SWAUtil (Oracle Security Developer Tools Web Services Security Java API Reference)

Nested Class Summary
`static class`	`SWAUtil.ByteArrayDataSource` A byte array exposed as a DataSource - do not use this directly.
`static class`	`SWAUtil.SWACIDResolver` Implementation of CIDResolver - do not use this directly.

Field Summary
`static java.lang.String`	`AttachmentCiphertextTransform`
`static java.lang.String`	`AttachmentComplete`
`static java.lang.String`	`AttachmentCompleteSignatureTransform`
`static java.lang.String`	`AttachmentContentOnly`
`static java.lang.String`	`AttachmentContentSignatureTransform`
`static java.lang.String`	`SWAURI`

Constructor Summary
`SWAUtil()`

Method Summary
`static void`	`canonicalizeBodyText(javax.xml.soap.AttachmentPart ap)` Canonicalize text bodies by normailizing line endings to CR-LF
`static javax.xml.soap.AttachmentPart`	`decryptAttachment(oracle.security.xmlsec.enc.XEEncryptedData ed, javax.crypto.SecretKey key, javax.xml.soap.SOAPMessage msg)` Decrypt the attachments.
`static oracle.security.xmlsec.enc.XEEncryptedData`	`encryptAttachment(javax.xml.soap.AttachmentPart ap, WSSEncryptionParams encParam, org.w3c.dom.Document doc, java.lang.String contentId, boolean includeHeaders)` Encrypt an attachment, and create an EncryptedData element, but does not insert that element anywhere.
`static javax.xml.soap.AttachmentPart`	`getAttachment(javax.xml.soap.SOAPMessage msg, java.lang.String uri)` Get an attachment from a "cid:" uri
`static java.io.InputStream`	`getInputStream(javax.xml.soap.AttachmentPart ap)` Get an input stream from AttachmentPart.
`static javax.xml.soap.SOAPMessage`	`getSOAPMessage()` Return the stored SOAP Message from the thread local storage
`static boolean`	`isEncryptedAttacment(oracle.security.xmlsec.enc.XEEncryptedData ed)` Check the EncryptedData@Type attribute to see if this is an encryted attachment
`static javax.xml.soap.SOAPMessage`	`readFrom(javax.xml.soap.MessageFactory mf, java.io.InputStream in)` Wrapper over {@link javax.xml.soap.MessageFactory#createMessage(javax.xml.soap.MimeHeaders, java.io.InputStream) to read the headers as well as the body.
`static void`	`setSOAPMessage(javax.xml.soap.SOAPMessage msg)` Store the SOAP Message in ThreadLocal storage.
`static void`	`writeTo(javax.xml.soap.SOAPMessage msg, java.io.OutputStream out)` Wrapper over `SOAPMessage.writeTo(OutputStream)` to write out the headers as well as the body.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

SWAURI

public static final java.lang.String SWAURI

See Also:: Constant Field Values

AttachmentContentSignatureTransform

public static final java.lang.String AttachmentContentSignatureTransform

See Also:: Constant Field Values

AttachmentCompleteSignatureTransform

public static final java.lang.String AttachmentCompleteSignatureTransform

See Also:: Constant Field Values

AttachmentContentOnly

public static final java.lang.String AttachmentContentOnly

See Also:: Constant Field Values

AttachmentComplete

public static final java.lang.String AttachmentComplete

See Also:: Constant Field Values

AttachmentCiphertextTransform

public static final java.lang.String AttachmentCiphertextTransform

See Also:: Constant Field Values

Constructor Detail

SWAUtil

public SWAUtil()

Method Detail

getAttachment

public static javax.xml.soap.AttachmentPart getAttachment(javax.xml.soap.SOAPMessage msg,
                                                          java.lang.String uri)

Get an attachment from a "cid:" uri

Parameters:: msg - the SOAP message; uri - the "cid:" uri
Returns:: the attachment

canonicalizeBodyText

public static void canonicalizeBodyText(javax.xml.soap.AttachmentPart ap)

Canonicalize text bodies by normailizing line endings to CR-LF

Parameters:: ap -

encryptAttachment

public static oracle.security.xmlsec.enc.XEEncryptedData encryptAttachment(javax.xml.soap.AttachmentPart ap,
                                                                           WSSEncryptionParams encParam,
                                                                           org.w3c.dom.Document doc,
                                                                           java.lang.String contentId,
                                                                           boolean includeHeaders)
                                                                    throws oracle.security.xmlsec.enc.XEException

Encrypt an attachment, and create an EncryptedData element, but does not insert that element anywhere. The EncryptedData element has the following form

