You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by bl...@apache.org on 2004/04/03 14:15:45 UTC
cvs commit: xml-security/src_samples/org/apache/xml/security/samples/encryption Decrypter.java Encrypter.java
blautenb 2004/04/03 04:15:45
Added: src_samples/org/apache/xml/security/samples/encryption
Decrypter.java Encrypter.java
Log:
Add encryption samples provided by Vishal Mahajan
Revision Changes Path
1.1 xml-security/src_samples/org/apache/xml/security/samples/encryption/Decrypter.java
Index: Decrypter.java
===================================================================
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package org.apache.xml.security.samples.encryption;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.utils.JavaUtils;
import org.apache.xml.security.utils.EncryptionConstants;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.Transformer;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.OutputKeys;
/**
* This sample demonstrates how to decrypt data inside an xml document.
*
* @author Vishal Mahajan (Sun Microsystems)
*/
public class Decrypter {
/** {@link org.apache.commons.logging} logging facility */
static org.apache.commons.logging.Log log =
org.apache.commons.logging.LogFactory.getLog(
Decrypter.class.getName());
static {
org.apache.xml.security.Init.init();
}
private static Document loadEncryptionDocument() throws Exception {
String fileName = "encryptedInfo.xml";
File encryptionFile = new File(fileName);
javax.xml.parsers.DocumentBuilderFactory dbf =
javax.xml.parsers.DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
Document document = db.parse(encryptionFile);
System.out.println(
"Encryption document loaded from " +
encryptionFile.toURL().toString());
return document;
}
private static SecretKey loadKeyEncryptionKey() throws Exception {
String fileName = "kek";
String jceAlgorithmName = "DESede";
File kekFile = new File(fileName);
DESedeKeySpec keySpec =
new DESedeKeySpec(JavaUtils.getBytesFromFile(fileName));
SecretKeyFactory skf =
SecretKeyFactory.getInstance(jceAlgorithmName);
SecretKey key = skf.generateSecret(keySpec);
System.out.println(
"Key encryption key loaded from " + kekFile.toURL().toString());
return key;
}
private static void outputDocToFile(Document doc, String fileName)
throws Exception {
File encryptionFile = new File(fileName);
FileOutputStream f = new FileOutputStream(encryptionFile);
TransformerFactory factory = TransformerFactory.newInstance();
Transformer transformer = factory.newTransformer();
transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
DOMSource source = new DOMSource(doc);
StreamResult result = new StreamResult(f);
transformer.transform(source, result);
f.close();
System.out.println(
"Wrote document containing decrypted data to " +
encryptionFile.toURL().toString());
}
public static void main(String unused[]) throws Exception {
Document document = loadEncryptionDocument();
Element encryptedDataElement =
(Element) document.getElementsByTagNameNS(
EncryptionConstants.EncryptionSpecNS,
EncryptionConstants._TAG_ENCRYPTEDDATA).item(0);
/*
* Load the key to be used for decrypting the xml data
* encryption key.
*/
Key kek = loadKeyEncryptionKey();
String providerName = "BC";
XMLCipher xmlCipher =
XMLCipher.getInstance();
/*
* The key to be used for decrypting xml data would be obtained
* from the keyinfo of the EncrypteData using the kek.
*/
xmlCipher.init(XMLCipher.DECRYPT_MODE, null);
xmlCipher.setKEK(kek);
/*
* The following doFinal call replaces the encrypted data with
* decrypted contents in the document.
*/
xmlCipher.doFinal(document, encryptedDataElement);
outputDocToFile(document, "decryptedInfo.xml");
}
}
1.1 xml-security/src_samples/org/apache/xml/security/samples/encryption/Encrypter.java
Index: Encrypter.java
===================================================================
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package org.apache.xml.security.samples.encryption;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import javax.crypto.SecretKey;
import javax.crypto.KeyGenerator;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.encryption.EncryptedData;
import org.apache.xml.security.encryption.EncryptedKey;
import org.apache.xml.security.utils.XMLUtils;
import org.apache.xml.security.utils.Constants;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.Transformer;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.OutputKeys;
/**
* This sample demonstrates how to encrypt data inside an xml document.
