You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Oleg Zenzin <o2...@hotbox.ru> on 2004/05/19 17:32:42 UTC
XMLCipher.enryptData()
The question is:
why XMLCipher.enryptData(Document context, Element element, boolean
contentMode) is private?
We expect following encrypted data in SOAP:
<soap:Envelope>
<soap:Header>
<wsse:Security soap:mustUnderstand="1">
<xenc:EncryptedKey>
...
</xenc:EncryptedKey>
</wsse:Security>
<xenc:EncryptedData Id="EncryptedHeader"
Type="http://www.w3.org/2001/04/xmlenc#Content">
.....
</xenc:EncryptedData>
</soap:Header>
<soap:Body>
<xenc:EncryptedData Id="EncryptedBody"
Type="http://www.w3.org/2001/04/xmlenc#Content">
.....
</xenc:EncryptedData>
</soap:Body>
</soap:Envelope>
So to make this i use the Axis Handler where:
1. XMLCipher xmlCipher = XMLCipher.getInstance(XMLCipher.TRIPLEDES, XMLCipher.EXCL_XML_N14C_WITH_COMMENTS);
2. xmlCipher.init(XMLCipher.ENCRYPT_MODE, privateKey);
3. Get w3c.Element for both soap:Header and soap:Body and than encrypt
them without changing the context w3c.Document. This achieved with
EncryptedData encHeaderData = xmlCipher.encryptData(msgXmlDoc, soapHeader, true);
EncryptedData encBodyData = xmlCipher.encryptData(msgXmlDoc, soapHeader, true);
Afterwards these enryptedData used to substitute the actual
soap:Header and soap:Body content with (ie for soap:Header):
Element encryptedHeader = xmlCipher.martial(msgXmlDoc, encHeaderData);
org.apache.axis.message.SOAPHeaderElement headerElement =
new org.apache.axis.message.SOAPHeaderElement(encryptedHeader);
soapEnvelop.removeHeaders();
soapEnvelop.addHeader(headerElement);
Sorry for verbosity, but just got acquainted with XMLSec and might not
in a right way when doing my encryption. My way needs
XMLCipher.enryptData(Document context, Element element, boolean
contentMode) to be public. Parsing the code I did not find any reason
why not. So is it possible to make so in later releases?
Thanks
--
Best regards,
Oleg mailto:o2@hotbox.ru
Re[2]: XMLCipher.enryptData()
Posted by Oleg Zenzin <o2...@hotbox.ru>.
Yes, Berin, I need EncryptedData later in my code - to replace
contents of soap:Header and soap:Body. Because of this replacement
done in Axis Handler i cannot just change the SOAP message
xml-document, but have to work with Axis object representation of this
message. So, to replace contents of soap:Body i do following:
Element encryptedBody = xmlCipher.martial(msgXmlDoc, encBodyData);
soapEnvelope.clearBody();
org.apache.axis.message.SOAPBodyElement soapBody =
new org.apache.axis.message.SOAPBodyElement(encryptedBody);
soapEnvelope.addBodyElement(soapBody);
Thanx for your timely response and best regards
BL> Oleg,
BL> Can you use doFinal? Same thing, but it's the wrapper interface.
BL> Or do you need to access the EncryptedData afterward?
BL> But to answer your question - absolutely no reason for it to be private,
BL> unless Axl has some thoughts? (If I don't get a -1 I'll make the change
BL> in CVS.)
BL> Cheers,
BL> Berin
--
Best regards,
Oleg mailto:o2@hotbox.ru
Re: XMLCipher.enryptData()
Posted by Berin Lautenbach <be...@wingsofhermes.org>.
Oleg,
Can you use doFinal? Same thing, but it's the wrapper interface.
Or do you need to access the EncryptedData afterward?
But to answer your question - absolutely no reason for it to be private,
unless Axl has some thoughts? (If I don't get a -1 I'll make the change
in CVS.)
Cheers,
Berin
Oleg Zenzin wrote:
> The question is:
> why XMLCipher.enryptData(Document context, Element element, boolean
> contentMode) is private?
>
> We expect following encrypted data in SOAP:
> <soap:Envelope>
> <soap:Header>
> <wsse:Security soap:mustUnderstand="1">
> <xenc:EncryptedKey>
> ...
