[XML Security Suite]

Sample Application - DOMCipher


DOMCipher is a sample application for illustrating how to use the DOM-based implementation. It enables to encrypt or decrypt certain elements in a document.


If you don't have any public/private key pair or secret key, you have to prepare it using keytool provided by Java2 or KeyGenerator provided by this package. If you want to create a key pair, type a command like:

  >keytool -genkey -alias key
                   -keyalg RSA
                   -dname "CN=Takeshi Imamura, OU=TRL, O=IBM, C=JP"
                   -keypass keypass
                   -keystore keystore
                   -storepass storepass

Also you have to prepare both keyinfo and template documents. The former is used for providing information on a keystore and keys in it, e.g., key aliases and passwords. keyinfo2.xml is a sample keyinfo document. The latter is used for specifying the structure of an EncryptedData element, which determines the algorithm and key being used and the resulting EncryptedData element. Several sample template documents, such as template1.xml and template2.xml, are provided.


Before running DOMCipher, make sure that all packages (including this) have been installed correctly. Consult the Installation Guide for details.

The usage of DOMCipher is as follows:

  >java enc.DOMCipher option [arg...]
where option is:


Suppose that you are in data\enc\ of this package. If you want to encrypt the cardinfo element in bookorder.xml according to template1.xml with a key in the keystore specified in keyinfo1.xml, type:

  >java enc.DOMCipher -e keyinfo1.xml
You will see the resulting document in stdout. Then if you want to decrypt the generated EncryptedData element with the corresponding key in the keystore specified in keyinfo2.xml, type:
  >java enc.DOMCipher -d keyinfo2.xml
                              and local-name()='EncryptedData']"
where it is assumed that you stored the encrypted document in foo.xml. You will see that the document printed to stdout is the same as the one in bookorder.xml.

Takeshi Imamura
Hiroshi Maruyama