a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: EncryptedResourceID.java,v 1.4 2008/06/25 05:47:10 qcheng Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.disco.common.DiscoConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.disco.common.DiscoUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.util.ProviderManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.util.ProviderUtil;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The class <code>EncryptedResourceID</code> represents an Encryption
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Resource ID element for the Discovery Service.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <p>The following schema fragment specifies the expected content within the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>EncryptedResourceID</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <xs:element name="EncryptedResourceID" type="EncryptedResourceIDType"/>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <complexType name="EncryptedResourceIDType">
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <complexContent>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <sequence>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <element ref="{http://www.w3.org/2001/04/xmlenc#}EncryptedData"/>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <element ref="{http://www.w3.org/2001/04/xmlenc#}EncryptedKey"/>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * </sequence>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * </restriction>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * </complexContent>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * </complexType>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.all.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default constructor.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructor.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param elem <code>EncryptedResourceID</code> DOM element
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception DiscoveryException if error occurs
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public EncryptedResourceID(Element elem) throws DiscoveryException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs a encrypted resource ID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param elem <code>EncryptedResourceID</code> DOM element
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param nspaceURI Name space URI for this element. By default, Discovery
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * name space is used.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception DiscoveryException if error occurs.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public EncryptedResourceID(Element elem, String nspaceURI)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private void init(Element elem, String nspaceURI)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.debug.message("EncryptedResourceID(Element):null input");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ((nameSpaceURI = elem.getNamespaceURI()) == null) ||
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.debug.message("EncryptedResourceID(Ele):wrong input");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster for (int i = 0, length = contentnl.getLength(); i < length; i++) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((nodeName = child.getLocalName()) != null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.debug.message("EncryptedResourceID(Elem"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "ent):Included more than one EncryptedData.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.bundle.getString("moreEncryptedData"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.debug.message("EncryptedResourceID(Elem"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "ent):Included more than one EncryptedKey.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.bundle.getString("moreEncryptedKey"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.debug.message("EncryptedResourceID(Element):"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.debug.message("EncryptedResourceID(Element): missing"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + " EncryptedData element.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.bundle.getString("missingEncryptedData"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructor.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param encryptedData Encrypted data in DOM Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param encryptedKey Encrypted key in DOM Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public EncryptedResourceID(Element encryptedData,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets encrypted data element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param data encrypted data element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @see #getEncryptedData()
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Gets encrypted data.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return encrypted data.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @see #setEncryptedData(Element)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Gets encrypted key element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return encrypted key element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @see #setEncryptedKey(Element)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sets encrypted key element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param key encrypted key element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @see #getEncryptedKey()
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns an instance of <code>ResourceID</code> object. It takes an
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * instance of <code>EncryptedResourceID</code> and decrypts the contents
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * using the decryption key of the provider ID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param eri <code>EncryptedResourceID</code> instance that needs to be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * decrypted.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param providerID The provider ID whose decryption key that needs to be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * used for decryption.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws DiscoveryException if error occurs during the operation.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static ResourceID getDecryptedResourceID(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster XMLEncryptionManager manager = XMLEncryptionManager.getInstance();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Document encDoc = XMLUtils.toDOMDocument(eri.toString(),
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Document decryptDoc = manager.decryptAndReplace(encDoc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ProviderUtil.getProviderManager().getDecryptionKey(providerID));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Element riEl = (Element) decryptDoc.getElementsByTagNameNS(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.debug.error("EncryptedResourceID.getDecryptedResource"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "ID: decryption exception:", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns an <code>EncryptedResourceID</code> object. It takes a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * resource ID and provider ID, encrypts the resource ID based on the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * encryption key of the provider ID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ri The resource ID instance that needs to be encrypted.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param providerID The provider ID whose encryption key needs to be used
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * for encryption.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws DiscoveryException if error occurs during this operation.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static EncryptedResourceID getEncryptedResourceID(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.debug.error("EncryptedResourceID.getEncryptedResource"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "ID: null input value");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ProviderManager pm = ProviderUtil.getProviderManager();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Document doc = XMLUtils.toDOMDocument(ri.toString(),
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster XMLEncryptionManager manager = XMLEncryptionManager.getInstance();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Document encDoc = manager.encryptAndReplaceResourceID(doc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster eri = new EncryptedResourceID(encDoc.getDocumentElement());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster DiscoUtils.debug.error("EncryptedResourceID.getEncryptedResource"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "ID: encryption exception:", e);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns string format.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return formatted string.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns string format.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ns namespace value
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return formatted string.