Difference between revisions of "Common-utils-encryption"
Manuele.simi (Talk | contribs) (→XML Document Encryption) |
Manuele.simi (Talk | contribs) (→XML Document Encryption) |
||
Line 80: | Line 80: | ||
==== XML Document Encryption ==== | ==== XML Document Encryption ==== | ||
TBP | TBP | ||
+ | |||
The XML document before the encryption: | The XML document before the encryption: | ||
<source lang="xml"> | <source lang="xml"> |
Revision as of 23:40, 25 January 2012
Contents
Scope
This library offers an easy way to encrypt and decrypt XML documents and String objects.
Design and implementation notes
The library uses a symmetric key based on the AES standard algorithm for cryptography. It does expect that such a key is available on the local classpath. In addition, the resulting encrypted data are encoded in the BASE 64 schema in order to represent them in the ASCII string format.
The library builds on top of the Apache XML Security for Java library and the XML Encryption standard.
It exposes two main classes:
-
StringEncrypter
for encrypting/decrypting String objects -
XMLDocumentEncrypter
for encrypting/decrypting XML Documents or Elements
Sample Usage
These samples are taken from the exploitation the resource library does of the encryption library for protecting the AccessData content of the RuntimeResource class.
String Encryption
The following snippet shows how to encrypt a string:
import org.gcube.common.utils.encryption.StringEncrypter; //... resource.setAccessData(new StringEncrypter("my sensible data").encrypt());
After its serialization, the resource appears as follows:
<?xml version='1.0' encoding='UTF-8' standalone='yes' ?> <Resource version="0.4.x"> <ID>ac41d0d0-4791-11e1-b442-a3a8a4cd06fd</ID> <Type>RuntimeResource</Type> <Profile> <Category>test category</Category> <Name>resource name</Name> <Description>a description</Description> <Platform> <Name>Test platform</Name> <Version>1</Version> <MinorVersion>1</MinorVersion> </Platform> <RunTime> <HostedOn>macos-manuele</HostedOn> <GHN UniqueID="123456789"/> <Status>READY</Status> </RunTime> <AccessPoint> <Interface> <Endpoint EntryName="ap">http://myaccesspoint.eu</Endpoint> </Interface> <AccessData>dtvKM4JImPLQvboHwBvKEur1tbvdnKXYB82AICLq5/c=</AccessData> <!-- here's the encrypted data --> </AccessPoint> </Profile> </Resource>
String Decryption
The following snippet shows how to decrypt a string:
import org.gcube.common.utils.encryption.StringEncrypter; //... AccessPoint ap = new AccessPoint(); ap.setAccessData(new StringEncrypter(this.load("AccessData")).decrypt()); System.out.println("Access data's content: " + ap.getAccessData());
This will print the following line:
Access data's content: my sensible data
XML Document Encryption
TBP
The XML document before the encryption:
<?xml version="1.0" encoding="UTF-8"?> <myns:RootElement xmlns:myns="http://www.myns.org/ns/#app1"> <myns:foo>Some simple text</myns:foo> </myns:RootElement>
The XML document after the encryption:
<?xml version="1.0" encoding="UTF-8"?> <myns:RootElement xmlns:myns="http://www.myns.org/ns/#app1"> <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content"> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> <xenc:CipherData> <xenc:CipherValue>HcfOBbYyR8lUZBTcd47XfBYRMQoAToQyymmq/eG0tjtk8vFzSRBL1UKIADEHkHQjy+1pQrNNZndP dW9wkBLxgImz0fIQlLx7AEtcFzkWQHsS4QcX0ssnyzMd86fAFGZHMjIEMGI9Dv31eJNoHGF2SQ==</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </myns:RootElement>
XML Document Decryption
TBP