Package org.apache.xml.security.stax.ext
Class XMLSecurityProperties
- java.lang.Object
-
- org.apache.xml.security.stax.ext.XMLSecurityProperties
-
public class XMLSecurityProperties extends Object
Main configuration class to supply keys etc. This class is subject to change in the future.- Version:
- $Revision: 1817216 $ $Date: 2017-12-05 17:54:49 +0100 (Tue, 05 Dec 2017) $
- Author:
- $Author: coheigea $
-
-
Constructor Summary
Constructors Modifier Constructor Description XMLSecurityProperties()
protected
XMLSecurityProperties(XMLSecurityProperties xmlSecurityProperties)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addAction(XMLSecurityConstants.Action action)
void
addEncryptionPart(SecurePart securePart)
Adds a part which must be encrypted by the frameworkvoid
addInputProcessor(InputProcessor inputProcessor)
Add an additional, non standard, InputProcessor to the chainvoid
addKeyNameMapping(String keyname, Key key)
void
addSignaturePart(SecurePart securePart)
List<XMLSecurityConstants.Action>
getActions()
Returns the actual set actionsKey
getDecryptionKey()
Key
getEncryptionKey()
SecurityTokenConstants.KeyIdentifier
getEncryptionKeyIdentifier()
returns the KeyIdentifierType which will be used in the secured documentString
getEncryptionKeyName()
String
getEncryptionKeyTransportAlgorithm()
Returns the encryption key transport algorithmString
getEncryptionKeyTransportDigestAlgorithm()
String
getEncryptionKeyTransportMGFAlgorithm()
byte[]
getEncryptionKeyTransportOAEPParams()
List<SecurePart>
getEncryptionSecureParts()
Returns the encryption parts which are actually setString
getEncryptionSymAlgorithm()
Returns the Encryption-AlgoKey
getEncryptionTransportKey()
X509Certificate
getEncryptionUseThisCertificate()
QName
getIdAttributeNS()
Return the qualified name of the ID attribute used to sign the document.List<InputProcessor>
getInputProcessorList()
Returns the currently registered additional InputProcessorsMap<String,Key>
getKeyNameMap()
returns an immutable instance of the map that links KeyName values to actual keysString
getSignatureAlgorithm()
String
getSignatureCanonicalizationAlgorithm()
X509Certificate[]
getSignatureCerts()
String
getSignatureDigestAlgorithm()
Key
getSignatureKey()
SecurityTokenConstants.KeyIdentifier
getSignatureKeyIdentifier()
String
getSignatureKeyName()
int
getSignaturePosition()
returns the position of the signature.QName
getSignaturePositionQName()
List<SecurePart>
getSignatureSecureParts()
Key
getSignatureVerificationKey()
boolean
isAddExcC14NInclusivePrefixes()
boolean
isDisableSchemaValidation()
boolean
isSignatureGenerateIds()
boolean
isSignatureIncludeDigestTransform()
boolean
isSignaturePositionStart()
boolean
isSkipDocumentEvents()
Returns if the framework is skipping document-eventsboolean
isUseSingleCert()
void
setActions(List<XMLSecurityConstants.Action> actions)
Specifies how to secure the document eg.void
setAddExcC14NInclusivePrefixes(boolean addExcC14NInclusivePrefixes)
void
setDecryptionKey(Key decryptionKey)
void
setDisableSchemaValidation(boolean disableSchemaValidation)
void
setEncryptionKey(Key encryptionKey)
void
setEncryptionKeyIdentifier(SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier)
Specifies the KeyIdentifierType to use in the secured documentvoid
setEncryptionKeyName(String encryptionKeyName)
specifies the contents of the KeyInfo/KeyName element for encryptionvoid
setEncryptionKeyTransportAlgorithm(String encryptionKeyTransportAlgorithm)
Specifies the encryption key transport algorithmvoid
setEncryptionKeyTransportDigestAlgorithm(String encryptionKeyTransportDigestAlgorithm)
void
setEncryptionKeyTransportMGFAlgorithm(String encryptionKeyTransportMGFAlgorithm)
void
setEncryptionKeyTransportOAEPParams(byte[] encryptionKeyTransportOAEPParams)
void
setEncryptionSymAlgorithm(String encryptionSymAlgorithm)
Specifies the encryption algorithmvoid
setEncryptionTransportKey(Key encryptionTransportKey)
void
setEncryptionUseThisCertificate(X509Certificate encryptionUseThisCertificate)
void
setIdAttributeNS(QName idAttributeNS)
Sets the qualified name of the ID attribute used to sign the document.void
setSignatureAlgorithm(String signatureAlgorithm)
void
setSignatureCanonicalizationAlgorithm(String signatureCanonicalizationAlgorithm)
void
setSignatureCerts(X509Certificate[] signatureCerts)
void
setSignatureDigestAlgorithm(String signatureDigestAlgorithm)
void
setSignatureGenerateIds(boolean signatureGenerateIds)
specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structuresvoid
setSignatureIncludeDigestTransform(boolean signatureIncludeDigestTransform)
specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms listvoid
setSignatureKey(Key signatureKey)
