The procedure to decrypt an XML document is as follows.

A decrypted XML document may not necessarily be identical to the original before encryption; however, XML contents are identical.

Logging the user

Log in the user with the selected credentials.

user.login(credReader, <password>);

Initializing the IXSIL library

Retrieve the init.properties file and initialize the IXSIL library.

iaik.ixsil.util.URI initProps = new URI(<init_properties_file_URI>);
IXSILInit.init(initProps);

Refer to the readme file for more information on editing the init.properties file.

etjava\examples\source\com\entrust\toolkit\examples\xml\xml_readme.html

Refer also to the Javadoc documentation of the following class.

iaik.ixsil.init.IXSILInit

Initialize the toolkit to prepare for XML encryption and description.

com.entrust.toolkit.xencrypt.init.XMLEInit initializer = new XMLEInit(initProps);

Create a com.entrust.toolkit.xencrypt.core.Decryptor instance.

ecryptor decryptor = new Decryptor(initializer, new FileInputStream(<path_to_doc_to_decrypt>));

Initialize the Encryptor instance with a trust manager.

encryptor.setTrustmanager(new com.entrust.toolkit.Trustmanager(new com.entrust.toolkit.KeyAndCertificateSource(sender)));

Where sender represents the user logged in to the toolkit in the first step.

The trust manager provides the means to validate the recipient's public key certificate.

Attach a logged-in user (usually the same user instantiated in the first section) who can decrypt the document.

decryptor.addUser(recipient);

To allow the Decryptor to decrypt those XML fragments encrypted for specific recipients, you must invoke the method for each recipient.

Decrypt elements that have been encrypted for the user or users.

decryptor.decrypt();

Write the decrypted data to file by serializing the DOM content to the specified output stream.

decryptor.toOutputStream(new FileOutputStream(<decrypted_file_path>));