Re: newbie - decryption stream using stax

Tue, 29 Jul 2014 10:16:53 -0700 

Hi Mujahed,

On Tue, 29 Jul 2014 03:04:29 -0700 (PDT)
mujahedsyed <[email protected]> wrote:

> Hi Marc,
> 
> Thanks for looking into this ticket. I appreciate your hints but I
> would like to let you know that I am new to both StAX and encryption
> concepts.
> 
> From the hints you provided I am thinking that you wish to say while
> loop reads everything so nothing more is left for the other method to
> read.

Exactly! and therefore the empty document is expected.

> 
> As advised by Colm my understanding is also that the while loop is
> reading the stream, adding to this there is a listener pattern so it
> is collecting security events.

The security events have nothing todo with the document structure
itself. They are generated on the fly when processing a document
to allow the "user" to see what exactly was encrypted and/or signed and how.
As said, these events are generated on the fly when you "leech" on
the (security-)streamReader.

> 
> The expected output from below statement is that a document object is
> returned which has decrypted xml in it.

Yes, if nothing else uses the security-streamReader beforehand as the
while loop did. So simply replace the while loop with the call
StAX2DOM.readDoc() and world is fine again:-) :

InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);

XMLInputFactory xmlInputFactory = XMLInputFactory.newInstance();
final XMLStreamReader xmlStreamReader = 
xmlInputFactory.createXMLStreamReader(inputStream);

TestSecurityEventListener eventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = 
    inboundXMLSec.processInMessage(xmlStreamReader, null, eventListener);

final Document doc = StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), 
securityStreamReader);

// Check that what we were expecting to be encrypted was actually encrypted
List<EncryptedElementSecurityEvent> encryptedElementEvents =
    eventListener.getSecurityEvents(SecurityEventConstants.EncryptedElement);
Assert.assertNotNull(encryptedElementEvents);

...

return doc;


I hope its clear now so far.

Thanks,

Marc

Reply via email to