Package com.sun.xml.wss.core
Class SignatureHeaderBlock
java.lang.Object
com.sun.xml.wss.impl.misc.SOAPElementExtension
com.sun.xml.wss.impl.misc.SecurityHeaderBlockImpl
com.sun.xml.wss.core.SignatureHeaderBlock
- All Implemented Interfaces:
SecurityHeaderBlock
,jakarta.xml.soap.Node
,jakarta.xml.soap.SOAPElement
,Element
,Node
<element name="Signature" type="ds:SignatureType"/>
<complexType name="SignatureType">
<sequence>
<element ref="ds:SignedInfo"/>
<element ref="ds:SignatureValue"/>
<element ref="ds:KeyInfo" minOccurs="0"/>
<element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
-
Field Summary
Fields inherited from class com.sun.xml.wss.impl.misc.SecurityHeaderBlockImpl
delegateElement
Fields inherited from interface org.w3c.dom.Node
ATTRIBUTE_NODE, CDATA_SECTION_NODE, COMMENT_NODE, DOCUMENT_FRAGMENT_NODE, DOCUMENT_NODE, DOCUMENT_POSITION_CONTAINED_BY, DOCUMENT_POSITION_CONTAINS, DOCUMENT_POSITION_DISCONNECTED, DOCUMENT_POSITION_FOLLOWING, DOCUMENT_POSITION_IMPLEMENTATION_SPECIFIC, DOCUMENT_POSITION_PRECEDING, DOCUMENT_TYPE_NODE, ELEMENT_NODE, ENTITY_NODE, ENTITY_REFERENCE_NODE, NOTATION_NODE, PROCESSING_INSTRUCTION_NODE, TEXT_NODE
-
Constructor Summary
ConstructorDescriptionSignatureHeaderBlock
(jakarta.xml.soap.SOAPElement elem) parse and create the Signature elementSignatureHeaderBlock
(org.apache.xml.security.signature.XMLSignature signature) constructor that takes Apache SignatureSignatureHeaderBlock
(Document doc, String signatureMethodURI) This creates a newds:Signature
Element and adds an emptyds:SignedInfo
. -
Method Summary
Modifier and TypeMethodDescriptionvoid
addSignedInfoReference
(String referenceURI, org.apache.xml.security.transforms.Transforms transforms) Adds a Reference with just the URI and the transforms.void
addSignedInfoReference
(String referenceURI, org.apache.xml.security.transforms.Transforms trans, String digestURI) Adds a Reference with URI, transforms and Digest algorithm URIvoid
addSignedInfoReference
(String referenceURI, org.apache.xml.security.transforms.Transforms trans, String digestURI, String referenceId, String referenceType) Add a Reference with full parameters to this Signaturevoid
appendObject
(jakarta.xml.soap.SOAPElement object) Method appendObject.boolean
Extracts the public key from the certificate and verifies if the signature is valid by re-digesting all References, comparing those against the stored DigestValues and then checking to see if the Signatures match on the SignedInfo.boolean
Verifies if the signature is valid by redigesting all References, comparing those against the stored DigestValues and then checking to see if the Signatures match on the SignedInfo.static SecurityHeaderBlock
fromSoapElement
(jakarta.xml.soap.SOAPElement element) jakarta.xml.soap.SOAPElement
Method to return the Signature as a SOAPElementorg.apache.xml.security.signature.SignedInfo
getId()
Method getIdjakarta.xml.soap.SOAPElement
Returns the KeyInfo child.Returns the KeyInfo as a HeaderBlock.int
Returns the number of allds:Object
elements.jakarta.xml.soap.SOAPElement
getObjectItem
(int index) Returns theindex
thds:Object
child of the signature or null if no suchds:Object
element exists.org.apache.xml.security.signature.XMLSignature
return the Apache XML Signature corresponding to this Blockbyte[]
Method getSignatureValuejakarta.xml.soap.SOAPElement
Returns the completely parsedSignedInfo
object.void
This method should be called when changes are made inside an object through its reference obtained from any of the get methods of this class.void
setApacheResourceResolver
(org.apache.xml.security.utils.resolver.ResourceResolverSpi resolver) void
setBaseURI
(String uri) Method setBaseURI : BaseURI needed by Apache KeyInfo Ctorvoid
setDocument
(Document doc) setDocument.void
Method setIdvoid
Digests all References in the SignedInfo, calculates the signature value and sets it in the SignatureValue Element.Methods inherited from class com.sun.xml.wss.impl.misc.SecurityHeaderBlockImpl