*
* @author Vishal Mahajan (Sun Microsystems)
*/
public class Encrypter {
/** {@link org.apache.commons.logging} logging facility */
static org.apache.commons.logging.Log log =
org.apache.commons.logging.LogFactory.getLog(
Encrypter.class.getName());
static {
org.apache.xml.security.Init.init();
}
private static Document createSampleDocument() throws Exception {
javax.xml.parsers.DocumentBuilderFactory dbf =
javax.xml.parsers.DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
Document document = db.newDocument();
/**
* Build a sample document. It will look something like:
*
* <apache:RootElement xmlns:apache="http://www.apache.org/ns/#app1">
* <apache:foo>Some simple text</apache:foo>
* </apache:RootElement>
*/
Element root =
document.createElementNS(
"http://www.apache.org/ns/#app1", "apache:RootElement");
root.setAttributeNS(
Constants.NamespaceSpecNS,
"xmlns:apache",
"http://www.apache.org/ns/#app1");
document.appendChild(root);
root.appendChild(document.createTextNode("\n"));
Element childElement =
document.createElementNS(
"http://www.apache.org/ns/#app1", "apache:foo");
childElement.appendChild(
document.createTextNode("Some simple text"));
root.appendChild(childElement);
root.appendChild(document.createTextNode("\n"));
return document;
}
private static SecretKey GenerateAndStoreKeyEncryptionKey()
throws Exception {
String jceAlgorithmName = "DESede";
KeyGenerator keyGenerator =
KeyGenerator.getInstance(jceAlgorithmName);
SecretKey kek = keyGenerator.generateKey();
byte[] keyBytes = kek.getEncoded();
File kekFile = new File("kek");
FileOutputStream f = new FileOutputStream(kekFile);
f.write(keyBytes);
f.close();
System.out.println(
"Key encryption key stored in " + kekFile.toURL().toString());
return kek;
}
private static SecretKey GenerateDataEncryptionKey() throws Exception {
String jceAlgorithmName = "AES";
KeyGenerator keyGenerator =
KeyGenerator.getInstance(jceAlgorithmName);
keyGenerator.init(128);
return keyGenerator.generateKey();
}
private static void outputDocToFile(Document doc, String fileName)
throws Exception {
File encryptionFile = new File(fileName);
FileOutputStream f = new FileOutputStream(encryptionFile);
TransformerFactory factory = TransformerFactory.newInstance();
Transformer transformer = factory.newTransformer();
transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
DOMSource source = new DOMSource(doc);
StreamResult result = new StreamResult(f);
transformer.transform(source, result);
f.close();
System.out.println(
"Wrote document containing encrypted data to " +
encryptionFile.toURL().toString());
}
public static void main(String unused[]) throws Exception {
Document document = createSampleDocument();
/*
* Get a key to be used for encrypting the element.
* Here we are generating an AES key.
*/
Key symmetricKey = GenerateDataEncryptionKey();
/*
* Get a key to be used for encrypting the symmetric key.
* Here we are generating a DESede key.
*/
Key kek = GenerateAndStoreKeyEncryptionKey();
String algorithmURI = XMLCipher.TRIPLEDES_KeyWrap;
XMLCipher keyCipher =
XMLCipher.getInstance(algorithmURI);
keyCipher.init(XMLCipher.WRAP_MODE, kek);
EncryptedKey encryptedKey =
keyCipher.encryptKey(document, symmetricKey);
/*
* Let us encrypt the contents of the document element.
*/
Element rootElement = document.getDocumentElement();
algorithmURI = XMLCipher.AES_128;
XMLCipher xmlCipher =
XMLCipher.getInstance(algorithmURI);
xmlCipher.init(XMLCipher.ENCRYPT_MODE, symmetricKey);
/*
* Setting keyinfo inside the encrypted data being prepared.
*/
EncryptedData encryptedData = xmlCipher.getEncryptedData();
KeyInfo keyInfo = new KeyInfo(document);
keyInfo.add(encryptedKey);
encryptedData.setKeyInfo(keyInfo);
/*
* doFinal -
* "true" below indicates that we want to encrypt element's content
* and not the element itself. Also, the doFinal method would
* modify the document by replacing the EncrypteData element
* for the data to be encrypted.
*/
xmlCipher.doFinal(document, rootElement, true);
/*
* Output the document containing the encrypted information into
* a file.
*/
outputDocToFile(document, "encryptedInfo.xml");
}
}