/** * Attempt to decrypt by resolving the decryption key using the standard credential resolver. * * @param encryptedData the encrypted data to decrypt * @return the decrypted document fragment, or null if decryption key could not be resolved or decryption failed */ private DocumentFragment decryptUsingResolvedKey(EncryptedData encryptedData) { if (resolver != null) { CriteriaSet criteriaSet = buildCredentialCriteria(encryptedData, resolverCriteria); try { for (Credential cred : resolver.resolve(criteriaSet)) { try { return decryptDataToDOM(encryptedData, SecurityHelper.extractDecryptionKey(cred)); } catch (DecryptionException e) { String msg = "Decryption attempt using credential from standard KeyInfo resolver failed: "; log.debug(msg, e); continue; } } } catch (SecurityException e) { log.error("Error resolving credentials from EncryptedData KeyInfo", e); } } return null; }
/** * Attempt to decrypt by resolving the decryption key using the standard credential resolver. * * @param encryptedData the encrypted data to decrypt * @return the decrypted document fragment, or null if decryption key could not be resolved or decryption failed */ private DocumentFragment decryptUsingResolvedKey(EncryptedData encryptedData) { if (resolver != null) { CriteriaSet criteriaSet = buildCredentialCriteria(encryptedData, resolverCriteria); try { for (Credential cred : resolver.resolve(criteriaSet)) { try { return decryptDataToDOM(encryptedData, SecurityHelper.extractDecryptionKey(cred)); } catch (DecryptionException e) { String msg = "Decryption attempt using credential from standard KeyInfo resolver failed: "; log.debug(msg, e); continue; } } } catch (SecurityException e) { log.error("Error resolving credentials from EncryptedData KeyInfo", e); } } return null; }
for (Credential cred : kekResolver.resolve(criteriaSet)) { try { return decryptKey(encryptedKey, algorithm, SecurityHelper.extractDecryptionKey(cred)); } catch (DecryptionException e) { String msg = "Attempt to decrypt EncryptedKey using credential from KEK KeyInfo resolver failed: ";
for (Credential cred : kekResolver.resolve(criteriaSet)) { try { return decryptKey(encryptedKey, algorithm, SecurityHelper.extractDecryptionKey(cred)); } catch (DecryptionException e) { String msg = "Attempt to decrypt EncryptedKey using credential from KEK KeyInfo resolver failed: ";