Class XMLSecurityProperties


  • public class XMLSecurityProperties
    extends java.lang.Object
    Main configuration class to supply keys etc. This class is subject to change in the future.
    • Field Detail

      • inputProcessorList

        private final java.util.List<InputProcessor> inputProcessorList
      • skipDocumentEvents

        private boolean skipDocumentEvents
      • disableSchemaValidation

        private boolean disableSchemaValidation
      • encryptionUseThisCertificate

        private java.security.cert.X509Certificate encryptionUseThisCertificate
      • encryptionSymAlgorithm

        private java.lang.String encryptionSymAlgorithm
      • encryptionKeyTransportAlgorithm

        private java.lang.String encryptionKeyTransportAlgorithm
      • encryptionKeyTransportDigestAlgorithm

        private java.lang.String encryptionKeyTransportDigestAlgorithm
      • encryptionKeyTransportMGFAlgorithm

        private java.lang.String encryptionKeyTransportMGFAlgorithm
      • encryptionKeyTransportOAEPParams

        private byte[] encryptionKeyTransportOAEPParams
      • encryptionParts

        private final java.util.List<SecurePart> encryptionParts
      • encryptionKey

        private java.security.Key encryptionKey
      • encryptionTransportKey

        private java.security.Key encryptionTransportKey
      • encryptionKeyName

        private java.lang.String encryptionKeyName
      • decryptionKey

        private java.security.Key decryptionKey
      • signatureParts

        private final java.util.List<SecurePart> signatureParts
      • signatureAlgorithm

        private java.lang.String signatureAlgorithm
      • signatureDigestAlgorithm

        private java.lang.String signatureDigestAlgorithm
      • signatureCanonicalizationAlgorithm

        private java.lang.String signatureCanonicalizationAlgorithm
      • signatureKey

        private java.security.Key signatureKey
      • signatureCerts

        private java.security.cert.X509Certificate[] signatureCerts
      • addExcC14NInclusivePrefixes

        private boolean addExcC14NInclusivePrefixes
      • signatureKeyName

        private java.lang.String signatureKeyName
      • useSingleCert

        private boolean useSingleCert
      • signatureVerificationKey

        private java.security.Key signatureVerificationKey
      • signaturePosition

        private int signaturePosition
      • idAttributeNS

        private javax.xml.namespace.QName idAttributeNS
      • keyNameMap

        private final java.util.Map<java.lang.String,​java.security.Key> keyNameMap
      • signatureGenerateIds

        private boolean signatureGenerateIds
      • signatureIncludeDigestTransform

        private boolean signatureIncludeDigestTransform
      • signaturePositionQName

        private javax.xml.namespace.QName signaturePositionQName
      • signaturePositionStart

        private boolean signaturePositionStart
    • Constructor Detail

      • XMLSecurityProperties

        public XMLSecurityProperties()
      • XMLSecurityProperties

        protected XMLSecurityProperties​(XMLSecurityProperties xmlSecurityProperties)
    • Method Detail

      • isSignaturePositionStart

        public boolean isSignaturePositionStart()
      • setSignaturePositionStart

        public void setSignaturePositionStart​(boolean signaturePositionStart)
      • getSignaturePosition

        public int getSignaturePosition()
        returns the position of the signature. By default, the signature is located at the first child of the root element
        Returns:
        The signature position
      • setSignaturePosition

        public void setSignaturePosition​(int signaturePosition)
        Specifies the position of the signature
        Parameters:
        signaturePosition - Position of the signature (by default: 0)
      • getIdAttributeNS

        public javax.xml.namespace.QName getIdAttributeNS()
        Return the qualified name of the ID attribute used to sign the document. By default, ID is used.
        Returns:
        the qualified name of the ID attribute
      • setIdAttributeNS

        public void setIdAttributeNS​(javax.xml.namespace.QName idAttributeNS)
        Sets the qualified name of the ID attribute used to sign the document.
        Parameters:
        idAttributeNS - Qualified Name of the ID attribute to use
      • getEncryptionKeyIdentifier

        public SecurityTokenConstants.KeyIdentifier getEncryptionKeyIdentifier()
        returns the KeyIdentifierType which will be used in the secured document
        Returns:
        The KeyIdentifierType
      • setEncryptionKeyIdentifier

