How to use the xml-encryption.encrypt function in xml-encryption
To help you get started, we’ve selected a few xml-encryption examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
socialtables / saml-protocol / lib / util / encryption.js View on Github 
const certificate = pemFormatting.addPEMHeaders("CERTIFICATE", credential.certificate);
// resolve public key
let publicKey = credential.publicKey;
if (!publicKey) { // only invoke if publicKey attribute is not present for performance
publicKey = credentials.getPublicKeyFromCertificate(certificate);
}
const encryptOptions = {
encryptionAlgorithm: algs.encryption || defaultAlgorithms.encryption,
// xmlenc's API spells this this way :(
keyEncryptionAlgorighm: algs.keyEncryption || defaultAlgorithms.keyEncryption,
pem: certificate,
rsa_pub: publicKey
};
xmlenc.encrypt(data, encryptOptions, function(err, result) {
if (err) {
reject(err);
}
resolve(result);
});
});
}encryptAssertion: function encryptAssertion(sourceEntity, targetEntity, entireXML, callback) {
// Implement encryption after signature if it has
if(entireXML) {
var sourceEntitySetting = sourceEntity.entitySetting;
var targetEntitySetting = targetEntity.entitySetting;
var sourceEntityMetadata = sourceEntity.entityMeta;
var targetEntityMetadata = targetEntity.entityMeta;
var assertionNode = getEntireBody(new dom().parseFromString(entireXML), 'Assertion');
var assertion = assertionNode !== undefined ? Utility.parseString(assertionNode.toString()) : '';
if(assertion === '') throw new Error('Undefined assertion or invalid syntax');
// Perform encryption depends on the setting, default is false
if(sourceEntitySetting.isAssertionEncrypted) {
// callback should be function (res) { ... }
xmlenc.encrypt(assertion, {
// use xml-encryption module
rsa_pub: new Buffer(Utility.getPublicKeyPemFromCertificate(targetEntityMetadata.getX509Certificate(certUsage.ENCRYPT), true).replace(/\r?\n|\r/g, '')), // public key from certificate
pem: new Buffer('-----BEGIN CERTIFICATE-----' + targetEntityMetadata.getX509Certificate(certUsage.ENCRYPT) + '-----END CERTIFICATE-----'),
encryptionAlgorithm: sourceEntitySetting.dataEncryptionAlgorithm,
keyEncryptionAlgorighm: sourceEntitySetting.keyEncryptionAlgorithm // typo in xml-encryption
}, function(err, res) {
if(err) throw new Error('Exception in encrpytedAssertion ' + err);
if (res) {
callback(Utility.base64Encode(entireXML.replace(assertion, '' + res + '')));
} else {
throw new Error('Undefined encrypted assertion');
}
});
} else {
callback(Utility.base64Encode(entireXML)); // No need to do encrpytion
}function encrypt(options, signed, callback) {
var encryptOptions = {
rsa_pub: options.encryptionPublicKey,
pem: options.encryptionCert,
encryptionAlgorithm: options.encryptionAlgorithm || 'http://www.w3.org/2001/04/xmlenc#aes256-cbc',
keyEncryptionAlgorighm: options.keyEncryptionAlgorighm || 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
};
xmlenc.encrypt(signed, encryptOptions, function(err, encrypted) {
if (err) return callback(err);
callback(null, utils.removeWhitespace(encrypted));
});
}if (!options.encryptionCert) {
if (callback)
return callback(null, signed);
else
return signed;
}
var encryptOptions = {
rsa_pub: options.encryptionPublicKey,
pem: options.encryptionCert,
encryptionAlgorithm: options.encryptionAlgorithm || 'http://www.w3.org/2001/04/xmlenc#aes256-cbc',
keyEncryptionAlgorighm: options.keyEncryptionAlgorighm || 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
};
xmlenc.encrypt(signed, encryptOptions, function(err, encrypted) {
if (err) return callback(err);
encrypted = '' + encrypted + '';
callback(null, utils.removeWhitespace(encrypted));
});
};xml-encryption
[](https://travis-ci.org/auth0/node-xml-encryption)
