public String decrypt(String text) throws DecryptionException{ try{ c.init(Cipher.DECRYPT_MODE, key); byte[] textByte = Base64.decode(text, Base64.DEFAULT); byte[] tmp = c.doFinal(textByte); return new String(tmp, "UTF-8"); }catch(IllegalBlockSizeException e){ Log.d("Exception", "IllegalBlockSizeException"); throw new DecryptionException(); } // wrote DecryptionException myself. // also there is more Exceptions below }
assertion = decrypter.decrypt(encryptedAssertion); } catch (DecryptionException e) { s_logger.warn("SAML EncryptedAssertion error: " + e.toString());
/** * Decrypt the specified EncryptedAttribute. * * @param encryptedAttribute the EncryptedAttribute to decrypt * @return an Attribute * @throws DecryptionException thrown when decryption generates an error */ public Attribute decrypt(EncryptedAttribute encryptedAttribute) throws DecryptionException { SAMLObject samlObject = decryptData(encryptedAttribute); if (! (samlObject instanceof Attribute)) { throw new DecryptionException("Decrypted SAMLObject was not an instance of Attribute"); } return (Attribute) samlObject; }
/** * Decrypt the specified NewEncryptedID. * * @param newEncryptedID the NewEncryptedID to decrypt * @return a NewID * @throws DecryptionException thrown when decryption generates an error */ public NewID decrypt(NewEncryptedID newEncryptedID) throws DecryptionException { SAMLObject samlObject = decryptData(newEncryptedID); if (! (samlObject instanceof NewID)) { throw new DecryptionException("Decrypted SAMLObject was not an instance of NewID"); } return (NewID) samlObject; }
/** * Decrypt the specified EncryptedAssertion. * * @param encryptedAssertion the EncryptedAssertion to decrypt * @return an Assertion * @throws DecryptionException thrown when decryption generates an error */ public Assertion decrypt(EncryptedAssertion encryptedAssertion) throws DecryptionException { SAMLObject samlObject = decryptData(encryptedAssertion); if (! (samlObject instanceof Assertion)) { throw new DecryptionException("Decrypted SAMLObject was not an instance of Assertion"); } return (Assertion) samlObject; }
/** * Decrypts the supplied EncryptedData and returns the resulting XMLObject. * * This will only succeed if the decrypted EncryptedData contains exactly one DOM Node of type Element. * * @param encryptedData encrypted data element containing the data to be decrypted * @param rootInNewDocument if true, root the underlying Element of the returned XMLObject in a new Document as * described in {@link Decrypter} * @return the decrypted XMLObject * @throws DecryptionException exception indicating a decryption error, possibly because the decrypted data * contained more than one top-level Element, or some non-Element Node type. */ public XMLObject decryptData(EncryptedData encryptedData, boolean rootInNewDocument) throws DecryptionException { List<XMLObject> xmlObjects = decryptDataToList(encryptedData, rootInNewDocument); if (xmlObjects.size() != 1) { log.error("The decrypted data contained more than one top-level XMLObject child"); throw new DecryptionException("The decrypted data contained more than one XMLObject child"); } return xmlObjects.get(0); }
/** * Decrypts the supplied EncryptedData and returns the resulting XMLObject. * * This will only succeed if the decrypted EncryptedData contains exactly one DOM Node of type Element. * * @param encryptedData encrypted data element containing the data to be decrypted * @param rootInNewDocument if true, root the underlying Element of the returned XMLObject in a new Document as * described in {@link Decrypter} * @return the decrypted XMLObject * @throws DecryptionException exception indicating a decryption error, possibly because the decrypted data * contained more than one top-level Element, or some non-Element Node type. */ public XMLObject decryptData(EncryptedData encryptedData, boolean rootInNewDocument) throws DecryptionException { List<XMLObject> xmlObjects = decryptDataToList(encryptedData, rootInNewDocument); if (xmlObjects.size() != 1) { log.error("The decrypted data contained more than one top-level XMLObject child"); throw new DecryptionException("The decrypted data contained more than one XMLObject child"); } return xmlObjects.get(0); }
if (kekResolver == null) { log.warn("No KEK KeyInfo credential resolver is available, can not attempt EncryptedKey decryption"); throw new DecryptionException("No KEK KeyInfo resolver is available for EncryptedKey decryption"); throw new DecryptionException("Algorithm of encrypted key not supplied, key decryption cannot proceed."); throw new DecryptionException("Valid decryption key for EncryptedKey could not be resolved");
