From my understanding of XML encryption in WS-Security, it uses combination of shared and public key cryptography wherein the message is encrypted using the shared key and then the shared key is encrypted by the recipient's (server) public key. So that the server decrypts the shared key using its private key and decrypts the message using the shared key. Please correct me if I am wrong.
I have created and self-signed the private key and public certificate using the Java's keytool and both of them are in the same keystore called "privkeystore". I created them based on this article: http://www.devx.com/Java/Article/28816/0/page/2
My doubt is reg. how do I use these keys?
What should I provide to the setUserinfo() method of WSSecEncrypt? If I give the alias name of my private key, how will it encrypt this client's private key (shared key) using the server's public key. I could not understand this part. Please help me understanding this.
The following is my code for implementing XML encryption:
private Message
encryptSOAPEnvelope(SOAPEnvelope unsecureEnvelope, Message
axisMsg)
throws Exception
{
WSSecEncrypt
encryptBody = new
WSSecEncrypt();
encryptBody.setUserInfo("privkey",
"tempass");
Document doc =
unsecureEnvelope.getAsDocument();
WSSecHeader secHeader = new
WSSecHeader();
secHeader.insertSecurityHeader(doc);
//Build SOAP
envelope with encrypted body and add encrypted key.
Document
encryptDoc = encryptBody.build(doc, crypto, secHeader);
// Convert the
document into a SOAP message.
Message encryptMsg = (Message)
toSOAPMessage(encryptDoc);
String soapPart =
encryptMsg.getSOAPPartAsString();
((SOAPPart)axisMsg.getSOAPPart()).setCurrentMessage(soapPart,
SOAPPart.FORM_STRING);
encryptDoc =
axisMsg.getSOAPEnvelope().getAsDocument();
Message encryptSOAPMsg
= (Message)toSOAPMessage(encryptDoc);
return
encryptSOAPMsg;
}
Thanks
Vignesh
