com.sun.identity.wss.xmlsig

Class WSSSignatureProvider

java.lang.Object

com.sun.identity.saml.xmlsig.AMSignatureProvider

com.sun.identity.wss.xmlsig.WSSSignatureProvider

All Implemented Interfaces:

SignatureProvider

public class WSSSignatureProvider
extends AMSignatureProvider

WSSSignatureProvider is a class for signing and signature verification of WSS XML Documents which implements AMSignatureProvider.

Field Summary

Fields inherited from class com.sun.identity.saml.xmlsig.AMSignatureProvider

keystore

Constructor Summary

Constructors

Constructor and Description
WSSSignatureProvider() Creates a new instance of WSSSignatureProvider

Method Summary

Modifier and Type	Method and Description
Element	signWithBinarySecurityToken(Document doc, Certificate cert, String algorithm, List ids, String referenceType) Sign part of the xml document referered by the supplied a list of id attributes of nodes
Element	signWithKerberosToken(Document doc, Key key, String algorithm, List ids) Sign with Kerberos Token
Element	signWithSAMLToken(Document doc, Certificate cert, String assertionID, String algorithm, List ids) Sign part of the xml document referered by the supplied a list of id attributes of nodes
Element	signWithSAMLToken(Document doc, Key key, boolean symmetricKey, Certificate signingCert, Certificate encCert, String assertionID, String algorithm, List ids) Sign part of the XML document referred by the supplied a list of id attributes of nodes using SAML Token.
Element	signWithUserNameToken(Document doc, Certificate cert, String algorithm, List ids) Sign part of the xml document referered by the supplied a list of id attributes of nodes
boolean	verifyWSSSignature(Document document, Key key) Verify web services message signature using specified key
boolean	verifyWSSSignature(Document doc, Key key, String certAlias, String encryptAlias) Verify web services message signature using specified key
boolean	verifyWSSSignature(Document doc, String certAlias) Verify all the signatures of the WSS xml document

Methods inherited from class com.sun.identity.saml.xmlsig.AMSignatureProvider

createDSctx, getAlgorithmURI, getCertificate, getKeyProvider, getPublicKey, getPublicKeybyDSARSAkeyValue, getX509PublicKey, initialize, isValidAlgorithm, signWithWSSSAMLTokenProfile, signWithWSSSAMLTokenProfile, signWithWSSX509TokenProfile, signWithWSSX509TokenProfile, signXML, signXML, signXML, signXML, signXML, signXML, signXML, signXML, signXML, signXML, signXML, signXML, signXML, signXMLUsingKeyPass, verifyXMLSignature, verifyXMLSignature, verifyXMLSignature, verifyXMLSignature, verifyXMLSignature, verifyXMLSignature, verifyXMLSignature, verifyXMLSignature, verifyXMLSignature, verifyXMLSignature, verifyXMLSignature

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

WSSSignatureProvider

public WSSSignatureProvider()

Creates a new instance of WSSSignatureProvider

Method Detail

signWithSAMLToken

public Element signWithSAMLToken(Document doc,
                                 Certificate cert,
                                 String assertionID,
                                 String algorithm,
                                 List ids)
                          throws XMLSignatureException

Sign part of the xml document referered by the supplied a list of id attributes of nodes

Specified by:

signWithSAMLToken in interface SignatureProvider

Overrides:

signWithSAMLToken in class AMSignatureProvider

Parameters:

doc - XML dom object

cert - Signer's certificate

assertionID - assertion ID

algorithm - XML signature algorithm

ids - list of id attribute values of nodes to be signed

Returns:

SAML Security Token signature

Throws:

XMLSignatureException - if the document could not be signed

signWithSAMLToken

public Element signWithSAMLToken(Document doc,
                                 Key key,
                                 boolean symmetricKey,
                                 Certificate signingCert,
                                 Certificate encCert,
                                 String assertionID,
                                 String algorithm,
                                 List ids)
                          throws XMLSignatureException

Sign part of the XML document referred by the supplied a list of id attributes of nodes using SAML Token.

