- public void encryptXmlFile() throws Exception
{
try
{
XmlEncryptor xmlEncryptor = new XmlEncryptor();
String fileToBeEncrypted = "C:\\Program Files\\Apache
Group\\jakarta-tomcat-4.1.27\\webapps\\cs554project\\WEB-INF\\paymentfile.xml";
String encryptedFile = "C:\\Program Files\\Apache
Group\\jakarta-tomcat-4.1.27\\webapps\\cs554project\\WEB-INF\\encryptedpaymentfile.xml";
String keyFile = "C:\\Program Files\\Apache Group\\jakarta-tomcat-4.1.27\\webapps\\cs5890project\\WEB-INF\\theKey";
xmlEncryptor.encryptXmlFile(fileToBeEncrypted,encryptedFile,keyFile); //
XmlEncryptor is the class that does the encryption
System.out.println("Xml File encrypted successfully");
}
catch(Exception e)
{
e.printStackTrace();
throw e;
}
}
- package edu.umkc.cs554.project.common.utilclasses;
import java.io.*;
import java.util.*;
import org.w3c.dom.*;
import javax.xml.parsers.*;
import org.apache.crimson.tree.XmlDocument;
import java.security.*;
import javax.crypto.*; // From jce1_2_2.jar , All classes used here are
implemented in this package
public class XmlEncryptor {
public void encryptXmlFile(String fileToBeEncrypted,String
encryptedFile,String keyFile) {
try{
// Testing the provider for TripleDES encryption support.
try {
Cipher testCipher = Cipher.getInstance("DESede");
}//try
catch(Exception e) {
// JCE provider not installed on this system.
// Installing the JCE provider.
System.err.println("INSTALLING PROVIDER: SunJCE");
Provider sunjceprov = new com.sun.crypto.provider.SunJCE();
Security.addProvider(sunjceprov);
System.err.println("PROVIDER INSTALLED... CONTINUING");
}//catch
//******BEGINNING OF Encryption PROCESSING ******
// Reading the source file from disk.
System.out.println("fileToBeEncrypted"+fileToBeEncrypted);
FileInputStream fis = new FileInputStream(fileToBeEncrypted);
byte [] aFile = new byte [fis.available()];
fis.read(aFile);
// The source file is converted into a String.
String aFileString = new String(aFile);
// The XML Encrypted file string
String aEncString = null;
// The encryption key
Key theKey = null;
// Generating the key for encryption
KeyGenerator KG = KeyGenerator.getInstance("DESede");
theKey = KG.generateKey();
// Creating a new XmlEncryption Object for encryption:
XmlEncryption aXmlEnc = new XmlEncryption();
// Setting the clear Document Object
aXmlEnc.setClearDoc(aFileString);
// Setting the encryption key
aXmlEnc.setEncKey(theKey);
// Setting the required algorithm
aXmlEnc.setAlgoName("DESede");
// Setting the name of the encryption key
aXmlEnc.setKeyName("theKey");
// Setting the EncryptedData tag ID
aXmlEnc.setEncId("Test");
// XML Encryption of the complete XML file
aEncString = aXmlEnc.encryptCompleteXmlFile();
System.out.println("Xml file encrypted successfully");
// Writing the XML Encrypted file to disk
try {
byte[] aToFile = aEncString.getBytes();
FileOutputStream aFOS = new FileOutputStream(encryptedFile);
aFOS.write(aToFile);
aFOS.close();
}
catch(Exception e) {
System.out.println("Unable to create the encrypted file");
e.printStackTrace();
}
//Writing the encryption key to a file on disk
try {
FileOutputStream keyFOS = new FileOutputStream(keyFile);
keyFOS.write(theKey.getEncoded());
keyFOS.close();
System.out.println("Key file created successfully");
}
catch(Exception e) {
System.out.println("Unable to save the encryption key.");
e.printStackTrace();
}
//******END OF Encryption PROCESSING ******
}//try
catch(Exception e) {
System.out.println("Unable to read the input XML file.");
e.printStackTrace();
}//catch
}//
}// End class XmlEncryptor
- Symmetric Key vs Asymmetric Key
- Asymmetric encryption is where encryption and decryption use different
keys. Symmetric Key is where the same key is used to encrypt and decrypt
the data. Because both parties have the same key, the decryption
essentially is performed by reversing some part of the encryption process.
Symmetric key algorithms tend to be be much faster than asymmetric key
algorithms. With Symmetric Keys the size of the text that can be encrypted
depends on the size of the product of the two primes used to generate the
public and private keys. With symmetric key algorithms you do not have a
limitation on the total size of what can be encrypted. A problem with
symmetric keys is that keys must be shared among parties involved in
encryption or decryption. So there is the danger of interception or
unauthorized sharing.
- <?xml version="1.0" encoding="UTF-8"?>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Id="Test"
Type="http://www.isi.edu/in-notes/iana/assignments/media-types/text/xml">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<KeyName>theKey</KeyName>
</ds:KeyInfo>
<CipherData>
<CipherValue>W/HrN6WyPC7ieE41K9UVOPTD1Y0lX8/62zuxp1Z+dTekAoa+6HG6A9BxSyUABOKY
cbxEx35BOrRu1J0P8EGe7mpoNWTufilvz4PkN8cI5DtnWvhamix6Dseju1au0izD
qVViSPjRrDTmMUM+hItji/O5vQMHDZ4nVulrras8NlrDaTbBzq6ZMP0lpzHjFia+
ij+Xj06+N7ojM6qDpFqEGz43PqG61XGzD4jSp3l3M5y4qggZ/R7XVB0D30iktggm
IFC3HwEp9PaKhdEZlvbOlRODN8sLXU+hOGIRKgFjSSZkgINwb9hyEG3ZNzvgyL2A
e0ZQerfPMKwo6sGXPP+cNuqM5Ilp/fsHlN1fF2LtGk7Qyq60U9WPYk8OQtZVy37R
AkxmVXG/ctXwwiavo5HdSd8EMcxTI/GwLXyyfqD16Jd4Z+8dWNU8kHtCtnqJZKcN
o7re+PwzZiCqrVHzFFknc1wW0uydItc3UyVylFPWzr1OJPi40fMyx3lUlmhFxviZ
GsBMuEB++hCul4ksDrjaM+iVxbrYcuJ5Ibw+3tfyVUp2ihfi130s8jYhq3vhvDuk
rk6kb/a5pJ71+0RkLBboFIPQDCkMPBGG/gaMWl0TXle4v7Rfp4fvx8JFAscI13bz
KMkcR73XBoNGLX190rEBT3V8vUtcKDU0TfmJB7GBUgX4lO4ltAwBTjUVmxxFHahj
3KuzFy1MLvXSmVRVx6R9TWwoqe6tOETw7BxsRMAhisAiQFeudOiFisel7ue3fTcP
Qhh+j9IDvTmfgix0K6yf/Q7Yz/6MPJD4I1aMPuHslBC1uMoIBhlvwCsaTLCYRbgM
3WuXZ15iE+o4toEgGravnPbFs080bUlkVDLFv3i6Eb56jkx5RlVILhXtajkNwPaf
JW/Ex2Px9+tObfK20N0Rb++a6lcXvWRBcYN3i8N7ON8vKp7hhZeDIpIvfQ7afOJN
O4GQaNpSJyTooCtr5fehjOGPCv3aH890Nvk0LfVxGA4TfhldezusIW3AHBSi45Vg
xXMNguYshVpVOa3fUxyyVkA/UTge9HJQXixEdFTBAm4JSR33DrBlwg==</CipherValue>
</CipherData>
</EncryptedData>
|
