Module org.apache.santuario.xmlsec
Package org.apache.xml.security.stax.ext

Class XMLSecurityProperties

  • public class XMLSecurityProperties
extends Object
    Main configuration class to supply keys etc. This class is subject to change in the future.

    • Constructor Detail

      • XMLSecurityProperties

        public XMLSecurityProperties()

      • XMLSecurityProperties

        protected XMLSecurityProperties​(XMLSecurityProperties xmlSecurityProperties)

    • Method Detail

      • isSignaturePositionStart

        public boolean isSignaturePositionStart()

      • setSignaturePositionStart

        public void setSignaturePositionStart​(boolean signaturePositionStart)

      • getSignatureKeyIdentifier

        @Deprecated
public org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier getSignatureKeyIdentifier()
        Deprecated.

      • getSignatureKeyIdentifiers

        public List<org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier> getSignatureKeyIdentifiers()

      • setSignatureKeyIdentifier

        public void setSignatureKeyIdentifier​(org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier signatureKeyIdentifier)

      • setSignatureKeyIdentifiers

        public void setSignatureKeyIdentifiers​(List<org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier> signatureKeyIdentifiers)

      • getSignaturePosition

        public int getSignaturePosition()
        returns the position of the signature. By default, the signature is located at the first child of the root element
        Returns:
        The signature position

      • setSignaturePosition

        public void setSignaturePosition​(int signaturePosition)
        Specifies the position of the signature
        Parameters:
        signaturePosition - Position of the signature (by default: 0)

      • getIdAttributeNS

        public QName getIdAttributeNS()
        Return the qualified name of the ID attribute used to sign the document. By default, ID is used.
        Returns:
        the qualified name of the ID attribute

      • setIdAttributeNS

        public void setIdAttributeNS​(QName idAttributeNS)
        Sets the qualified name of the ID attribute used to sign the document.
        Parameters:
        idAttributeNS - Qualified Name of the ID attribute to use

      • getEncryptionKeyIdentifier

        public org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier getEncryptionKeyIdentifier()
        returns the KeyIdentifierType which will be used in the secured document
        Returns:
        The KeyIdentifierType

      • setEncryptionKeyIdentifier

        public void setEncryptionKeyIdentifier​(org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier)
        Specifies the KeyIdentifierType to use in the secured document
        Parameters:
        encryptionKeyIdentifier -

      • addInputProcessor

        public void addInputProcessor​(InputProcessor inputProcessor)
        Add an additional, non standard, InputProcessor to the chain
        Parameters:
        inputProcessor - The InputProcessor to add

      • getInputProcessorList

        public List<InputProcessor> getInputProcessorList()
        Returns the currently registered additional InputProcessors
        Returns:
        the List with the InputProcessors

      • setDecryptionKey

        public void setDecryptionKey​(Key decryptionKey)

      • getDecryptionKey

        public Key getDecryptionKey()

      • setEncryptionTransportKey

        public void setEncryptionTransportKey​(Key encryptionTransportKey)

      • getEncryptionTransportKey

        public Key getEncryptionTransportKey()

      • setEncryptionKey

        public void setEncryptionKey​(Key encryptionKey)

      • getEncryptionKey

        public Key getEncryptionKey()

      • addEncryptionPart

        public void addEncryptionPart​(SecurePart securePart)
        Adds a part which must be encrypted by the framework
        Parameters:
        securePart -

      • getEncryptionSecureParts

        public List<SecurePart> getEncryptionSecureParts()
        Returns the encryption parts which are actually set
        Returns:
        A List of SecurePart's

      • getEncryptionSymAlgorithm

        public String getEncryptionSymAlgorithm()
        Returns the Encryption-Algo
        Returns:
        the Encryption-Algo as String

      • setEncryptionSymAlgorithm

        public void setEncryptionSymAlgorithm​(String encryptionSymAlgorithm)
        Specifies the encryption algorithm
        Parameters:
        encryptionSymAlgorithm - The algo to use for encryption

      • getEncryptionKeyTransportAlgorithm

        public String getEncryptionKeyTransportAlgorithm()
        Returns the encryption key transport algorithm
        Returns:
        the key transport algorithm as string

      • setEncryptionKeyTransportAlgorithm

        public void setEncryptionKeyTransportAlgorithm​(String encryptionKeyTransportAlgorithm)
        Specifies the encryption key transport algorithm
        Parameters:
        encryptionKeyTransportAlgorithm - the encryption key transport algorithm as string

      • getEncryptionKeyTransportDigestAlgorithm

        public String getEncryptionKeyTransportDigestAlgorithm()

      • setEncryptionKeyTransportDigestAlgorithm

        public void setEncryptionKeyTransportDigestAlgorithm​(String encryptionKeyTransportDigestAlgorithm)

      • getEncryptionKeyTransportMGFAlgorithm

        public String getEncryptionKeyTransportMGFAlgorithm()

      • setEncryptionKeyTransportMGFAlgorithm

        public void setEncryptionKeyTransportMGFAlgorithm​(String encryptionKeyTransportMGFAlgorithm)