if (kekResolver == null) { log.warn("No KEK KeyInfo credential resolver is available, can not attempt EncryptedKey decryption"); throw new DecryptionException("No KEK KeyInfo resolver is available for EncryptedKey decryption"); throw new DecryptionException("Algorithm of encrypted key not supplied, key decryption cannot proceed."); throw new DecryptionException("Valid decryption key for EncryptedKey could not be resolved");
if (resolver == null && encKeyResolver == null) { log.error("Decryption can not be attempted, required resolvers are not available"); throw new DecryptionException("Unable to decrypt EncryptedData, required resolvers are not available"); + "key decryption could not be attempted"; log.error(msg); throw new DecryptionException(msg); + "or EncryptedKeyResolver + EncryptedKey KeyInfoCredentialResolver"); throw new DecryptionException("Failed to decrypt EncryptedData");
if (resolver == null && encKeyResolver == null) { log.error("Decryption can not be attempted, required resolvers are not available"); throw new DecryptionException("Unable to decrypt EncryptedData, required resolvers are not available"); + "key decryption could not be attempted"; log.error(msg); throw new DecryptionException(msg); + "or EncryptedKeyResolver + EncryptedKey KeyInfoCredentialResolver"); throw new DecryptionException("Failed to decrypt EncryptedData");
/** * Decrypt the specified instance of EncryptedElementType, and return it as an instance * of the specified QName. * * * @param encElement the EncryptedElementType to decrypt * @return the decrypted SAMLObject * @throws DecryptionException thrown when decryption generates an error */ private SAMLObject decryptData(EncryptedElementType encElement) throws DecryptionException { if (encElement.getEncryptedData() == null) { throw new DecryptionException("Element had no EncryptedData child"); } XMLObject xmlObject = null; try { xmlObject = decryptData(encElement.getEncryptedData(), isRootInNewDocument()); } catch (DecryptionException e) { log.error("SAML Decrypter encountered an error decrypting element content", e); throw e; } if (! (xmlObject instanceof SAMLObject)) { throw new DecryptionException("Decrypted XMLObject was not an instance of SAMLObject"); } return (SAMLObject) xmlObject; }
if (node.getNodeType() != Node.ELEMENT_NODE) { log.error("Decryption returned a top-level node that was not of type Element: " + node.getNodeType()); throw new DecryptionException("Top-level node was not of type Element"); } else { element = (Element) node; } catch (XMLParserException e) { log.error("There was an error creating a new DOM Document", e); throw new DecryptionException("Error creating new DOM Document", e); String errorMsg = "Unable to locate unmarshaller for " + XMLHelper.getNodeQName(element); log.error(errorMsg); throw new DecryptionException(errorMsg); } catch (UnmarshallingException e) { log.error("There was an error during unmarshalling of the decrypted element", e); throw new DecryptionException("Unmarshalling error during decryption", e);
throw new DecryptionException("Algorithm of encrypted key not supplied, key decryption cannot proceed."); } catch (XMLEncryptionException e) { log.error("Error initialzing cipher instance on key decryption", e); throw new DecryptionException("Error initialzing cipher instance on key decryption", e); } catch (XMLEncryptionException e) { log.error("Error when loading library native encrypted key representation", e); throw new DecryptionException("Error when loading library native encrypted key representation", e); } catch (XMLEncryptionException e) { log.error("Error decrypting encrypted key", e); throw new DecryptionException("Error decrypting encrypted key", e); } catch (Exception e) { throw new DecryptionException("Probable runtime exception on decryption:" + e.getMessage(), e); throw new DecryptionException("Key could not be decrypted");
throw new DecryptionException("Algorithm of encrypted key not supplied, key decryption cannot proceed."); } catch (XMLEncryptionException e) { log.error("Error initialzing cipher instance on key decryption", e); throw new DecryptionException("Error initialzing cipher instance on key decryption", e); } catch (XMLEncryptionException e) { log.error("Error when loading library native encrypted key representation", e); throw new DecryptionException("Error when loading library native encrypted key representation", e); } catch (XMLEncryptionException e) { log.error("Error decrypting encrypted key", e); throw new DecryptionException("Error decrypting encrypted key", e); } catch (Exception e) { throw new DecryptionException("Probable runtime exception on decryption:" + e.getMessage(), e); throw new DecryptionException("Key could not be decrypted");
