Package org.apache.xml.security.stax.ext
Class XMLSecurityProperties
java.lang.Object
org.apache.xml.security.stax.ext.XMLSecurityProperties
Main configuration class to supply keys etc.
This class is subject to change in the future.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate List<XMLSecurityConstants.Action>
private boolean
private Key
private boolean
private Key
private String
private String
private String
private String
private byte[]
private final List<SecurePart>
private String
private Key
private X509Certificate
private QName
private final List<InputProcessor>
private String
private String
private X509Certificate[]
private String
private boolean
private boolean
private Key
private List<SecurityTokenConstants.KeyIdentifier>
private String
private final List<SecurePart>
private int
private QName
private boolean
private Key
private boolean
private boolean
-
Constructor Summary
ConstructorsModifierConstructorDescriptionprotected
XMLSecurityProperties
(XMLSecurityProperties xmlSecurityProperties) -
Method Summary
Modifier and TypeMethodDescriptionvoid
addAction
(XMLSecurityConstants.Action action) void
addEncryptionPart
(SecurePart securePart) Adds a part which must be encrypted by the frameworkvoid
addInputProcessor
(InputProcessor inputProcessor) Add an additional, non standard, InputProcessor to the chainvoid
addKeyNameMapping
(String keyname, Key key) void
addSignaturePart
(SecurePart securePart) Returns the actual set actionsreturns the KeyIdentifierType which will be used in the secured documentReturns the encryption key transport algorithmbyte[]
Returns the encryption parts which are actually setReturns the Encryption-AlgoReturn the qualified name of the ID attribute used to sign the document.Returns the currently registered additional InputProcessorsreturns an immutable instance of the map that links KeyName values to actual keysDeprecated.int
returns the position of the signature.boolean
boolean
boolean
boolean
boolean
boolean
Returns if the framework is skipping document-eventsboolean
void
setActions
(List<XMLSecurityConstants.Action> actions) Specifies how to secure the document eg.void
setAddExcC14NInclusivePrefixes
(boolean addExcC14NInclusivePrefixes) void
setDecryptionKey
(Key decryptionKey) void
setDisableSchemaValidation
(boolean disableSchemaValidation) void
setEncryptionKey
(Key encryptionKey) void
setEncryptionKeyIdentifier
(SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier) Specifies the KeyIdentifierType to use in the secured documentvoid
setEncryptionKeyName
(String encryptionKeyName) specifies the contents of the KeyInfo/KeyName element for encryptionvoid
setEncryptionKeyTransportAlgorithm
(String encryptionKeyTransportAlgorithm) Specifies the encryption key transport algorithmvoid
setEncryptionKeyTransportDigestAlgorithm
(String encryptionKeyTransportDigestAlgorithm) void
setEncryptionKeyTransportMGFAlgorithm
(String encryptionKeyTransportMGFAlgorithm) void
setEncryptionKeyTransportOAEPParams
(byte[] encryptionKeyTransportOAEPParams) void
setEncryptionSymAlgorithm
(String encryptionSymAlgorithm) Specifies the encryption algorithmvoid
setEncryptionTransportKey
(Key encryptionTransportKey) void
setEncryptionUseThisCertificate
(X509Certificate encryptionUseThisCertificate) void
setIdAttributeNS
(QName idAttributeNS) Sets the qualified name of the ID attribute used to sign the document.void
setSignatureAlgorithm
(String signatureAlgorithm) void
setSignatureCanonicalizationAlgorithm
(String signatureCanonicalizationAlgorithm) void
setSignatureCerts
(X509Certificate[] signatureCerts) void
setSignatureDigestAlgorithm
(String signatureDigestAlgorithm) void
setSignatureGenerateIds
(boolean signatureGenerateIds) specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structuresvoid
setSignatureIncludeDigestTransform
(boolean signatureIncludeDigestTransform) specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms listvoid
setSignatureKey
(Key signatureKey) void
setSignatureKeyIdentifier
