Package org.apache.xml.security.stax.ext
Class XMLSecurityProperties
- java.lang.Object
-
- org.apache.xml.security.stax.ext.XMLSecurityProperties
-
public class XMLSecurityProperties extends java.lang.Object
Main configuration class to supply keys etc. This class is subject to change in the future.
-
-
Field Summary
Fields Modifier and Type Field Description private java.util.List<XMLSecurityConstants.Action>
actions
private boolean
addExcC14NInclusivePrefixes
private java.security.Key
decryptionKey
private boolean
disableSchemaValidation
private java.security.Key
encryptionKey
private SecurityTokenConstants.KeyIdentifier
encryptionKeyIdentifier
private java.lang.String
encryptionKeyName
private java.lang.String
encryptionKeyTransportAlgorithm
private java.lang.String
encryptionKeyTransportDigestAlgorithm
private java.lang.String
encryptionKeyTransportMGFAlgorithm
private byte[]
encryptionKeyTransportOAEPParams
private java.util.List<SecurePart>
encryptionParts
private java.lang.String
encryptionSymAlgorithm
private java.security.Key
encryptionTransportKey
private java.security.cert.X509Certificate
encryptionUseThisCertificate
private javax.xml.namespace.QName
idAttributeNS
private java.util.List<InputProcessor>
inputProcessorList
private java.util.Map<java.lang.String,java.security.Key>
keyNameMap
private java.lang.String
signatureAlgorithm
private java.lang.String
signatureCanonicalizationAlgorithm
private java.security.cert.X509Certificate[]
signatureCerts
private java.lang.String
signatureDigestAlgorithm
private boolean
signatureGenerateIds
private boolean
signatureIncludeDigestTransform
private java.security.Key
signatureKey
private java.util.List<SecurityTokenConstants.KeyIdentifier>
signatureKeyIdentifiers
private java.lang.String
signatureKeyName
private java.util.List<SecurePart>
signatureParts
private int
signaturePosition
private javax.xml.namespace.QName
signaturePositionQName
private boolean
signaturePositionStart
private java.security.Key
signatureVerificationKey
private boolean
skipDocumentEvents
private boolean
useSingleCert
-
Constructor Summary
Constructors Modifier Constructor Description XMLSecurityProperties()
protected
XMLSecurityProperties(XMLSecurityProperties xmlSecurityProperties)
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
addAction(XMLSecurityConstants.Action action)
void
addEncryptionPart(SecurePart securePart)
Adds a part which must be encrypted by the frameworkvoid
addInputProcessor(InputProcessor inputProcessor)
Add an additional, non standard, InputProcessor to the chainvoid
addKeyNameMapping(java.lang.String keyname, java.security.Key key)
void
addSignaturePart(SecurePart securePart)
java.util.List<XMLSecurityConstants.Action>
getActions()
Returns the actual set actionsjava.security.Key
getDecryptionKey()
java.security.Key
getEncryptionKey()
SecurityTokenConstants.KeyIdentifier
getEncryptionKeyIdentifier()
returns the KeyIdentifierType which will be used in the secured documentjava.lang.String
getEncryptionKeyName()
java.lang.String
getEncryptionKeyTransportAlgorithm()
Returns the encryption key transport algorithmjava.lang.String
getEncryptionKeyTransportDigestAlgorithm()
java.lang.String
getEncryptionKeyTransportMGFAlgorithm()
byte[]
getEncryptionKeyTransportOAEPParams()
java.util.List<SecurePart>
getEncryptionSecureParts()
Returns the encryption parts which are actually setjava.lang.String
getEncryptionSymAlgorithm()
Returns the Encryption-Algojava.security.Key
getEncryptionTransportKey()
java.security.cert.X509Certificate
getEncryptionUseThisCertificate()
javax.xml.namespace.QName
getIdAttributeNS()
