com.sun.identity.saml.xmlsig
Interface SignatureProvider

public interface SignatureProvider

This is an interface to be implemented to sign and verify XML signature.

Method Summary

KeyProvider	getKeyProvider() Returns the real key provider.
void	initialize(KeyProvider keyProvider) Initialize the key provider
org.w3c.dom.Element	signWithWSSSAMLTokenProfile(org.w3c.dom.Document doc, java.security.cert.Certificate cert, java.lang.String assertionID, java.lang.String algorithm, java.util.List ids) Sign part of the XML document referred by the supplied a list of id attributes of nodes
org.w3c.dom.Element	signWithWSSX509TokenProfile(org.w3c.dom.Document doc, java.security.cert.Certificate cert, java.lang.String algorithm, java.util.List ids) Sign part of the XML document referred by the supplied a list of id attributes of nodes
org.w3c.dom.Element	signXML(org.w3c.dom.Document doc, java.lang.String certAlias) Sign the XML document using enveloped signatures.
org.w3c.dom.Element	signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm) Sign the XML document using enveloped signatures.
org.w3c.dom.Element	signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.util.List ids) Sign part of the XML document referred by the supplied a list of id attributes of nodes
org.w3c.dom.Element	signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.lang.String id) Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
org.w3c.dom.Element	signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.lang.String transformAlag, java.util.List ids) Sign part of the XML document referred by the supplied a list of id attributes of nodes
org.w3c.dom.Element	signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.lang.String id, java.lang.String xpath) Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
org.w3c.dom.Element	signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.lang.String idAttrName, java.lang.String id, boolean includeCert) Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
org.w3c.dom.Element	signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.lang.String idAttrName, java.lang.String id, boolean includeCert, java.lang.String xpath) Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
java.lang.String	signXML(java.lang.String xmlString, java.lang.String certAlias) Sign the XML string using enveloped signatures.
java.lang.String	signXML(java.lang.String xmlString, java.lang.String certAlias, java.lang.String algorithm) Sign the XML string using enveloped signatures.
java.lang.String	signXML(java.lang.String xmlString, java.lang.String certAlias, java.lang.String algorithm, java.util.List ids) Sign part of the XML document referred by the supplied a list of id attributes of nodes
java.lang.String	signXML(java.lang.String xmlString, java.lang.String certAlias, java.lang.String algorithm, java.lang.String id) Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
java.lang.String	signXML(java.lang.String xmlString, java.lang.String certAlias, java.lang.String algorithm, java.lang.String idAttrName, java.lang.String id, boolean includeCert) Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
boolean	verifyXMLSignature(org.w3c.dom.Document document) Verify all the signatures of the XML document
boolean	verifyXMLSignature(org.w3c.dom.Document document, java.security.cert.Certificate cert) Verify the signature of the XML document
boolean	verifyXMLSignature(org.w3c.dom.Document document, java.lang.String certAlias) Verify all the signatures of the XML document
boolean	verifyXMLSignature(org.w3c.dom.Element element) Verify the signature of the XML document
boolean	verifyXMLSignature(org.w3c.dom.Element element, java.lang.String certAlias) Verify the signature of the XML document
boolean	verifyXMLSignature(org.w3c.dom.Element element, java.lang.String idAttrName, java.lang.String certAlias) Verify the signature of the XML document
boolean	verifyXMLSignature(java.lang.String xmlString) Verify the signature of the XML string
boolean	verifyXMLSignature(java.lang.String xmlString, java.lang.String certAlias) Verify the signature of the XML string
boolean	verifyXMLSignature(java.lang.String xmlString, java.lang.String idAttrName, java.lang.String certAlias) Verify the signature of the XML string

Method Detail

initialize

public void initialize(KeyProvider keyProvider)

Initialize the key provider

Parameters:

keyProvider - KeyProvider object

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias)
                            throws XMLSignatureException

Sign the XML document using enveloped signatures.

Parameters:

doc - XML dom object

certAlias - Signer's certificate alias name

Returns:

signature Element object

Throws:

XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm)
                            throws XMLSignatureException

Sign the XML document using enveloped signatures.

Parameters:

doc - XML dom object

certAlias - Signer's certificate alias name

algorithm - XML Signature Algorithm, such as SAMLConstants.ALGO_ID_SIGNATURE_DSA

Returns:

signature Element object

Throws:

XMLSignatureException - if the document could not be signed

signXML

public java.lang.String signXML(java.lang.String xmlString,
                                java.lang.String certAlias)
                         throws XMLSignatureException

Sign the XML string using enveloped signatures.

