Package org.apache.ws.security.message
Class WSSecDKSign
- java.lang.Object
-
- org.apache.ws.security.message.WSSecBase
-
- org.apache.ws.security.message.WSSecDerivedKeyBase
-
- org.apache.ws.security.message.WSSecDKSign
-
public class WSSecDKSign extends WSSecDerivedKeyBase
Builder to sign with derived keys- Author:
- Ruchith Fernando (ruchith.fernando@gmail.com), Davanum Srinivas (dims@yahoo.com), Werner Dittmann (werner@apache.org)
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.String
canonAlgo
protected java.lang.String
sigAlgo
protected byte[]
signatureValue
-
Fields inherited from class org.apache.ws.security.message.WSSecDerivedKeyBase
clientLabel, derivedKeyBytes, derivedKeyLength, dkt, dktId, document, envelope, ephemeralKey, serviceLabel, strElem, tokenIdentifier
-
-
Constructor Summary
Constructors Constructor Description WSSecDKSign()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addReferencesToSign(java.util.Vector references, WSSecHeader secHeader)
This method adds references to the Signature.void
appendSigToHeader(WSSecHeader secHeader)
org.w3c.dom.Document
build(org.w3c.dom.Document doc, WSSecHeader secHeader)
void
computeSignature()
Compute the Signature over the references.protected org.w3c.dom.Element
createSTRParameter(org.w3c.dom.Document doc)
protected int
getDerivedKeyLength()
The derived key will change depending on the sig/encr algorithm.protected java.util.Set
getInclusivePrefixes(org.w3c.dom.Element target)
protected java.util.Set
getInclusivePrefixes(org.w3c.dom.Element target, boolean excludeVisible)
java.lang.String
getSigCanonicalization()
Get the canonicalization method.org.w3c.dom.Element
getSignatureElement()
Returns the signature Element.byte[]
getSignatureValue()
void
prepare(org.w3c.dom.Document doc, WSSecHeader secHeader)
void
prependSigToHeader(WSSecHeader secHeader)
Prepends the Signature element to the elements already in the Security header.void
setSigCanonicalization(java.lang.String algo)
Set the canonicalization method to use.void
setSignatureAlgorithm(java.lang.String algo)
-
Methods inherited from class org.apache.ws.security.message.WSSecDerivedKeyBase
appendDKElementToHeader, getdktElement, getId, getTokenIdentifier, prepare, prependDKElementToHeader, setClientLabel, setDerivedKeyLength, setExternalKey, setExternalKey, setServiceLabel, setWscVersion
-
Methods inherited from class org.apache.ws.security.message.WSSecBase
getKeyIdentifierType, setBodyID, setKeyIdentifierType, setParts, setUserInfo, setWsConfig, setWsuId
-
-
-
-
Method Detail
-
build
public org.w3c.dom.Document build(org.w3c.dom.Document doc, WSSecHeader secHeader) throws WSSecurityException, org.apache.ws.security.conversation.ConversationException
- Throws:
WSSecurityException
org.apache.ws.security.conversation.ConversationException
-
prepare
public void prepare(org.w3c.dom.Document doc, WSSecHeader secHeader) throws WSSecurityException, org.apache.ws.security.conversation.ConversationException
- Throws:
WSSecurityException
org.apache.ws.security.conversation.ConversationException
-
getInclusivePrefixes
protected java.util.Set getInclusivePrefixes(org.w3c.dom.Element target)
-
getInclusivePrefixes
protected java.util.Set getInclusivePrefixes(org.w3c.dom.Element target, boolean excludeVisible)
-
addReferencesToSign
public void addReferencesToSign(java.util.Vector references, WSSecHeader secHeader) throws WSSecurityException
This method adds references to the Signature. The added references are signed when callingcomputeSignature()
. This method can be called several times to add references as required.addReferencesToSign()
can be called anytime afterprepare
.- Parameters:
references
- A vector containingWSEncryptionPart
objects that define the parts to sign.secHeader
- Used to compute namespaces to be inserted by InclusiveNamespaces to be WSI compliant.- Throws:
WSSecurityException
-
createSTRParameter
protected org.w3c.dom.Element createSTRParameter(org.w3c.dom.Document doc)
-
prependSigToHeader
public void prependSigToHeader(WSSecHeader secHeader)
Prepends the Signature element to the elements already in the Security header. The method can be called any time afterprepare()
. This allows to insert the Signature element at any position in the Security header.- Parameters:
securityHeader
- The secHeader that holds the Signature element.
-
appendSigToHeader
public void appendSigToHeader(WSSecHeader secHeader)
-
getSignatureElement
public org.w3c.dom.Element getSignatureElement()
Returns the signature Element. The method can be called any time afterprepare()
.- Returns:
-
computeSignature
public void computeSignature() throws WSSecurityException
Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called anytime after the references were set. SeeaddReferencesToSign()
.- Throws:
WSSecurityException
-
getDerivedKeyLength
protected int getDerivedKeyLength() throws WSSecurityException
Description copied from class:WSSecDerivedKeyBase
The derived key will change depending on the sig/encr algorithm. Therefore the child classes are expected to provide this value.- Specified by:
getDerivedKeyLength
in classWSSecDerivedKeyBase
- Returns:
- Throws:
WSSecurityException
- See Also:
WSSecDerivedKeyBase.getDerivedKeyLength()
-
setSignatureAlgorithm
public void setSignatureAlgorithm(java.lang.String algo)
-
getSignatureValue
public byte[] getSignatureValue()
- Returns:
- Returns the signatureValue.
-
setSigCanonicalization
public void setSigCanonicalization(java.lang.String algo)
Set the canonicalization method to use. If the canonicalization method is not set then the recommended Exclusive XML Canonicalization is used by default Refer to WSConstants which algorithms are supported.- Parameters:
algo
- Is the name of the signature algorithm- See Also:
WSConstants.C14N_OMIT_COMMENTS
,WSConstants.C14N_WITH_COMMENTS
,WSConstants.C14N_EXCL_OMIT_COMMENTS
,WSConstants.C14N_EXCL_WITH_COMMENTS
-
getSigCanonicalization
public java.lang.String getSigCanonicalization()
Get the canonicalization method. If the canonicalization method was not set then Exclusive XML Canonicalization is used by default.- Returns:
- The string describing the canonicalization algorithm.
-
-