Decryption Transform for XML Signature sample

The sample in the xml/decryptionTransform folder performs the Decryption Transform for XML Signature described at:

https://www.w3.org/Encryption/2001/05/10-decryption-transform.html

Specifically, this sample performs the following steps.

  1. Alice encrypts for herself two <ForAlice> elements.

  2. Alice signs the document using an enveloped signature, which includes a Decryption Transform.

  3. Alice encrypts the <ForBob> for Bob.

  4. Alice encrypts again for Bob the content she encrypted in the first step.

  5. Bob verifies the signature.

  6. Alice cannot verify the signature because the signed content was encrypted for Bob.

See below for compiling and running this sample.

Compiling the Decryption Transform for XML sample files

Run the following command line in the etjava/examples directory.

javac -sourcepath source -d classes -classpath ../lib/enttoolkit.jar;<xalan.jar>;<xercesImpl.jar>;<xml-apis.jar> \
source/com/entrust/toolkit/examples/xml/utils/ElementEncryptor.java \
source/com/entrust/toolkit/examples/xml/utils/Utils.java \
source/com/entrust/toolkit/examples/xml/decryptionTransform/EncryptElements.java \
source/com/entrust/toolkit/examples/xml/decryptionTransform/SignDecryptionTransform.java \
source/com/entrust/toolkit/examples/xml/decryptionTransform/VerifyDecryptionTransform.java

Running DecryptionTransformExample.bat

To run this sample application, execute the following command line in the etjava/examples directory.

xml/decryptionTransform/DecryptionTransformExample.bat

For example:

Opening "file:DecryptTransformSigned.xml"
Creating a Verifier...
"Algorithm" attribute = http://www.w3.org/2001/04/decrypt#
Decrypt Transform has 1 Except descendents.
There are 1 Except elements
URI = #ED0
Verifying...
BEFORE decryption: 88 nodes.
There are 88 nodes to search
There are 2 EncryptedData elements
There are 1 EncryptedData elements that must be decrypted.
There are 2 recipients for this document:
cn=RSA User2,ou=PKI7,o=Java Toolkit Samples,c=CA
Decrypted: ED3
AFTER decryption: 92 nodes.
There are 92 nodes to search
There are 2 EncryptedData elements
There are 1 EncryptedData elements that must be decrypted.
There are 2 recipients for this document:
cn=RSA User2,ou=PKI7,o=Java Toolkit Samples,c=CA
Decrypted: ED2
AFTER decryption: 57 nodes.
There are 57 nodes to search
There are 1 EncryptedData elements
There are 0 EncryptedData elements that must be decrypted.
Verified !
The signature was verified using a valid certificate.