com.sun.identity.saml.xmlsig
Class XMLSignatureManager

java.lang.Object
  extended bycom.sun.identity.saml.xmlsig.XMLSignatureManager

public class XMLSignatureManager
extends java.lang.Object

The class XMLSignatureManager provides methods to sign and verify XML signature.


Method Summary
static XMLSignatureManager getInstance()
          Gets the singleton instance of XMLSignatureManager with default KeyProvider and SignatureProvider.
static XMLSignatureManager getInstance(KeyProvider keyProvider, SignatureProvider sigProvider)
          Get an instance of XMLSignatureManager with specified KeyProvider and SignatureProvider.
 KeyProvider getKeyProvider()
          Get KeyProvider
 org.w3c.dom.Element signWithWSSSAMLTokenProfile(org.w3c.dom.Document doc, java.security.cert.Certificate cert, java.lang.String assertionID, java.lang.String algorithm, java.util.List ids)
          Sign part of the XML document referred by the supplied a list of id attributes of nodes
 org.w3c.dom.Element signWithWSSX509TokenProfile(org.w3c.dom.Document doc, java.security.cert.Certificate cert, java.lang.String algorithm, java.util.List ids)
          Sign part of the XML document referred by the supplied a list of id attributes of nodes
 org.w3c.dom.Element signXML(org.w3c.dom.Document doc, java.lang.String certAlias)
          Sign the XML document using enveloped signatures.
 org.w3c.dom.Element signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm)
          Sign the XML document using enveloped signatures.
 org.w3c.dom.Element signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.util.List ids)
          Sign part of the XML document referred by the supplied a list of id attributes of nodes
 org.w3c.dom.Element signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.lang.String id)
          Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
 org.w3c.dom.Element signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.lang.String transformAlag, java.util.List ids)
          Sign part of the XML document referred by the supplied a list of id attributes of nodes
 org.w3c.dom.Element signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.lang.String id, java.lang.String xpath)
          Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
 org.w3c.dom.Element signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.lang.String idAttrName, java.lang.String id, boolean includeCert)
          Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
 org.w3c.dom.Element signXML(org.w3c.dom.Document doc, java.lang.String certAlias, java.lang.String algorithm, java.lang.String idAttrName, java.lang.String id, boolean includeCert, java.lang.String xpath)
          Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
 java.lang.String signXML(java.lang.String XML, java.lang.String certAlias)
          Sign the XML string using enveloped signatures.
 java.lang.String signXML(java.lang.String XML, java.lang.String certAlias, java.lang.String algorithm)
          Sign the XML string using enveloped signatures.
 java.lang.String signXML(java.lang.String xmlString, java.lang.String certAlias, java.lang.String algorithm, java.util.List ids)
          Sign part of the XML document referred by the supplied a list of id attributes of nodes
 java.lang.String signXML(java.lang.String xmlString, java.lang.String certAlias, java.lang.String algorithm, java.lang.String id)
          Sign the XML string using enveloped signatures.
 java.lang.String signXML(java.lang.String xmlString, java.lang.String certAlias, java.lang.String algorithm, java.lang.String idAttrName, java.lang.String id, boolean includeCert)
          Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.
 boolean verifyXMLSignature(org.w3c.dom.Document document)
          Verify all the signatures of the XML document
 boolean verifyXMLSignature(org.w3c.dom.Document document, java.security.cert.Certificate cert)
          Verify the signature of the XML document
 boolean verifyXMLSignature(org.w3c.dom.Document document, java.lang.String certAlias)
          Verify all the signatures of the XML document
 boolean verifyXMLSignature(org.w3c.dom.Element element)
          Verify the signature of the XML document
 boolean verifyXMLSignature(org.w3c.dom.Element element, java.lang.String certAlias)
          Verify the signature of the XML document
 boolean verifyXMLSignature(org.w3c.dom.Element element, java.lang.String idAttrName, java.lang.String certAlias)
          Verify the signature of the XML document
 boolean verifyXMLSignature(java.lang.String XML)
          Verify the signature of the XML string
 boolean verifyXMLSignature(java.lang.String XML, java.lang.String certAlias)
          Verify the signature of the XML string
 boolean verifyXMLSignature(java.lang.String xmlString, java.lang.String idAttrName, java.lang.String certAlias)
          Verify the signature of the XML string
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

getInstance

public static XMLSignatureManager getInstance()
Gets the singleton instance of XMLSignatureManager with default KeyProvider and SignatureProvider.

Returns:
XMLSignatureManager

getInstance

public static XMLSignatureManager getInstance(KeyProvider keyProvider,
                                              SignatureProvider sigProvider)
Get an instance of XMLSignatureManager with specified KeyProvider and SignatureProvider.

Parameters:
keyProvider - KeyProvider
sigProvider - SignatureProvider.
Returns:
XMLSignatureManager.

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias)
                            throws XMLSignatureException
Sign the XML document using enveloped signatures.

Parameters:
doc - XML dom object
certAlias - Signer's certificate alias name
Returns:
signature dom object
Throws:
XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm)
                            throws XMLSignatureException
Sign the XML document using enveloped signatures.

