Package org.apache.ws.security.message
Class WSSecDKSign
java.lang.Object
org.apache.ws.security.message.WSSecBase
org.apache.ws.security.message.WSSecDerivedKeyBase
org.apache.ws.security.message.WSSecDKSign
Builder to sign with derived keys
- Author:
- Ruchith Fernando (ruchith.fernando@gmail.com), Davanum Srinivas (dims@yahoo.com), Werner Dittmann (werner@apache.org)
-
Field Summary
FieldsFields inherited from class org.apache.ws.security.message.WSSecDerivedKeyBase
clientLabel, derivedKeyBytes, derivedKeyLength, dkt, dktId, document, envelope, ephemeralKey, serviceLabel, strElem, tokenIdentifier
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
addReferencesToSign
(Vector references, WSSecHeader secHeader) This method adds references to the Signature.void
appendSigToHeader
(WSSecHeader secHeader) build
(Document doc, WSSecHeader secHeader) void
Compute the Signature over the references.protected Element
protected int
The derived key will change depending on the sig/encr algorithm.protected Set
getInclusivePrefixes
(Element target) protected Set
getInclusivePrefixes
(Element target, boolean excludeVisible) Get the canonicalization method.Returns the signature Element.byte[]
void
prepare
(Document doc, WSSecHeader secHeader) void
prependSigToHeader
(WSSecHeader secHeader) Prepends the Signature element to the elements already in the Security header.void
setSigCanonicalization
(String algo) Set the canonicalization method to use.void
setSignatureAlgorithm
(String algo) Methods inherited from class org.apache.ws.security.message.WSSecDerivedKeyBase
appendDKElementToHeader, getdktElement, getId, getTokenIdentifier, prepare, prependDKElementToHeader, setClientLabel, setDerivedKeyLength, setExternalKey, setExternalKey, setServiceLabel, setWscVersion
Methods inherited from class org.apache.ws.security.message.WSSecBase
getKeyIdentifierType, setBodyID, setKeyIdentifierType, setParts, setUserInfo, setWsConfig, setWsuId
-
Field Details
-
sigAlgo
-
canonAlgo
-
signatureValue
protected byte[] signatureValue
-
-
Constructor Details
-
WSSecDKSign
public WSSecDKSign()
-
-
Method Details
-
build
public Document build(Document doc, WSSecHeader secHeader) throws WSSecurityException, org.apache.ws.security.conversation.ConversationException - Throws:
WSSecurityException
org.apache.ws.security.conversation.ConversationException
-
prepare
public void prepare(Document doc, WSSecHeader secHeader) throws WSSecurityException, org.apache.ws.security.conversation.ConversationException - Throws:
WSSecurityException
org.apache.ws.security.conversation.ConversationException
-
getInclusivePrefixes
-
getInclusivePrefixes
-
addReferencesToSign
public void addReferencesToSign(Vector references, WSSecHeader secHeader) throws WSSecurityException This method adds references to the Signature. The added references are signed when callingcomputeSignature()
. This method can be called several times to add references as required.addReferencesToSign()
can be called anytime afterprepare
.- Parameters:
references
- A vector containingWSEncryptionPart
objects that define the parts to sign.secHeader
- Used to compute namespaces to be inserted by InclusiveNamespaces to be WSI compliant.- Throws:
WSSecurityException
-
createSTRParameter
-
prependSigToHeader
Prepends the Signature element to the elements already in the Security header. The method can be called any time afterprepare()
. This allows to insert the Signature element at any position in the Security header.- Parameters:
securityHeader
- The secHeader that holds the Signature element.
-
appendSigToHeader
-
getSignatureElement
Returns the signature Element. The method can be called any time afterprepare()
.- Returns:
-
computeSignature
Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called anytime after the references were set. SeeaddReferencesToSign()
.- Throws:
WSSecurityException
-
getDerivedKeyLength
Description copied from class:WSSecDerivedKeyBase
The derived key will change depending on the sig/encr algorithm. Therefore the child classes are expected to provide this value.- Specified by:
getDerivedKeyLength
in classWSSecDerivedKeyBase
- Returns:
- Throws:
WSSecurityException
- See Also:
-
setSignatureAlgorithm
-
getSignatureValue
public byte[] getSignatureValue()- Returns:
- Returns the signatureValue.
-
setSigCanonicalization
Set the canonicalization method to use. If the canonicalization method is not set then the recommended Exclusive XML Canonicalization is used by default Refer to WSConstants which algorithms are supported.- Parameters:
algo
- Is the name of the signature algorithm- See Also:
-
getSigCanonicalization
Get the canonicalization method. If the canonicalization method was not set then Exclusive XML Canonicalization is used by default.- Returns:
- The string describing the canonicalization algorithm.
-