addAttribute, addChildElement, addChildElement, addChildElement, addChildElement, addChildElement, addNamespaceDeclaration, addTextNode, appendChild, cloneNode, compareDocumentPosition, detachNode, equals, fromSoapElement, getAllAttributes, getAllAttributesAsQNames, getAttribute, getAttributeNode, getAttributeNodeNS, getAttributeNS, getAttributes, getAttributeValue, getBaseURI, getChildElements, getChildElements, getChildNodes, getElementName, getElementsByTagName, getElementsByTagNameNS, getEncodingStyle, getFeature, getFirstChild, getLastChild, getLocalName, getNamespacePrefixes, getNamespaceURI, getNamespaceURI, getNextSibling, getNodeName, getNodeType, getNodeValue, getOwnerDocument, getParentElement, getParentNode, getPrefix, getPreviousSibling, getSchemaTypeInfo, getSoapFactory, getTagName, getTextContent, getUserData, getValue, getVisibleNamespacePrefixes, hasAttribute, hasAttributeNS, hasAttributes, hasChildNodes, insertBefore, isBSP, isBSP, isDefaultNamespace, isEqualNode, isSameNode, isSupported, lookupNamespaceURI, lookupPrefix, normalize, recycleNode, removeAttribute, removeAttribute, removeAttributeNode, removeAttributeNS, removeChild, removeContents, removeNamespaceDeclaration, replaceChild, setAttribute, setAttributeNode, setAttributeNodeNS, setAttributeNS, setEncodingStyle, setIdAttribute, setIdAttributeNode, setIdAttributeNS, setNodeValue, setParentElement, setPrefix, setSOAPElement, setTextContent, setUserData, setValue, setWsuIdAttr
Methods inherited from class com.sun.xml.wss.impl.misc.SOAPElementExtension
addAttribute, addChildElement, createQName, getAttributeValue, getChildElements, getElementQName, removeAttribute, setElementQName
Methods inherited from class java.lang.Object
clone, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface jakarta.xml.soap.SOAPElement
addAttribute, addChildElement, createQName, getAttributeValue, getChildElements, getElementQName, removeAttribute, setElementQName
-
Field Details
-
SignatureSpecNS
- See Also:
-
SignatureSpecNSprefix
- See Also:
-
TAG_SIGNATURE
- See Also:
-
-
Constructor Details
-
SignatureHeaderBlock
parse and create the Signature element- Parameters:
elem
- the element representing an XML Signature NOTE : this constructor assumes a fully initialized XML Signature No modifications are allowed on the signature, We can only get existing values. For example appendObject() would throw an Exception. If a KeyInfo was not present in the signature, then calling getKeyInfo() will not append a KeyInfo child to the signature.- Throws:
XWSSecurityException
-
SignatureHeaderBlock
public SignatureHeaderBlock(org.apache.xml.security.signature.XMLSignature signature) throws XWSSecurityException constructor that takes Apache Signature- Parameters:
signature
- the XMLSignature from XML DSIG NOTE : No modifications are allowed on the signature, if a SIGN operation has already been performed on the argument signature. We can only get existing values. For example appendObject() would throw an Exception. If a KeyInfo was not present in the signature, then calling getKeyInfo() will not append a KeyInfo child to the signature.- Throws:
XWSSecurityException
-
SignatureHeaderBlock
This creates a newds:Signature
Element and adds an emptyds:SignedInfo
. Theds:SignedInfo
is initialized with the specified Signature algorithm and Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS which is RECOMMENDED by the spec. This method's main use is for creating a new signature.- Parameters:
doc
- The OwnerDocument of signaturesignatureMethodURI
- signature algorithm to use.- Throws:
XWSSecurityException
-
-
Method Details
-
getSignature
public org.apache.xml.security.signature.XMLSignature getSignature()return the Apache XML Signature corresponding to this Block- Returns:
- the XMLSignature
-
sign
Digests all References in the SignedInfo, calculates the signature value and sets it in the SignatureValue Element.- Parameters:
signingKey
- thePrivateKey
orSecretKey
that is used to sign.- Throws:
XWSSecurityException
-
getSignedInfo
Returns the completely parsedSignedInfo
object.- Returns:
- the SignedInfo as a SOAPElement
- Throws:
XWSSecurityException
-
getDSSignedInfo
public org.apache.xml.security.signature.SignedInfo getDSSignedInfo() -
getKeyInfo
Returns the KeyInfo child.- Returns:
- the KeyInfo object
- Throws:
XWSSecurityException
-
getKeyInfoHeaderBlock
Returns the KeyInfo as a HeaderBlock.- Returns:
- the KeyInfoHeaderBlock object
- Throws:
XWSSecurityException
-
getSignatureValue
Method getSignatureValue- Throws:
XWSSecurityException
-
addSignedInfoReference