Parameters:

xmlString - XML string to be signed

certAlias - Signer's certificate alias name

Returns:

XML signature string

Throws:

XMLSignatureException - if the XML string could not be signed

signXML

public java.lang.String signXML(java.lang.String xmlString,
                                java.lang.String certAlias,
                                java.lang.String algorithm)
                         throws XMLSignatureException

Sign the XML string using enveloped signatures.

Parameters:

xmlString - XML string to be signed

certAlias - Signer's certificate alias name

algorithm - XML Signature Algorithm, such as SAMLConstants.ALGO_ID_SIGNATURE_DSA

Returns:

XML signature string

Throws:

XMLSignatureException - if the XML string could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.lang.String id)
                            throws XMLSignatureException

Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:

doc - XML dom object

certAlias - Signer's certificate alias name

algorithm - XML signature algorithm

id - attribute value of the node to be signed

Returns:

signature dom object

Throws:

XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.lang.String id,
                                   java.lang.String xpath)
                            throws XMLSignatureException

Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:

doc - XML dom object

certAlias - Signer's certificate alias name

algorithm - XML signature algorithm

id - id attribute value of the node to be signed

xpath - expression should uniquely identify a node before which

Returns:

signature dom object

Throws:

XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.lang.String idAttrName,
                                   java.lang.String id,
                                   boolean includeCert)
                            throws XMLSignatureException

Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:

doc - XML dom object

certAlias - Signer's certificate alias name

algorithm - XML signature algorithm

idAttrName - attribute name for the id attribute of the node to be signed.

id - id attribute value of the node to be signed

includeCert - if true, include the signing certificate in KeyInfo. if false, does not include the signing certificate.

Returns:

signature dom object

Throws:

XMLSignatureException - if the document could not be signed

signXML

public java.lang.String signXML(java.lang.String xmlString,
                                java.lang.String certAlias,
                                java.lang.String algorithm,
                                java.lang.String idAttrName,
                                java.lang.String id,
                                boolean includeCert)
                         throws XMLSignatureException

Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:

xmlString - a string representing XML dom object

certAlias - Signer's certificate alias name

algorithm - XML signature algorithm

idAttrName - attribute name for the id attribute of the node to be signed

id - id attribute value of the node to be signed

includeCert - if true, include the signing certificate in KeyInfo. if false, does not include the signing certificate.

Returns:

a string of signature dom object

Throws:

XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.lang.String idAttrName,
                                   java.lang.String id,
                                   boolean includeCert,
                                   java.lang.String xpath)
                            throws XMLSignatureException

Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:

doc - XML dom object

certAlias - Signer's certificate alias name

algorithm - XML signature algorithm

idAttrName - attribute name for the id attribute of the node to be signed

id - id attribute value of the node to be signed

includeCert - if true, include the signing certificate in KeyInfo. if false, does not include the signing certificate.

xpath - expression should uniquely identify a node before which

Returns:

signature dom object

Throws:

XMLSignatureException - if the document could not be signed

signXML

public java.lang.String signXML(java.lang.String xmlString,
                                java.lang.String certAlias,
                                java.lang.String algorithm,
                                java.lang.String id)
                         throws XMLSignatureException

Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:

xmlString - XML dom object

certAlias - Signer's certificate alias name

algorithm - XML signature algorithm

id - id attribute value of the node to be signed

Returns:

signature dom object

Throws:

XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.util.List ids)
                            throws XMLSignatureException

Sign part of the XML document referred by the supplied a list of id attributes of nodes

Parameters:

doc - XML dom object

certAlias - Signer's certificate alias name

algorithm - XML signature algorithm

ids - list of id attribute values of nodes to be signed

Returns:

signature dom object

Throws:

XMLSignatureException - if the document could not be signed

signXML

public java.lang.String signXML(java.lang.String xmlString,
                                java.lang.String certAlias,
                                java.lang.String algorithm,
                                java.util.List ids)
                         throws XMLSignatureException

Sign part of the XML document referred by the supplied a list of id attributes of nodes

Parameters:

xmlString - XML dom object

certAlias - Signer's certificate alias name

algorithm - XML signature algorithm

ids - list of id attribute values of nodes to be signed

Returns:

XML signature string

Throws:

XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.lang.String transformAlag,
                                   java.util.List ids)
                            throws XMLSignatureException

Sign part of the XML document referred by the supplied a list of id attributes of nodes

Parameters:

doc - XML dom object

certAlias - Signer's certificate alias name

algorithm - XML signature algorithm

transformAlag - XML signature transform algorithm Those transfer constants are defined as SAMLConstants.TRANSFORM_XXX.

