ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1781077 - in /webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message: WSSecDKEncrypt.java WSSecEncrypt.java
Date Tue, 31 Jan 2017 13:24:43 GMT
Author: coheigea
Date: Tue Jan 31 13:24:43 2017
New Revision: 1781077

URL: http://svn.apache.org/viewvc?rev=1781077&view=rev
Log:
Refactor encryption static methods

Modified:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java?rev=1781077&r1=1781076&r2=1781077&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
Tue Jan 31 13:24:43 2017
@@ -132,12 +132,17 @@ public class WSSecDKEncrypt extends WSSe
 
         SecretKey key = getDerivedKey(symEncAlgo);
 
+        Encryptor encryptor = new Encryptor();
+        encryptor.setDoc(getDocument());
+        encryptor.setSecurityHeader(getSecurityHeader());
+        encryptor.setIdAllocator(getIdAllocator());
+        encryptor.setCallbackLookup(callbackLookup);
+        encryptor.setAttachmentCallbackHandler(attachmentCallbackHandler);
+        encryptor.setStoreBytesInAttachment(storeBytesInAttachment);
+        encryptor.setEncryptionSerializer(encryptionSerializer);
         List<String> encDataRefs =
-            WSSecEncrypt.doEncryption(
-                getDocument(), getSecurityHeader(), getIdAllocator(), keyInfo, key, symEncAlgo,
references, callbackLookup,
-                attachmentCallbackHandler, attachmentEncryptedDataElements, storeBytesInAttachment,
-                encryptionSerializer
-            );
+            encryptor.doEncryption(keyInfo, key, symEncAlgo, references, attachmentEncryptedDataElements);
+        
         if (dataRef == null) {
             dataRef =
                 getDocument().createElementNS(

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java?rev=1781077&r1=1781076&r2=1781077&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
Tue Jan 31 13:24:43 2017
@@ -20,58 +20,32 @@
 package org.apache.wss4j.dom.message;
 
 import java.security.cert.X509Certificate;
-import java.security.spec.AlgorithmParameterSpec;
 import java.util.ArrayList;
 import java.util.Base64;
-import java.util.HashMap;
 import java.util.List;
-import java.util.Map;
 
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
-import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 
 import org.apache.wss4j.common.WSEncryptionPart;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoType;
-import org.apache.wss4j.common.ext.Attachment;
-import org.apache.wss4j.common.ext.AttachmentRequestCallback;
-import org.apache.wss4j.common.ext.AttachmentResultCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.token.Reference;
 import org.apache.wss4j.common.token.SecurityTokenReference;
-import org.apache.wss4j.common.util.AttachmentUtils;
 import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WsuIdAllocator;
 import org.apache.wss4j.dom.callback.CallbackLookup;
-import org.apache.wss4j.dom.callback.DOMCallbackLookup;
 import org.apache.wss4j.dom.message.token.KerberosSecurity;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
-import org.apache.xml.security.algorithms.JCEMapper;
-import org.apache.xml.security.c14n.Canonicalizer;
-import org.apache.xml.security.encryption.AbstractSerializer;
-import org.apache.xml.security.encryption.EncryptedData;
 import org.apache.xml.security.encryption.Serializer;
-import org.apache.xml.security.encryption.TransformSerializer;
-import org.apache.xml.security.encryption.XMLCipher;
-import org.apache.xml.security.encryption.XMLCipherUtil;
-import org.apache.xml.security.encryption.XMLEncryptionException;
 import org.apache.xml.security.keys.KeyInfo;
-import org.apache.xml.security.stax.ext.XMLSecurityConstants;
-import org.apache.xml.security.utils.EncryptionConstants;
-import org.w3c.dom.Attr;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
-import org.w3c.dom.NamedNodeMap;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
 
