a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: SignatureProvider.java,v 1.10 2009/08/29 03:06:47 mallas Exp $
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * Portions Copyrighted 2013 ForgeRock, Inc.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This is an interface to be implemented to sign and verify XML signature.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Initialize the key provider
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param keyProvider <code>KeyProvider</code> object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public void initialize(KeyProvider keyProvider);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign the XML document using enveloped signatures.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return signature Element object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign the XML document using enveloped signatures.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML Signature Algorithm, such as
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster <code>SAMLConstants.ALGO_ID_SIGNATURE_DSA</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return signature Element object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign the XML string using enveloped signatures.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xmlString XML string to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return XML signature string
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the XML string could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public java.lang.String signXML(java.lang.String xmlString,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign the XML string using enveloped signatures.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xmlString XML string to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML Signature Algorithm, such as
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster <code>SAMLConstants.ALGO_ID_SIGNATURE_DSA</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return XML signature string
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the XML string could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public java.lang.String signXML(java.lang.String xmlString,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied id attribute using
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster enveloped signatures and use exclusive XML canonicalization.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param id attribute value of the node to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return signature dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied id attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * using enveloped signatures and use exclusive XML canonicalization.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param id id attribute value of the node to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xpath expression should uniquely identify a node before which
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return signature dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied id attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * using enveloped signatures and use exclusive XML canonicalization.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idAttrName attribute name for the id attribute of the node to be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param id id attribute value of the node to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param includeCert if true, include the signing certificate in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>KeyInfo</code>. if false, does not include the signing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * certificate.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return signature dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied id attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * using enveloped signatures and use exclusive XML canonicalization.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xmlString a string representing XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idAttrName attribute name for the id attribute of the node to be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param id id attribute value of the node to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param includeCert if true, include the signing certificate in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>KeyInfo</code>. if false, does not include the signing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * certificate.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return a string of signature dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public java.lang.String signXML(java.lang.String xmlString,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied id attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * using enveloped signatures and use exclusive XML canonicalization.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idAttrName attribute name for the id attribute of the node to be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param id id attribute value of the node to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param includeCert if true, include the signing certificate in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>KeyInfo</code>. if false, does not include the signing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * certificate.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xpath expression should uniquely identify a node before which
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return signature dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * Sign part of the XML document referred by the supplied id attribute
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * using enveloped signatures and use exclusive XML canonicalization.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * @param doc XML dom object
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * @param certAlias Signer's certificate alias name
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * @param encryptedKeyPass Use the supplied encrypted key password to get the private key
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * @param algorithm XML signature algorithm
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * @param idAttrName attribute name for the id attribute of the node to be
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * @param id id attribute value of the node to be signed
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * @param includeCert if true, include the signing certificate in
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * <code>KeyInfo</code>.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * if false, does not include the signing certificate.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * @param xpath expression should uniquely identify a node before which
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * @return signature dom object
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * @throws XMLSignatureException if the document could not be signed
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper public Element signXMLUsingKeyPass(Document doc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied id attribute using
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster enveloped signatures and use exclusive XML canonicalization.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xmlString XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param id id attribute value of the node to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return signature dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public java.lang.String signXML(java.lang.String xmlString,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied a list
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of id attributes of nodes
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return signature dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied a list
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of id attributes of nodes
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xmlString XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return XML signature string
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public java.lang.String signXML(java.lang.String xmlString,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied a list
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of id attributes of nodes
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param transformAlag XML signature transform algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Those transfer constants are defined as
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SAMLConstants.TRANSFORM_XXX</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return XML signature element
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signXML(org.w3c.dom.Document doc,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied a list
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of id attributes of nodes
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param cert signer's Certificate
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param assertionID assertion ID for the SAML Security Token
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return SAML Security Token signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signWithWSSSAMLTokenProfile(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied a list
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of id attributes of nodes
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param cert signer's Certificate
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param assertionID assertion ID for the SAML Security Token
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param wsfVersion the web services framework that should be used.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * For WSF1.1, the version must be "1.1" and for WSF1.0,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * it must be "1.0"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return SAML Security Token signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signWithWSSSAMLTokenProfile(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster org.w3c.dom.Document doc, java.security.cert.Certificate cert,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String assertionID, String algorithm, java.util.List ids,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String wsfVersion) throws XMLSignatureException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied a list
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of id attributes of nodes
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param cert signer's Certificate
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param assertionID assertion ID for the SAML Security Token
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return SAML Security Token signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied a list
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of id attributes of nodes using SAML Token.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param key the key that will be used to sign the document.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param symmetricKey true if the supplied key is a symmetric key type.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param signingCert signer's Certificate. If present, this certificate
