public class WSSecSignature extends WSSecSignatureBase
WSSignEnvelope
. This new class allows better control of
the process to create a Signature and to add it to the Security header.
The flexibility and fine granular control is required to implement a handler
that uses WSSecurityPolicy files to control the setup of a Security header.Modifier and Type | Field and Description |
---|---|
protected Element |
bstToken |
protected CanonicalizationMethod |
c14nMethod |
protected String |
certUri |
protected Document |
document |
protected KeyInfo |
keyInfo |
protected String |
keyInfoUri |
protected byte[] |
secretKey |
protected XMLSignature |
sig |
protected XMLSignatureFactory |
signatureFactory |
protected byte[] |
signatureValue |
protected String |
strUri |
protected WSDocInfo |
wsDocInfo |
attachmentCallbackHandler, callbackLookup, doDebug, keyIdentifierType, password, storeBytesInAttachment, user
Constructor and Description |
---|
WSSecSignature() |
Modifier and Type | Method and Description |
---|---|
List<Reference> |
addReferencesToSign(List<WSEncryptionPart> references,
WSSecHeader secHeader)
This method adds references to the Signature.
|
void |
appendBSTElementToHeader(WSSecHeader secHeader)
Append the BinarySecurityToken to the security header.
|
Document |
build(Document doc,
Crypto cr,
WSSecHeader secHeader)
Builds a signed soap envelope.
|
void |
computeSignature(List<Reference> referenceList)
Compute the Signature over the references.
|
void |
computeSignature(List<Reference> referenceList,
boolean prepend,
Element siblingElement)
Compute the Signature over the references.
|
Element |
getBinarySecurityTokenElement()
Returns the BST Token element.
|
String |
getBSTTokenId()
Get the id of the BST generated during
prepare() . |
String |
getDigestAlgo() |
String |
getId()
Get the id generated during
prepare() . |
SecurityTokenReference |
getSecurityTokenReference()
Get the SecurityTokenReference to be used in the KeyInfo element.
|
String |
getSecurityTokenReferenceURI() |
String |
getSigCanonicalization()
Get the canonicalization method.
|
String |
getSignatureAlgorithm()
Get the name (uri) of the signature algorithm that is being used.
|
Element |
getSignatureElement()
Returns the SignatureElement.
|
byte[] |
getSignatureValue()
Returns the computed Signature value.
|
boolean |
isAddInclusivePrefixes() |
boolean |
isIncludeSignatureToken() |
boolean |
isUseSingleCertificate()
Get the single cert flag.
|
void |
prepare(Document doc,
Crypto cr,
WSSecHeader secHeader)
Initialize a WSSec Signature.
|
void |
prependBSTElementToHeader(WSSecHeader secHeader)
Prepend the BinarySecurityToken to the elements already in the Security
header.
|
void |
setAddInclusivePrefixes(boolean addInclusivePrefixes) |
void |
setCustomTokenId(String customTokenId)
Set the custom token id
|
void |
setCustomTokenValueType(String customTokenValueType)
Set the custom token value type to use
|
void |
setDigestAlgo(String digestAlgo)
Set the string that defines which digest algorithm to use.
|
void |
setEncrKeySha1value(String encrKeySha1value)
Set the encrypted key sha1 value
|
void |
setIncludeSignatureToken(boolean includeSignatureToken) |
void |
setSecretKey(byte[] secretKey)
Set the secret key to use
|
void |
setSecurityTokenReference(SecurityTokenReference secRef)
Set the SecurityTokenReference to be used in the KeyInfo element.
|
void |
setSigCanonicalization(String algo)
Set the canonicalization method to use.
|
void |
setSignatureAlgorithm(String algo)
Set the name (uri) of the signature encryption algorithm to use.
|
void |
setUseSingleCertificate(boolean useSingleCert)
Set the single cert flag.
