org.apache.wss4j.dom.message

Class WSSecDKSign

java.lang.Object

org.apache.wss4j.dom.message.WSSecBase

org.apache.wss4j.dom.message.WSSecSignatureBase

org.apache.wss4j.dom.message.WSSecDerivedKeyBase

org.apache.wss4j.dom.message.WSSecDKSign

public class WSSecDKSign
extends WSSecDerivedKeyBase

Builder to sign with derived keys

Field Summary

Fields inherited from class org.apache.wss4j.dom.message.WSSecBase

attachmentCallbackHandler, callbackLookup, expandXopInclude, keyIdentifierType, password, storeBytesInAttachment, user

Constructor Summary

Constructors

Constructor and Description
WSSecDKSign(Document doc)
WSSecDKSign(Document doc, Provider provider)
WSSecDKSign(WSSecHeader securityHeader)

Method Summary

Modifier and Type	Method and Description
List<Reference>	addReferencesToSign(List<WSEncryptionPart> references) This method adds references to the Signature.
Document	build()
void	computeSignature(List<Reference> referenceList) Compute the Signature over the references.
void	computeSignature(List<Reference> referenceList, boolean prepend, Element siblingElement) Compute the Signature over the references.
protected int	getDerivedKeyLength() The derived key will change depending on the sig/encr algorithm.
String	getDigestAlgorithm()
String	getSigCanonicalization() Get the canonicalization method.
String	getSignatureAlgorithm()
Element	getSignatureElement() Returns the SignatureElement.
String	getSignatureId() Returns the the value of wsu:Id attribute of the Signature element.
byte[]	getSignatureValue()
boolean	isAddInclusivePrefixes()
void	prepare() Initialize a WSSec Derived key.
void	setAddInclusivePrefixes(boolean addInclusivePrefixes)
void	setDerivedKeyLength(int keyLength)
void	setDigestAlgorithm(String algorithm) Set the digest algorithm to use.
void	setSigCanonicalization(String algo) Set the canonicalization method to use.
void	setSignatureAlgorithm(String algorithm) Set the signature algorithm to use.

Methods inherited from class org.apache.wss4j.dom.message.WSSecDerivedKeyBase

appendDKElementToHeader, getDerivedKey, getdktElement, getId, getTokenIdentifier, getWscVersion, prependDKElementToHeader, setClientLabel, setCrypto, setCustomValueType, setExternalKey, setExternalKey, setServiceLabel, setTokenIdDirectId, setWscVersion, setX509Certificate

Methods inherited from class org.apache.wss4j.dom.message.WSSecSignatureBase

addReferencesToSign, cleanup, createSTRParameter, getInclusivePrefixes, getInclusivePrefixes

Methods inherited from class org.apache.wss4j.dom.message.WSSecBase

getDocument, getIdAllocator, getKeyIdentifierType, getParts, getSecurityHeader, getWsDocInfo, isExpandXopInclude, setAttachmentCallbackHandler, setBodyID, setCallbackLookup, setExpandXopInclude, setIdAllocator, setKeyIdentifierType, setStoreBytesInAttachment, setUserInfo, setWsDocInfo, setWsuId

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

WSSecDKSign

public WSSecDKSign(WSSecHeader securityHeader)

WSSecDKSign

public WSSecDKSign(Document doc)

WSSecDKSign

public WSSecDKSign(Document doc,
                   Provider provider)

Method Detail

build

public Document build()
               throws WSSecurityException

Throws:

WSSecurityException

prepare

public void prepare()
             throws WSSecurityException

Description copied from class: WSSecDerivedKeyBase

Initialize a WSSec Derived key. The method prepares and initializes a WSSec derived key structure after the relevant information was set. This method also creates and initializes the derived token using the ephemeral key. After preparation references can be added, encrypted and signed as required. This method does not add any element to the security header. This must be done explicitly.

Overrides:

prepare in class WSSecDerivedKeyBase

Throws:

WSSecurityException

getSignatureElement

public Element getSignatureElement()

Returns the SignatureElement. The method can be called any time after prepare().

Returns:

The DOM Element of the signature.

addReferencesToSign

public List<Reference> addReferencesToSign(List<WSEncryptionPart> references)
                                    throws WSSecurityException

This method adds references to the Signature.

Parameters:

references - The list of references to sign

Throws:

WSSecurityException

computeSignature

public void computeSignature(List<Reference> referenceList)
                      throws WSSecurityException

Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called any time after the references were set. See addReferencesToSign().

Throws:

WSSecurityException

computeSignature

public void computeSignature(List<Reference> referenceList,
                             boolean prepend,
                             Element siblingElement)
                      throws WSSecurityException

Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called any time after the references were set. See addReferencesToSign().

Throws:

WSSecurityException

getDerivedKeyLength

protected int getDerivedKeyLength()
                           throws WSSecurityException

Description copied from class: WSSecDerivedKeyBase

The derived key will change depending on the sig/encr algorithm. Therefore the child classes are expected to provide this value.

Specified by:

getDerivedKeyLength in class WSSecDerivedKeyBase

Returns:

the derived key length

Throws:

WSSecurityException

setDerivedKeyLength

public void setDerivedKeyLength(int keyLength)

setSignatureAlgorithm

public void setSignatureAlgorithm(String algorithm)

Set the signature algorithm to use. The default is WSConstants.SHA1.

Parameters:

algorithm - the signature algorithm to use.

getSignatureAlgorithm

public String getSignatureAlgorithm()

Returns:

the signature algorithm to use

getSignatureId

public String getSignatureId()

Returns the the value of wsu:Id attribute of the Signature element.

Returns:

Return the wsu:Id of this token or null if the signature has not been generated.

setDigestAlgorithm

public void setDigestAlgorithm(String algorithm)

Set the digest algorithm to use. The default is WSConstants.SHA1.

Parameters:

algorithm - the digest algorithm to use.

getDigestAlgorithm

public String getDigestAlgorithm()

Returns:

the digest algorithm to use

getSignatureValue

public byte[] getSignatureValue()

Returns:

Returns the signatureValue.

setSigCanonicalization

public void setSigCanonicalization(String algo)

Set the canonicalization method to use. If the canonicalization method is not set then the recommended Exclusive XML Canonicalization is used by default Refer to WSConstants which algorithms are supported.

Parameters:

algo - Is the name of the signature algorithm

See Also:

WSS4JConstants.C14N_OMIT_COMMENTS, WSS4JConstants.C14N_WITH_COMMENTS, WSS4JConstants.C14N_EXCL_OMIT_COMMENTS, WSS4JConstants.C14N_EXCL_WITH_COMMENTS

getSigCanonicalization

public String getSigCanonicalization()

Get the canonicalization method. If the canonicalization method was not set then Exclusive XML Canonicalization is used by default.

Returns:

The string describing the canonicalization algorithm.

isAddInclusivePrefixes

public boolean isAddInclusivePrefixes()

setAddInclusivePrefixes

public void setAddInclusivePrefixes(boolean addInclusivePrefixes)