(SecurityTokenConstants.KeyIdentifier signatureKeyIdentifier) void
setSignatureKeyIdentifiers
(List<SecurityTokenConstants.KeyIdentifier> signatureKeyIdentifiers) void
setSignatureKeyName
(String signatureKeyName) specifies the contents of the KeyInfo/KeyName element for signingvoid
setSignaturePosition
(int signaturePosition) Specifies the position of the signaturevoid
setSignaturePositionQName
(QName signaturePositionQName) void
setSignaturePositionStart
(boolean signaturePositionStart) void
setSignatureVerificationKey
(Key signatureVerificationKey) void
setSkipDocumentEvents
(boolean skipDocumentEvents) specifies if the framework should forward Document-Events or notvoid
setUseSingleCert
(boolean useSingleCert)
-
Field Details
-
inputProcessorList
-
skipDocumentEvents
private boolean skipDocumentEvents -
disableSchemaValidation
private boolean disableSchemaValidation -
actions
-
encryptionUseThisCertificate
-
encryptionSymAlgorithm
-
encryptionKeyTransportAlgorithm
-
encryptionKeyTransportDigestAlgorithm
-
encryptionKeyTransportMGFAlgorithm
-
encryptionKeyTransportOAEPParams
private byte[] encryptionKeyTransportOAEPParams -
encryptionParts
-
encryptionKey
-
encryptionTransportKey
-
encryptionKeyIdentifier
-
encryptionKeyName
-
decryptionKey
-
signatureParts
-
signatureAlgorithm
-
signatureDigestAlgorithm
-
signatureCanonicalizationAlgorithm
-
signatureKey
-
signatureCerts
-
addExcC14NInclusivePrefixes
private boolean addExcC14NInclusivePrefixes -
signatureKeyIdentifiers
-
signatureKeyName
-
useSingleCert
private boolean useSingleCert -
signatureVerificationKey
-
signaturePosition
private int signaturePosition -
idAttributeNS
-
keyNameMap
-
signatureGenerateIds
private boolean signatureGenerateIds -
signatureIncludeDigestTransform
private boolean signatureIncludeDigestTransform -
signaturePositionQName
-
signaturePositionStart
private boolean signaturePositionStart
-
-
Constructor Details
-
XMLSecurityProperties
public XMLSecurityProperties() -
XMLSecurityProperties
-
-
Method Details
-
isSignaturePositionStart
public boolean isSignaturePositionStart() -
setSignaturePositionStart
public void setSignaturePositionStart(boolean signaturePositionStart) -
getSignatureKeyIdentifier
Deprecated. -
getSignatureKeyIdentifiers
-
setSignatureKeyIdentifier
-
setSignatureKeyIdentifiers
public void setSignatureKeyIdentifiers(List<SecurityTokenConstants.KeyIdentifier> signatureKeyIdentifiers) -
getSignaturePosition
public int getSignaturePosition()returns the position of the signature. By default, the signature is located at the first child of the root element- Returns:
- The signature position
-
setSignaturePosition
public void setSignaturePosition(int signaturePosition) Specifies the position of the signature- Parameters:
signaturePosition
- Position of the signature (by default: 0)
-
getIdAttributeNS
Return the qualified name of the ID attribute used to sign the document. By default, ID is used.- Returns:
- the qualified name of the ID attribute
-
setIdAttributeNS
Sets the qualified name of the ID attribute used to sign the document.- Parameters:
idAttributeNS
- Qualified Name of the ID attribute to use
-
getEncryptionKeyIdentifier
returns the KeyIdentifierType which will be used in the secured document- Returns:
- The KeyIdentifierType
-
setEncryptionKeyIdentifier
public void setEncryptionKeyIdentifier(SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier) Specifies the KeyIdentifierType to use in the secured document- Parameters:
encryptionKeyIdentifier
-
-
addInputProcessor
Add an additional, non standard, InputProcessor to the chain- Parameters:
inputProcessor
- The InputProcessor to add
-
getInputProcessorList
Returns the currently registered additional InputProcessors- Returns:
- the List with the InputProcessors
-
setDecryptionKey
-
getDecryptionKey
-
setEncryptionTransportKey
-
getEncryptionTransportKey
-
setEncryptionKey
-
getEncryptionKey
-
addEncryptionPart
Adds a part which must be encrypted by the framework- Parameters:
