XML Encryption
The next step beyond incorporating a digital signature into an XML document is encrypting the document (or portions of the document). XML encryption extends the power of the XML digital signature system by enabling the encryption of the message that has been signed digitally. The specification outlines a standard way to encrypt any form of digital content and permits encryption of an entire XML message, a partial XML message, or an XML message that contains sections that were previously encrypted.[19]
Here is
PO.xml
with the contents of the
<Items>
tag encrypted:
<PurchaseOrder xmlns="urn:oreilly-jaws-samples"> <shipTo country="US"> <name>Joe Smith</name> <street>14 Oak Park</street> <city>Bedford</city> <state>MA</state> <zip>01730</zip> </shipTo> <items> <EncryptedData Id="ED" Nonce="16" Type=http://www.w3.org/2001/04/xmlenc#Content xmlns="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" <EncryptionMethod Algorithm ="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> <ds:KeyInfo> <ds:KeyName>jaws</ds:KeyName> </ds:KeyInfo> <CipherData> <CipherValue> dRDdYjYs11jW5EDy0lucPkWsBB3NmK0AFNxvFjfeUKxP75cx7KP0PB3BjXPg14kJv74i7F00XZ5Whq OISswIkdN/pIVeqRZWqOVjFA8izR6wqOb7UCpH+weoGt0UFOEkIDGbemm23eu812Ob5eYVL8n/DtO8 1OhYeCXksSMGUZiUNj/tfBCAjvqG2jlslQM6n4jJ3QNaR4+B2RisOD6Ln+x2UtNu2J7wIYmlUe7mSg ZiJ5eHym8EpkE4vjmr2oCWwTUu91xcayZtbEpOFVFs6A== </CipherValue> </CipherData> </EncryptedData> </items> <Signature Id="EnvelopedSig" xmlns="http://www.w3.org/2000/09/xmldsig#"> ...
Get Java Web Services now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.