 /**
  * Encrypts a parts of a message according to WS Specification, X509 profile,
@@ -258,12 +232,17 @@ public class WSSecEncrypt extends WSSecE
         //this occurs e.g. with a kerberos session-key. It doesn't matter for the bouncy-castle
provider
         //so create a new secretKeySpec to make everybody happy.
         SecretKeySpec secretKeySpec = new SecretKeySpec(symmetricKey.getEncoded(), symmetricKey.getAlgorithm());
+        
+        Encryptor encryptor = new Encryptor();
+        encryptor.setDoc(getDocument());
+        encryptor.setSecurityHeader(getSecurityHeader());
+        encryptor.setIdAllocator(getIdAllocator());
+        encryptor.setCallbackLookup(callbackLookup);
+        encryptor.setAttachmentCallbackHandler(attachmentCallbackHandler);
+        encryptor.setStoreBytesInAttachment(storeBytesInAttachment);
+        encryptor.setEncryptionSerializer(getEncryptionSerializer());
         List<String> encDataRefs =
-            doEncryption(
-                getDocument(), getSecurityHeader(), getIdAllocator(), keyInfo, secretKeySpec,
getSymmetricEncAlgorithm(), 
-                references, callbackLookup, attachmentCallbackHandler, attachmentEncryptedDataElements,
-                storeBytesInAttachment
-            );
+            encryptor.doEncryption(keyInfo, secretKeySpec, getSymmetricEncAlgorithm(), references,
attachmentEncryptedDataElements);
         if (encDataRefs.isEmpty()) {
             return null;
         }
@@ -387,375 +366,16 @@ public class WSSecEncrypt extends WSSecE
             boolean storeBytesInAttachment,
             Serializer encryptionSerializer
     ) throws WSSecurityException {
-
-        XMLCipher xmlCipher = null;
-        try {
-            xmlCipher = XMLCipher.getInstance(encryptionAlgorithm);
-        } catch (XMLEncryptionException ex) {
-            throw new WSSecurityException(
-                WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, ex
-            );
-        }
-        if (encryptionSerializer != null) {
-            xmlCipher.setSerializer(encryptionSerializer);
-        }
-
-        List<String> encDataRef = new ArrayList<>();
-        WSEncryptionPart attachmentEncryptionPart = null;
-        for (int part = 0; part < references.size(); part++) {
-            WSEncryptionPart encPart = references.get(part);
-
-            if (encPart.getId() != null && encPart.getId().startsWith("cid:")) {
-                attachmentEncryptionPart = encPart;
-                continue;
-            }
-
-            //
-            // Get the data to encrypt.
-            //
-            if (callbackLookup == null) {
-                callbackLookup = new DOMCallbackLookup(doc);
-            }
-            List<Element> elementsToEncrypt =
-                WSSecurityUtil.findElements(encPart, callbackLookup, doc);
-            if (elementsToEncrypt == null || elementsToEncrypt.size() == 0) {
-                if (!encPart.isRequired()) {
-                    continue;
-                }
-                throw new WSSecurityException(
-                    WSSecurityException.ErrorCode.FAILURE,
-                    "noEncElement",
-                    new Object[] {"{" + encPart.getNamespace() + "}" + encPart.getName()});
-            }
-
-            if (storeBytesInAttachment) {
-                for (Element elementToEncrypt : elementsToEncrypt) {
-                    try {
-                        String id =
-                            encryptElementInAttachment(doc, securityHeader, idAllocator,
keyInfo, secretKey, 
-                                                       encryptionAlgorithm, attachmentCallbackHandler,
encPart, elementToEncrypt);
-                        encPart.setEncId(id);