Parameters:
doc - XML dom object
certAlias - Signer's certificate alias name
algorithm - signature algorithm
Returns:
signature dom object
Throws:
XMLSignatureException - if the document could not be signed

signXML

public java.lang.String signXML(java.lang.String XML,
                                java.lang.String certAlias)
                         throws XMLSignatureException
Sign the XML string using enveloped signatures.

Parameters:
XML - XML string to be signed
certAlias - Signer's certificate alias name
Returns:
XML signature string
Throws:
XMLSignatureException - if the XML string could not be signed

signXML

public java.lang.String signXML(java.lang.String XML,
                                java.lang.String certAlias,
                                java.lang.String algorithm)
                         throws XMLSignatureException
Sign the XML string using enveloped signatures.

Parameters:
XML - XML string to be signed
certAlias - Signer's certificate alias name
algorithm - signature algorithm
Returns:
XML signature string
Throws:
XMLSignatureException - if the XML string could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.lang.String id)
                            throws XMLSignatureException
Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:
doc - XML dom object
certAlias - Signer's certificate alias name
algorithm - XML signature algorithm
id - attribute value of the node to be signed
Returns:
signature dom object
Throws:
XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.lang.String id,
                                   java.lang.String xpath)
                            throws XMLSignatureException
Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:
doc - XML dom object
certAlias - Signer's certificate alias name
algorithm - XML signature algorithm
id - id attribute value of the node to be signed
xpath - expression should uniquely identify a node before which
Returns:
signature dom object
Throws:
XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.lang.String idAttrName,
                                   java.lang.String id,
                                   boolean includeCert)
                            throws XMLSignatureException
Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:
doc - XML dom object
certAlias - Signer's certificate alias name
algorithm - XML signature algorithm
idAttrName - attribute name for the id attribute of the node to be signed.
id - id attribute value of the node to be signed
includeCert - if true, include the signing certificate in KeyInfo. if false, does not include the signing certificate.
Returns:
signature dom object
Throws:
XMLSignatureException - if the document could not be signed

signXML

public java.lang.String signXML(java.lang.String xmlString,
                                java.lang.String certAlias,
                                java.lang.String algorithm,
                                java.lang.String idAttrName,
                                java.lang.String id,
                                boolean includeCert)
                         throws XMLSignatureException
Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:
xmlString - a string representing XML dom object
certAlias - Signer's certificate alias name
algorithm - XML signature algorithm
idAttrName - attribute name for the id attribute of the node to be signed.
id - id attribute value of the node to be signed
includeCert - if true, include the signing certificate in KeyInfo. if false, does not include the signing certificate.
Returns:
a string of signature dom object
Throws:
XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.lang.String idAttrName,
                                   java.lang.String id,
                                   boolean includeCert,
                                   java.lang.String xpath)
                            throws XMLSignatureException
Sign part of the XML document referred by the supplied id attribute using enveloped signatures and use exclusive XML canonicalization.

Parameters:
doc - XML dom object
certAlias - Signer's certificate alias name
algorithm - XML signature algorithm
idAttrName - attribute name for the id attribute of the node to be signed.
id - id attribute value of the node to be signed
includeCert - if true, include the signing certificate in KeyInfo. if false, does not include the signing certificate.
xpath - expression should uniquely identify a node before which
Returns:
signature dom object
Throws:
XMLSignatureException - if the document could not be signed

signXML

public java.lang.String signXML(java.lang.String xmlString,
                                java.lang.String certAlias,
                                java.lang.String algorithm,
                                java.lang.String id)
                         throws XMLSignatureException
Sign the XML string using enveloped signatures.

Parameters:
xmlString - XML string to be signed
certAlias - Signer's certificate alias name
algorithm - XML Signature algorithm
id - id attribute value of the node to be signed
Returns:
XML signature string
Throws:
XMLSignatureException - if the XML string could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.util.List ids)
                            throws XMLSignatureException
Sign part of the XML document referred by the supplied a list of id attributes of nodes

Parameters:
doc - XML dom object
certAlias - Signer's certificate alias name
algorithm - XML signature algorithm
ids - list of id attribute values of nodes to be signed
Returns:
signature dom object
Throws:
XMLSignatureException - if the document could not be signed

signXML

public java.lang.String signXML(java.lang.String xmlString,
                                java.lang.String certAlias,
                                java.lang.String algorithm,
                                java.util.List ids)
                         throws XMLSignatureException
Sign part of the XML document referred by the supplied a list of id attributes of nodes

Parameters:
xmlString - XML dom object's string format
certAlias - Signer's certificate alias name
algorithm - XML signature algorithm
ids - list of id attribute values of nodes to be signed
Returns:
XML signature string
Throws:
XMLSignatureException - if the document could not be signed

signXML

public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
                                   java.lang.String certAlias,
                                   java.lang.String algorithm,
                                   java.lang.String transformAlag,
                                   java.util.List ids)
                            throws XMLSignatureException
Sign part of the XML document referred by the supplied a list of id attributes of nodes

