[XML Security Suite]

Sample Application - XNICipher


Description

XNICipher is a sample application for illustrating how to use the XNI-based implementation. It enables to encrypt or decrypt certain elements in a document.


Preparation

If you don't have any public/private key pair or secret key, you have to prepare it using keytool provided by Java2 or KeyGenerator provided by this package. If you want to create a key pair, type a command like:

  >keytool -genkey -alias key
                   -keyalg RSA
                   -dname "CN=Takeshi Imamura, OU=TRL, O=IBM, C=JP"
                   -keypass keypass
                   -keystore keystore
                   -storepass storepass

Also you have to prepare both keyinfo and template documents. The former is used for providing information on a keystore and keys in it, e.g., key aliases and passwords. keyinfo2.xml is a sample keyinfo document. The latter is used for specifying the structure of an EncryptedData element, which determines the algorithm and key being used and the resulting EncryptedData element. Several sample template documents, such as template1.xml and template2.xml, are provided.


Usage

Before running XNICipher, make sure that all packages (including this) have been installed correctly. Consult the Installation Guide for details.

The usage of XNICipher is as follows:

  >java enc.XNICipher option [arg...]
where option is:


Examples

Suppose that you are in data\enc\ of this package. If you want to encrypt the cardinfo child element of the Invoice root element in bookorder.xml according to template1.xml with a key in the keystore specified in keyinfo1.xml, type:

  >java enc.XNICipher -e keyinfo1.xml
                         bookorder.xml
                         "/Invoice/cardinfo"
                         template1.xml
You will see the resulting document in stdout. Then if you want to decrypt the generated EncryptedData element with the corresponding key in the keystore specified in keyinfo2.xml, type:
  >java enc.XNICipher -d keyinfo2.xml
                         foo.xml
                         "/Invoice/EncryptedData"
where it is assumed that you stored the encrypted document in foo.xml. You will see that the document printed to stdout is the same as the one in bookorder.xml.


Takeshi Imamura
Hiroshi Maruyama