Processing Instruction and SecurePart class

[mujahedsyed <ms...@gmail.com>]

Hi,

I have a requirement that I am currently working on - basically user wishes
to encrypt the element present just after the processing instruction tag.

suppose the incoming xml is like below:



in the above xml tag that needs to be encrypted is tag "<c>" so in order for
me to achieve this I was wondering if I could be right in assuming that one
of the overloaded SecurePart constructor might support this public
SecurePart(String externalReference) I dont know what is meant by
externalReference but I tried giving tag name directly and code threw some
exceptions.

Further, I think using QName in this case is not correct because (correct me
if I am wrong) QName is actually used to identify the particular tag/element
in a given namespace with a particular prefix but if we observe the
requirement we have already identified the next tag as the one to be
encrypted? and if I created a QName object the lookup might happen again!

- so is there a way to encrypt the next tag rather than passing QName
object?

Appreciate your help.

Thank you very much in advance.
Regards,
Mujahed



--
View this message in context: http://apache-xml-project.6118.n7.nabble.com/Processing-Instruction-and-SecurePart-class-tp41314.html
Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com.

Re: Processing Instruction and SecurePart class

[Marc Giger <gi...@apache.org>]

Hi Mujahed,

On Mon, 4 Aug 2014 08:51:51 -0700 (PDT)
mujahedsyed <ms...@gmail.com> wrote:

> Hi,
> 
> I have a requirement that I am currently working on - basically user
> wishes to encrypt the element present just after the processing
> instruction tag.
> 
> suppose the incoming xml is like below:
> 
> 
> 
> in the above xml tag that needs to be encrypted is tag "<c>" so in
> order for me to achieve this I was wondering if I could be right in
> assuming that one of the overloaded SecurePart constructor might
> support this public SecurePart(String externalReference) I dont know
> what is meant by externalReference but I tried giving tag name
> directly and code threw some exceptions.

External references are URI's to external documents that should be
signed. Only the signature itself will be stored in the local document.
So this won't help you in the actual case.

> 
> Further, I think using QName in this case is not correct because
> (correct me if I am wrong) QName is actually used to identify the
> particular tag/element in a given namespace with a particular prefix
> but if we observe the requirement we have already identified the next
> tag as the one to be encrypted? and if I created a QName object the
> lookup might happen again!

I'm not sure if I understood the requirement entirely but -

The following code will encrypt _all_ elements that have the local-name
"PaymentInfo" and are in the namespace "urn:example:po":

 SecurePart securePart = 
               new SecurePart(new QName("urn:example:po",
"PaymentInfo"), SecurePart.Modifier.Element);

With the StAX-API there is no "preselection" of nodes possible. If an
element is "flying through" and matches the SecurePart definition it
will be encrypted.

On the other hand with the DOM-API such things are possible. You can
preselect Elements for example with an XPath and pass them to the
XMLCipher to have them encrypted. Take a look at Colm's sample-project
how it can be done.


Marc



> 
> - so is there a way to encrypt the next tag rather than passing QName
> object?
> 
> Appreciate your help.
> 
> Thank you very much in advance.
> Regards,
> Mujahed
> 
> 
> 
> --
> View this message in context:
> http://apache-xml-project.6118.n7.nabble.com/Processing-Instruction-and-SecurePart-class-tp41314.html
> Sent from the Apache XML - Security - Dev mailing list archive at
> Nabble.com.