Java tutorial
/* * Copyright (c) 2005-2010, WSO2 Inc. ( All Rights Reserved. * * WSO2 Inc. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at * * * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.wso2.carbon.identity.user.registration.ui.util; import; import; import; import; import; import; import; import javax.crypto.SecretKey; import javax.xml.parsers.DocumentBuilderFactory; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import; import; import; import; import; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.wso2.carbon.base.ServerConfiguration; import org.wso2.carbon.core.util.CryptoUtil; public class TokenDecrypter { private static final Log log = LogFactory.getLog(TokenDecrypter.class); public static Element decryptToken(String token) throws Exception { ByteArrayInputStream bais = new ByteArrayInputStream(token.getBytes()); DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().parse(bais); Element encryptedTokenElem = doc.getDocumentElement(); // Decrypt element return TokenDecrypter.decryptElement(encryptedTokenElem); } private static Element decryptElement(Element encryptedToken) throws Exception { ServerConfiguration serverConfig = ServerConfiguration.getInstance(); PrivateKey key = null; String keyStoreFile = null; String privateKeyPass = null; String privateKeyAlias = null; String keyStorePass = null; String type = null; byte[] content = null; try { keyStoreFile = serverConfig.getFirstProperty("Security.KeyStore.Location"); keyStorePass = serverConfig.getFirstProperty("Security.KeyStore.Password"); type = serverConfig.getFirstProperty("Security.KeyStore.Type"); privateKeyAlias = serverConfig.getFirstProperty("Security.KeyStore.KeyAlias"); privateKeyPass = serverConfig.getFirstProperty("Security.KeyStore.KeyPassword"); CryptoUtil.getDefaultCryptoUtil(); content = readBytesFromFile(keyStoreFile); KeyStore keyStore = KeyStore.getInstance(type); keyStore.load(new ByteArrayInputStream(content), keyStorePass.toCharArray()); key = (PrivateKey) keyStore.getKey(privateKeyAlias, privateKeyPass.toCharArray()); Element kiElem = (Element) encryptedToken.getElementsByTagNameNS(WSConstants.SIG_NS, "KeyInfo").item(0); Element encrKeyElem = (Element) kiElem .getElementsByTagNameNS(WSConstants.ENC_NS, EncryptionConstants._TAG_ENCRYPTEDKEY).item(0); EncryptedKeyProcessor encrKeyProcessor = new EncryptedKeyProcessor(); encrKeyProcessor.handleEncryptedKey(encrKeyElem, key); SecretKey secretKey = WSSecurityUtil.prepareSecretKey(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128, encrKeyProcessor.getDecryptedBytes()); XMLCipher cipher = XMLCipher.getInstance(); cipher.init(XMLCipher.DECRYPT_MODE, secretKey); Document doc = cipher.doFinal(encryptedToken.getOwnerDocument(), encryptedToken); return doc.getDocumentElement(); } catch (Exception e) { log.error("error occured while decryptng the token", e); throw e; } } private static byte[] readBytesFromFile(String filePath) throws IOException { InputStream inputStream = null; File file = new File(filePath); long length; byte[] bytes; int offset = 0; int numRead = 0; try { inputStream = new FileInputStream(file); length = file.length(); bytes = new byte[(int) length]; while (offset < bytes.length && (numRead =, offset, bytes.length - offset)) >= 0) { offset += numRead; } } finally { if (inputStream != null) { inputStream.close(); } } return bytes; } }