public class WSSecSignature extends WSSecSignatureBase
WSSignEnvelope
. This new class allows better control of
the process to create a Signature and to add it to the Security header.
The flexibility and fine granular control is required to implement a handler
that uses WSSecurityPolicy files to control the setup of a Security header.Modifier and Type | Field and Description |
---|---|
protected BinarySecurity |
bstToken |
protected CanonicalizationMethod |
c14nMethod |
protected String |
canonAlgo |
protected String |
certUri |
protected String |
customTokenId |
protected String |
customTokenValueType |
protected Document |
document |
protected KeyInfo |
keyInfo |
protected KeyInfoFactory |
keyInfoFactory |
protected String |
keyInfoUri |
protected SecurityTokenReference |
secRef |
protected byte[] |
secretKey |
protected XMLSignature |
sig |
protected String |
sigAlgo |
protected XMLSignatureFactory |
signatureFactory |
protected byte[] |
signatureValue |
protected String |
strUri |
protected boolean |
useSingleCert |
protected WSDocInfo |
wsDocInfo |
callbackLookup, doDebug, keyIdentifierType, parts, password, user
Constructor and Description |
---|
WSSecSignature() |
WSSecSignature(WSSConfig config) |
Modifier and Type | Method and Description |
---|---|
List<Reference> |
addReferencesToSign(List<WSEncryptionPart> references,
WSSecHeader secHeader)
This method adds references to the Signature.
|
void |
appendBSTElementToHeader(WSSecHeader secHeader)
Append the BinarySecurityToken to the security header.
|
Document |
build(Document doc,
Crypto cr,
WSSecHeader secHeader)
Builds a signed soap envelope.
|
void |
computeSignature(List<Reference> referenceList)
Compute the Signature over the references.
|
void |
computeSignature(List<Reference> referenceList,
boolean prepend,
Element siblingElement)
Compute the Signature over the references.
|
Element |
getBinarySecurityTokenElement()
Returns the BST Token element.
|
String |
getBSTTokenId()
Get the id of the BST generated during
prepare() . |
String |
getDigestAlgo() |
String |
getId()
Get the id generated during
prepare() . |
SecurityTokenReference |
getSecurityTokenReference()
Get the SecurityTokenReference to be used in the KeyInfo element.
|
String |
getSecurityTokenReferenceURI() |
String |
getSigCanonicalization()
Get the canonicalization method.
|
String |
getSignatureAlgorithm()
Get the name (uri) of the signature algorithm that is being used.
|
Element |
getSignatureElement()
Returns the SignatureElement.
|
byte[] |
getSignatureValue()
Returns the computed Signature value.
|
boolean |
isUseSingleCertificate()
Get the single cert flag.
|
void |
prepare(Document doc,
Crypto cr,
WSSecHeader secHeader)
Initialize a WSSec Signature.
|
void |
prependBSTElementToHeader(WSSecHeader secHeader)
Prepend the BinarySecurityToken to the elements already in the Security
header.
|
void |
setCustomTokenId(String customTokenId)
Set the custom token id
|
void |
setCustomTokenValueType(String customTokenValueType)
Set the custom token value type to use
|
void |
setDigestAlgo(String digestAlgo)
Set the string that defines which digest algorithm to use.
|
void |
setEncrKeySha1value(String encrKeySha1value)
Set the encrypted key sha1 value
|
void |
setSecretKey(byte[] secretKey)
Set the secret key to use
|
void |
setSecurityTokenReference(SecurityTokenReference secRef)
Set the SecurityTokenReference to be used in the KeyInfo element.
|
void |
setSigCanonicalization(String algo)
Set the canonicalization method to use.
|
void |
setSignatureAlgorithm(String algo)
Set the name (uri) of the signature encryption algorithm to use.
|
void |
setUseSingleCertificate(boolean useSingleCert)
Set the single cert flag.
