public class XMLSignatureUtil extends Object
Constructor and Description |
---|
XMLSignatureUtil() |
Modifier and Type | Method and Description |
---|---|
static KeyValueType |
createKeyValue(PublicKey key)
Creates a
KeyValueType that wraps the specified public key. |
static DSAKeyValueType |
getDSAKeyValue(Element element)
Given a dsig:DSAKeyValue element, return
DSAKeyValueType |
static RSAKeyValueType |
getRSAKeyValue(Element element)
Given a dsig:DSAKeyValue element, return
DSAKeyValueType |
static X509Certificate |
getX509CertificateFromKeyInfoString(String certificateString)
Given the X509Certificate in the keyinfo element, get a
X509Certificate |
static void |
marshall(Document signedDocument,
OutputStream os)
Marshall the signed document to an output stream
|
static void |
marshall(SignatureType signature,
OutputStream os)
Marshall a SignatureType to output stream
|
static void |
propagateIDAttributeSetup(Node sourceNode,
Element destElement)
Setup the ID attribute into
destElement depending on the isId flag of an attribute of
sourceNode . |
static void |
setIncludeKeyInfoInSignature(boolean includeKeyInfoInSignature)
Use this method to not include the KeyInfo in the signature
|
static Document |
sign(Document doc,
KeyPair keyPair,
String digestMethod,
String signatureMethod,
String referenceURI,
String canonicalizationMethodType)
Sign the root element
|
static Document |
sign(Document doc,
KeyPair keyPair,
String digestMethod,
String signatureMethod,
String referenceURI,
X509Certificate x509Certificate,
String canonicalizationMethodType)
Sign the root element
|
static Document |
sign(Document doc,
Node nodeToBeSigned,
KeyPair keyPair,
String digestMethod,
String signatureMethod,
String referenceURI,
X509Certificate x509Certificate,
String canonicalizationMethodType)
Sign a node in a document
|
static void |
sign(Element elementToSign,
Node nextSibling,
KeyPair keyPair,
String digestMethod,
String signatureMethod,
String referenceURI,
String canonicalizationMethodType)
Sign only specified element (assumption is that it already has ID attribute set)
|
static void |
sign(Element elementToSign,
Node nextSibling,
KeyPair keyPair,
String digestMethod,
String signatureMethod,
String referenceURI,
X509Certificate x509Certificate,
String canonicalizationMethodType)
Sign only specified element (assumption is that it already has ID attribute set)
|
static Document |
sign(SignatureUtilTransferObject dto,
String canonicalizationMethodType)
Sign the root element
|
static boolean |
validate(Document signedDoc,
Key publicKey)
Validate a signed document with the given public key
|
public static void setIncludeKeyInfoInSignature(boolean includeKeyInfoInSignature)
includeKeyInfoInSignature
- public static Document sign(Document doc, Node nodeToBeSigned, KeyPair keyPair, String digestMethod, String signatureMethod, String referenceURI, X509Certificate x509Certificate, String canonicalizationMethodType) throws ParserConfigurationException, GeneralSecurityException, MarshalException, XMLSignatureException
doc
- nodeToBeSigned
- keyPair
- digestMethod
- signatureMethod
- referenceURI
- ParserConfigurationException
XMLSignatureException
MarshalException
GeneralSecurityException
public static void sign(Element elementToSign, Node nextSibling, KeyPair keyPair, String digestMethod, String signatureMethod, String referenceURI, String canonicalizationMethodType) throws GeneralSecurityException, MarshalException, XMLSignatureException
elementToSign
- element to sign with set IDnextSibling
- child of elementToSign, which will be used as next sibling of created signaturekeyPair
- digestMethod
- signatureMethod
- referenceURI
- GeneralSecurityException
MarshalException
XMLSignatureException
public static void sign(Element elementToSign, Node nextSibling, KeyPair keyPair, String digestMethod, String signatureMethod, String referenceURI, X509Certificate x509Certificate, String canonicalizationMethodType) throws GeneralSecurityException, MarshalException, XMLSignatureException
elementToSign
- element to sign with set IDnextSibling
- child of elementToSign, which will be used as next sibling of created signaturekeyPair
- digestMethod
- signatureMethod
- referenceURI
- x509Certificate
- X509Certificate
to be placed in SignedInfoGeneralSecurityException
MarshalException
XMLSignatureException
public static void propagateIDAttributeSetup(Node sourceNode, Element destElement)
destElement
depending on the isId
flag of an attribute of
sourceNode
.sourceNode
- public static Document sign(Document doc, KeyPair keyPair, String digestMethod, String signatureMethod, String referenceURI, String canonicalizationMethodType) throws GeneralSecurityException, MarshalException, XMLSignatureException
doc
- digestMethod
- signatureMethod
- referenceURI
- GeneralSecurityException
XMLSignatureException
MarshalException
public static Document sign(Document doc, KeyPair keyPair, String digestMethod, String signatureMethod, String referenceURI, X509Certificate x509Certificate, String canonicalizationMethodType) throws GeneralSecurityException, MarshalException, XMLSignatureException
doc
- digestMethod
- signatureMethod
- referenceURI
- GeneralSecurityException
XMLSignatureException
MarshalException
public static Document sign(SignatureUtilTransferObject dto, String canonicalizationMethodType) throws GeneralSecurityException, MarshalException, XMLSignatureException
GeneralSecurityException
XMLSignatureException
MarshalException
public static boolean validate(Document signedDoc, Key publicKey) throws MarshalException, XMLSignatureException
signedDoc
- publicKey
- MarshalException
XMLSignatureException
public static void marshall(SignatureType signature, OutputStream os) throws JAXBException, SAXException
signature
- os
- SAXException
JAXBException
public static void marshall(Document signedDocument, OutputStream os) throws TransformerException
signedDocument
- os
- TransformerException
public static X509Certificate getX509CertificateFromKeyInfoString(String certificateString) throws ProcessingException
X509Certificate
certificateString
- ProcessingException
public static DSAKeyValueType getDSAKeyValue(Element element) throws ParsingException
DSAKeyValueType
element
- ProcessingException
ParsingException
public static RSAKeyValueType getRSAKeyValue(Element element) throws ParsingException
DSAKeyValueType
element
- ProcessingException
ParsingException
public static KeyValueType createKeyValue(PublicKey key)
Creates a KeyValueType
that wraps the specified public key. This method supports DSA and RSA keys.
key
- the PublicKey
that will be represented as a KeyValueType
.KeyValueType
or null
if the specified key is neither a DSA nor a RSA
key.Copyright © 2016 JBoss by Red Hat. All rights reserved.