org.apache.ws.security.message
Class WSSecDKSign

java.lang.Object
  extended by org.apache.ws.security.message.WSSecBase
      extended by org.apache.ws.security.message.WSSecSignatureBase
          extended by org.apache.ws.security.message.WSSecDerivedKeyBase
              extended by org.apache.ws.security.message.WSSecDKSign

public class WSSecDKSign
extends WSSecDerivedKeyBase

Builder to sign with derived keys

Author:
Ruchith Fernando (ruchith.fernando@gmail.com), Davanum Srinivas (dims@yahoo.com), Werner Dittmann (werner@apache.org)

Field Summary
 
Fields inherited from class org.apache.ws.security.message.WSSecDerivedKeyBase
clientLabel, derivedKeyBytes, derivedKeyLength, dkt, dktId, document, envelope, ephemeralKey, serviceLabel, strElem, tokenIdDirectId, tokenIdentifier
 
Fields inherited from class org.apache.ws.security.message.WSSecBase
callbackLookup, doDebug, keyIdentifierType, parts, password, user
 
Constructor Summary
WSSecDKSign()
           
WSSecDKSign(WSSConfig config)
           
 
Method Summary
 List<javax.xml.crypto.dsig.Reference> addReferencesToSign(List<WSEncryptionPart> references, WSSecHeader secHeader)
          This method adds references to the Signature.
 Document build(Document doc, WSSecHeader secHeader)
           
 void computeSignature(List<javax.xml.crypto.dsig.Reference> referenceList)
          Compute the Signature over the references.
 void computeSignature(List<javax.xml.crypto.dsig.Reference> referenceList, boolean prepend, Element siblingElement)
          Compute the Signature over the references.
protected  int getDerivedKeyLength()
          The derived key will change depending on the sig/encr algorithm.
 String getDigestAlgorithm()
           
 String getSigCanonicalization()
          Get the canonicalization method.
 String getSignatureAlgorithm()
           
 Element getSignatureElement()
          Returns the SignatureElement.
 String getSignatureId()
          Returns the the value of wsu:Id attribute of the Signature element.
 byte[] getSignatureValue()
           
 void prepare(Document doc, WSSecHeader secHeader)
           
 void setDigestAlgorithm(String algorithm)
          Set the digest algorithm to use.
 void setSigCanonicalization(String algo)
          Set the canonicalization method to use.
 void setSignatureAlgorithm(String algorithm)
          Set the signature algorithm to use.
 
Methods inherited from class org.apache.ws.security.message.WSSecDerivedKeyBase
appendDKElementToHeader, getdktElement, getId, getTokenIdentifier, prepare, prependDKElementToHeader, setClientLabel, setCustomValueType, setDerivedKeyLength, setExternalKey, setExternalKey, setServiceLabel, setTokenIdDirectId, setWscVersion
 
Methods inherited from class org.apache.ws.security.message.WSSecSignatureBase
addReferencesToSign, createSTRParameter, getInclusivePrefixes, getInclusivePrefixes
 
Methods inherited from class org.apache.ws.security.message.WSSecBase
getKeyIdentifierType, getWsConfig, setBodyID, setCallbackLookup, setKeyIdentifierType, setParts, setUserInfo, setWsConfig, setWsuId
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

WSSecDKSign

public WSSecDKSign()

WSSecDKSign

public WSSecDKSign(WSSConfig config)
Method Detail

build

public Document build(Document doc,
                      WSSecHeader secHeader)
               throws WSSecurityException,
                      ConversationException
Throws:
WSSecurityException
ConversationException

prepare

public void prepare(Document doc,
                    WSSecHeader secHeader)
             throws WSSecurityException,
                    ConversationException
Throws:
WSSecurityException
ConversationException

getSignatureElement

public Element getSignatureElement()
Returns the SignatureElement. The method can be called any time after prepare().

Returns:
The DOM Element of the signature.

addReferencesToSign

public List<javax.xml.crypto.dsig.Reference> addReferencesToSign(List<WSEncryptionPart> references,
                                                                 WSSecHeader secHeader)
                                                          throws WSSecurityException
This method adds references to the Signature.

Parameters:
references - The list of references to sign
secHeader - The Security Header
Throws:
WSSecurityException

computeSignature

public void computeSignature(List<javax.xml.crypto.dsig.Reference> referenceList)
                      throws WSSecurityException
Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called any time after the references were set. See addReferencesToSign().

Throws:
WSSecurityException

computeSignature

public void computeSignature(List<javax.xml.crypto.dsig.Reference> referenceList,
                             boolean prepend,
                             Element siblingElement)
                      throws WSSecurityException
Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called any time after the references were set. See addReferencesToSign().

Throws:
WSSecurityException

getDerivedKeyLength

protected int getDerivedKeyLength()
                           throws WSSecurityException
Description copied from class: WSSecDerivedKeyBase
The derived key will change depending on the sig/encr algorithm. Therefore the child classes are expected to provide this value.

Specified by:
getDerivedKeyLength in class WSSecDerivedKeyBase
Returns:
the derived key length
Throws:
WSSecurityException
See Also:
WSSecDerivedKeyBase.getDerivedKeyLength()

setSignatureAlgorithm

public void setSignatureAlgorithm(String algorithm)
Set the signature algorithm to use. The default is WSConstants.SHA1.

Parameters:
algorithm - the signature algorithm to use.

getSignatureAlgorithm

public String getSignatureAlgorithm()
Returns:
the signature algorithm to use

getSignatureId

public String getSignatureId()
Returns the the value of wsu:Id attribute of the Signature element.

Returns:
Return the wsu:Id of this token or null if the signature has not been generated.

setDigestAlgorithm

public void setDigestAlgorithm(String algorithm)
Set the digest algorithm to use. The default is Constants.ALGO_ID_DIGEST_SHA1.

Parameters:
algorithm - the digest algorithm to use.

getDigestAlgorithm

public String getDigestAlgorithm()
Returns:
the digest algorithm to use

getSignatureValue

public byte[] getSignatureValue()
Returns:
Returns the signatureValue.

setSigCanonicalization

public void setSigCanonicalization(String algo)
Set the canonicalization method to use. If the canonicalization method is not set then the recommended Exclusive XML Canonicalization is used by default Refer to WSConstants which algorithms are supported.

Parameters:
algo - Is the name of the signature algorithm
See Also:
WSConstants.C14N_OMIT_COMMENTS, WSConstants.C14N_WITH_COMMENTS, WSConstants.C14N_EXCL_OMIT_COMMENTS, WSConstants.C14N_EXCL_WITH_COMMENTS

getSigCanonicalization

public String getSigCanonicalization()
Get the canonicalization method. If the canonicalization method was not set then Exclusive XML Canonicalization is used by default.

Returns:
The string describing the canonicalization algorithm.


Copyright © 2004-2013 The Apache Software Foundation. All Rights Reserved.