DocumentEncrypterImpl.java

/*******************************************************************************
 * Open Behavioral Health Information Technology Architecture (OBHITA.org)
 *   
 *   Redistribution and use in source and binary forms, with or without
 *   modification, are permitted provided that the following conditions are met:
 *       * Redistributions of source code must retain the above copyright
 *         notice, this list of conditions and the following disclaimer.
 *       * Redistributions in binary form must reproduce the above copyright
 *         notice, this list of conditions and the following disclaimer in the
 *         documentation and/or other materials provided with the distribution.
 *       * Neither the name of the <organization> nor the
 *         names of its contributors may be used to endorse or promote products
 *         derived from this software without specific prior written permission.
 *   
 *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
 *   ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 *   WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 *   DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
 *   DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 *   (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 *   LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 *   ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 *   SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ******************************************************************************/
package gov.samhsa.acs.documentsegmentation.tools;

import gov.samhsa.acs.brms.domain.ObligationPolicyDocument;
import gov.samhsa.acs.brms.domain.RuleExecutionContainer;
import gov.samhsa.acs.brms.domain.RuleExecutionResponse;
import gov.samhsa.acs.common.exception.DS4PException;
import gov.samhsa.acs.common.tool.DocumentXmlConverter;
import gov.samhsa.acs.common.util.EncryptTool;

import java.security.Key;

import org.apache.xml.security.encryption.EncryptedData;
import org.apache.xml.security.encryption.EncryptedKey;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.encryption.XMLEncryptionException;
import org.apache.xml.security.keys.KeyInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/**
 * The Class DocumentEncrypter.
 */
public class DocumentEncrypterImpl implements DocumentEncrypter {

	/** The logger. */
	private final Logger logger = LoggerFactory.getLogger(this.getClass());

	/** The document xml converter. */
	private DocumentXmlConverter documentXmlConverter;

	/**
	 * Instantiates a new document encrypter impl.
	 */
	public DocumentEncrypterImpl() {
	}

	/**
	 * Instantiates a new document encrypter impl.
	 * 
	 * @param documentXmlConverter
	 *            the document xml converter
	 */
	public DocumentEncrypterImpl(DocumentXmlConverter documentXmlConverter) {
		super();
		this.documentXmlConverter = documentXmlConverter;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see gov.samhsa.acs.documentsegmentation.util
	 * .DocumentEncrypter#encryptDocument(java.security.Key, java.lang.String,
	 * gov.samhsa.acs.common.bean.RuleExecutionContainer)
	 */
	@Override
	public String encryptDocument(Key deSedeEncryptKey, String document,
			RuleExecutionContainer ruleExecutionContainer) {
		Document xmlDocument = null;
		String xmlString = null;
		boolean encryptDoc = false;

		for (RuleExecutionResponse response : ruleExecutionContainer
				.getExecutionResponseList()) {
			if (response.getDocumentObligationPolicy().equals(ObligationPolicyDocument.ENCRYPT)) {
				encryptDoc = true;
				break;
			}
		}

		if (encryptDoc) {

			try {
				xmlDocument = documentXmlConverter.loadDocument(document);

				/*
				 * Get a key to be used for encrypting the element. Here we are
				 * generating an AES key.
				 */
				Key aesSymmetricKey = EncryptTool.generateDataEncryptionKey();

				String algorithmURI = XMLCipher.TRIPLEDES_KeyWrap;

				XMLCipher keyCipher = XMLCipher.getInstance(algorithmURI);
				keyCipher.init(XMLCipher.WRAP_MODE, deSedeEncryptKey);
				EncryptedKey encryptedKey = keyCipher.encryptKey(xmlDocument,
						aesSymmetricKey);

				// encrypt the contents of the document element
				Element rootElement = xmlDocument.getDocumentElement();

				encryptElement(xmlDocument, aesSymmetricKey, encryptedKey,
						rootElement);

				// Output encrypted doc to file
				// FileHelper.writeDocToFile(xmlDocument, "Encrypted_C32.xml");

				xmlString = documentXmlConverter
						.convertXmlDocToString(xmlDocument);
			} catch (Exception e) {
				logger.error(e.getMessage(), e);
				throw new DS4PException(e.toString(), e);
			}
		}
		return xmlString;
	}

	/**
	 * Encrypt element.
	 * 
	 * @param xmlDocument
	 *            the xml document
	 * @param encryptSymmetricKey
	 *            the encrypt symmetric key
	 * @param encryptedKey
	 *            the encrypted key
	 * @param element
	 *            the element
	 * @throws XMLEncryptionException
	 *             the xML encryption exception
	 * @throws Exception
	 *             the exception
	 */
	void encryptElement(Document xmlDocument, Key encryptSymmetricKey,
			EncryptedKey encryptedKey, Element element)
			throws XMLEncryptionException, Exception {

		String algorithmURI = XMLCipher.AES_128;

		XMLCipher xmlCipher = XMLCipher.getInstance(algorithmURI);
		xmlCipher.init(XMLCipher.ENCRYPT_MODE, encryptSymmetricKey);

		/*
		 * Setting keyinfo inside the encrypted data being prepared.
		 */
		EncryptedData encryptedData = xmlCipher.getEncryptedData();
		KeyInfo keyInfo = new KeyInfo(xmlDocument);
		keyInfo.add(encryptedKey);
		encryptedData.setKeyInfo(keyInfo);

		xmlCipher.doFinal(xmlDocument, element, true);
	}
}