XMLSignatureManager.java revision a688bcbb4bcff5398fdd29b86f83450257dc0df4
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: XMLSignatureManager.java,v 1.11 2009/08/29 03:06:47 mallas Exp $
*
*/
/**
* The class <code>XMLSignatureManager</code> provides methods
* to sign and verify XML signature.
* <p>
*/
public class XMLSignatureManager {
// Singleton instance of XMLSignatureManager
static {
try {
} catch (NumberFormatException e) {
e.printStackTrace();
}
}
}
/**
* Constructor
*/
protected XMLSignatureManager() {
try {
} catch (Exception e) {
"constructor error");
}
}
/**
*Constructor
*/
sp = sigProvider;
}
/**
* Gets the singleton instance of <code>XMLSignatureManager</code> with
* default <code>KeyProvider</code> and <code>SignatureProvider</code>.
* @return <code>XMLSignatureManager</code>
*/
public static XMLSignatureManager getInstance() {
synchronized (XMLSignatureManager.class) {
"Constructing a new instance"
+ " of XMLSignatureManager");
}
instance = new XMLSignatureManager();
}
}
}
return (instance);
}
/**
* Get an instance of <code>XMLSignatureManager</code> with specified
* <code>KeyProvider</code> and <code>SignatureProvider</code>.
* @param keyProvider <code>KeyProvider</code>
* @param sigProvider <code>SignatureProvider</code>.
* @return <code>XMLSignatureManager</code>.
*/
}
/**
* Returns the SignatureProvider
* @return SignatureKeyProvider instance
*/
public SignatureProvider getSignatureProvider() {
return sp;
}
/**
* Sign the XML document using enveloped signatures.
* @param doc XML dom object
* @param certAlias Signer's certificate alias name
* @return signature dom object
* @throws XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign the XML document using enveloped signatures.
* @param doc XML dom object
* @param certAlias Signer's certificate alias name
* @param algorithm signature algorithm
* @return signature dom object
* @throws XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign the XML string using enveloped signatures.
* @param XML XML string to be signed
* @param certAlias Signer's certificate alias name
* @return XML signature string
* @throws XMLSignatureException if the XML string could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign the XML string using enveloped signatures.
* @param XML XML string to be signed
* @param certAlias Signer's certificate alias name
* @param algorithm signature algorithm
* @return XML signature string
* @throws XMLSignatureException if the XML string could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign part of the XML document referred by the supplied id attribute using
enveloped signatures and use exclusive XML canonicalization.
* @param doc XML dom object
* @param certAlias Signer's certificate alias name
* @param algorithm XML signature algorithm
* @param id attribute value of the node to be signed
* @return signature dom object
* @throws XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign part of the XML document referred by the supplied id attribute
* using enveloped signatures and use exclusive XML canonicalization.
* @param doc XML dom object
* @param certAlias Signer's certificate alias name
* @param algorithm XML signature algorithm
* @param id id attribute value of the node to be signed
* @param xpath expression should uniquely identify a node before which
* @return signature dom object
* @throws XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign part of the XML document referred by the supplied id attribute
* using enveloped signatures and use exclusive XML canonicalization.
* @param doc XML dom object
* @param certAlias Signer's certificate alias name
* @param algorithm XML signature algorithm
* @param idAttrName attribute name for the id attribute of the node to be
* signed.
* @param id id attribute value of the node to be signed
* @param includeCert if true, include the signing certificate in
* <code>KeyInfo</code>. if false, does not include the signing
* certificate.
* @return signature dom object
* @throws XMLSignatureException if the document could not be signed
*/
boolean includeCert)
throws XMLSignatureException {
}
/**
* Sign part of the XML document referred by the supplied id attribute
* using enveloped signatures and use exclusive XML canonicalization.
* @param xmlString a string representing XML dom object
* @param certAlias Signer's certificate alias name
* @param algorithm XML signature algorithm
* @param idAttrName attribute name for the id attribute of the node to be
* signed.
* @param id id attribute value of the node to be signed
* @param includeCert if true, include the signing certificate in
* <code>KeyInfo</code>.
* if false, does not include the signing certificate.
* @return a string of signature dom object
* @throws XMLSignatureException if the document could not be signed
*/
boolean includeCert)
throws XMLSignatureException {
}
/**
* Sign part of the XML document referred by the supplied id attribute
* using enveloped signatures and use exclusive XML canonicalization.
* @param doc XML dom object
* @param certAlias Signer's certificate alias name
* @param algorithm XML signature algorithm
* @param idAttrName attribute name for the id attribute of the node to be
* signed.
* @param id id attribute value of the node to be signed
* @param includeCert if true, include the signing certificate in
* <code>KeyInfo</code>.
* if false, does not include the signing certificate.
* @param xpath expression should uniquely identify a node before which
* @return signature dom object
* @throws XMLSignatureException if the document could not be signed
*/
boolean includeCert,
throws XMLSignatureException {
}
/**
* Sign the XML string using enveloped signatures.