|
void |
setX509Certificate(X509Certificate cer)
Set the X509 Certificate to use
|
addReferencesToSign, createSTRParameter, getInclusivePrefixes, getInclusivePrefixes
getIdAllocator, getKeyIdentifierType, getParts, setAttachmentCallbackHandler, setBodyID, setCallbackLookup, setIdAllocator, setKeyIdentifierType, setStoreBytesInAttachment, setUserInfo, setWsuId
protected XMLSignatureFactory signatureFactory
protected KeyInfo keyInfo
protected CanonicalizationMethod c14nMethod
protected XMLSignature sig
protected byte[] secretKey
protected Document document
protected WSDocInfo wsDocInfo
protected String strUri
protected Element bstToken
protected String keyInfoUri
protected String certUri
protected byte[] signatureValue
public void prepare(Document doc, Crypto cr, WSSecHeader secHeader) throws WSSecurityException
prependSignatureElementToHeader()
method.doc
- The SOAP envelope as Document
cr
- An instance of the Crypto API to handle keystore and certificatessecHeader
- The security header that will hold the Signature. This is used
to construct namespace prefixes for Signature. This methodWSSecurityException
public Document build(Document doc, Crypto cr, WSSecHeader secHeader) throws WSSecurityException
doc
- The unsigned SOAP envelope as Document
cr
- An instance of the Crypto API to handle keystore and certificatessecHeader
- the security header element to hold the encrypted key element.Document
WSSecurityException
public List<Reference> addReferencesToSign(List<WSEncryptionPart> references, WSSecHeader secHeader) throws WSSecurityException
references
- The list of references to signsecHeader
- The Security HeaderWSSecurityException
public Element getSignatureElement()
prepare()
.public void prependBSTElementToHeader(WSSecHeader secHeader)
prepare()
.
This allows to insert the BST element at any position in the Security
header.secHeader
- The security headerpublic void appendBSTElementToHeader(WSSecHeader secHeader)
secHeader
- The security headerpublic void computeSignature(List<Reference> referenceList) throws WSSecurityException
addReferencesToSign()
.referenceList
- The list of references to signWSSecurityException
public void computeSignature(List<Reference> referenceList, boolean prepend, Element siblingElement) throws WSSecurityException
addReferencesToSign()
.referenceList
- The list of references to signprepend
- Whether to prepend the signature element to the security headersiblingElement
- If prepending, then prepend before this sibling ElementWSSecurityException
public void setUseSingleCertificate(boolean useSingleCert)
useSingleCert
- public boolean isUseSingleCertificate()
public void setSignatureAlgorithm(String algo)
prepare()
method. Refer to WSConstants which algorithms are supported.algo
- the name of the signature algorithmWSS4JConstants.RSA
,
WSS4JConstants.DSA
public String getSignatureAlgorithm()
prepare
to get the information
which signature algorithm was automatically detected if no signature
algorithm was preset.public void setSigCanonicalization(String algo)
algo
- Is the name of the signature algorithmWSS4JConstants.C14N_OMIT_COMMENTS
,
WSS4JConstants.C14N_WITH_COMMENTS
,
WSS4JConstants.C14N_EXCL_OMIT_COMMENTS
,
WSS4JConstants.C14N_EXCL_WITH_COMMENTS
public String getSigCanonicalization()
public String getDigestAlgo()
public void setDigestAlgo(String digestAlgo)
digestAlgo
- the digestAlgo to setpublic byte[] getSignatureValue()
computeSignature()
or build()
methods were called.public String getId()
prepare()
.
Returns the the value of wsu:Id attribute of the Signature element.prepare()
was not called before.public String getBSTTokenId()
prepare()
.public void setSecretKey(byte[] secretKey)
secretKey
- the secret key to usepublic void setCustomTokenValueType(String customTokenValueType)
customTokenValueType
- the custom token value type to usepublic void setCustomTokenId(String customTokenId)
customTokenId
- the custom token idpublic void setEncrKeySha1value(String encrKeySha1value)
encrKeySha1value
- the encrypted key sha1 valuepublic void setX509Certificate(X509Certificate cer)
cer
- the X509 Certificate to usepublic Element getBinarySecurityTokenElement()
prepare()
.public String getSecurityTokenReferenceURI()
prepare(Document, Crypto, WSSecHeader)
public SecurityTokenReference getSecurityTokenReference()
public void setSecurityTokenReference(SecurityTokenReference secRef)
public boolean isIncludeSignatureToken()
public void setIncludeSignatureToken(boolean includeSignatureToken)
public boolean isAddInclusivePrefixes()
public void setAddInclusivePrefixes(boolean addInclusivePrefixes)
Copyright © 2016 JBoss by Red Hat. All rights reserved.