        public void setEncryptionKeyIdentifier​(SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier)
        Specifies the KeyIdentifierType to use in the secured document
        Parameters:
        encryptionKeyIdentifier -
      • addInputProcessor

        public void addInputProcessor​(InputProcessor inputProcessor)
        Add an additional, non standard, InputProcessor to the chain
        Parameters:
        inputProcessor - The InputProcessor to add
      • getInputProcessorList

        public java.util.List<InputProcessor> getInputProcessorList()
        Returns the currently registered additional InputProcessors
        Returns:
        the List with the InputProcessors
      • setDecryptionKey

        public void setDecryptionKey​(java.security.Key decryptionKey)
      • getDecryptionKey

        public java.security.Key getDecryptionKey()
      • setEncryptionTransportKey

        public void setEncryptionTransportKey​(java.security.Key encryptionTransportKey)
      • getEncryptionTransportKey

        public java.security.Key getEncryptionTransportKey()
      • setEncryptionKey

        public void setEncryptionKey​(java.security.Key encryptionKey)
      • getEncryptionKey

        public java.security.Key getEncryptionKey()
      • addEncryptionPart

        public void addEncryptionPart​(SecurePart securePart)
        Adds a part which must be encrypted by the framework
        Parameters:
        securePart -
      • getEncryptionSecureParts

        public java.util.List<SecurePart> getEncryptionSecureParts()
        Returns the encryption parts which are actually set
        Returns:
        A List of SecurePart's
      • getEncryptionSymAlgorithm

        public java.lang.String getEncryptionSymAlgorithm()
        Returns the Encryption-Algo
        Returns:
        the Encryption-Algo as String
      • setEncryptionSymAlgorithm

        public void setEncryptionSymAlgorithm​(java.lang.String encryptionSymAlgorithm)
        Specifies the encryption algorithm
        Parameters:
        encryptionSymAlgorithm - The algo to use for encryption
      • getEncryptionKeyTransportAlgorithm

        public java.lang.String getEncryptionKeyTransportAlgorithm()
        Returns the encryption key transport algorithm
        Returns:
        the key transport algorithm as string
      • setEncryptionKeyTransportAlgorithm

        public void setEncryptionKeyTransportAlgorithm​(java.lang.String encryptionKeyTransportAlgorithm)
        Specifies the encryption key transport algorithm
        Parameters:
        encryptionKeyTransportAlgorithm - the encryption key transport algorithm as string
      • getEncryptionKeyTransportDigestAlgorithm

        public java.lang.String getEncryptionKeyTransportDigestAlgorithm()
      • setEncryptionKeyTransportDigestAlgorithm

        public void setEncryptionKeyTransportDigestAlgorithm​(java.lang.String encryptionKeyTransportDigestAlgorithm)
      • getEncryptionKeyTransportMGFAlgorithm

        public java.lang.String getEncryptionKeyTransportMGFAlgorithm()
      • setEncryptionKeyTransportMGFAlgorithm

        public void setEncryptionKeyTransportMGFAlgorithm​(java.lang.String encryptionKeyTransportMGFAlgorithm)
      • getEncryptionKeyTransportOAEPParams

        public byte[] getEncryptionKeyTransportOAEPParams()
      • setEncryptionKeyTransportOAEPParams

        public void setEncryptionKeyTransportOAEPParams​(byte[] encryptionKeyTransportOAEPParams)
      • getEncryptionUseThisCertificate

        public java.security.cert.X509Certificate getEncryptionUseThisCertificate()
      • setEncryptionUseThisCertificate

        public void setEncryptionUseThisCertificate​(java.security.cert.X509Certificate encryptionUseThisCertificate)
      • getSignatureCerts

        public java.security.cert.X509Certificate[] getSignatureCerts()
      • setSignatureCerts

        public void setSignatureCerts​(java.security.cert.X509Certificate[] signatureCerts)
      • addSignaturePart

        public void addSignaturePart​(SecurePart securePart)
      • getSignatureSecureParts

        public java.util.List<SecurePart> getSignatureSecureParts()
      • getSignatureAlgorithm

        public java.lang.String getSignatureAlgorithm()
      • setSignatureAlgorithm

        public void setSignatureAlgorithm​(java.lang.String signatureAlgorithm)
      • getSignatureDigestAlgorithm

