public class WSSecSignature extends WSSecSignatureBase
WSSignEnvelope
. This new class allows better control of
the process to create a Signature and to add it to the Security header.
The flexibility and fine granular control is required to implement a handler
that uses WSSecurityPolicy files to control the setup of a Security header.Modifier and Type | Field and Description |
---|---|
protected Element |
bstToken |
protected CanonicalizationMethod |
c14nMethod |
protected String |
certUri |
protected KeyInfo |
keyInfo |
protected String |
keyInfoUri |
protected byte[] |
secretKey |
protected XMLSignature |
sig |
protected XMLSignatureFactory |
signatureFactory |
protected byte[] |
signatureValue |
protected String |
strUri |
addWSUNamespace, attachmentCallbackHandler, callbackLookup, expandXopInclude, keyIdentifierType, password, storeBytesInAttachment, user
Constructor and Description |
---|
WSSecSignature(Document doc) |
WSSecSignature(Document doc,
Provider provider) |
WSSecSignature(WSSecHeader securityHeader) |
Modifier and Type | Method and Description |
---|---|
List<Reference> |
addReferencesToSign(List<WSEncryptionPart> references)
This method adds references to the Signature.
|
void |
appendBSTElementToHeader()
Append the BinarySecurityToken to the security header.
|
Document |
build(Crypto cr)
Builds a signed soap envelope.
|
void |
computeSignature(List<Reference> referenceList)
Compute the Signature over the references.
|
void |
computeSignature(List<Reference> referenceList,
boolean prepend,
Element siblingElement)
Compute the Signature over the references.
|
Element |
getBinarySecurityTokenElement()
Returns the BST Token element.
|
String |
getBSTTokenId()
Get the id of the BST generated during
prepare() . |
Element |
getCustomKeyInfoElement() |
String |
getCustomTokenId() |
String |
getDigestAlgo() |
String |
getId()
Get the id generated during
prepare() . |
String |
getKeyInfoUri() |
SecurityTokenReference |
getSecurityTokenReference()
Get the SecurityTokenReference to be used in the KeyInfo element.
|
String |
getSecurityTokenReferenceURI() |
String |
getSigCanonicalization()
Get the canonicalization method.
|
String |
getSignatureAlgorithm()
Get the name (uri) of the signature algorithm that is being used.
|
Element |
getSignatureElement()
Returns the SignatureElement.
|
Provider |
getSignatureProvider() |
byte[] |
getSignatureValue()
Returns the computed Signature value.
|
boolean |
isAddInclusivePrefixes() |
boolean |
isIncludeSignatureToken() |
boolean |
isUseSingleCertificate()
Get the single cert flag.
|
protected void |
marshalKeyInfo(WSDocInfo wsDocInfo) |
void |
prepare(Crypto cr)
Initialize a WSSec Signature.
|
void |
prependBSTElementToHeader()
Prepend the BinarySecurityToken to the elements already in the Security
header.
|
void |
setAddInclusivePrefixes(boolean addInclusivePrefixes) |
void |
setCustomKeyInfoElement(Element keyInfoElement) |
void |
setCustomTokenId(String customTokenId)
Set the custom token id
|
void |
setCustomTokenValueType(String customTokenValueType)
Set the custom token value type to use
|
void |
setDigestAlgo(String digestAlgo)
Set the string that defines which digest algorithm to use.
|
void |
setEncrKeySha1value(String encrKeySha1value)
Set the encrypted key sha1 value
|
void |
setIncludeSignatureToken(boolean includeSignatureToken) |
void |
setSecretKey(byte[] secretKey)
Set the secret key to use
|
void |
setSecurityTokenReference(SecurityTokenReference secRef)
Set the SecurityTokenReference to be used in the KeyInfo element.
|
void |
setSigCanonicalization(String algo)
Set the canonicalization method to use.
|
void |
setSignatureAlgorithm(String algo)
Set the name (uri) of the signature encryption algorithm to use.
|
void |
setSignatureProvider(Provider signatureProvider) |
void |
setUseSingleCertificate(boolean useSingleCert)
Set the single cert flag.