public void addSignedInfoReference(String referenceURI, org.apache.xml.security.transforms.Transforms transforms) throws XWSSecurityException Adds a Reference with just the URI and the transforms. This uses the SHA1 algorithm as a default digest algorithm.- Parameters:
referenceURI
- URI according to the XML Signature specification.transforms
- List of transformations to be applied.- Throws:
XWSSecurityException
-
addSignedInfoReference
public void addSignedInfoReference(String referenceURI, org.apache.xml.security.transforms.Transforms trans, String digestURI) throws XWSSecurityException Adds a Reference with URI, transforms and Digest algorithm URI- Parameters:
referenceURI
- URI according to the XML Signature specification.trans
- List of transformations to be applied.digestURI
- URI of the digest algorithm to be used.- Throws:
XWSSecurityException
-
addSignedInfoReference
public void addSignedInfoReference(String referenceURI, org.apache.xml.security.transforms.Transforms trans, String digestURI, String referenceId, String referenceType) throws XWSSecurityException Add a Reference with full parameters to this Signature- Parameters:
referenceURI
- URI of the resource to be signed.Can be null in which case the dereferencing is application specific. Can be "" in which it's the parent node (or parent document?). There can only be one "" in each signature.trans
- Optional list of transformations to be done before digestingdigestURI
- Mandatory URI of the digesting algorithm to use.referenceId
- Optional id attribute for this ReferencereferenceType
- Optional mimetype for the URI- Throws:
XWSSecurityException
-
checkSignatureValue
Extracts the public key from the certificate and verifies if the signature is valid by re-digesting all References, comparing those against the stored DigestValues and then checking to see if the Signatures match on the SignedInfo.- Parameters:
cert
- Certificate that contains the public key part of the keypair that was used to sign.- Returns:
- true if the signature is valid, false otherwise
- Throws:
XWSSecurityException
-
checkSignatureValue
Verifies if the signature is valid by redigesting all References, comparing those against the stored DigestValues and then checking to see if the Signatures match on the SignedInfo.- Parameters:
pk
-PublicKey
part of the keypair orSecretKey
that was used to sign- Returns:
- true if the signature is valid, false otherwise
- Throws:
XWSSecurityException
-
appendObject
Method appendObject.- Throws:
XWSSecurityException
-
getObjectItem
Returns theindex
thds:Object
child of the signature or null if no suchds:Object
element exists.- Returns:
- the
index
thds:Object
child of the signature or null if no suchds:Object
element exists. 1 is the lowest index (not 0) - Throws:
XWSSecurityException
-
getObjectCount
public int getObjectCount()Returns the number of allds:Object
elements.- Returns:
- the number of all
ds:Object
elements.
-
setId
Method setId -
getId
Method getId- Specified by:
getId
in interfaceSecurityHeaderBlock
- Overrides:
getId
in classSecurityHeaderBlockImpl
- Returns:
- the id
-
setBaseURI
Method setBaseURI : BaseURI needed by Apache KeyInfo Ctor- Parameters:
uri
- URI to be used as context for all relative URIs.
-
getAsSoapElement
Method to return the Signature as a SOAPElement- Specified by:
getAsSoapElement
in interfaceSecurityHeaderBlock
- Overrides:
getAsSoapElement
in classSecurityHeaderBlockImpl
- Returns:
- SOAPElement
- Throws:
XWSSecurityException
- If owner soap document is not set.- See Also:
-
setDocument
setDocument.- Parameters:
doc
- The owner Document of this Signature
-
saveChanges
public void saveChanges()This method should be called when changes are made inside an object through its reference obtained from any of the get methods of this class. As an example, if getKeyInfo() call is made and then changes are made inside the keyInfo, this method should be called to reflect changes when getAsSoapElement() is called finally. -
setApacheResourceResolver
public void setApacheResourceResolver(org.apache.xml.security.utils.resolver.ResourceResolverSpi resolver) -
fromSoapElement
public static SecurityHeaderBlock fromSoapElement(jakarta.xml.soap.SOAPElement element) throws XWSSecurityException - Throws:
XWSSecurityException
-