Specified by:

signWithSAMLToken in interface SignatureProvider

Overrides:

signWithSAMLToken in class AMSignatureProvider

Parameters:

doc - XML dom object

key - the key that will be used to sign the document.

symmetricKey - true if the supplied key is a symmetric key type.

signingCert - signer's Certificate. If present, this certificate will be added as part of signature KeyInfo.

encCert - the certificate if present will be used to encrypt the symmetric key and replay it as part of KeyInfo

assertionID - assertion ID for the SAML Security Token

algorithm - XML signature algorithm

ids - list of id attribute values of nodes to be signed

Returns:

SAML Security Token signature

Throws:

XMLSignatureException - if the document could not be signed

signWithUserNameToken

public Element signWithUserNameToken(Document doc,
                                     Certificate cert,
                                     String algorithm,
                                     List ids)
                              throws XMLSignatureException

Sign part of the xml document referered by the supplied a list of id attributes of nodes

Specified by:

signWithUserNameToken in interface SignatureProvider

Overrides:

signWithUserNameToken in class AMSignatureProvider

Parameters:

doc - XML dom object

cert - Signer's certificate

algorithm - XML signature algorithm

ids - list of id attribute values of nodes to be signed

Returns:

X509 Security Token signature

Throws:

XMLSignatureException - if the document could not be signed

signWithBinarySecurityToken

public Element signWithBinarySecurityToken(Document doc,
                                           Certificate cert,
                                           String algorithm,
                                           List ids,
                                           String referenceType)
                                    throws XMLSignatureException

Sign part of the xml document referered by the supplied a list of id attributes of nodes

Specified by:

signWithBinarySecurityToken in interface SignatureProvider

Overrides:

signWithBinarySecurityToken in class AMSignatureProvider

Parameters:

doc - XML dom object

cert - Signer's certificate

algorithm - XML signature algorithm

ids - list of id attribute values of nodes to be signed

referenceType - signed element reference type

Returns:

X509 Security Token signature

Throws:

XMLSignatureException - if the document could not be signed

verifyWSSSignature

public boolean verifyWSSSignature(Document doc,
                                  String certAlias)
                           throws XMLSignatureException

Verify all the signatures of the WSS xml document

Specified by:

verifyWSSSignature in interface SignatureProvider

Overrides:

verifyWSSSignature in class AMSignatureProvider

Parameters:

doc - XML dom document whose signature to be verified

certAlias - certAlias alias for Signer's certificate, this is used to search signer's public certificate if it is not presented in ds:KeyInfo

Returns:

true if the xml signature is verified, false otherwise

Throws:

XMLSignatureException - if problem occurs during verification

signWithKerberosToken

public Element signWithKerberosToken(Document doc,
                                     Key key,
                                     String algorithm,
                                     List ids)
                              throws XMLSignatureException

Sign with Kerberos Token

Specified by:

signWithKerberosToken in interface SignatureProvider

Overrides:

signWithKerberosToken in class AMSignatureProvider

Parameters:

doc -

key -

algorithm -

ids -

Returns:

Kerberos Security Token signature

Throws:

XMLSignatureException

verifyWSSSignature

public boolean verifyWSSSignature(Document document,
                                  Key key)
                           throws XMLSignatureException

Verify web services message signature using specified key

Specified by:

verifyWSSSignature in interface SignatureProvider

Overrides:

verifyWSSSignature in class AMSignatureProvider

Parameters:

document - the document to be validated

key - the secret key to be used for validating signature

Returns:

true if verification is successful.

Throws:

XMLSignatureException

verifyWSSSignature

public boolean verifyWSSSignature(Document doc,
                                  Key key,
                                  String certAlias,
                                  String encryptAlias)
                           throws XMLSignatureException

Verify web services message signature using specified key

Specified by:

verifyWSSSignature in interface SignatureProvider

Overrides:

verifyWSSSignature in class AMSignatureProvider

Parameters:

doc - the document to be validated

key - the secret key to be used for validating signature

certAlias - the certificate alias used for validating the signature if the key is not available.

encryptAlias - the certificate alias that may be used to decrypt the symmetric key that is part of KeyInfo

Returns:

true if verification is successful.

Throws:

XMLSignatureException