-                        encDataRef.add("#" + id);
-                    } catch (Exception ex) {
-                        throw new WSSecurityException(
-                            WSSecurityException.ErrorCode.FAILED_ENCRYPTION, ex
-                        );
-                    }
-                }
-            } else {
-                for (Element elementToEncrypt : elementsToEncrypt) {
-                    String id =
-                        encryptElement(doc, securityHeader, elementToEncrypt, encPart.getEncModifier(),
idAllocator, 
-                                       xmlCipher, secretKey, keyInfo);
-                    encPart.setEncId(id);
-                    encDataRef.add("#" + id);
-                }
-            }
-        }
-
-        if (attachmentEncryptionPart != null) {
-            encryptAttachment(doc, idAllocator, keyInfo, secretKey, encryptionAlgorithm,
-                              attachmentCallbackHandler, attachmentEncryptionPart, encDataRef,
-                              attachmentEncryptedDataElements);
-        }
-
-        return encDataRef;
-    }
-
-    private static String encryptElementInAttachment(
-        Document doc,
-        WSSecHeader securityHeader,
-        WsuIdAllocator idAllocator,
-        KeyInfo keyInfo,
-        SecretKey secretKey,
-        String encryptionAlgorithm,
-        CallbackHandler attachmentCallbackHandler,
-        WSEncryptionPart encryptionPart,
-        Element elementToEncrypt
-   ) throws Exception {
-
-        String type = EncryptionConstants.TYPE_ELEMENT;
-        if ("Content".equals(encryptionPart.getEncModifier())) {
-            type = EncryptionConstants.TYPE_CONTENT;
-        }
-
-        final String attachmentId = idAllocator.createId("", doc);
-        String encEncryptedDataId = idAllocator.createId("ED-", attachmentId);
-
-        if ("Header".equals(encryptionPart.getEncModifier())
-            && elementToEncrypt.getParentNode().equals(WSSecurityUtil.getSOAPHeader(doc)))
{
-            createEncryptedHeaderElement(doc, securityHeader, elementToEncrypt, idAllocator);
-        }
-
-        Element encryptedData =
-            doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptedData");
-        encryptedData.setAttributeNS(null, "Id", encEncryptedDataId);
-        encryptedData.setAttributeNS(null, "Type", type);
-
-        Element encryptionMethod =
-            doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptionMethod");
-        encryptionMethod.setAttributeNS(null, "Algorithm", encryptionAlgorithm);
-
-        encryptedData.appendChild(encryptionMethod);
-        encryptedData.appendChild(keyInfo.getElement().cloneNode(true));
-
-        Element cipherData =
-            doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":CipherData");
-        Element cipherValue =
-            doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":CipherValue");
-        cipherData.appendChild(cipherValue);
-        encryptedData.appendChild(cipherData);
-
-        Cipher cipher = createCipher(encryptionAlgorithm, secretKey);
-
-        // Serialize and encrypt the element
-        AbstractSerializer serializer = new TransformSerializer();
-        serializer.setCanonicalizer(Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_PHYSICAL));
-        serializer.setSecureValidation(true);
-
-        byte[] serializedOctets = null;
-        if (type.equals(EncryptionConstants.TYPE_CONTENT)) {
-            NodeList children = elementToEncrypt.getChildNodes();
-            if (null != children) {
-                serializedOctets = serializer.serializeToByteArray(children);
-            } else {
-                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION,

