org.systinet.wasp.security.ws
Class EncryptedData

java.lang.Object
  org.systinet.wasp.security.ws.ReferrableElement
      org.systinet.wasp.security.ws.SecurityElement
          org.systinet.wasp.security.ws.EncryptedData

public class EncryptedData

extends SecurityElement

Represents encrypted data. To encrypt a message part, you need to create a token for encryption and initialize EncryptedData instance using that token. Then you may add references to message part(s), or specify that message body is to be encrypted by calling setEncryptBody() method.

Default values

data encryption method:

• http://www.w3.org/2001/04/xmlenc#tripledes-cbc

key encryption method:

• http://www.w3.org/2001/04/xmlenc#rsa-1_5

key info security token referencing:

• wsse:SecurityTokenReference/wsse:KeyIdentifier
Used when encrypting with X509Token.
• ds:KeyName
Used when encrypting with SharedSecretToken.

Examples

Encrypting message body:

 // create service client instance
 ServiceClient serviceClient = ServiceClient.create("http://...");

 // authenticate client and set the credentials
 Credentials creds = WaspSecurity.acquireClientCredentials("Chris", "sirhC", "WS-Security");
 WaspSecurity.setCredentials(serviceClient, new Credentials[]{creds});
 WaspSecurity.setInitiatingProvider(serviceClient, "WS-Security");

 // create service proxy
 ServiceSoap svc = (ServiceSoap) serviceClient.createProxy(ServiceSoap.class);

 // create new call security configuration
 MessageSecurity ms = new MessageSecurity();

 // create encrypting token
 X509Token encryptingX509token = new X509Token();

 // create new encrypted data
 EncrytedData encData = new EncrytedData(encryptingX509token);

 // set body encryption
 encData.setEncryptBody();

 // add the encrypted data to message security
 ms.addSecurityElement(encData);

 // set call message security
 ms.setCallSecurity(serviceClient);

 // invoke service method
 svc.ping("EchoString");
 

Since:

4.6

See Also:

X509Token, SharedSecretToken, MessageSecurity

Component:

Security-Providers

Constructor Summary

EncryptedData(SecurityToken token)
Initializes a new EncryptedData instance with specified encrypting token.

EncryptedData(SecurityToken token, IdReference reference)
Initializes a new EncryptedData instance with specified encrypting token and element reference.

Method Summary

void	addReference(IdReference reference) Adds a reference to element for encryption.
void	setEncryptBody() Turns body encryption on.
void	setEncryptElementContent(boolean encryptElementContent) If set to true, then only the element content will be subject to encryption; otherwise, the whole element will be encrypted.
void	setEncryptionMethod(java.lang.String encryptionMethod) Sets data encryption method.
void	setKeyEncryptionMethod(java.lang.String keyEncryptionMethod) Sets key encryption method.
void	setSecurityTokenReferenceId(java.lang.String strId) Sets value of the wsu:Id set on the SecurityTokenReference subelement of the tag EncryptedKey/KeyInfo.

Methods inherited from class org.systinet.wasp.security.ws.SecurityElement

getToken

Methods inherited from class org.systinet.wasp.security.ws.ReferrableElement

getId, getIdForced, setId

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

EncryptedData

public EncryptedData(SecurityToken token)

Initializes a new EncryptedData instance with specified encrypting token.

Parameters:

token - token for encryption

EncryptedData

public EncryptedData(SecurityToken token,
                     IdReference reference)

Initializes a new EncryptedData instance with specified encrypting token and element reference. Referenced element will be encrypted. Equivalent to

 EncryptedData enc = new EncryptedData(token);
 enc.addReference(new IdReference("..."));
 

Parameters:

token - token for encryption

reference - element reference

Method Detail

addReference

public void addReference(IdReference reference)

Adds a reference to element for encryption.

Parameters:

reference - element reference

setEncryptBody

public void setEncryptBody()

Turns body encryption on. Implies that body content will be encrypted. See setEncryptElementContent(boolean) for more.

setEncryptElementContent

public void setEncryptElementContent(boolean encryptElementContent)

If set to true, then only the element content will be subject to encryption; otherwise, the whole element will be encrypted.

Parameters:

encryptElementContent - true to encrypt element content; false to encrypt the whole element (default)

setEncryptionMethod

public void setEncryptionMethod(java.lang.String encryptionMethod)

Sets data encryption method. Supported methods are:

• Constants.ALGO_ID_BLOCKCIPHER_TRIPLEDES

http://www.w3.org/2001/04/xmlenc#tripledes-cbc (default)
• Constants.ALGO_ID_BLOCKCIPHER_AES128

http://www.w3.org/2001/04/xmlenc#aes128-cbc
• Constants.ALGO_ID_BLOCKCIPHER_AES192

http://www.w3.org/2001/04/xmlenc#aes192-cbc
• Constants.ALGO_ID_BLOCKCIPHER_AES256

http://www.w3.org/2001/04/xmlenc#aes256-cbc

This method may only be called when EncryptedData is initialized with X509Token - the setting is ignored otherwise.

Parameters:

encryptionMethod - data encryption method

setKeyEncryptionMethod

public void setKeyEncryptionMethod(java.lang.String keyEncryptionMethod)

Sets key encryption method. Supported methods are:

• Constants.ALGO_ID_KEYTRANSPORT_RSA15

http://www.w3.org/2001/04/xmlenc#rsa-1_5 (default)
• Constants.ALGO_ID_KEYTRANSPORT_RSAOAEP

http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p

This method may only be called when EncryptedData is initialized with X509Token - the setting is ignored otherwise.

Parameters:

keyEncryptionMethod - key encryption method

setSecurityTokenReferenceId

public void setSecurityTokenReferenceId(java.lang.String strId)

Sets value of the wsu:Id set on the SecurityTokenReference subelement of the tag EncryptedKey/KeyInfo.

Parameters:

strId - the wsu:Id attribute value