        public java.lang.String getSignatureDigestAlgorithm()
      • setSignatureDigestAlgorithm

        public void setSignatureDigestAlgorithm​(java.lang.String signatureDigestAlgorithm)
      • setSignatureKey

        public void setSignatureKey​(java.security.Key signatureKey)
      • getSignatureKey

        public java.security.Key getSignatureKey()
      • isUseSingleCert

        public boolean isUseSingleCert()
      • setUseSingleCert

        public void setUseSingleCert​(boolean useSingleCert)
      • isAddExcC14NInclusivePrefixes

        public boolean isAddExcC14NInclusivePrefixes()
      • setAddExcC14NInclusivePrefixes

        public void setAddExcC14NInclusivePrefixes​(boolean addExcC14NInclusivePrefixes)
      • getActions

        public java.util.List<XMLSecurityConstants.Action> getActions()
        Returns the actual set actions
        Returns:
        The Actions in applied order
      • setActions

        public void setActions​(java.util.List<XMLSecurityConstants.Action> actions)
        Specifies how to secure the document eg. Timestamp, Signature, Encrypt
        Parameters:
        actions -
      • getSignatureCanonicalizationAlgorithm

        public java.lang.String getSignatureCanonicalizationAlgorithm()
      • setSignatureCanonicalizationAlgorithm

        public void setSignatureCanonicalizationAlgorithm​(java.lang.String signatureCanonicalizationAlgorithm)
      • getSignatureVerificationKey

        public java.security.Key getSignatureVerificationKey()
      • setSignatureVerificationKey

        public void setSignatureVerificationKey​(java.security.Key signatureVerificationKey)
      • isSkipDocumentEvents

        public boolean isSkipDocumentEvents()
        Returns if the framework is skipping document-events
        Returns:
        true if document-events will be skipped, false otherwise
      • setSkipDocumentEvents

        public void setSkipDocumentEvents​(boolean skipDocumentEvents)
        specifies if the framework should forward Document-Events or not
        Parameters:
        skipDocumentEvents - set to true when document events should be discarded, false otherwise
      • isDisableSchemaValidation

        public boolean isDisableSchemaValidation()
      • setDisableSchemaValidation

        public void setDisableSchemaValidation​(boolean disableSchemaValidation)
      • getSignatureKeyName

        public java.lang.String getSignatureKeyName()
      • setSignatureKeyName

        public void setSignatureKeyName​(java.lang.String signatureKeyName)
        specifies the contents of the KeyInfo/KeyName element for signing
        Parameters:
        signatureKeyName - set to a String that will be passed as contents of the KeyName element
      • getEncryptionKeyName

        public java.lang.String getEncryptionKeyName()
      • setEncryptionKeyName

        public void setEncryptionKeyName​(java.lang.String encryptionKeyName)
        specifies the contents of the KeyInfo/KeyName element for encryption
        Parameters:
        encryptionKeyName - set to a String that will be passed as contents of the KeyName element
      • getKeyNameMap

        public java.util.Map<java.lang.String,​java.security.Key> getKeyNameMap()
        returns an immutable instance of the map that links KeyName values to actual keys
        Returns:
        keyNameMap set to the map containing KeyNames and Keys
      • addKeyNameMapping

        public void addKeyNameMapping​(java.lang.String keyname,
                                      java.security.Key key)
      • isSignatureGenerateIds

        public boolean isSignatureGenerateIds()
      • setSignatureGenerateIds

        public void setSignatureGenerateIds​(boolean signatureGenerateIds)
        specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structures
        Parameters:
        signatureGenerateIds - set to true (default) to generate Id attributes
      • isSignatureIncludeDigestTransform

        public boolean isSignatureIncludeDigestTransform()
      • setSignatureIncludeDigestTransform

        public void setSignatureIncludeDigestTransform​(boolean signatureIncludeDigestTransform)
        specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms list
        Parameters:
        signatureIncludeDigestTransform - set to true (default) to include the transform in the list
      • getSignaturePositionQName

        public javax.xml.namespace.QName getSignaturePositionQName()
      • setSignaturePositionQName

        public void setSignaturePositionQName​(javax.xml.namespace.QName signaturePositionQName)