Package org.keycloak.saml.processing.core.util

Class XMLEncryptionUtil

  • public class XMLEncryptionUtil
extends Object
    Utility for XML Encryption Note: This utility is currently using Apache XML Security library API. JSR-106 is not yet final. Until that happens,we rely on the non-standard API.
    Since:
    May 4, 2009
    Author:
    [email protected]

    • Constructor Detail

      • XMLEncryptionUtil

        public XMLEncryptionUtil()

    • Method Detail

      • encryptElement

        public static void encryptElement​(QName elementQName,
                                  Document document,
                                  PublicKey publicKey,
                                  SecretKey secretKey,
                                  int keySize,
                                  QName wrappingElementQName,
                                  boolean addEncryptedKeyInKeyInfo,
                                  String keyEncryptionAlgorithm,
                                  String keyEncryptionDigestMethod,
                                  String keyEncryptionMgfAlgorithm)
                           throws ProcessingException
        Given an element in a Document, encrypt the element and replace the element in the document with the encrypted data
        Parameters:
        elementQName - QName of the element that we like to encrypt
        document - The document with the element to encrypt
        publicKey - The public Key to wrap the secret key
        secretKey - The secret key to use for encryption
        keySize - The size of the public key
        wrappingElementQName - A QName of an element that will wrap the encrypted element
        addEncryptedKeyInKeyInfo - Need for the EncryptedKey to be placed in ds:KeyInfo
        keyEncryptionAlgorithm - The wrap algorithm for the secret key (can be null, default is used depending the publicKey type)
        keyEncryptionDigestMethod - An optional digestMethod to use (can be null)
        keyEncryptionMgfAlgorithm - The xenc11 MGF Algorithm to use (can be null)
        Throws:
        ProcessingException

      • decryptElementInDocument

        public static Element decryptElementInDocument​(Document documentWithEncryptedElement,
                                               XMLEncryptionUtil.DecryptionKeyLocator decryptionKeyLocator)
                                        throws ProcessingException
        Decrypts an encrypted element inside a document. It tries to use all keys provided by decryptionKeyLocator and if it does not succeed it throws ProcessingException.
        Parameters:
        documentWithEncryptedElement - document containing encrypted element
        decryptionKeyLocator - decryption key locator
        Returns:
        the document with the encrypted element replaced by the data element
        Throws:
        ProcessingException - when decrypting was not successful