|
void |
setX509Certificate(X509Certificate cer)
Set the X509 Certificate to use
|
addReferencesToSign, cleanup, createSTRParameter, getInclusivePrefixes, getInclusivePrefixes
getDocument, getIdAllocator, getKeyIdentifierType, getParts, getSecurityHeader, getWsDocInfo, isExpandXopInclude, setAttachmentCallbackHandler, setBodyID, setCallbackLookup, setExpandXopInclude, setIdAllocator, setKeyIdentifierType, setStoreBytesInAttachment, setUserInfo, setWsDocInfo, setWsuId
protected XMLSignatureFactory signatureFactory
protected KeyInfo keyInfo
protected CanonicalizationMethod c14nMethod
protected XMLSignature sig
protected byte[] secretKey
protected String strUri
protected Element bstToken
protected String keyInfoUri
protected String certUri
protected byte[] signatureValue
public WSSecSignature(WSSecHeader securityHeader)
public WSSecSignature(Document doc)
public void prepare(Crypto cr) throws WSSecurityException
prependSignatureElementToHeader()
method.cr
- An instance of the Crypto API to handle keystore and certificatesWSSecurityException
protected void marshalKeyInfo(WSDocInfo wsDocInfo) throws WSSecurityException
WSSecurityException
public Document build(Crypto cr) throws WSSecurityException
cr
- An instance of the Crypto API to handle keystore and certificatesDocument
WSSecurityException
public List<Reference> addReferencesToSign(List<WSEncryptionPart> references) throws WSSecurityException
references
- The list of references to signWSSecurityException
public Element getSignatureElement()
prepare()
.public void prependBSTElementToHeader()
prepare()
.
This allows to insert the BST element at any position in the Security
header.public void appendBSTElementToHeader()
public void computeSignature(List<Reference> referenceList) throws WSSecurityException
addReferencesToSign()
.referenceList
- The list of references to signWSSecurityException
public void computeSignature(List<Reference> referenceList, boolean prepend, Element siblingElement) throws WSSecurityException
addReferencesToSign()
.referenceList
- The list of references to signprepend
- Whether to prepend the signature element to the security headersiblingElement
- If prepending, then prepend before this sibling ElementWSSecurityException
public void setUseSingleCertificate(boolean useSingleCert)
useSingleCert
- public boolean isUseSingleCertificate()
public void setSignatureAlgorithm(String algo)
prepare()
method. Refer to WSConstants which algorithms are supported.algo
- the name of the signature algorithmWSS4JConstants.RSA
,
WSS4JConstants.DSA
public String getSignatureAlgorithm()
prepare
to get the information
which signature algorithm was automatically detected if no signature
algorithm was preset.public void setSigCanonicalization(String algo)
algo
- Is the name of the signature algorithmWSS4JConstants.C14N_OMIT_COMMENTS
,
WSS4JConstants.C14N_WITH_COMMENTS
,
WSS4JConstants.C14N_EXCL_OMIT_COMMENTS
,
WSS4JConstants.C14N_EXCL_WITH_COMMENTS
public String getSigCanonicalization()
public String getDigestAlgo()
public void setDigestAlgo(String digestAlgo)
digestAlgo
- the digestAlgo to setpublic byte[] getSignatureValue()
computeSignature()
or build()
methods were called.public String getId()
prepare()
.
Returns the the value of wsu:Id attribute of the Signature element.prepare()
was not called before.public String getBSTTokenId()
prepare()
.public void setSecretKey(byte[] secretKey)
secretKey
- the secret key to usepublic void setCustomTokenValueType(String customTokenValueType)
customTokenValueType
- the custom token value type to usepublic void setCustomTokenId(String customTokenId)
customTokenId
- the custom token idpublic String getCustomTokenId()
public void setEncrKeySha1value(String encrKeySha1value)
encrKeySha1value
- the encrypted key sha1 valuepublic void setX509Certificate(X509Certificate cer)
cer
- the X509 Certificate to usepublic Element getBinarySecurityTokenElement()
prepare()
.public String getSecurityTokenReferenceURI()
#prepare(Document, Crypto)
public SecurityTokenReference getSecurityTokenReference()
public void setSecurityTokenReference(SecurityTokenReference secRef)
public boolean isIncludeSignatureToken()
public void setIncludeSignatureToken(boolean includeSignatureToken)
public boolean isAddInclusivePrefixes()
public void setAddInclusivePrefixes(boolean addInclusivePrefixes)
public void setCustomKeyInfoElement(Element keyInfoElement)
public Element getCustomKeyInfoElement()
public Provider getSignatureProvider()
public void setSignatureProvider(Provider signatureProvider)
public String getKeyInfoUri()
Copyright © 2021 JBoss by Red Hat. All rights reserved.