Return the qualified name of the ID attribute used to sign the document.java.util.List<InputProcessor>
getInputProcessorList()
Returns the currently registered additional InputProcessorsjava.util.Map<java.lang.String,java.security.Key>
getKeyNameMap()
returns an immutable instance of the map that links KeyName values to actual keysjava.lang.String
getSignatureAlgorithm()
java.lang.String
getSignatureCanonicalizationAlgorithm()
java.security.cert.X509Certificate[]
getSignatureCerts()
java.lang.String
getSignatureDigestAlgorithm()
java.security.Key
getSignatureKey()
SecurityTokenConstants.KeyIdentifier
getSignatureKeyIdentifier()
Deprecated.java.util.List<SecurityTokenConstants.KeyIdentifier>
getSignatureKeyIdentifiers()
java.lang.String
getSignatureKeyName()
int
getSignaturePosition()
returns the position of the signature.javax.xml.namespace.QName
getSignaturePositionQName()
java.util.List<SecurePart>
getSignatureSecureParts()
java.security.Key
getSignatureVerificationKey()
boolean
isAddExcC14NInclusivePrefixes()
boolean
isDisableSchemaValidation()
boolean
isSignatureGenerateIds()
boolean
isSignatureIncludeDigestTransform()
boolean
isSignaturePositionStart()
boolean
isSkipDocumentEvents()
Returns if the framework is skipping document-eventsboolean
isUseSingleCert()
void
setActions(java.util.List<XMLSecurityConstants.Action> actions)
Specifies how to secure the document eg.void
setAddExcC14NInclusivePrefixes(boolean addExcC14NInclusivePrefixes)
void
setDecryptionKey(java.security.Key decryptionKey)
void
setDisableSchemaValidation(boolean disableSchemaValidation)
void
setEncryptionKey(java.security.Key encryptionKey)
void
setEncryptionKeyIdentifier(SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier)
Specifies the KeyIdentifierType to use in the secured documentvoid
setEncryptionKeyName(java.lang.String encryptionKeyName)
specifies the contents of the KeyInfo/KeyName element for encryptionvoid
setEncryptionKeyTransportAlgorithm(java.lang.String encryptionKeyTransportAlgorithm)
Specifies the encryption key transport algorithmvoid
setEncryptionKeyTransportDigestAlgorithm(java.lang.String encryptionKeyTransportDigestAlgorithm)
void
setEncryptionKeyTransportMGFAlgorithm(java.lang.String encryptionKeyTransportMGFAlgorithm)
void
setEncryptionKeyTransportOAEPParams(byte[] encryptionKeyTransportOAEPParams)
void
setEncryptionSymAlgorithm(java.lang.String encryptionSymAlgorithm)
Specifies the encryption algorithmvoid
setEncryptionTransportKey(java.security.Key encryptionTransportKey)
void
setEncryptionUseThisCertificate(java.security.cert.X509Certificate encryptionUseThisCertificate)
void
setIdAttributeNS(javax.xml.namespace.QName idAttributeNS)
Sets the qualified name of the ID attribute used to sign the document.void
setSignatureAlgorithm(java.lang.String signatureAlgorithm)
void
setSignatureCanonicalizationAlgorithm(java.lang.String signatureCanonicalizationAlgorithm)
void
setSignatureCerts(java.security.cert.X509Certificate[] signatureCerts)
void
setSignatureDigestAlgorithm(java.lang.String signatureDigestAlgorithm)
void
setSignatureGenerateIds(boolean signatureGenerateIds)
specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structuresvoid
setSignatureIncludeDigestTransform(boolean signatureIncludeDigestTransform)
specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms listvoid
setSignatureKey(java.security.Key signatureKey)
void
setSignatureKeyIdentifier(SecurityTokenConstants.KeyIdentifier signatureKeyIdentifier)
void
setSignatureKeyIdentifiers(java.util.List<SecurityTokenConstants.KeyIdentifier> signatureKeyIdentifiers)
void