> </xenc:EncryptedKey>
> </wsse:Security>
> <xenc:EncryptedData Id="EncryptedHeader"
> Type="http://www.w3.org/2001/04/xmlenc#Content">
> .....
> </xenc:EncryptedData>
> </soap:Header>
> <soap:Body>
> <xenc:EncryptedData Id="EncryptedBody"
> Type="http://www.w3.org/2001/04/xmlenc#Content">
> .....
> </xenc:EncryptedData>
> </soap:Body>
> </soap:Envelope>
>
> So to make this i use the Axis Handler where:
> 1. XMLCipher xmlCipher = XMLCipher.getInstance(XMLCipher.TRIPLEDES, XMLCipher.EXCL_XML_N14C_WITH_COMMENTS);
> 2. xmlCipher.init(XMLCipher.ENCRYPT_MODE, privateKey);
> 3. Get w3c.Element for both soap:Header and soap:Body and than encrypt
> them without changing the context w3c.Document. This achieved with
>
> EncryptedData encHeaderData = xmlCipher.encryptData(msgXmlDoc, soapHeader, true);
> EncryptedData encBodyData = xmlCipher.encryptData(msgXmlDoc, soapHeader, true);
>
> Afterwards these enryptedData used to substitute the actual
> soap:Header and soap:Body content with (ie for soap:Header):
>
> Element encryptedHeader = xmlCipher.martial(msgXmlDoc, encHeaderData);
> org.apache.axis.message.SOAPHeaderElement headerElement =
> new org.apache.axis.message.SOAPHeaderElement(encryptedHeader);
> soapEnvelop.removeHeaders();
> soapEnvelop.addHeader(headerElement);
>
> Sorry for verbosity, but just got acquainted with XMLSec and might not
> in a right way when doing my encryption. My way needs
> XMLCipher.enryptData(Document context, Element element, boolean
> contentMode) to be public. Parsing the code I did not find any reason
> why not. So is it possible to make so in later releases?
> Thanks
>
XMLCipher.enryptData()
Posted by Oleg Zenzin <o2...@hotbox.ru>.
The question is:
why XMLCipher.enryptData(Document context, Element element, boolean
contentMode) is private?
In our project we expect following encrypted data in SOAP envelope:
<soap:Envelope>
<soap:Header>
<wsse:Security soap:mustUnderstand="1">
<xenc:EncryptedKey>
...
</xenc:EncryptedKey>
</wsse:Security>
<xenc:EncryptedData Id="EncryptedHeader"
Type="http://www.w3.org/2001/04/xmlenc#Content">
.....
</xenc:EncryptedData>
</soap:Header>
<soap:Body>
<xenc:EncryptedData Id="EncryptedBody"
Type="http://www.w3.org/2001/04/xmlenc#Content">
.....
</xenc:EncryptedData>
</soap:Body>
</soap:Envelope>
So to make this i use the Axis Handler where:
1. XMLCipher xmlCipher = XMLCipher.getInstance(XMLCipher.TRIPLEDES, XMLCipher.EXCL_XML_N14C_WITH_COMMENTS);
2. xmlCipher.init(XMLCipher.ENCRYPT_MODE, privateKey);
3. Get w3c.Element for both soap:Header and soap:Body and than encrypt
them without changing the context w3c.Document. This achieved with
EncryptedData encHeaderData = xmlCipher.encryptData(msgXmlDoc, soapHeader, true);
EncryptedData encBodyData = xmlCipher.encryptData(msgXmlDoc, soapHeader, true);
Afterwards these enryptedData used to substitute the actual
soap:Header and soap:Body content with (ie for soap:Header):
Element encryptedHeader = xmlCipher.martial(msgXmlDoc, encHeaderData);
org.apache.axis.message.SOAPHeaderElement headerElement =
new org.apache.axis.message.SOAPHeaderElement(encryptedHeader);
soapEnvelop.removeHeaders();
soapEnvelop.addHeader(headerElement);
Sorry for verbosity, but just got acquainted with XMLSec and might not
in a right way when doing my encryption. My way needs
XMLCipher.enryptData(Document context, Element element, boolean
contentMode) to be public. Parsing the code I did not find any reason
why not. So is it possible to make so in later releases?
Thanks
--
Best regards,
Oleg mailto:o2@hotbox.ru