/** * Creates a {@code KeyInfoType} that wraps the specified certificate. * * @param certificate the {@code Certificate} to be wrapped as a {@code X509DataType} inside the * {@code KeyInfoType}. * @return the constructed {@code KeyInfoType} object. * @throws WSTrustException if an error occurs while creating the {@code KeyInfoType}. */ public static KeyInfoType createKeyInfo(Certificate certificate) throws WSTrustException { KeyInfoType keyInfo = null; try { // don't Base64 encode the certificate - JAXB marshaling performs the encoding. byte[] encodedCert = certificate.getEncoded(); // first create a X509DataType that contains the encoded certificate. X509DataType x509 = new X509DataType(); X509CertificateType cert = new X509CertificateType(); cert.setEncodedCertificate(Base64.encodeBytes(encodedCert).getBytes()); x509.add(cert); // set the X509DataType in the KeyInfoType. keyInfo = new KeyInfoType(); keyInfo.addContent(x509); } catch (Exception e) { throw logger.stsKeyInfoTypeCreationError(e); } return keyInfo; }
/** * Creates a {@code KeyInfoType} that wraps the specified secret. If the {@code encryptionKey} * parameter is not null, the secret is encrypted using the specified public key before it is set * in the {@code KeyInfoType}. * * @param secret a {@code byte[]} representing the secret (symmetric key). * @param encryptionKey the {@code PublicKey} that must be used to encrypt the secret. * @param keyWrapAlgo the key wrap algorithm to be used. * @return the constructed {@code KeyInfoType} instance. * @throws WSTrustException if an error occurs while creating the {@code KeyInfoType} object. */ public static KeyInfoType createKeyInfo(byte[] secret, PublicKey encryptionKey, URI keyWrapAlgo) throws WSTrustException { KeyInfoType keyInfo = null; // if a public key has been specified, encrypt the secret using the public key. if (encryptionKey != null) { try { Document document = DocumentUtil.createDocument(); // TODO: XMLEncryptionUtil should allow for the specification of the key wrap algorithm. EncryptedKey key = XMLEncryptionUtil.encryptKey( document, new SecretKeySpec(secret, "AES"), encryptionKey, secret.length * 8); Element encryptedKeyElement = XMLCipher.getInstance().martial(key); keyInfo = new KeyInfoType(); keyInfo.addContent(encryptedKeyElement); } catch (Exception e) { throw logger.stsKeyInfoTypeCreationError(e); } } else { logger.stsSecretKeyNotEncrypted(); } return keyInfo; }