securePart
-
-
getEncryptionSecureParts
Returns the encryption parts which are actually set- Returns:
- A List of SecurePart's
-
getEncryptionSymAlgorithm
Returns the Encryption-Algo- Returns:
- the Encryption-Algo as String
-
setEncryptionSymAlgorithm
Specifies the encryption algorithm- Parameters:
encryptionSymAlgorithm
- The algo to use for encryption
-
getEncryptionKeyTransportAlgorithm
Returns the encryption key transport algorithm- Returns:
- the key transport algorithm as string
-
setEncryptionKeyTransportAlgorithm
Specifies the encryption key transport algorithm- Parameters:
encryptionKeyTransportAlgorithm
- the encryption key transport algorithm as string
-
getEncryptionKeyTransportDigestAlgorithm
-
setEncryptionKeyTransportDigestAlgorithm
-
getEncryptionKeyTransportMGFAlgorithm
-
setEncryptionKeyTransportMGFAlgorithm
-
getEncryptionKeyTransportOAEPParams
public byte[] getEncryptionKeyTransportOAEPParams() -
setEncryptionKeyTransportOAEPParams
public void setEncryptionKeyTransportOAEPParams(byte[] encryptionKeyTransportOAEPParams) -
getEncryptionUseThisCertificate
-
setEncryptionUseThisCertificate
-
getSignatureCerts
-
setSignatureCerts
-
addSignaturePart
-
getSignatureSecureParts
-
getSignatureAlgorithm
-
setSignatureAlgorithm
-
getSignatureDigestAlgorithm
-
setSignatureDigestAlgorithm
-
setSignatureKey
-
getSignatureKey
-
isUseSingleCert
public boolean isUseSingleCert() -
setUseSingleCert
public void setUseSingleCert(boolean useSingleCert) -
isAddExcC14NInclusivePrefixes
public boolean isAddExcC14NInclusivePrefixes() -
setAddExcC14NInclusivePrefixes
public void setAddExcC14NInclusivePrefixes(boolean addExcC14NInclusivePrefixes) -
getActions
Returns the actual set actions- Returns:
- The Actions in applied order
-
setActions
Specifies how to secure the document eg. Timestamp, Signature, Encrypt- Parameters:
actions
-
-
addAction
-
getSignatureCanonicalizationAlgorithm
-
setSignatureCanonicalizationAlgorithm
-
getSignatureVerificationKey
-
setSignatureVerificationKey
-
isSkipDocumentEvents
public boolean isSkipDocumentEvents()Returns if the framework is skipping document-events- Returns:
- true if document-events will be skipped, false otherwise
-
setSkipDocumentEvents
public void setSkipDocumentEvents(boolean skipDocumentEvents) specifies if the framework should forward Document-Events or not- Parameters:
skipDocumentEvents
- set to true when document events should be discarded, false otherwise
-
isDisableSchemaValidation
public boolean isDisableSchemaValidation() -
setDisableSchemaValidation
public void setDisableSchemaValidation(boolean disableSchemaValidation) -
getSignatureKeyName
-
setSignatureKeyName
specifies the contents of the KeyInfo/KeyName element for signing- Parameters:
signatureKeyName
- set to a String that will be passed as contents of the KeyName element
-
getEncryptionKeyName
-
setEncryptionKeyName
specifies the contents of the KeyInfo/KeyName element for encryption- Parameters:
encryptionKeyName
- set to a String that will be passed as contents of the KeyName element
-
getKeyNameMap
returns an immutable instance of the map that links KeyName values to actual keys- Returns:
- keyNameMap set to the map containing KeyNames and Keys
-
addKeyNameMapping
-
isSignatureGenerateIds
public boolean isSignatureGenerateIds() -
setSignatureGenerateIds
public void setSignatureGenerateIds(boolean signatureGenerateIds) specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structures- Parameters:
signatureGenerateIds
- set to true (default) to generate Id attributes
-
isSignatureIncludeDigestTransform
public boolean isSignatureIncludeDigestTransform() -
setSignatureIncludeDigestTransform
public void setSignatureIncludeDigestTransform(boolean signatureIncludeDigestTransform) specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms list- Parameters:
signatureIncludeDigestTransform
- set to true (default) to include the transform in the list
-
getSignaturePositionQName
-
setSignaturePositionQName
-