ids - list of id attribute values of nodes to be signed

Returns:

XML signature element

Throws:

XMLSignatureException - if the document could not be signed

signWithWSSSAMLTokenProfile

public org.w3c.dom.Element signWithWSSSAMLTokenProfile(org.w3c.dom.Document doc,
                                                       java.security.cert.Certificate cert,
                                                       java.lang.String assertionID,
                                                       java.lang.String algorithm,
                                                       java.util.List ids)
                                                throws XMLSignatureException

Sign part of the XML document referred by the supplied a list of id attributes of nodes

Parameters:

doc - XML dom object

cert - signer's Certificate

assertionID - assertion ID for the SAML Security Token

algorithm - XML signature algorithm

ids - list of id attribute values of nodes to be signed

Returns:

SAML Security Token signature

Throws:

XMLSignatureException - if the document could not be signed

signWithWSSX509TokenProfile

public org.w3c.dom.Element signWithWSSX509TokenProfile(org.w3c.dom.Document doc,
                                                       java.security.cert.Certificate cert,
                                                       java.lang.String algorithm,
                                                       java.util.List ids)
                                                throws XMLSignatureException

Sign part of the XML document referred by the supplied a list of id attributes of nodes

Parameters:

doc - XML dom object

cert - Signer's certificate

algorithm - XML signature algorithm

ids - list of id attribute values of nodes to be signed

Returns:

X509 Security Token signature

Throws:

XMLSignatureException - if the document could not be signed

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Document document)
                           throws XMLSignatureException

Verify all the signatures of the XML document

Parameters:

document - XML dom document whose signature to be verified

Returns:

true if the XML signature is verified, false otherwise

Throws:

XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Document document,
                                  java.lang.String certAlias)
                           throws XMLSignatureException

Verify all the signatures of the XML document

Parameters:

document - XML dom document whose signature to be verified

certAlias - alias for Signer's certificate, this is used to search signer's public certificate if it is not presented in ds:KeyInfo.

Returns:

true if the XML signature is verified, false otherwise

Throws:

XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Document document,
                                  java.security.cert.Certificate cert)
                           throws XMLSignatureException

Verify the signature of the XML document

Parameters:

document - XML dom document whose signature to be verified

cert - Signer's certificate, this is used to search signer's public certificate if it is not presented in ds:KeyInfo.

Returns:

true if the XML signature is verified, false otherwise

Throws:

XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Element element)
                           throws XMLSignatureException

Verify the signature of the XML document

Parameters:

element - XML dom document whose signature to be verified

Returns:

true if the XML signature is verified, false otherwise

Throws:

XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Element element,
                                  java.lang.String certAlias)
                           throws XMLSignatureException

Verify the signature of the XML document

Parameters:

element - XML dom document whose signature to be verified

certAlias - certAlias Signer's certificate alias name

Returns:

true if the XML signature is verified, false otherwise

Throws:

XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Element element,
                                  java.lang.String idAttrName,
                                  java.lang.String certAlias)
                           throws XMLSignatureException

Verify the signature of the XML document

Parameters:

element - XML dom document whose signature to be verified

idAttrName - Attribute name for the id attribute

certAlias - certAlias Signer's certificate alias name

Returns:

true if the XML signature is verified, false otherwise

Throws:

XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(java.lang.String xmlString)
                           throws XMLSignatureException

Verify the signature of the XML string

Parameters:

xmlString - XML string whose signature to be verified

Returns:

true if the XML signature is verified, false otherwise

Throws:

XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(java.lang.String xmlString,
                                  java.lang.String certAlias)
                           throws XMLSignatureException

Verify the signature of the XML string

Parameters:

xmlString - XML string whose signature to be verified

certAlias - certAlias signer's certificate alias name

Returns:

true if the XML signature is verified, false otherwise

Throws:

XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(java.lang.String xmlString,
                                  java.lang.String idAttrName,
                                  java.lang.String certAlias)
                           throws XMLSignatureException

Verify the signature of the XML string

Parameters:

xmlString - XML string whose signature to be verified

idAttrName - Attribute name for the id attribute

certAlias - certAlias alias for Signer's certificate, this is used to search signer's public certificate if it is not presented in ds:KeyInfo.

Returns:

true if the XML signature is verified, false otherwise

Throws:

XMLSignatureException - if problem occurs during verification

getKeyProvider

public KeyProvider getKeyProvider()

Returns the real key provider.

Returns:

the real key provider.