Package org.apache.wss4j.dom.message

Class WSSecDKSign

java.lang.Object
org.apache.wss4j.dom.message.WSSecBase
org.apache.wss4j.dom.message.WSSecSignatureBase
org.apache.wss4j.dom.message.WSSecDerivedKeyBase
org.apache.wss4j.dom.message.WSSecDKSign
public class WSSecDKSign extends WSSecDerivedKeyBase
Builder to sign with derived keys

  • Constructor Details

    • WSSecDKSign

      public WSSecDKSign(WSSecHeader securityHeader)

    • WSSecDKSign

      public WSSecDKSign(Document doc)

    • WSSecDKSign

      public WSSecDKSign(Document doc, Provider provider)

  • Method Details

    • build

      public Document build(byte[] ephemeralKey) throws WSSecurityException
      Throws:
      WSSecurityException

    • prepare

      public void prepare(byte[] ephemeralKey) throws WSSecurityException
      Description copied from class: WSSecDerivedKeyBase
      Initialize a WSSec Derived key. The method prepares and initializes a WSSec derived key structure after the relevant information was set. This method also creates and initializes the derived token using the ephemeral key. After preparation references can be added, encrypted and signed as required. This method does not add any element to the security header. This must be done explicitly.
      Overrides:
      prepare in class WSSecDerivedKeyBase
      Parameters:
      ephemeralKey - The ephemeral key to use for derivation
      Throws:
      WSSecurityException

    • getSignatureElement

      public Element getSignatureElement()
      Returns the SignatureElement. The method can be called any time after prepare().
      Returns:
      The DOM Element of the signature.

    • addReferencesToSign

      public List<Reference> addReferencesToSign(List<WSEncryptionPart> references) throws WSSecurityException
      This method adds references to the Signature.
      Parameters:
      references - The list of references to sign
      Throws:
      WSSecurityException

    • computeSignature

      public void computeSignature(List<Reference> referenceList) throws WSSecurityException
      Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called any time after the references were set. See addReferencesToSign().
      Throws:
      WSSecurityException

    • computeSignature

      public void computeSignature(List<Reference> referenceList, boolean prepend, Element siblingElement) throws WSSecurityException
      Compute the Signature over the references. After references are set this method computes the Signature for them. This method can be called any time after the references were set. See addReferencesToSign().
      Throws:
      WSSecurityException

    • getDerivedKeyLength

      protected int getDerivedKeyLength() throws WSSecurityException
      Description copied from class: WSSecDerivedKeyBase
      The derived key will change depending on the sig/encr algorithm. Therefore the child classes are expected to provide this value.
      Specified by:
      getDerivedKeyLength in class WSSecDerivedKeyBase
      Returns:
      the derived key length
      Throws:
      WSSecurityException

    • setDerivedKeyLength

      public void setDerivedKeyLength(int keyLength)

    • setSignatureAlgorithm

      public void setSignatureAlgorithm(String algorithm)
      Set the signature algorithm to use. The default is WSConstants.SHA1.
      Parameters:
      algorithm - the signature algorithm to use.

    • getSignatureAlgorithm

      public String getSignatureAlgorithm()
      Returns:
      the signature algorithm to use

    • getSignatureId

      public String getSignatureId()
      Returns the the value of wsu:Id attribute of the Signature element.
      Returns:
      Return the wsu:Id of this token or null if the signature has not been generated.

    • setDigestAlgorithm

      public void setDigestAlgorithm(String algorithm)
      Set the digest algorithm to use. The default is WSConstants.SHA1.
      Parameters:
      algorithm - the digest algorithm to use.

    • getDigestAlgorithm

      public String getDigestAlgorithm()
      Returns:
      the digest algorithm to use

    • getSignatureValue

      public byte[] getSignatureValue()
      Returns:
      Returns the signatureValue.

    • setSigCanonicalization

      public void setSigCanonicalization(String algo)
      Set the canonicalization method to use. If the canonicalization method is not set then the recommended Exclusive XML Canonicalization is used by default Refer to WSConstants which algorithms are supported.
      Parameters:
      algo - Is the name of the signature algorithm
      See Also:

    • getSigCanonicalization

      public String getSigCanonicalization()
      Get the canonicalization method. If the canonicalization method was not set then Exclusive XML Canonicalization is used by default.
      Returns:
      The string describing the canonicalization algorithm.

    • isAddInclusivePrefixes

      public boolean isAddInclusivePrefixes()

    • setAddInclusivePrefixes

      public void setAddInclusivePrefixes(boolean addInclusivePrefixes)