|
void |
setX509Certificate(X509Certificate cer)
Set the X509 Certificate to use
|
addReferencesToSign, createSTRParameter, getInclusivePrefixes, getInclusivePrefixes
getKeyIdentifierType, getWsConfig, setBodyID, setCallbackLookup, setKeyIdentifierType, setParts, setUserInfo, setWsConfig, setWsuId
protected boolean useSingleCert
protected String sigAlgo
protected String canonAlgo
protected byte[] signatureValue
protected Document document
protected WSDocInfo wsDocInfo
protected String certUri
protected String keyInfoUri
protected SecurityTokenReference secRef
protected String strUri
protected BinarySecurity bstToken
protected KeyInfoFactory keyInfoFactory
protected XMLSignatureFactory signatureFactory
protected KeyInfo keyInfo
protected CanonicalizationMethod c14nMethod
protected XMLSignature sig
protected byte[] secretKey
protected String customTokenValueType
protected String customTokenId
public WSSecSignature()
public WSSecSignature(WSSConfig config)
public void prepare(Document doc, Crypto cr, WSSecHeader secHeader) throws WSSecurityException
prependSignatureElementToHeader()
method.doc
- The SOAP envelope as Document
cr
- An instance of the Crypto API to handle keystore and certificatessecHeader
- The security header that will hold the Signature. This is used
to construct namespace prefixes for Signature. This methodWSSecurityException
public Document build(Document doc, Crypto cr, WSSecHeader secHeader) throws WSSecurityException
doc
- The unsigned SOAP envelope as Document
cr
- An instance of the Crypto API to handle keystore and certificatessecHeader
- the security header element to hold the encrypted key element.Document
WSSecurityException
public List<Reference> addReferencesToSign(List<WSEncryptionPart> references, WSSecHeader secHeader) throws WSSecurityException
references
- The list of references to signsecHeader
- The Security HeaderWSSecurityException
public Element getSignatureElement()
prepare()
.public void prependBSTElementToHeader(WSSecHeader secHeader)
prepare()
.
This allows to insert the BST element at any position in the Security
header.secHeader
- The security headerpublic void appendBSTElementToHeader(WSSecHeader secHeader)
secHeader
- The security headerpublic void computeSignature(List<Reference> referenceList) throws WSSecurityException
addReferencesToSign()
.referenceList
- The list of references to signWSSecurityException
public void computeSignature(List<Reference> referenceList, boolean prepend, Element siblingElement) throws WSSecurityException
addReferencesToSign()
.referenceList
- The list of references to signprepend
- Whether to prepend the signature element to the security headersiblingElement
- If prepending, then prepend before this sibling ElementWSSecurityException
public void setUseSingleCertificate(boolean useSingleCert)
useSingleCert
- public boolean isUseSingleCertificate()
public void setSignatureAlgorithm(String algo)
prepare()
method. Refer to WSConstants which algorithms are supported.algo
- the name of the signature algorithmWSConstants.RSA
,
WSConstants.DSA
public String getSignatureAlgorithm()
prepare
to get the information
which signature algorithm was automatically detected if no signature
algorithm was preset.public void setSigCanonicalization(String algo)
algo
- Is the name of the signature algorithmWSConstants.C14N_OMIT_COMMENTS
,
WSConstants.C14N_WITH_COMMENTS
,
WSConstants.C14N_EXCL_OMIT_COMMENTS
,
WSConstants.C14N_EXCL_WITH_COMMENTS
public String getSigCanonicalization()
public String getDigestAlgo()
public void setDigestAlgo(String digestAlgo)
digestAlgo
- the digestAlgo to setpublic byte[] getSignatureValue()
computeSignature()
or build()
methods were called.public String getId()
prepare()
.
Returns the the value of wsu:Id attribute of the Signature element.prepare()
was not called before.public String getBSTTokenId()
prepare()
.public void setSecretKey(byte[] secretKey)
secretKey
- the secret key to usepublic void setCustomTokenValueType(String customTokenValueType)
customTokenValueType
- the custom token value type to usepublic void setCustomTokenId(String customTokenId)
customTokenId
- the custom token idpublic void setEncrKeySha1value(String encrKeySha1value)
encrKeySha1value
- the encrypted key sha1 valuepublic void setX509Certificate(X509Certificate cer)
cer
- the X509 Certificate to usepublic Element getBinarySecurityTokenElement()
prepare()
.public String getSecurityTokenReferenceURI()
prepare(Document, Crypto, WSSecHeader)
public SecurityTokenReference getSecurityTokenReference()
public void setSecurityTokenReference(SecurityTokenReference secRef)
Copyright © 2018 JBoss by Red Hat. All rights reserved.