void
setSignatureKeyIdentifier(SecurityTokenConstants.KeyIdentifier signatureKeyIdentifier)
void
setSignatureKeyName(String signatureKeyName)
specifies the contents of the KeyInfo/KeyName element for signingvoid
setSignaturePosition(int signaturePosition)
Specifies the position of the signaturevoid
setSignaturePositionQName(QName signaturePositionQName)
void
setSignaturePositionStart(boolean signaturePositionStart)
void
setSignatureVerificationKey(Key signatureVerificationKey)
void
setSkipDocumentEvents(boolean skipDocumentEvents)
specifies if the framework should forward Document-Events or notvoid
setUseSingleCert(boolean useSingleCert)
-
-
-
Constructor Detail
-
XMLSecurityProperties
public XMLSecurityProperties()
-
XMLSecurityProperties
protected XMLSecurityProperties(XMLSecurityProperties xmlSecurityProperties)
-
-
Method Detail
-
isSignaturePositionStart
public boolean isSignaturePositionStart()
-
setSignaturePositionStart
public void setSignaturePositionStart(boolean signaturePositionStart)
-
getSignatureKeyIdentifier
public SecurityTokenConstants.KeyIdentifier getSignatureKeyIdentifier()
-
setSignatureKeyIdentifier
public void setSignatureKeyIdentifier(SecurityTokenConstants.KeyIdentifier signatureKeyIdentifier)
-
getSignaturePosition
public int getSignaturePosition()
returns the position of the signature. By default, the signature is located at the first child of the root element- Returns:
- The signature position
-
setSignaturePosition
public void setSignaturePosition(int signaturePosition)
Specifies the position of the signature- Parameters:
signaturePosition
- Position of the signature (by default: 0)
-
getIdAttributeNS
public QName getIdAttributeNS()
Return the qualified name of the ID attribute used to sign the document. By default, ID is used.- Returns:
- the qualified name of the ID attribute
-
setIdAttributeNS
public void setIdAttributeNS(QName idAttributeNS)
Sets the qualified name of the ID attribute used to sign the document.- Parameters:
idAttributeNS
- Qualified Name of the ID attribute to use
-
getEncryptionKeyIdentifier
public SecurityTokenConstants.KeyIdentifier getEncryptionKeyIdentifier()
returns the KeyIdentifierType which will be used in the secured document- Returns:
- The KeyIdentifierType
-
setEncryptionKeyIdentifier
public void setEncryptionKeyIdentifier(SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier)
Specifies the KeyIdentifierType to use in the secured document- Parameters:
encryptionKeyIdentifier
-
-
addInputProcessor
public void addInputProcessor(InputProcessor inputProcessor)
Add an additional, non standard, InputProcessor to the chain- Parameters:
inputProcessor
- The InputProcessor to add
-
getInputProcessorList
public List<InputProcessor> getInputProcessorList()
Returns the currently registered additional InputProcessors- Returns:
- the List with the InputProcessors
-
setDecryptionKey
public void setDecryptionKey(Key decryptionKey)
-
getDecryptionKey
public Key getDecryptionKey()
-
setEncryptionTransportKey
public void setEncryptionTransportKey(Key encryptionTransportKey)
-
getEncryptionTransportKey
public Key getEncryptionTransportKey()
-
setEncryptionKey
public void setEncryptionKey(Key encryptionKey)
-
getEncryptionKey
public Key getEncryptionKey()
-
addEncryptionPart
public void addEncryptionPart(SecurePart securePart)
Adds a part which must be encrypted by the framework- Parameters:
securePart
-
-
getEncryptionSecureParts
public List<SecurePart> getEncryptionSecureParts()
Returns the encryption parts which are actually set- Returns:
- A List of SecurePart's
-
getEncryptionSymAlgorithm
public String getEncryptionSymAlgorithm()
Returns the Encryption-Algo- Returns:
- the Encryption-Algo as String
-
setEncryptionSymAlgorithm
public void setEncryptionSymAlgorithm(String encryptionSymAlgorithm)
Specifies the encryption algorithm- Parameters:
encryptionSymAlgorithm
- The algo to use for encryption
-
getEncryptionKeyTransportAlgorithm
public String getEncryptionKeyTransportAlgorithm()
Returns the encryption key transport algorithm- Returns:
- the key transport algorithm as string
-
setEncryptionKeyTransportAlgorithm
public void setEncryptionKeyTransportAlgorithm(String encryptionKeyTransportAlgorithm)
Specifies the encryption key transport algorithm- Parameters:
encryptionKeyTransportAlgorithm
- the encryption key transport algorithm as string
-
getEncryptionKeyTransportDigestAlgorithm
public String getEncryptionKeyTransportDigestAlgorithm()
-
setEncryptionKeyTransportDigestAlgorithm
public void setEncryptionKeyTransportDigestAlgorithm(String encryptionKeyTransportDigestAlgorithm)
-
getEncryptionKeyTransportMGFAlgorithm
public String getEncryptionKeyTransportMGFAlgorithm()
