LiteralEncryptionInterceptor
This interceptor encrypts literals from an incoming XDI message, and decrypts literals in an XDI message result. It invokes an instance of LiteralCryptoService to perform encryption and decryption.
- xdi2.messaging.target.interceptor.impl.encryption.LiteralEncryptionInterceptor
- xdi2.messaging.target.interceptor.impl.encryption.LiteralCryptoService
- xdi2.messaging.target.interceptor.impl.encryption.StaticLiteralCryptoService
- literalCryptoService: An instance of LiteralCryptoService that can encrypt literals from an incoming XDI message, and decrypt literals in an XDI message result.
This LiteralCryptoService can perform encryption and decryption using a statically configured AES secret key.
<bean class="xdi2.messaging.target.interceptor.impl.encryption.LiteralEncryptionInterceptor">
<property name="literalCryptoService">
<bean class="xdi2.messaging.target.interceptor.impl.encryption.StaticLiteralCryptoService">
<property name="secretKeyString" value="HLEuoqz6NuGR4Ek8wRytgccRvUO5lbXhH9Ox9UGZ2/U=" />
</bean>
</property>
</bean>
This interceptor can protect from an attacker that has access to the XDI2 server's backend storage only, but not from an attacker that has full access to the XDI2 server itself.
Furthermore, this interceptor can only encrypt literals, but not the structure of an XDI graph.
This work is licensed under a Creative Commons Attribution 4.0 International License.
