ApacheXMLDSigner¶
-
public class
ApacheXMLDSigner
implements XMLDSigner¶ This class hides the details for digital signature. The digital signature routines are provided by the Apache XML Security library. We defined a standard way to have the document signed as interface. Different classes will implement the interface using different library behind.
Author: kcyee
Fields¶
DIGEST_METHOD¶
ELEMENT_KEY_INFO¶
ELEMENT_SIGNATURE¶
NAMESPACE_PREFIX_SOAP_ENVELOPE¶
NAMESPACE_URI_SOAP_ENVELOPE¶
SIGNATURE_METHOD¶
TRANSFORM_ALGORITHM_XPATH¶
TRANSFORM_XPATH¶
documents¶
signature¶
-
protected XMLSignature
signature
¶ Internal variable of the Apache XML Security library signature object for doing the actual signing/verifying algorithm.
trusted¶
-
protected CompositeKeyStore
trusted
¶ Internal variable for holding the trusted anchor for certificate path verification.
Constructors¶
Methods¶
addCertResolver¶
-
public void
addCertResolver
(CertResolver certResolver, Object obj)¶
addDocument¶
-
public void
addDocument
(String uri, InputStream is, String contentType)¶ Adds a reference to a document attachment to the signature.
Parameters: - uri – the URI of the document attachment
- is – the input stream of the content of the document
- contentType – the content type of the document
getElement¶
setEnvelope¶
-
public void
setEnvelope
(Document doc, String algo, String digestAlgo)¶ Set the envelope to host the Signature element. That is the XML document where the Signature element to be added. The digital signature here will always be an enveloped signature. The envelope will be included in the process of signing.
Parameters: - doc – the XML document to host the Signature element
- algo – the algorithm used for digital signature. Currently, only two values are tested:
dsa-sha1
andrsa-sha1
. - digestAlgo – the algorithm used for making digest value. Currently, one value is supported:
sha1
Throws: - SignException – internal exception when doing initialization on Apache XML Security library
setEnvelope¶
-
public void
setEnvelope
(Document doc, String algo)¶ Set the envelope to host the Signature element. That is the XML document where the Signature element to be added. The digital signature here will always be an enveloped signature. The envelope will be included in the process of signing.
Parameters: - doc – the XML document to host the Signature element
- algo – the algorithm used for digital signature. Currently, only two values are tested:
dsa-sha1
andrsa-sha1
.
Throws: - SignException – internal exception when doing initialization on Apache XML Security library
setEnvelope¶
-
public void
setEnvelope
(Document doc)¶ Set the envelope to host the Signature element. That is the XML document where the Signature element to be added. The digital signature here will always be an enveloped signature. The envelope will be included in the process of signing.
Parameters: - doc – the XML document to host the Signature element
Throws: - SignException – internal exception when doing initialization on Apache XML Security library
setTrustAnchor¶
-
public void
setTrustAnchor
(CompositeKeyStore ks)¶ Sets the trust anchor for verfication of certificate path.
Parameters: - ks – the keystore providing the trusted certificates
sign¶
-
public void
sign
(CompositeKeyStore ks, String alias, char[] password)¶ Signs the envelope and documents by using the specified key in the keystore.
Parameters: - ks – the keystore holding the key for signing
- alias – the alias of the key for signing
- password – the password for accessing the key for signing
Throws: - SignException – when there is any error in the processing of signing
verify¶
-
public boolean
verify
()¶ Verifies the signature in the envelope passed in, which may reference the documents specified using the addDocument method.
Throws: - VerifyException – when there is any error in the processing of verification
Returns: true if the signature can be verified successfully, false if otherwise.