* @param xmlString XML string to be signed
* @param certAlias Signer's certificate alias name
* @param algorithm XML Signature algorithm
* @param id id attribute value of the node to be signed
* @return XML signature string
* @throws XMLSignatureException if the XML string could not be signed
*/
throws XMLSignatureException {
}
/**
*
* Sign part of the XML document referred by the supplied a list
* of id attributes of nodes
* @param doc XML dom object
* @param certAlias Signer's certificate alias name
* @param algorithm XML signature algorithm
* @param ids list of id attribute values of nodes to be signed
* @return signature dom object
* @throws XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign part of the XML document referred by the supplied a list
* of id attributes of nodes
* @param xmlString XML dom object's string format
* @param certAlias Signer's certificate alias name
* @param algorithm XML signature algorithm
* @param ids list of id attribute values of nodes to be signed
* @return XML signature string
* @throws XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign part of the XML document referred by the supplied a list
* of id attributes of nodes
* @param doc XML dom object
* @param certAlias Signer's certificate alias name
* @param algorithm XML signature algorithm
* @param transformAlag XML signature transform algorithm
* Those transfer constants are defined as
* <code>SAMLConstants.TRANSFORM_XXX</code>.
* @param ids list of id attribute values of nodes to be signed
* @return XML signature element
* @throws XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign part of the XML document referred by the supplied a list
* of id attributes of nodes
* @param doc XML dom object
* @param cert signer's Certificate
* @param assertionID assertion ID for the SAML Security Token
* @param algorithm XML signature algorithm
* @param ids list of id attribute values of nodes to be signed
* @return SAML Security Token signature
* @throws XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign part of the XML document referred by the supplied a list
* of id attributes of nodes
* @param doc XML dom object
* @param cert signer's Certificate
* @param assertionID assertion ID for the SAML Security Token
* @param algorithm XML signature algorithm
* @param ids list of id attribute values of nodes to be signed
* @param wsfVersion the web services framework that should be used.
* For WSF1.1, the version must be "1.1" and for WSF1.0,
* it must be "1.0"
* @return SAML Security Token signature
* @exception XMLSignatureException if the document could not be signed
*/
}
/**
* Sign part of the XML document referred by the supplied a list
* of id attributes of nodes
* @param doc XML dom object
* @param cert signer's Certificate
* @param assertionID assertion ID for the SAML Security Token
* @param algorithm XML signature algorithm
* @param ids list of id attribute values of nodes to be signed
* @return SAML Security Token signature
* @throws XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
* Sign part of the XML document referred by the supplied a list
* of id attributes of nodes using SAML Token.
* @param doc XML dom object
* @param key the key that will be used to sign the document.
* @param symmetricKey true if the supplied key is a symmetric key type.
* @param signingCert signer's Certificate. If present, this certificate
* will be added as part of signature <code>KeyInfo</code>.
* @param encryptCert the certificate if present will be used to encrypt
* the symmetric key and replay it as part of <code>KeyInfo</code>
* @param assertionID assertion ID for the SAML Security Token
* @param algorithm XML signature algorithm
* @param ids list of id attribute values of nodes to be signed
* @return SAML Security Token signature
* @throws XMLSignatureException if the document could not be signed
*/
boolean symmetricKey,
throws XMLSignatureException {
}
throws XMLSignatureException {
}
/**
* Sign part of the XML document wth binary security token using
* referred by the supplied a list of id attributes of nodes.
* @param doc the XML <code>DOM</code> document.
* @param cert Signer's certificate
* @param algorithm XML signature algorithm
* @param ids list of id attribute values of nodes to be signed
* @param refenceType signed element reference type
* @return X509 Security Token signature
* @exception XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
ids, refenceType);
}
/**
* Sign part of the XML document wth UserName security token using
* referred by the supplied a list of id attributes of nodes.
* @param doc the XML <code>DOM</code> document.
* @param cert Signer's certificate
* @param algorithm XML signature algorithm
* @param ids list of id attribute values of nodes to be signed
* @return X509 Security Token signature
* @exception XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
*
* Sign part of the XML document referred by the supplied a list
* of id attributes of nodes
* @param doc XML dom object
* @param cert Signer's certificate
* @param algorithm XML signature algorithm
* @param ids list of id attribute values of nodes to be signed
* @return X509 Security Token signature
* @throws XMLSignatureException if the document could not be signed
*/
}
/**
*
* Sign part of the XML document referred by the supplied a list
* of id attributes of nodes
* @param doc XML dom object
* @param cert Signer's certificate
* @param algorithm XML signature algorithm
* @param ids list of id attribute values of nodes to be signed
* @param wsfVersion the web services framework that should be used.
