|
PicketLink Federation Core 2.1.6.Final-redhat-2 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.picketlink.identity.federation.core.util.XMLSignatureUtil
public class XMLSignatureUtil
Utility for XML Signature Note: You can change the canonicalization method type by using the system property "picketlink.xmlsig.canonicalization"
Constructor Summary | |
---|---|
XMLSignatureUtil()
|
Method Summary | |
---|---|
static KeyValueType |
createKeyValue(PublicKey key)
Creates a KeyValueType that wraps the specified public key. |
static DSAKeyValueType |
getDSAKeyValue(Element element)
Given a dsig:DSAKeyValue element, return DSAKeyValueType |
static RSAKeyValueType |
getRSAKeyValue(Element element)
Given a dsig:DSAKeyValue element, return DSAKeyValueType |
static X509Certificate |
getX509CertificateFromKeyInfoString(String certificateString)
Given the X509Certificate in the keyinfo element, get a X509Certificate |
static void |
marshall(Document signedDocument,
OutputStream os)
Marshall the signed document to an output stream |
static void |
marshall(SignatureType signature,
OutputStream os)
Marshall a SignatureType to output stream |
static boolean |
preCheckSignedInfo(Document doc)
Precheck whether the document that will be validated has the right signedinfo |
static void |
propagateIDAttributeSetup(Node sourceNode,
Element destElement)
Setup the ID attribute into destElement depending on the isId flag of an attribute of
sourceNode . |
static void |
setCanonicalizationMethodType(String canonical)
Set the canonicalization method type |
static void |
setIncludeKeyInfoInSignature(boolean includeKeyInfoInSignature)
Use this method to not include the KeyInfo in the signature |
static Document |
sign(Document doc,
KeyPair keyPair,
String digestMethod,
String signatureMethod,
String referenceURI)
Sign the root element |
static Document |
sign(Document doc,
Node nodeToBeSigned,
KeyPair keyPair,
String digestMethod,
String signatureMethod,
String referenceURI)
Sign a node in a document |
static Document |
sign(Document doc,
Node parentOfNodeToBeSigned,
PrivateKey signingKey,
X509Certificate certificate,
String digestMethod,
String signatureMethod,
String referenceURI)
Sign a node in a document |
static void |
sign(Element elementToSign,
Node nextSibling,
KeyPair keyPair,
String digestMethod,
String signatureMethod,
String referenceURI)
Sign only specified element (assumption is that it already has ID attribute set) |
static Document |
sign(SignatureUtilTransferObject dto)
Sign the root element |
static boolean |
validate(Document signedDoc,
Key publicKey)
Validate a signed document with the given public key |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public XMLSignatureUtil()
Method Detail |
---|
public static void setCanonicalizationMethodType(String canonical)
canonical
- public static void setIncludeKeyInfoInSignature(boolean includeKeyInfoInSignature)
includeKeyInfoInSignature
- public static boolean preCheckSignedInfo(Document doc)
doc
-
public static Document sign(Document doc, Node parentOfNodeToBeSigned, PrivateKey signingKey, X509Certificate certificate, String digestMethod, String signatureMethod, String referenceURI) throws ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException
doc
- DocumentparentOfNodeToBeSigned
- Parent Node of the node to be signedsigningKey
- Private Keycertificate
- X509 Certificate holding the public keydigestMethod
- (Example: DigestMethod.SHA1)signatureMethod
- (Example: SignatureMethod.DSA_SHA1)referenceURI
-
XMLSignatureException
MarshalException
GeneralSecurityException
ParserConfigurationException
public static Document sign(Document doc, Node nodeToBeSigned, KeyPair keyPair, String digestMethod, String signatureMethod, String referenceURI) throws ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException
doc
- nodeToBeSigned
- keyPair
- publicKey
- digestMethod
- signatureMethod
- referenceURI
-
ParserConfigurationException
XMLSignatureException
MarshalException
GeneralSecurityException
public static void sign(Element elementToSign, Node nextSibling, KeyPair keyPair, String digestMethod, String signatureMethod, String referenceURI) throws GeneralSecurityException, MarshalException, XMLSignatureException
elementToSign
- element to sign with set IDnextSibling
- child of elementToSign, which will be used as next sibling of created signaturekeyPair
- digestMethod
- signatureMethod
- referenceURI
-
GeneralSecurityException
MarshalException
XMLSignatureException
public static void propagateIDAttributeSetup(Node sourceNode, Element destElement)
destElement
depending on the isId
flag of an attribute of
sourceNode
.
sourceNode
- destDocElement
- public static Document sign(Document doc, KeyPair keyPair, String digestMethod, String signatureMethod, String referenceURI) throws GeneralSecurityException, MarshalException, XMLSignatureException
doc
- signingKey
- publicKey
- digestMethod
- signatureMethod
- referenceURI
-
GeneralSecurityException
XMLSignatureException
MarshalException
public static Document sign(SignatureUtilTransferObject dto) throws GeneralSecurityException, MarshalException, XMLSignatureException
doc
- signingKey
- publicKey
- digestMethod
- signatureMethod
- referenceURI
-
GeneralSecurityException
XMLSignatureException
MarshalException
public static boolean validate(Document signedDoc, Key publicKey) throws MarshalException, XMLSignatureException
signedDoc
- publicKey
-
MarshalException
XMLSignatureException
public static void marshall(SignatureType signature, OutputStream os) throws JAXBException, SAXException
signature
- os
-
SAXException
JAXBException
public static void marshall(Document signedDocument, OutputStream os) throws TransformerException
signedDocument
- os
-
TransformerException
public static X509Certificate getX509CertificateFromKeyInfoString(String certificateString) throws ProcessingException
X509Certificate
certificateString
-
ProcessingException
public static DSAKeyValueType getDSAKeyValue(Element element) throws ParsingException
DSAKeyValueType
element
-
ProcessingException
ParsingException
public static RSAKeyValueType getRSAKeyValue(Element element) throws ParsingException
DSAKeyValueType
element
-
ProcessingException
ParsingException
public static KeyValueType createKeyValue(PublicKey key)
Creates a KeyValueType
that wraps the specified public key. This method supports DSA and RSA keys.
key
- the PublicKey
that will be represented as a KeyValueType
.
KeyValueType
or null
if the specified key is neither a DSA nor a RSA key.
|
PicketLink Federation Core 2.1.6.Final-redhat-2 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |