Package org.apache.ws.security.message
Class WSSecDerivedKeyBase
- java.lang.Object
-
- org.apache.ws.security.message.WSSecBase
-
- org.apache.ws.security.message.WSSecDerivedKeyBase
-
- Direct Known Subclasses:
WSSecDKEncrypt
,WSSecDKSign
public abstract class WSSecDerivedKeyBase extends WSSecBase
Base class for DerivedKey encryption and signature- Author:
- Ruchith Fernando (ruchith.fernando@gmail.com), Davanum Srinivas (dims@yahoo.com), Werner Dittmann (werner@apache.org)
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.String
clientLabel
Client's label valueprotected byte[]
derivedKeyBytes
Raw bytes of the derived keyprotected int
derivedKeyLength
protected DerivedKeyToken
dkt
DerivedKeyToken of this builderprotected java.lang.String
dktId
wsu:Id of the wsc:DerivedKeyTokenprotected org.w3c.dom.Document
document
protected org.w3c.dom.Element
envelope
soap:Envelope elementprotected byte[]
ephemeralKey
Session key used as the secret in key derivationprotected java.lang.String
serviceLabel
Service's label valueprotected org.w3c.dom.Element
strElem
The wsse:SecurityTokenReference element to be usedprotected java.lang.String
tokenIdentifier
The Token identifier of the token that theDerivedKeyToken
is (or to be) derived from.
-
Constructor Summary
Constructors Constructor Description WSSecDerivedKeyBase()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description void
appendDKElementToHeader(WSSecHeader secHeader)
protected abstract int
getDerivedKeyLength()
The derived key will change depending on the sig/encr algorithm.org.w3c.dom.Element
getdktElement()
java.lang.String
getId()
Get the id generated duringprepare()
.java.lang.String
getTokenIdentifier()
void
prepare(org.w3c.dom.Document doc)
Initialize a WSSec Derived key.void
prependDKElementToHeader(WSSecHeader secHeader)
Prepend the DerivedKey element to the elements already in the Security header.void
setClientLabel(java.lang.String clientLabel)
Set the label value of the client.void
setDerivedKeyLength(int keyLength)
void
setExternalKey(byte[] ephemeralKey, java.lang.String tokenIdentifier)
void
setExternalKey(byte[] ephemeralKey, org.w3c.dom.Element strElem)
void
setServiceLabel(java.lang.String serviceLabel)
Set the label value of the service.void
setWscVersion(int wscVersion)
-
Methods inherited from class org.apache.ws.security.message.WSSecBase
getKeyIdentifierType, setBodyID, setKeyIdentifierType, setParts, setUserInfo, setWsConfig, setWsuId
-
-
-
-
Field Detail
-
document
protected org.w3c.dom.Document document
-
ephemeralKey
protected byte[] ephemeralKey
Session key used as the secret in key derivation
-
dkt
protected DerivedKeyToken dkt
DerivedKeyToken of this builder
-
derivedKeyBytes
protected byte[] derivedKeyBytes
Raw bytes of the derived key
-
dktId
protected java.lang.String dktId
wsu:Id of the wsc:DerivedKeyToken
-
clientLabel
protected java.lang.String clientLabel
Client's label value
-
serviceLabel
protected java.lang.String serviceLabel
Service's label value
-
envelope
protected org.w3c.dom.Element envelope
soap:Envelope element
-
tokenIdentifier
protected java.lang.String tokenIdentifier
The Token identifier of the token that theDerivedKeyToken
is (or to be) derived from.
-
strElem
protected org.w3c.dom.Element strElem
The wsse:SecurityTokenReference element to be used
-
derivedKeyLength
protected int derivedKeyLength
-
-
Method Detail
-
getDerivedKeyLength
protected abstract int getDerivedKeyLength() throws WSSecurityException
The derived key will change depending on the sig/encr algorithm. Therefore the child classes are expected to provide this value.- Returns:
- Throws:
WSSecurityException
-
setExternalKey
public void setExternalKey(byte[] ephemeralKey, java.lang.String tokenIdentifier)
- Parameters:
ephemeralKey
- The ephemeralKey to set.
-
setExternalKey
public void setExternalKey(byte[] ephemeralKey, org.w3c.dom.Element strElem)
- Parameters:
ephemeralKey
- The ephemeralKey to set.
-
getTokenIdentifier
public java.lang.String getTokenIdentifier()
- Returns:
- Returns the tokenIdentifier.
-
getId
public java.lang.String getId()
Get the id generated duringprepare()
. Returns the the value of wsu:Id attribute of the DerivedKeyToken element.- Returns:
- Return the wsu:Id of this token or null if
prepare()
was not called before.
-
setClientLabel
public void setClientLabel(java.lang.String clientLabel)
Set the label value of the client.- Parameters:
clientLabel
-
-
setServiceLabel
public void setServiceLabel(java.lang.String serviceLabel)
Set the label value of the service.- Parameters:
serviceLabel
-
-
prepare
public void prepare(org.w3c.dom.Document doc) throws WSSecurityException, org.apache.ws.security.conversation.ConversationException
Initialize a WSSec Derived key. The method prepares and initializes a WSSec dereived key structure after the relevant information was set. This method also creates and initializes the derived token using the ephemeral key. After preparation references can be added, encrypted and signed as required. This method does not add any element to the security header. This must be done explicitly.- Parameters:
doc
- The unsigned SOAP envelope asDocument
- Throws:
WSSecurityException
org.apache.ws.security.conversation.ConversationException
-
prependDKElementToHeader
public void prependDKElementToHeader(WSSecHeader secHeader)
Prepend the DerivedKey element to the elements already in the Security header. The method can be called any time afterprepare()
. This allows to insert the DereivedKey element at any position in the Security header.- Parameters:
secHeader
- The security header that holds the Signature element.
-
appendDKElementToHeader
public void appendDKElementToHeader(WSSecHeader secHeader)
-
setWscVersion
public void setWscVersion(int wscVersion)
- Parameters:
wscVersion
- The wscVersion to set.
-
getdktElement
public org.w3c.dom.Element getdktElement()
-
setDerivedKeyLength
public void setDerivedKeyLength(int keyLength)
-
-