static WSSecEncryptedKey getSymmetricKeyBasedKeyInfoContent(Document doc, byte[] ephemeralKey, X509Certificate serviceCert, Crypto crypto) throws WSSecurityException, TrustException { // Create the encrypted key WSSecEncryptedKey encryptedKeyBuilder = new WSSecEncryptedKey(); // Use thumbprint id encryptedKeyBuilder .setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER); // SEt the encryption cert encryptedKeyBuilder.setUseThisCert(serviceCert); encryptedKeyBuilder.setEphemeralKey(ephemeralKey); // Set key encryption algo encryptedKeyBuilder .setKeyEncAlgo(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15); // Build encryptedKeyBuilder.prepare(doc, crypto); return encryptedKeyBuilder; }
/** * @param rmd * @param token * @return * @throws RampartException */ protected WSSecEncryptedKey getEncryptedKeyBuilder(RampartMessageData rmd, Token token) throws RampartException { RampartPolicyData rpd = rmd.getPolicyData(); Document doc = rmd.getDocument(); WSSecEncryptedKey encrKey = new WSSecEncryptedKey(); try { RampartUtil.setKeyIdentifierType(rmd, encrKey, token); RampartUtil.setEncryptionUser(rmd, encrKey); //TODO we do not need to pass keysize as it is taken from algorithm it self - verify encrKey.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap()); encrKey.prepare(doc, RampartUtil.getEncryptionCrypto(rpd.getRampartConfig(), rmd.getCustomClassLoader())); return encrKey; } catch (WSSecurityException e) { throw new RampartException("errorCreatingEncryptedKey", e); } }
try { encrKeyBuilder.setUseThisCert(data.getClientCert()); encrKeyBuilder.prepare(doc, crypto); } catch (WSSecurityException e) { throw new TrustException("errorInBuildingTheEncryptedKeyForPrincipal",