apache.xml.security.keys.content.x509.XMLX509Certificate)
Certificate(java.security.cert.Certificate)
Example 12 with XMLX509Certificate
use of org.apache.xml.security.keys.content.x509.XMLX509Certificate in project santuario-java by apache.
the class XMLEncryption11Test method decryptElement.
/**
* Method decryptElement
*
* Take a key, encryption type and a document, find an encrypted element
* decrypt it and return the resulting document
*
* @param filename File to decrypt from
* @param key The Key to use for decryption
*/
private Document decryptElement(Document doc, Key rsaKey, X509Certificate rsaCert) throws Exception {
// Create the XMLCipher element
XMLCipher cipher = XMLCipher.getInstance();
// Need to pre-load the Encrypted Data so we can get the key info
Element ee = (Element) doc.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "EncryptedData").item(0);
cipher.init(XMLCipher.DECRYPT_MODE, null);
EncryptedData encryptedData = cipher.loadEncryptedData(doc, ee);
KeyInfo ki = encryptedData.getKeyInfo();
EncryptedKey encryptedKey = ki.itemEncryptedKey(0);
KeyInfo kiek = encryptedKey.getKeyInfo();
X509Data certData = kiek.itemX509Data(0);
XMLX509Certificate xcert = certData.itemCertificate(0);
X509Certificate cert = xcert.getX509Certificate();
assertTrue(rsaCert.equals(cert));
XMLCipher cipher2 = XMLCipher.getInstance();
cipher2.init(XMLCipher.UNWRAP_MODE, rsaKey);
Key key = cipher2.decryptKey(encryptedKey, encryptedData.getEncryptionMethod().getAlgorithm());
cipher.init(XMLCipher.DECRYPT_MODE, key);
Document dd = cipher.doFinal(doc, ee);
return dd;
}
Also used :
XMLX509Certificate(org.apache.xml.security.keys.content.x509.XMLX509Certificate)
KeyInfo(org.apache.xml.security.keys.KeyInfo)
EncryptedKey(org.apache.xml.security.encryption.EncryptedKey)
Element(org.w3c.dom.Element)
XMLCipher(org.apache.xml.security.encryption.XMLCipher)
EncryptedData(org.apache.xml.security.encryption.EncryptedData)
Document(org.w3c.dom.Document)
X509Data(org.apache.xml.security.keys.content.X509Data)
X509Certificate(java.security.cert.X509Certificate)
XMLX509Certificate(org.apache.xml.security.keys.content.x509.XMLX509Certificate)
EncryptedKey(org.apache.xml.security.encryption.EncryptedKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
Aggregations
XMLX509Certificate (org.apache.xml.security.keys.content.x509.XMLX509Certificate)9
X509Certificate (java.security.cert.X509Certificate)8
PrivateKey (java.security.PrivateKey)7
X509Data (org.apache.xml.security.keys.content.X509Data)5
Key (java.security.Key)4
KeyStoreException (java.security.KeyStoreException)4
SecretKey (javax.crypto.SecretKey)4
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)4
Document (org.w3c.dom.Document)4
Element (org.w3c.dom.Element)4
XMLSecurityException (com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException)3
XMLX509Certificate (com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate)3
PublicKey (java.security.PublicKey)3
KeyInfo (org.apache.xml.security.keys.KeyInfo)3
KeyResolverException (com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolverException)2
FileInputStream (java.io.FileInputStream)2
Certificate (java.security.cert.Certificate)2
CertificateEncodingException (java.security.cert.CertificateEncodingException)2
EncryptedKey (org.apache.xml.security.encryption.EncryptedKey)2
XMLCipher (org.apache.xml.security.encryption.XMLCipher)2