setSignatureKeyName(java.lang.String signatureKeyName)
specifies the contents of the KeyInfo/KeyName element for signingvoid
setSignaturePosition(int signaturePosition)
Specifies the position of the signaturevoid
setSignaturePositionQName(javax.xml.namespace.QName signaturePositionQName)
void
setSignaturePositionStart(boolean signaturePositionStart)
void
setSignatureVerificationKey(java.security.Key signatureVerificationKey)
void
setSkipDocumentEvents(boolean skipDocumentEvents)
specifies if the framework should forward Document-Events or notvoid
setUseSingleCert(boolean useSingleCert)
-
-
-
Field Detail
-
inputProcessorList
private final java.util.List<InputProcessor> inputProcessorList
-
skipDocumentEvents
private boolean skipDocumentEvents
-
disableSchemaValidation
private boolean disableSchemaValidation
-
actions
private java.util.List<XMLSecurityConstants.Action> actions
-
encryptionUseThisCertificate
private java.security.cert.X509Certificate encryptionUseThisCertificate
-
encryptionSymAlgorithm
private java.lang.String encryptionSymAlgorithm
-
encryptionKeyTransportAlgorithm
private java.lang.String encryptionKeyTransportAlgorithm
-
encryptionKeyTransportDigestAlgorithm
private java.lang.String encryptionKeyTransportDigestAlgorithm
-
encryptionKeyTransportMGFAlgorithm
private java.lang.String encryptionKeyTransportMGFAlgorithm
-
encryptionKeyTransportOAEPParams
private byte[] encryptionKeyTransportOAEPParams
-
encryptionParts
private final java.util.List<SecurePart> encryptionParts
-
encryptionKey
private java.security.Key encryptionKey
-
encryptionTransportKey
private java.security.Key encryptionTransportKey
-
encryptionKeyIdentifier
private SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier
-
encryptionKeyName
private java.lang.String encryptionKeyName
-
decryptionKey
private java.security.Key decryptionKey
-
signatureParts
private final java.util.List<SecurePart> signatureParts
-
signatureAlgorithm
private java.lang.String signatureAlgorithm
-
signatureDigestAlgorithm
private java.lang.String signatureDigestAlgorithm
-
signatureCanonicalizationAlgorithm
private java.lang.String signatureCanonicalizationAlgorithm
-
signatureKey
private java.security.Key signatureKey
-
signatureCerts
private java.security.cert.X509Certificate[] signatureCerts
-
addExcC14NInclusivePrefixes
private boolean addExcC14NInclusivePrefixes
-
signatureKeyIdentifiers
private java.util.List<SecurityTokenConstants.KeyIdentifier> signatureKeyIdentifiers
-
signatureKeyName
private java.lang.String signatureKeyName
-
useSingleCert
private boolean useSingleCert
-
signatureVerificationKey
private java.security.Key signatureVerificationKey
-
signaturePosition
private int signaturePosition
-
idAttributeNS
private javax.xml.namespace.QName idAttributeNS
-
keyNameMap
private final java.util.Map<java.lang.String,java.security.Key> keyNameMap
-
signatureGenerateIds
private boolean signatureGenerateIds
-
signatureIncludeDigestTransform
private boolean signatureIncludeDigestTransform
-
signaturePositionQName
private javax.xml.namespace.QName signaturePositionQName
-
signaturePositionStart
private boolean signaturePositionStart
-
-
Constructor Detail
-
XMLSecurityProperties
public XMLSecurityProperties()
-
XMLSecurityProperties
protected XMLSecurityProperties(XMLSecurityProperties xmlSecurityProperties)
-
-
Method Detail
-
isSignaturePositionStart
public boolean isSignaturePositionStart()
-
setSignaturePositionStart
public void setSignaturePositionStart(boolean signaturePositionStart)
-
getSignatureKeyIdentifier
@Deprecated public SecurityTokenConstants.KeyIdentifier getSignatureKeyIdentifier()
Deprecated.