EncryptedData@Type contains the Attachment-Content-Only or Attachment-Complete depending on includeHeaders
EncryptedData@MimeType contains the original Content-Type of the attachment
EncryptedData/EncryptionMethod contains the dataEncAlg
EncryptedData/CipherData/CipherReference@URI contains cid:contentId
EncryptedData/CipherData/CipherReference/Transforms contains Attachment-Ciphertext-Transform

After encryption the attachment part changes as follows

The Content-Type changes to application/octet-stream
The Content-Id if present is left unchanged, otherwise a new Content-Id header is added
The Content-Description, Content-Disposition and Content-Location mime headers are removed (if includeHeaders is passed as true)
Other headers are left unchanged
The entire body of the attachment (including these five headers if includeHeaders is passed as true) is encrypted, and the original content if the attachment is replaced by this encrypted content

Parameters:

ap - The attachment to be encrypted

encParam - The encryption parameters

WSSEncryptionParams.getDataEncryptionAlg() should return the content encryption Algorithm to be used to encrypt the attachment
WSSEncryptionParams.getDataEncryptionKey() should return the content encryption Key. to be used to encrypt the attachment null content encryption key set, a randomly generated key will be used.
WSSEncryptionParams.getIv() should return the Initialization vector, if null a random IV is generated. Use IV only for test programs where you want the cipher text to be the same in every run.

doc - The XML document, in which all the XML elements are to be created

contentId - If the attachment does not already have a Content-Id: header, then this one will be used. (ok to be null, in which case a random content id is generated)

includeHeaders - Whether to include the headers

Returns:

the EncryptedData object

Throws:

javax.xml.soap.SOAPException

java.io.IOException

oracle.security.xmlsec.enc.XESchemaException

oracle.security.xmlsec.enc.XECipherException

oracle.security.xmlsec.enc.XEException

isEncryptedAttacment

public static boolean isEncryptedAttacment(oracle.security.xmlsec.enc.XEEncryptedData ed)

Check the EncryptedData@Type attribute to see if this is an encryted attachment

Parameters:: ed - the EncryptedData object
Returns:: whether it is an encryted attachment

decryptAttachment

public static javax.xml.soap.AttachmentPart decryptAttachment(oracle.security.xmlsec.enc.XEEncryptedData ed,
                                                              javax.crypto.SecretKey key,
                                                              javax.xml.soap.SOAPMessage msg)
                                                       throws oracle.security.xmlsec.enc.XEException

Decrypt the attachments.

Parameters:: ed - the EncryptedData object; key - the key to decrypt it; msg - the SOAPMessage
Throws:: oracle.security.xmlsec.enc.XEException

setSOAPMessage

public static void setSOAPMessage(javax.xml.soap.SOAPMessage msg)

Store the SOAP Message in ThreadLocal storage. This will go away once we use the XMLCryptoContext / XMLSignContext of JSR 105/106

Parameters:: msg - The message to be stored

getSOAPMessage

public static javax.xml.soap.SOAPMessage getSOAPMessage()

Return the stored SOAP Message from the thread local storage

Returns:: the SOAP message

getInputStream

public static java.io.InputStream getInputStream(javax.xml.soap.AttachmentPart ap)
                                          throws java.io.IOException,
                                                 javax.xml.soap.SOAPException

Get an input stream from AttachmentPart.
Do not use this directly.

Parameters:: ap -
Returns:
Throws:: java.io.IOException; javax.xml.soap.SOAPException

writeTo

public static void writeTo(javax.xml.soap.SOAPMessage msg,
                           java.io.OutputStream out)
                    throws java.io.IOException,
                           javax.xml.soap.SOAPException

Wrapper over SOAPMessage.writeTo(OutputStream) to write out the headers as well as the body.

Parameters:: msg - The SOAPMessage that needs to be written out; out - where it is to be written
Throws:: java.io.IOException; javax.xml.soap.SOAPException

readFrom

public static javax.xml.soap.SOAPMessage readFrom(javax.xml.soap.MessageFactory mf,
                                                  java.io.InputStream in)
                                           throws java.io.IOException,
                                                  javax.xml.soap.SOAPException

Wrapper over {@link javax.xml.soap.MessageFactory#createMessage(javax.xml.soap.MimeHeaders, java.io.InputStream) to read the headers as well as the body.

Parameters:: mf - MessageFactory; in - Inputstream consisting of headers as well as body
Returns:
Throws:: java.io.IOException; javax.xml.soap.SOAPException

Overview

Package

Class

Tree

Deprecated

Index

Help

Oracle Security Developer Tools Web Services Security Java API Reference
11g (11.1.1)
E10678-02

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.security.xmlsec.wss.swa Class SWAUtil