-                                              "Element has no content.");
-            }
-        } else {
-            serializedOctets = serializer.serializeToByteArray(elementToEncrypt);
-        }
-
-        byte[] encryptedBytes = null;
-        try {
-            encryptedBytes = cipher.doFinal(serializedOctets);
-        } catch (IllegalBlockSizeException ibse) {
-            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION,
ibse);
-        } catch (BadPaddingException bpe) {
-            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION,
bpe);
-        }
-
-        // Now build up to a properly XML Encryption encoded octet stream
-        byte[] iv = cipher.getIV();
-        byte[] finalEncryptedBytes = new byte[iv.length + encryptedBytes.length];
-        System.arraycopy(iv, 0, finalEncryptedBytes, 0, iv.length);
-        System.arraycopy(encryptedBytes, 0, finalEncryptedBytes, iv.length, encryptedBytes.length);
-
-        if ("Content".equals(encryptionPart.getEncModifier())) {
-            Node child = elementToEncrypt.getFirstChild();
-            while (child != null) {
-                Node sibling = child.getNextSibling();
-                elementToEncrypt.removeChild(child);
-                child = sibling;
-            }
-            elementToEncrypt.appendChild(encryptedData);
-        } else {
-            elementToEncrypt.getParentNode().replaceChild(encryptedData, elementToEncrypt);
-        }
-
-        WSSecurityUtil.storeBytesInAttachment(cipherValue, doc, attachmentId,
-                                              finalEncryptedBytes, attachmentCallbackHandler);
-
-        return encEncryptedDataId;
-    }
-
-    private static void encryptAttachment(
-        Document doc,
-        WsuIdAllocator idAllocator,
-        KeyInfo keyInfo,
-        SecretKey secretKey,
-        String encryptionAlgorithm,
-        CallbackHandler attachmentCallbackHandler,
-        WSEncryptionPart attachmentEncryptionPart,
-        List<String> encDataRef,
-        List<Element> attachmentEncryptedDataElements
-    ) throws WSSecurityException {
-        if (attachmentCallbackHandler == null) {
-            throw new WSSecurityException(
-                WSSecurityException.ErrorCode.FAILURE,
-                "empty", new Object[] {"no attachment callbackhandler supplied"}
-            );
-        }
-
-        AttachmentRequestCallback attachmentRequestCallback = new AttachmentRequestCallback();
-        String id = attachmentEncryptionPart.getId().substring(4);
-        attachmentRequestCallback.setAttachmentId(id);
-        try {
-            attachmentCallbackHandler.handle(new Callback[]{attachmentRequestCallback});
-        } catch (Exception e) {
-            throw new WSSecurityException(
-                WSSecurityException.ErrorCode.FAILED_ENCRYPTION, e
-            );
-        }
-        String attachmentEncryptedDataType = WSConstants.SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_CONTENT_ONLY;
-        if ("Element".equals(attachmentEncryptionPart.getEncModifier())) {
-            attachmentEncryptedDataType = WSConstants.SWA_ATTACHMENT_ENCRYPTED_DATA_TYPE_COMPLETE;
-        }
-
-        for (Attachment attachment : attachmentRequestCallback.getAttachments()) {
-
-            final String attachmentId = attachment.getId();
-            String encEncryptedDataId = idAllocator.createId("ED-", attachmentId);
-            encDataRef.add("#" + encEncryptedDataId);
-
-            Element encryptedData =
-                doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptedData");
-            encryptedData.setAttributeNS(null, "Id", encEncryptedDataId);
-            encryptedData.setAttributeNS(null, "MimeType", attachment.getMimeType());
-            encryptedData.setAttributeNS(null, "Type", attachmentEncryptedDataType);
-
-            Element encryptionMethod =
-                doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":EncryptionMethod");
-            encryptionMethod.setAttributeNS(null, "Algorithm", encryptionAlgorithm);
-
-            encryptedData.appendChild(encryptionMethod);
-            encryptedData.appendChild(keyInfo.getElement().cloneNode(true));
-
-            Element cipherData =
-                doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":CipherData");
-            Element cipherReference =
-                doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":CipherReference");
-            cipherReference.setAttributeNS(null, "URI", "cid:" + attachmentId);
-
-            Element transforms = doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX
+ ":Transforms");
-            Element transform = doc.createElementNS(WSConstants.SIG_NS, WSConstants.SIG_PREFIX
+ ":Transform");
-            transform.setAttributeNS(null, "Algorithm", WSConstants.SWA_ATTACHMENT_CIPHERTEXT_TRANS);
-            transforms.appendChild(transform);
-
-            cipherReference.appendChild(transforms);
-            cipherData.appendChild(cipherReference);
-            encryptedData.appendChild(cipherData);
-
-            attachmentEncryptedDataElements.add(encryptedData);
-
-            Attachment resultAttachment = new Attachment();
-            resultAttachment.setId(attachmentId);
-            resultAttachment.setMimeType("application/octet-stream");
-
-            Cipher cipher = createCipher(encryptionAlgorithm, secretKey);
-
-            Map<String, String> headers = new HashMap<>(attachment.getHeaders());
-            resultAttachment.setSourceStream(
-                AttachmentUtils.setupAttachmentEncryptionStream(