-
setEncryptionKeyTransportMGFAlgorithm
public void setEncryptionKeyTransportMGFAlgorithm(String encryptionKeyTransportMGFAlgorithm)
-
getEncryptionKeyTransportOAEPParams
public byte[] getEncryptionKeyTransportOAEPParams()
-
setEncryptionKeyTransportOAEPParams
public void setEncryptionKeyTransportOAEPParams(byte[] encryptionKeyTransportOAEPParams)
-
getEncryptionUseThisCertificate
public X509Certificate getEncryptionUseThisCertificate()
-
setEncryptionUseThisCertificate
public void setEncryptionUseThisCertificate(X509Certificate encryptionUseThisCertificate)
-
getSignatureCerts
public X509Certificate[] getSignatureCerts()
-
setSignatureCerts
public void setSignatureCerts(X509Certificate[] signatureCerts)
-
addSignaturePart
public void addSignaturePart(SecurePart securePart)
-
getSignatureSecureParts
public List<SecurePart> getSignatureSecureParts()
-
getSignatureAlgorithm
public String getSignatureAlgorithm()
-
setSignatureAlgorithm
public void setSignatureAlgorithm(String signatureAlgorithm)
-
getSignatureDigestAlgorithm
public String getSignatureDigestAlgorithm()
-
setSignatureDigestAlgorithm
public void setSignatureDigestAlgorithm(String signatureDigestAlgorithm)
-
setSignatureKey
public void setSignatureKey(Key signatureKey)
-
getSignatureKey
public Key getSignatureKey()
-
isUseSingleCert
public boolean isUseSingleCert()
-
setUseSingleCert
public void setUseSingleCert(boolean useSingleCert)
-
isAddExcC14NInclusivePrefixes
public boolean isAddExcC14NInclusivePrefixes()
-
setAddExcC14NInclusivePrefixes
public void setAddExcC14NInclusivePrefixes(boolean addExcC14NInclusivePrefixes)
-
getActions
public List<XMLSecurityConstants.Action> getActions()
Returns the actual set actions- Returns:
- The Actions in applied order
-
setActions
public void setActions(List<XMLSecurityConstants.Action> actions)
Specifies how to secure the document eg. Timestamp, Signature, Encrypt- Parameters:
actions
-
-
addAction
public void addAction(XMLSecurityConstants.Action action)
-
getSignatureCanonicalizationAlgorithm
public String getSignatureCanonicalizationAlgorithm()
-
setSignatureCanonicalizationAlgorithm
public void setSignatureCanonicalizationAlgorithm(String signatureCanonicalizationAlgorithm)
-
getSignatureVerificationKey
public Key getSignatureVerificationKey()
-
setSignatureVerificationKey
public void setSignatureVerificationKey(Key signatureVerificationKey)
-
isSkipDocumentEvents
public boolean isSkipDocumentEvents()
Returns if the framework is skipping document-events- Returns:
- true if document-events will be skipped, false otherwise
-
setSkipDocumentEvents
public void setSkipDocumentEvents(boolean skipDocumentEvents)
specifies if the framework should forward Document-Events or not- Parameters:
skipDocumentEvents
- set to true when document events should be discarded, false otherwise
-
isDisableSchemaValidation
public boolean isDisableSchemaValidation()
-
setDisableSchemaValidation
public void setDisableSchemaValidation(boolean disableSchemaValidation)
-
getSignatureKeyName
public String getSignatureKeyName()
-
setSignatureKeyName
public void setSignatureKeyName(String signatureKeyName)
specifies the contents of the KeyInfo/KeyName element for signing- Parameters:
signatureKeyName
- set to a String that will be passed as contents of the KeyName element
-
getEncryptionKeyName
public String getEncryptionKeyName()
-
setEncryptionKeyName
public void setEncryptionKeyName(String encryptionKeyName)
specifies the contents of the KeyInfo/KeyName element for encryption- Parameters:
encryptionKeyName
- set to a String that will be passed as contents of the KeyName element
-
getKeyNameMap
public Map<String,Key> getKeyNameMap()
returns an immutable instance of the map that links KeyName values to actual keys- Returns:
- keyNameMap set to the map containing KeyNames and Keys
-
isSignatureGenerateIds
public boolean isSignatureGenerateIds()
-
setSignatureGenerateIds
public void setSignatureGenerateIds(boolean signatureGenerateIds)
specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structures- Parameters:
signatureGenerateIds
- set to true (default) to generate Id attributes
-
isSignatureIncludeDigestTransform
public boolean isSignatureIncludeDigestTransform()
-
setSignatureIncludeDigestTransform
public void setSignatureIncludeDigestTransform(boolean signatureIncludeDigestTransform)
specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms list- Parameters:
signatureIncludeDigestTransform
- set to true (default) to include the transform in the list
-
getSignaturePositionQName
public QName getSignaturePositionQName()
-
setSignaturePositionQName
public void setSignaturePositionQName(QName signaturePositionQName)
-
-