-
getSignatureKeyIdentifiers
public java.util.List<SecurityTokenConstants.KeyIdentifier> getSignatureKeyIdentifiers()
-
setSignatureKeyIdentifier
public void setSignatureKeyIdentifier(SecurityTokenConstants.KeyIdentifier signatureKeyIdentifier)
-
setSignatureKeyIdentifiers
public void setSignatureKeyIdentifiers(java.util.List<SecurityTokenConstants.KeyIdentifier> signatureKeyIdentifiers)
-
getSignaturePosition
public int getSignaturePosition()
returns the position of the signature. By default, the signature is located at the first child of the root element- Returns:
- The signature position
-
setSignaturePosition
public void setSignaturePosition(int signaturePosition)
Specifies the position of the signature- Parameters:
signaturePosition
- Position of the signature (by default: 0)
-
getIdAttributeNS
public javax.xml.namespace.QName getIdAttributeNS()
Return the qualified name of the ID attribute used to sign the document. By default, ID is used.- Returns:
- the qualified name of the ID attribute
-
setIdAttributeNS
public void setIdAttributeNS(javax.xml.namespace.QName idAttributeNS)
Sets the qualified name of the ID attribute used to sign the document.- Parameters:
idAttributeNS
- Qualified Name of the ID attribute to use
-
getEncryptionKeyIdentifier
public SecurityTokenConstants.KeyIdentifier getEncryptionKeyIdentifier()
returns the KeyIdentifierType which will be used in the secured document- Returns:
- The KeyIdentifierType
-
setEncryptionKeyIdentifier
public void setEncryptionKeyIdentifier(SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier)
Specifies the KeyIdentifierType to use in the secured document- Parameters:
encryptionKeyIdentifier
-
-
addInputProcessor
public void addInputProcessor(InputProcessor inputProcessor)
Add an additional, non standard, InputProcessor to the chain- Parameters:
inputProcessor
- The InputProcessor to add
-
getInputProcessorList
public java.util.List<InputProcessor> getInputProcessorList()
Returns the currently registered additional InputProcessors- Returns:
- the List with the InputProcessors
-
setDecryptionKey
public void setDecryptionKey(java.security.Key decryptionKey)
-
getDecryptionKey
public java.security.Key getDecryptionKey()
-
setEncryptionTransportKey
public void setEncryptionTransportKey(java.security.Key encryptionTransportKey)
-
getEncryptionTransportKey
public java.security.Key getEncryptionTransportKey()
-
setEncryptionKey
public void setEncryptionKey(java.security.Key encryptionKey)
-
getEncryptionKey
public java.security.Key getEncryptionKey()
-
addEncryptionPart
public void addEncryptionPart(SecurePart securePart)
Adds a part which must be encrypted by the framework- Parameters:
securePart
-
-
getEncryptionSecureParts
public java.util.List<SecurePart> getEncryptionSecureParts()
Returns the encryption parts which are actually set- Returns:
- A List of SecurePart's
-
getEncryptionSymAlgorithm
public java.lang.String getEncryptionSymAlgorithm()
Returns the Encryption-Algo- Returns:
- the Encryption-Algo as String
-
setEncryptionSymAlgorithm
public void setEncryptionSymAlgorithm(java.lang.String encryptionSymAlgorithm)
Specifies the encryption algorithm- Parameters:
encryptionSymAlgorithm
- The algo to use for encryption
-
getEncryptionKeyTransportAlgorithm
public java.lang.String getEncryptionKeyTransportAlgorithm()
Returns the encryption key transport algorithm- Returns:
- the key transport algorithm as string
-
setEncryptionKeyTransportAlgorithm
public void setEncryptionKeyTransportAlgorithm(java.lang.String encryptionKeyTransportAlgorithm)
Specifies the encryption key transport algorithm- Parameters:
encryptionKeyTransportAlgorithm
- the encryption key transport algorithm as string
-
getEncryptionKeyTransportDigestAlgorithm
public java.lang.String getEncryptionKeyTransportDigestAlgorithm()
-
setEncryptionKeyTransportDigestAlgorithm
public void setEncryptionKeyTransportDigestAlgorithm(java.lang.String encryptionKeyTransportDigestAlgorithm)
-
getEncryptionKeyTransportMGFAlgorithm
public java.lang.String getEncryptionKeyTransportMGFAlgorithm()
-
setEncryptionKeyTransportMGFAlgorithm
public void setEncryptionKeyTransportMGFAlgorithm(java.lang.String encryptionKeyTransportMGFAlgorithm)
-
getEncryptionKeyTransportOAEPParams
public byte[] getEncryptionKeyTransportOAEPParams()
-
setEncryptionKeyTransportOAEPParams
public void setEncryptionKeyTransportOAEPParams(byte[] encryptionKeyTransportOAEPParams)
-
getEncryptionUseThisCertificate
public java.security.cert.X509Certificate getEncryptionUseThisCertificate()
-
setEncryptionUseThisCertificate