Parameters:
doc - XML dom object
certAlias - Signer's certificate alias name
algorithm - XML signature algorithm
transformAlag - XML signature transform algorithm Those transfer constants are defined as SAMLConstants.TRANSFORM_XXX.
ids - list of id attribute values of nodes to be signed
Returns:
XML signature element
Throws:
XMLSignatureException - if the document could not be signed

signWithWSSSAMLTokenProfile

public org.w3c.dom.Element signWithWSSSAMLTokenProfile(org.w3c.dom.Document doc,
                                                       java.security.cert.Certificate cert,
                                                       java.lang.String assertionID,
                                                       java.lang.String algorithm,
                                                       java.util.List ids)
                                                throws XMLSignatureException
Sign part of the XML document referred by the supplied a list of id attributes of nodes

Parameters:
doc - XML dom object
cert - signer's Certificate
assertionID - assertion ID for the SAML Security Token
algorithm - XML signature algorithm
ids - list of id attribute values of nodes to be signed
Returns:
SAML Security Token signature
Throws:
XMLSignatureException - if the document could not be signed

signWithWSSX509TokenProfile

public org.w3c.dom.Element signWithWSSX509TokenProfile(org.w3c.dom.Document doc,
                                                       java.security.cert.Certificate cert,
                                                       java.lang.String algorithm,
                                                       java.util.List ids)
                                                throws XMLSignatureException
Sign part of the XML document referred by the supplied a list of id attributes of nodes

Parameters:
doc - XML dom object
cert - Signer's certificate
algorithm - XML signature algorithm
ids - list of id attribute values of nodes to be signed
Returns:
X509 Security Token signature
Throws:
XMLSignatureException - if the document could not be signed

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Document document)
                           throws XMLSignatureException
Verify all the signatures of the XML document

Parameters:
document - XML dom document whose signature to be verified
Returns:
true if the XML signature is verified, false otherwise
Throws:
XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Document document,
                                  java.lang.String certAlias)
                           throws XMLSignatureException
Verify all the signatures of the XML document

Parameters:
document - XML dom document whose signature to be verified
certAlias - alias for Signer's certificate, this is used to search signer's public certificate if it is not presented in ds:KeyInfo.
Returns:
true if the XML signature is verified, false otherwise
Throws:
XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Document document,
                                  java.security.cert.Certificate cert)
                           throws XMLSignatureException
Verify the signature of the XML document

Parameters:
document - XML dom document whose signature to be verified
cert - Signer's certificate, this is used to search signer's public certificate if it is not presented in ds:KeyInfo.
Returns:
true if the XML signature is verified, false otherwise
Throws:
XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Element element)
                           throws XMLSignatureException
Verify the signature of the XML document

Parameters:
element - XML dom document whose signature to be verified
Returns:
true if the XML signature is verified, false otherwise
Throws:
XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Element element,
                                  java.lang.String certAlias)
                           throws XMLSignatureException
Verify the signature of the XML document

Parameters:
element - XML dom document whose signature to be verified
certAlias - alias for Signer's certificate, this is used to search signer's public certificate if it is not presented in ds:KeyInfo
Returns:
true if the XML signature is verified, false otherwise
Throws:
XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(org.w3c.dom.Element element,
                                  java.lang.String idAttrName,
                                  java.lang.String certAlias)
                           throws XMLSignatureException
Verify the signature of the XML document

Parameters:
element - XML dom document whose signature to be verified
idAttrName - Attribute name for the id attribute
certAlias - alias for Signer's certificate, this is used to search signer's public certificate if it is not presented in ds:KeyInfo.
Returns:
true if the XML signature is verified, false otherwise
Throws:
XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(java.lang.String XML)
                           throws XMLSignatureException
Verify the signature of the XML string

Parameters:
XML - XML string whose signature to be verified
Returns:
true if the XML signature is verified, false otherwise
Throws:
XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(java.lang.String XML,
                                  java.lang.String certAlias)
                           throws XMLSignatureException
Verify the signature of the XML string

Parameters:
XML - XML string whose signature to be verified
certAlias - alias for Signer's certificate, this is used to search signer's public certificate if it is not presented in ds:KeyInfo/
Returns:
true if the XML signature is verified, false otherwise
Throws:
XMLSignatureException - if problem occurs during verification

verifyXMLSignature

public boolean verifyXMLSignature(java.lang.String xmlString,
                                  java.lang.String idAttrName,
                                  java.lang.String certAlias)
                           throws XMLSignatureException
Verify the signature of the XML string

Parameters:
xmlString - XML string whose signature to be verified
idAttrName - Attribute name for the id attribute
certAlias - certAlias for Signer's certificate, this is used to search signer's public certificate if it is not presented in ds:KeyInfo.
Returns:
true if the XML signature is verified, false otherwise.
Throws:
XMLSignatureException - if problem occurs during verification.

getKeyProvider

public KeyProvider getKeyProvider()
Get KeyProvider

Returns:
KeyProvider


Copyright 2005 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.