* For WSF1.1, it should be "1.1" and for WSF1.0,
* it should be "1.0"
* @return X509 Security Token signature
* @exception XMLSignatureException if the document could not be signed
*/
throws XMLSignatureException {
}
/**
* Verify all the signatures of the XML document
* @param document XML dom document whose signature to be verified
* @return true if the XML signature is verified, false otherwise
* @throws XMLSignatureException if problem occurs during verification
*/
throws XMLSignatureException {
}
/**
* Verify all the signatures of the XML document
* @param document XML dom document whose signature to be verified
* @param certAlias alias for Signer's certificate, this is used to search
* signer's public certificate if it is not presented in
* <code>ds:KeyInfo</code>.
* @return true if the XML signature is verified, false otherwise
* @throws XMLSignatureException if problem occurs during verification
*/
throws XMLSignatureException {
}
/**
* Verify the signature of the XML document
* @param document XML dom document whose signature to be verified
* @param cert Signer's certificate, this is used to search signer's
* public certificate if it is not presented in
* <code>ds:KeyInfo</code>.
* @return true if the XML signature is verified, false otherwise
* @throws XMLSignatureException if problem occurs during verification
*/
throws XMLSignatureException {
}
/**
* Verify the signature of the XML document
* @param element XML dom document whose signature to be verified
* @return true if the XML signature is verified, false otherwise
* @throws XMLSignatureException if problem occurs during verification
*/
throws XMLSignatureException {
}
/**
* Verify the signature of the XML document
* @param element XML dom document whose signature to be verified
* @param certAlias alias for Signer's certificate, this is used to search
* signer's public certificate if it is not presented in
* <code>ds:KeyInfo</code>
* @return true if the XML signature is verified, false otherwise
* @throws XMLSignatureException if problem occurs during verification
*/
throws XMLSignatureException {
}
/**
* Verify the signature of the XML document
* @param element XML dom document whose signature to be verified
* @param idAttrName Attribute name for the id attribute
* @param certAlias alias for Signer's certificate, this is used to search
* signer's public certificate if it is not presented in
* <code>ds:KeyInfo</code>.
* @return true if the XML signature is verified, false otherwise
* @throws XMLSignatureException if problem occurs during verification
*/
throws XMLSignatureException {
}
/**
* Verify the signature of the XML string
* @param XML XML string whose signature to be verified
* @return true if the XML signature is verified, false otherwise
* @throws XMLSignatureException if problem occurs during verification
*/
throws XMLSignatureException {
}
/**
* Verify the signature of the XML string
* @param XML XML string whose signature to be verified
* @param certAlias alias for Signer's certificate, this is used to search
* signer's public certificate if it is not presented in
* <code>ds:KeyInfo</code>/
* @return true if the XML signature is verified, false otherwise
* @throws XMLSignatureException if problem occurs during verification
*/
throws XMLSignatureException {
}
/**
* Verify the signature of the XML string
* @param xmlString XML string whose signature to be verified
* @param idAttrName Attribute name for the id attribute
* @param certAlias <code>certAlias</code> for Signer's certificate,
* this is used to search signer's public certificate if it is not
* presented in <code>ds:KeyInfo</code>.
* @return true if the XML signature is verified, false otherwise.
* @throws XMLSignatureException if problem occurs during verification.
*/
throws XMLSignatureException {
}
/**
* Verify all the signatures of the XML document
* @param wsfVersion the web services version that should be used.
* @param certAlias alias for Signer's certificate, this is used to search
* signer's public certificate if it is not presented in
* <code>ds:KeyInfo</code>.
* @param document XML dom document whose signature to be verified
* @return true if the XML signature is verified, false otherwise
* @exception XMLSignatureException if problem occurs during verification.
*/
}
/**
* Verify all the signatures of the XML document for the
* web services security.
* @param document XML dom document whose signature to be verified
*
* @param certAlias alias for Signer's certificate, this is used to search
* signer's public certificate if it is not presented in
* <code>ds:KeyInfo</code>.
* @return true if the XML signature is verified, false otherwise
* @throws XMLSignatureException if problem occurs during verification
*/
throws XMLSignatureException {
}
/**
* Verify web services message signature using specified key
* @param document the document to be validated
* @param key the secret key to be used for validating signature
* @return true if verification is successful.
* @throws com.sun.identity.saml.xmlsig.XMLSignatureException
*/
throws XMLSignatureException {
}
/**
* Verify web services message signature using specified key
* @param document the document to be validated
* @param key the secret key to be used for validating signature
* @param certAlias the certificate alias used for validating the signature
* if the key is not available.
* @param encryptAlias the certificate alias that may be used to decrypt
* the symmetric key that may be part of <code>KeyInfo</code>
* @return true if verification is successful.
* @throws com.sun.identity.saml.xmlsig.XMLSignatureException
*/
throws XMLSignatureException {
}
/**
* Get <code>KeyProvider</code>
* @return <code>KeyProvider</code>
*/
public KeyProvider getKeyProvider() {
return sp.getKeyProvider();
}
}