-                    cipher, "Element".equals(attachmentEncryptionPart.getEncModifier()),
-                    attachment, headers
-                )
-            );
-            resultAttachment.addHeaders(headers);
-
-            AttachmentResultCallback attachmentResultCallback = new AttachmentResultCallback();
-            attachmentResultCallback.setAttachmentId(attachmentId);
-            attachmentResultCallback.setAttachment(resultAttachment);
-            try {
-                attachmentCallbackHandler.handle(new Callback[]{attachmentResultCallback});
-            } catch (Exception e) {
-                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION,
e);
-            }
-        }
-    }
-
-    private static Cipher createCipher(String encryptionAlgorithm, SecretKey secretKey)
-        throws WSSecurityException {
-        String jceAlgorithm = JCEMapper.translateURItoJCEID(encryptionAlgorithm);
-        try {
-            Cipher cipher = Cipher.getInstance(jceAlgorithm);
-            
-            int ivLen = JCEMapper.getIVLengthFromURI(encryptionAlgorithm) / 8;
-            byte[] iv = XMLSecurityConstants.generateBytes(ivLen);
-            AlgorithmParameterSpec paramSpec = 
-                XMLCipherUtil.constructBlockCipherParameters(encryptionAlgorithm, iv, WSSecEncrypt.class);
-            cipher.init(Cipher.ENCRYPT_MODE, secretKey, paramSpec);
-
-            return cipher;
-        } catch (Exception e) {
-            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION,
e);
-        }
-    }
-
-    /**
-     * Encrypt an element.
-     */
-    private static String encryptElement(
-        Document doc,
-        WSSecHeader securityHeader,
-        Element elementToEncrypt,
-        String modifier,
-        WsuIdAllocator idAllocator,
-        XMLCipher xmlCipher,
-        SecretKey secretKey,
-        KeyInfo keyInfo
-    ) throws WSSecurityException {
-
-        boolean content = "Content".equals(modifier);
-        //
-        // Encrypt data, and set necessary attributes in xenc:EncryptedData
-        //
-        String xencEncryptedDataId = idAllocator.createId("ED-", elementToEncrypt);
-        try {
-            if ("Header".equals(modifier)
-                && elementToEncrypt.getParentNode().equals(WSSecurityUtil.getSOAPHeader(doc)))
{
-                createEncryptedHeaderElement(doc, securityHeader, elementToEncrypt, idAllocator);
-            }
-
-            xmlCipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
-            EncryptedData encData = xmlCipher.getEncryptedData();
-            encData.setId(xencEncryptedDataId);
-            encData.setKeyInfo(keyInfo);
-            xmlCipher.doFinal(doc, elementToEncrypt, content);
-            return xencEncryptedDataId;
-        } catch (Exception ex) {
-            throw new WSSecurityException(
-                WSSecurityException.ErrorCode.FAILED_ENCRYPTION, ex
-            );
-        }
-    }
-
-    private static void createEncryptedHeaderElement(
-        Document doc,
-        WSSecHeader securityHeader,
-        Element elementToEncrypt,
-        WsuIdAllocator idAllocator
-    ) {
-        Element elem =
-            doc.createElementNS(
-                WSConstants.WSSE11_NS, "wsse11:" + WSConstants.ENCRYPTED_HEADER
-            );
-        XMLUtils.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
-        String wsuPrefix =
-            XMLUtils.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
-        String headerId = idAllocator.createId("EH-", elementToEncrypt);
-        elem.setAttributeNS(
-            WSConstants.WSU_NS, wsuPrefix + ":Id", headerId
-        );
-
-        //
-        // Add the EncryptedHeader node to the element to be encrypted's parent
-        // (i.e. the SOAP header). Add the element to be encrypted to the Encrypted
-        // Header node as well
-        //
-        Node parent = elementToEncrypt.getParentNode();
-        elementToEncrypt = (Element)parent.replaceChild(elem, elementToEncrypt);
-        elem.appendChild(elementToEncrypt);
-
-        if (securityHeader != null) {
-            NamedNodeMap map = securityHeader.getSecurityHeaderElement().getAttributes();
-            for (int i = 0; i < map.getLength(); i++) {
-                Attr attr = (Attr)map.item(i);
-                if (WSConstants.URI_SOAP11_ENV.equals(attr.getNamespaceURI())
-                    || WSConstants.URI_SOAP12_ENV.equals(attr.getNamespaceURI())) {
-                    String soapEnvPrefix =
-                        XMLUtils.setNamespace(
-                            elem, attr.getNamespaceURI(), WSConstants.DEFAULT_SOAP_PREFIX
-                        );
-                    elem.setAttributeNS(
-                        attr.getNamespaceURI(),
-                        soapEnvPrefix + ":" + attr.getLocalName(),
-                        attr.getValue()
-                    );
-                }
-            }
-        }
-
+        Encryptor encryptor = new Encryptor();
+        encryptor.setDoc(doc);
+        encryptor.setSecurityHeader(securityHeader);
+        encryptor.setIdAllocator(idAllocator);
+        encryptor.setCallbackLookup(callbackLookup);
+        encryptor.setAttachmentCallbackHandler(attachmentCallbackHandler);
+        encryptor.setStoreBytesInAttachment(storeBytesInAttachment);
+        encryptor.setEncryptionSerializer(encryptionSerializer);
+        return
+            encryptor.doEncryption(keyInfo, secretKey, encryptionAlgorithm, references, attachmentEncryptedDataElements);
     }
 
     /**



Mime
View raw message