Package org.apache.xml.security.stax.ext
Class XMLSecurityProperties
java.lang.Object
org.apache.xml.security.stax.ext.XMLSecurityProperties
Main configuration class to supply keys etc.
This class is subject to change in the future.
-
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedXMLSecurityProperties(XMLSecurityProperties xmlSecurityProperties) -
Method Summary
Modifier and TypeMethodDescriptionvoidaddAction(XMLSecurityConstants.Action action) voidaddEncryptionPart(SecurePart securePart) Adds a part which must be encrypted by the frameworkvoidaddInputProcessor(InputProcessor inputProcessor) Add an additional, non standard, InputProcessor to the chainvoidaddKeyNameMapping(String keyname, Key key) voidaddSignaturePart(SecurePart securePart) Returns the actual set actionsreturns the KeyIdentifierType which will be used in the secured documentReturns the encryption key transport algorithmbyte[]Returns the encryption parts which are actually setReturns the Encryption-AlgoReturn the qualified name of the ID attribute used to sign the document.Returns the currently registered additional InputProcessorsreturns an immutable instance of the map that links KeyName values to actual keysDeprecated.intreturns the position of the signature.booleanbooleanbooleanbooleanbooleanbooleanReturns if the framework is skipping document-eventsbooleanvoidsetActions(List<XMLSecurityConstants.Action> actions) Specifies how to secure the document eg.voidsetAddExcC14NInclusivePrefixes(boolean addExcC14NInclusivePrefixes) voidsetDecryptionKey(Key decryptionKey) voidsetDisableSchemaValidation(boolean disableSchemaValidation) voidsetEncryptionKey(Key encryptionKey) voidsetEncryptionKeyIdentifier(SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier) Specifies the KeyIdentifierType to use in the secured documentvoidsetEncryptionKeyName(String encryptionKeyName) specifies the contents of the KeyInfo/KeyName element for encryptionvoidsetEncryptionKeyTransportAlgorithm(String encryptionKeyTransportAlgorithm) Specifies the encryption key transport algorithmvoidsetEncryptionKeyTransportDigestAlgorithm(String encryptionKeyTransportDigestAlgorithm) voidsetEncryptionKeyTransportMGFAlgorithm(String encryptionKeyTransportMGFAlgorithm) voidsetEncryptionKeyTransportOAEPParams(byte[] encryptionKeyTransportOAEPParams) voidsetEncryptionSymAlgorithm(String encryptionSymAlgorithm) Specifies the encryption algorithmvoidsetEncryptionTransportKey(Key encryptionTransportKey) voidsetEncryptionUseThisCertificate(X509Certificate encryptionUseThisCertificate) voidsetIdAttributeNS(QName idAttributeNS) Sets the qualified name of the ID attribute used to sign the document.voidsetSignatureAlgorithm(String signatureAlgorithm) voidsetSignatureCanonicalizationAlgorithm(String signatureCanonicalizationAlgorithm) voidsetSignatureCerts(X509Certificate[] signatureCerts) voidsetSignatureDigestAlgorithm(String signatureDigestAlgorithm) voidsetSignatureGenerateIds(boolean signatureGenerateIds) specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structuresvoidsetSignatureIncludeDigestTransform(boolean signatureIncludeDigestTransform) specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms listvoidsetSignatureKey(Key signatureKey) voidsetSignatureKeyIdentifier(SecurityTokenConstants.KeyIdentifier signatureKeyIdentifier) voidsetSignatureKeyIdentifiers(List<SecurityTokenConstants.KeyIdentifier> signatureKeyIdentifiers) voidsetSignatureKeyName(String signatureKeyName) specifies the contents of the KeyInfo/KeyName element for signingvoidsetSignaturePosition(int signaturePosition) Specifies the position of the signaturevoidsetSignaturePositionQName(QName signaturePositionQName) voidsetSignaturePositionStart(boolean signaturePositionStart) voidsetSignatureVerificationKey(Key signatureVerificationKey) voidsetSkipDocumentEvents(boolean skipDocumentEvents) specifies if the framework should forward Document-Events or notvoidsetUseSingleCert(boolean useSingleCert)
-
Constructor Details
-
XMLSecurityProperties
public XMLSecurityProperties() -
XMLSecurityProperties
-
-
Method Details
-
isSignaturePositionStart
public boolean isSignaturePositionStart() -
setSignaturePositionStart
public void setSignaturePositionStart(boolean signaturePositionStart) -
getSignatureKeyIdentifier
Deprecated. -
getSignatureKeyIdentifiers
-
setSignatureKeyIdentifier
-
setSignatureKeyIdentifiers
public void setSignatureKeyIdentifiers(List<SecurityTokenConstants.KeyIdentifier> signatureKeyIdentifiers) -
getSignaturePosition
public int getSignaturePosition()returns the position of the signature. By default, the signature is located at the first child of the root element- Returns:
- The signature position
-
setSignaturePosition
public void setSignaturePosition(int signaturePosition) Specifies the position of the signature- Parameters:
signaturePosition- Position of the signature (by default: 0)
-
getIdAttributeNS
Return the qualified name of the ID attribute used to sign the document. By default, ID is used.- Returns:
- the qualified name of the ID attribute
-
setIdAttributeNS
Sets the qualified name of the ID attribute used to sign the document.- Parameters:
idAttributeNS- Qualified Name of the ID attribute to use
-
getEncryptionKeyIdentifier
returns the KeyIdentifierType which will be used in the secured document- Returns:
- The KeyIdentifierType
-
setEncryptionKeyIdentifier
public void setEncryptionKeyIdentifier(SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier) Specifies the KeyIdentifierType to use in the secured document- Parameters:
encryptionKeyIdentifier-
-
addInputProcessor
Add an additional, non standard, InputProcessor to the chain- Parameters:
inputProcessor- The InputProcessor to add
-
getInputProcessorList
Returns the currently registered additional InputProcessors- Returns:
- the List with the InputProcessors
-
setDecryptionKey
-
getDecryptionKey
-
setEncryptionTransportKey
-
getEncryptionTransportKey
-
setEncryptionKey
-
getEncryptionKey
-
addEncryptionPart
Adds a part which must be encrypted by the framework- Parameters:
securePart-
-
getEncryptionSecureParts
Returns the encryption parts which are actually set- Returns:
- A List of SecurePart's
-
getEncryptionSymAlgorithm
Returns the Encryption-Algo- Returns:
- the Encryption-Algo as String
-
setEncryptionSymAlgorithm
Specifies the encryption algorithm- Parameters:
encryptionSymAlgorithm- The algo to use for encryption
-
getEncryptionKeyTransportAlgorithm
Returns the encryption key transport algorithm- Returns:
- the key transport algorithm as string
-
setEncryptionKeyTransportAlgorithm
Specifies the encryption key transport algorithm- Parameters:
encryptionKeyTransportAlgorithm- the encryption key transport algorithm as string
-
getEncryptionKeyTransportDigestAlgorithm
-
setEncryptionKeyTransportDigestAlgorithm
-
getEncryptionKeyTransportMGFAlgorithm
-
setEncryptionKeyTransportMGFAlgorithm
-
getEncryptionKeyTransportOAEPParams
public byte[] getEncryptionKeyTransportOAEPParams() -
setEncryptionKeyTransportOAEPParams
public void setEncryptionKeyTransportOAEPParams(byte[] encryptionKeyTransportOAEPParams) -
getEncryptionUseThisCertificate
-
setEncryptionUseThisCertificate
-
getSignatureCerts
-
setSignatureCerts
-
addSignaturePart
-
getSignatureSecureParts
-
getSignatureAlgorithm
-
setSignatureAlgorithm
-
getSignatureDigestAlgorithm
-
setSignatureDigestAlgorithm
-
setSignatureKey
-
getSignatureKey
-
isUseSingleCert
public boolean isUseSingleCert() -
setUseSingleCert
public void setUseSingleCert(boolean useSingleCert) -
isAddExcC14NInclusivePrefixes
public boolean isAddExcC14NInclusivePrefixes() -
setAddExcC14NInclusivePrefixes
public void setAddExcC14NInclusivePrefixes(boolean addExcC14NInclusivePrefixes) -
getActions
Returns the actual set actions- Returns:
- The Actions in applied order
-
setActions
Specifies how to secure the document eg. Timestamp, Signature, Encrypt- Parameters:
actions-
-
addAction
-
getSignatureCanonicalizationAlgorithm
-
setSignatureCanonicalizationAlgorithm
-
getSignatureVerificationKey
-
setSignatureVerificationKey
-
isSkipDocumentEvents
public boolean isSkipDocumentEvents()Returns if the framework is skipping document-events- Returns:
- true if document-events will be skipped, false otherwise
-
setSkipDocumentEvents
public void setSkipDocumentEvents(boolean skipDocumentEvents) specifies if the framework should forward Document-Events or not- Parameters:
skipDocumentEvents- set to true when document events should be discarded, false otherwise
-
isDisableSchemaValidation
public boolean isDisableSchemaValidation() -
setDisableSchemaValidation
public void setDisableSchemaValidation(boolean disableSchemaValidation) -
getSignatureKeyName
-
setSignatureKeyName
specifies the contents of the KeyInfo/KeyName element for signing- Parameters:
signatureKeyName- set to a String that will be passed as contents of the KeyName element
-
getEncryptionKeyName
-
setEncryptionKeyName
specifies the contents of the KeyInfo/KeyName element for encryption- Parameters:
encryptionKeyName- set to a String that will be passed as contents of the KeyName element
-
getKeyNameMap
returns an immutable instance of the map that links KeyName values to actual keys- Returns:
- keyNameMap set to the map containing KeyNames and Keys
-
addKeyNameMapping
-
isSignatureGenerateIds
public boolean isSignatureGenerateIds() -
setSignatureGenerateIds
public void setSignatureGenerateIds(boolean signatureGenerateIds) specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structures- Parameters:
signatureGenerateIds- set to true (default) to generate Id attributes
-
isSignatureIncludeDigestTransform
public boolean isSignatureIncludeDigestTransform() -
setSignatureIncludeDigestTransform
public void setSignatureIncludeDigestTransform(boolean signatureIncludeDigestTransform) specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms list- Parameters:
signatureIncludeDigestTransform- set to true (default) to include the transform in the list
-
getSignaturePositionQName
-
setSignaturePositionQName
-