      • getEncryptionKeyTransportOAEPParams

        public byte[] getEncryptionKeyTransportOAEPParams()

      • setEncryptionKeyTransportOAEPParams

        public void setEncryptionKeyTransportOAEPParams​(byte[] encryptionKeyTransportOAEPParams)

      • getEncryptionUseThisCertificate

        public X509Certificate getEncryptionUseThisCertificate()

      • setEncryptionUseThisCertificate

        public void setEncryptionUseThisCertificate​(X509Certificate encryptionUseThisCertificate)

      • setSignatureCerts

        public void setSignatureCerts​(X509Certificate[] signatureCerts)

      • addSignaturePart

        public void addSignaturePart​(SecurePart securePart)

      • getSignatureSecureParts

        public List<SecurePart> getSignatureSecureParts()

      • getSignatureAlgorithm

        public String getSignatureAlgorithm()

      • setSignatureAlgorithm

        public void setSignatureAlgorithm​(String signatureAlgorithm)

      • getSignatureDigestAlgorithm

        public String getSignatureDigestAlgorithm()

      • setSignatureDigestAlgorithm

        public void setSignatureDigestAlgorithm​(String signatureDigestAlgorithm)

      • setSignatureKey

        public void setSignatureKey​(Key signatureKey)

      • getSignatureKey

        public Key getSignatureKey()

      • isUseSingleCert

        public boolean isUseSingleCert()

      • setUseSingleCert

        public void setUseSingleCert​(boolean useSingleCert)

      • isAddExcC14NInclusivePrefixes

        public boolean isAddExcC14NInclusivePrefixes()

      • setAddExcC14NInclusivePrefixes

        public void setAddExcC14NInclusivePrefixes​(boolean addExcC14NInclusivePrefixes)

      • setActions

        public void setActions​(List<XMLSecurityConstants.Action> actions)
        Specifies how to secure the document eg. Timestamp, Signature, Encrypt
        Parameters:
        actions -

      • getSignatureCanonicalizationAlgorithm

        public String getSignatureCanonicalizationAlgorithm()

      • setSignatureCanonicalizationAlgorithm

        public void setSignatureCanonicalizationAlgorithm​(String signatureCanonicalizationAlgorithm)

      • getSignatureVerificationKey

        public Key getSignatureVerificationKey()

      • setSignatureVerificationKey

        public void setSignatureVerificationKey​(Key signatureVerificationKey)

      • isSkipDocumentEvents

        public boolean isSkipDocumentEvents()
        Returns if the framework is skipping document-events
        Returns:
        true if document-events will be skipped, false otherwise

      • setSkipDocumentEvents

        public void setSkipDocumentEvents​(boolean skipDocumentEvents)
        specifies if the framework should forward Document-Events or not
        Parameters:
        skipDocumentEvents - set to true when document events should be discarded, false otherwise

      • isDisableSchemaValidation

        public boolean isDisableSchemaValidation()

      • setDisableSchemaValidation

        public void setDisableSchemaValidation​(boolean disableSchemaValidation)

      • getSignatureKeyName

        public String getSignatureKeyName()

      • setSignatureKeyName

        public void setSignatureKeyName​(String signatureKeyName)
        specifies the contents of the KeyInfo/KeyName element for signing
        Parameters:
        signatureKeyName - set to a String that will be passed as contents of the KeyName element

      • getEncryptionKeyName

        public String getEncryptionKeyName()

      • setEncryptionKeyName

        public void setEncryptionKeyName​(String encryptionKeyName)
        specifies the contents of the KeyInfo/KeyName element for encryption
        Parameters:
        encryptionKeyName - set to a String that will be passed as contents of the KeyName element

      • getKeyNameMap

        public Map<String,​Key> getKeyNameMap()
        returns an immutable instance of the map that links KeyName values to actual keys
        Returns:
        keyNameMap set to the map containing KeyNames and Keys

      • addKeyNameMapping

        public void addKeyNameMapping​(String keyname,
                              Key key)

      • isSignatureGenerateIds

        public boolean isSignatureGenerateIds()

      • setSignatureGenerateIds

        public void setSignatureGenerateIds​(boolean signatureGenerateIds)
        specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structures
        Parameters:
        signatureGenerateIds - set to true (default) to generate Id attributes

      • isSignatureIncludeDigestTransform

        public boolean isSignatureIncludeDigestTransform()

      • setSignatureIncludeDigestTransform

        public void setSignatureIncludeDigestTransform​(boolean signatureIncludeDigestTransform)
        specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms list
        Parameters:
        signatureIncludeDigestTransform - set to true (default) to include the transform in the list

      • getSignaturePositionQName

        public QName getSignaturePositionQName()

      • setSignaturePositionQName

        public void setSignaturePositionQName​(QName signaturePositionQName)

      • setAlgorithmParameterSpec

        public void setAlgorithmParameterSpec​(AlgorithmParameterSpec algorithmParameterSpec)