if (node.getNodeType() != Node.ELEMENT_NODE) { log.error("Decryption returned a top-level node that was not of type Element: " + node.getNodeType()); throw new DecryptionException("Top-level node was not of type Element"); } else { element = (Element) node; } catch (XMLParserException e) { log.error("There was an error creating a new DOM Document", e); throw new DecryptionException("Error creating new DOM Document", e); String errorMsg = "Unable to locate unmarshaller for " + XMLHelper.getNodeQName(element); log.error(errorMsg); throw new DecryptionException(errorMsg); } catch (UnmarshallingException e) { log.error("There was an error during unmarshalling of the decrypted element", e); throw new DecryptionException("Unmarshalling error during decryption", e);
log.error("EncryptedData was of unsupported type '" + encryptedData.getType() + "', could not attempt decryption"); throw new DecryptionException("EncryptedData of unsupported type was encountered"); } catch (XMLEncryptionException e) { log.error("Error initialzing cipher instance on data decryption", e); throw new DecryptionException("Error initialzing cipher instance on data decryption", e); } catch (XMLEncryptionException e) { log.error("Error decrypting the encrypted data element", e); throw new DecryptionException("Error decrypting the encrypted data element", e); } catch (Exception e) { throw new DecryptionException("Probable runtime exception on decryption:" + e.getMessage(), e); throw new DecryptionException("EncryptedData could not be decrypted");
log.error("EncryptedData was of unsupported type '" + encryptedData.getType() + "', could not attempt decryption"); throw new DecryptionException("EncryptedData of unsupported type was encountered"); } catch (XMLEncryptionException e) { log.error("Error initialzing cipher instance on data decryption", e); throw new DecryptionException("Error initialzing cipher instance on data decryption", e); } catch (XMLEncryptionException e) { log.error("Error decrypting the encrypted data element", e); throw new DecryptionException("Error decrypting the encrypted data element", e); } catch (Exception e) { throw new DecryptionException("Probable runtime exception on decryption:" + e.getMessage(), e); throw new DecryptionException("EncryptedData could not be decrypted");
/** * Parse the specified input stream in a DOM DocumentFragment, owned by the specified Document. * * @param input the InputStream to parse * @param owningDocument the Document which will own the returned DocumentFragment * @return a DocumentFragment * @throws DecryptionException thrown if there is an error parsing the input stream */ private DocumentFragment parseInputStream(InputStream input, Document owningDocument) throws DecryptionException { // Since Xerces currently seems not to handle parsing into a DocumentFragment // without a bit hackery, use this to simulate, so we can keep the API // the way it hopefully will look in the future. Obviously this only works for // input streams containing valid XML instances, not fragments. Document newDocument = null; try { newDocument = parserPool.parse(input); } catch (XMLParserException e) { log.error("Error parsing decrypted input stream", e); throw new DecryptionException("Error parsing input stream", e); } Element element = newDocument.getDocumentElement(); owningDocument.adoptNode(element); DocumentFragment container = owningDocument.createDocumentFragment(); container.appendChild(element); return container; }
/** * Parse the specified input stream in a DOM DocumentFragment, owned by the specified Document. * * @param input the InputStream to parse * @param owningDocument the Document which will own the returned DocumentFragment * @return a DocumentFragment * @throws DecryptionException thrown if there is an error parsing the input stream */ private DocumentFragment parseInputStream(InputStream input, Document owningDocument) throws DecryptionException { // Since Xerces currently seems not to handle parsing into a DocumentFragment // without a bit hackery, use this to simulate, so we can keep the API // the way it hopefully will look in the future. Obviously this only works for // input streams containing valid XML instances, not fragments. Document newDocument = null; try { newDocument = parserPool.parse(input); } catch (XMLParserException e) { log.error("Error parsing decrypted input stream", e); throw new DecryptionException("Error parsing input stream", e); } Element element = newDocument.getDocumentElement(); owningDocument.adoptNode(element); DocumentFragment container = owningDocument.createDocumentFragment(); container.appendChild(element); return container; }