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * will be added as part of signature <code>KeyInfo</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param encryptCert the certificate if present will be used to encrypt
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the symmetric key and replay it as part of <code>KeyInfo</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param assertionID assertion ID for the SAML Security Token
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return SAML Security Token signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document wth binary security token using
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * referred by the supplied a list of id attributes of nodes.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc the XML <code>DOM</code> document.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param cert Signer's certificate
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param refenceType signed element reference type
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return X509 Security Token signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signWithBinarySecurityToken(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document wth kerberos security token using
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * referred by the supplied a list of id attributes of nodes.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc the XML <code>DOM</code> document.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param key Security Key.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return Kerberos Security Token signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signWithKerberosToken(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document wth UserName security token using
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * referred by the supplied a list of id attributes of nodes.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc the XML <code>DOM</code> document.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param cert Signer's certificate
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return X509 Security Token signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signWithUserNameToken(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied a list
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of id attributes of nodes
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param cert Signer's certificate
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return X509 Security Token signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signWithWSSX509TokenProfile(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster org.w3c.dom.Document doc, java.security.cert.Certificate cert,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String algorithm, java.util.List ids) throws XMLSignatureException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Sign part of the XML document referred by the supplied a list
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of id attributes of nodes
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param doc XML dom object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param cert Signer's certificate
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param algorithm XML signature algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param ids list of id attribute values of nodes to be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param wsfVersion the web services framework that should be used.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * For WSF1.1, it should be "1.1" and for WSF1.0,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * it should be "1.0"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return X509 Security Token signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception XMLSignatureException if the document could not be signed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public org.w3c.dom.Element signWithWSSX509TokenProfile(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster org.w3c.dom.Document doc, java.security.cert.Certificate cert,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String algorithm, java.util.List ids, String wsfVersion)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify all the signatures of the XML document
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param document XML dom document whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyXMLSignature(org.w3c.dom.Document document)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify all the signatures of the XML document
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param document XML dom document whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias alias for Signer's certificate, this is used to search
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * signer's public certificate if it is not presented in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>ds:KeyInfo</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyXMLSignature(org.w3c.dom.Document document,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify the signature of the XML document
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param document XML dom document whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param cert Signer's certificate, this is used to search signer's
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * public certificate if it is not presented in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>ds:KeyInfo</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyXMLSignature(org.w3c.dom.Document document,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify the signature of the XML document
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param element XML dom document whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyXMLSignature(org.w3c.dom.Element element)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify the signature of the XML document
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param element XML dom document whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias <code>certAlias</code> Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyXMLSignature(org.w3c.dom.Element element,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify the signature of the XML document
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param element XML dom document whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idAttrName Attribute name for the id attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias <code>certAlias</code> Signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyXMLSignature(org.w3c.dom.Element element,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify the signature of the XML string
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xmlString XML string whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyXMLSignature(java.lang.String xmlString)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify the signature of the XML string
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xmlString XML string whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias <code>certAlias</code> signer's certificate alias name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyXMLSignature(java.lang.String xmlString,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify the signature of the XML string
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param xmlString XML string whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param idAttrName Attribute name for the id attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias <code>certAlias</code> alias for Signer's certificate,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * this is used to search signer's public certificate if it is not
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * presented in <code>ds:KeyInfo</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyXMLSignature(java.lang.String xmlString,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify all the signatures of the XML document
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param wsfVersion the web services framework that should be used.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * For WSF1.1, it should be "1.1" and for WSF1.0, it should be "1.0"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias alias for Signer's certificate, this is used to search
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * signer's public certificate if it is not presented in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>ds:KeyInfo</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param document XML dom document whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify all the signatures of the XML document for the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * web services security.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param document XML dom document whose signature to be verified
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias alias for Signer's certificate, this is used to search
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * signer's public certificate if it is not presented in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>ds:KeyInfo</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the XML signature is verified, false otherwise
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws XMLSignatureException if problem occurs during verification
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyWSSSignature(org.w3c.dom.Document document,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify web services message signature using specified key
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param document the document to be validated
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param key the secret key to be used for validating signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if verification is successful.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws com.sun.identity.saml.xmlsig.XMLSignatureException
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyWSSSignature(org.w3c.dom.Document document,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Verify web services message signature using specified key
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param document the document to be validated
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param key the secret key to be used for validating signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param certAlias the certificate alias used for validating the signature
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * if the key is not available.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param encryptAlias the certificate alias that may be used to decrypt
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the symmetric key that may be part of <code>KeyInfo</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if verification is successful.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws com.sun.identity.saml.xmlsig.XMLSignatureException
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public boolean verifyWSSSignature(org.w3c.dom.Document document,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns the real key provider.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return the real key provider.