/** * Get the iterator from the next resolver in the chain. * * @return an iterator of encrypted keys */ private Iterator<EncryptedKey> getNextKeyIterator() { if (resolverIterator.hasNext()) { currentResolver = resolverIterator.next(); log.debug("Getting key iterator from next resolver: {}", currentResolver.getClass().toString()); return currentResolver.resolve(encryptedData).iterator(); } else { log.debug("No more resolvers available in the resolver chain"); currentResolver = null; return null; } }
/** * Get the iterator from the next resolver in the chain. * * @return an iterator of encrypted keys */ private Iterator<EncryptedKey> getNextKeyIterator() { if (resolverIterator.hasNext()) { currentResolver = resolverIterator.next(); log.debug("Getting key iterator from next resolver: {}", currentResolver.getClass().toString()); return currentResolver.resolve(encryptedData).iterator(); } else { log.debug("No more resolvers available in the resolver chain"); currentResolver = null; return null; } }
/** * Attempt to decrypt by resolving the decryption key by first resolving EncryptedKeys, and using the KEK credential * resolver to resolve the key decryption for each. * * @param encryptedData the encrypted data to decrypt * @param algorithm the algorithm of the key to be decrypted * @return the decrypted document fragment, or null if decryption key could not be resolved or decryption failed */ private DocumentFragment decryptUsingResolvedEncryptedKey(EncryptedData encryptedData, String algorithm) { if (encKeyResolver != null) { for (EncryptedKey encryptedKey : encKeyResolver.resolve(encryptedData)) { try { Key decryptedKey = decryptKey(encryptedKey, algorithm); return decryptDataToDOM(encryptedData, decryptedKey); } catch (DecryptionException e) { String msg = "Attempt to decrypt EncryptedData using key extracted from EncryptedKey failed: "; log.debug(msg, e); continue; } } } return null; }
/** * Attempt to decrypt by resolving the decryption key by first resolving EncryptedKeys, and using the KEK credential * resolver to resolve the key decryption for each. * * @param encryptedData the encrypted data to decrypt * @param algorithm the algorithm of the key to be decrypted * @return the decrypted document fragment, or null if decryption key could not be resolved or decryption failed */ private DocumentFragment decryptUsingResolvedEncryptedKey(EncryptedData encryptedData, String algorithm) { if (encKeyResolver != null) { for (EncryptedKey encryptedKey : encKeyResolver.resolve(encryptedData)) { try { Key decryptedKey = decryptKey(encryptedKey, algorithm); return decryptDataToDOM(encryptedData, decryptedKey); } catch (DecryptionException e) { String msg = "Attempt to decrypt EncryptedData using key extracted from EncryptedKey failed: "; log.debug(msg, e); continue; } } } return null; }