public void setEncryptionUseThisCertificate(java.security.cert.X509Certificate encryptionUseThisCertificate)
-
getSignatureCerts
public java.security.cert.X509Certificate[] getSignatureCerts()
-
setSignatureCerts
public void setSignatureCerts(java.security.cert.X509Certificate[] signatureCerts)
-
addSignaturePart
public void addSignaturePart(SecurePart securePart)
-
getSignatureSecureParts
public java.util.List<SecurePart> getSignatureSecureParts()
-
getSignatureAlgorithm
public java.lang.String getSignatureAlgorithm()
-
setSignatureAlgorithm
public void setSignatureAlgorithm(java.lang.String signatureAlgorithm)
-
getSignatureDigestAlgorithm
public java.lang.String getSignatureDigestAlgorithm()
-
setSignatureDigestAlgorithm
public void setSignatureDigestAlgorithm(java.lang.String signatureDigestAlgorithm)
-
setSignatureKey
public void setSignatureKey(java.security.Key signatureKey)
-
getSignatureKey
public java.security.Key getSignatureKey()
-
isUseSingleCert
public boolean isUseSingleCert()
-
setUseSingleCert
public void setUseSingleCert(boolean useSingleCert)
-
isAddExcC14NInclusivePrefixes
public boolean isAddExcC14NInclusivePrefixes()
-
setAddExcC14NInclusivePrefixes
public void setAddExcC14NInclusivePrefixes(boolean addExcC14NInclusivePrefixes)
-
getActions
public java.util.List<XMLSecurityConstants.Action> getActions()
Returns the actual set actions- Returns:
- The Actions in applied order
-
setActions
public void setActions(java.util.List<XMLSecurityConstants.Action> actions)
Specifies how to secure the document eg. Timestamp, Signature, Encrypt- Parameters:
actions
-
-
addAction
public void addAction(XMLSecurityConstants.Action action)
-
getSignatureCanonicalizationAlgorithm
public java.lang.String getSignatureCanonicalizationAlgorithm()
-
setSignatureCanonicalizationAlgorithm
public void setSignatureCanonicalizationAlgorithm(java.lang.String signatureCanonicalizationAlgorithm)
-
getSignatureVerificationKey
public java.security.Key getSignatureVerificationKey()
-
setSignatureVerificationKey
public void setSignatureVerificationKey(java.security.Key signatureVerificationKey)
-
isSkipDocumentEvents
public boolean isSkipDocumentEvents()
Returns if the framework is skipping document-events- Returns:
- true if document-events will be skipped, false otherwise
-
setSkipDocumentEvents
public void setSkipDocumentEvents(boolean skipDocumentEvents)
specifies if the framework should forward Document-Events or not- Parameters:
skipDocumentEvents
- set to true when document events should be discarded, false otherwise
-
isDisableSchemaValidation
public boolean isDisableSchemaValidation()
-
setDisableSchemaValidation
public void setDisableSchemaValidation(boolean disableSchemaValidation)
-
getSignatureKeyName
public java.lang.String getSignatureKeyName()
-
setSignatureKeyName
public void setSignatureKeyName(java.lang.String signatureKeyName)
specifies the contents of the KeyInfo/KeyName element for signing- Parameters:
signatureKeyName
- set to a String that will be passed as contents of the KeyName element
-
getEncryptionKeyName
public java.lang.String getEncryptionKeyName()
-
setEncryptionKeyName
public void setEncryptionKeyName(java.lang.String encryptionKeyName)
specifies the contents of the KeyInfo/KeyName element for encryption- Parameters:
encryptionKeyName
- set to a String that will be passed as contents of the KeyName element
-
getKeyNameMap
public java.util.Map<java.lang.String,java.security.Key> getKeyNameMap()
returns an immutable instance of the map that links KeyName values to actual keys- Returns:
- keyNameMap set to the map containing KeyNames and Keys
-
addKeyNameMapping
public void addKeyNameMapping(java.lang.String keyname, java.security.Key key)
-
isSignatureGenerateIds
public boolean isSignatureGenerateIds()
-
setSignatureGenerateIds
public void setSignatureGenerateIds(boolean signatureGenerateIds)
specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structures- Parameters:
signatureGenerateIds
- set to true (default) to generate Id attributes
-
isSignatureIncludeDigestTransform
public boolean isSignatureIncludeDigestTransform()
-
setSignatureIncludeDigestTransform
public void setSignatureIncludeDigestTransform(boolean signatureIncludeDigestTransform)
specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms list- Parameters:
signatureIncludeDigestTransform
- set to true (default) to include the transform in the list
-
getSignaturePositionQName
public javax.xml.namespace.QName getSignaturePositionQName()
-
setSignaturePositionQName
public void setSignaturePositionQName(javax.xml.namespace.QName signaturePositionQName)
-
-