Package org.opensaml.xmlsec.signature.support

Class SignatureSupport

java.lang.Object
org.opensaml.xmlsec.signature.support.SignatureSupport
public final class SignatureSupport extends Object
Helper methods for working with XML Signature.

  • Field Details

    • LOG

      @Nonnull private static final org.slf4j.Logger LOG
      Logger.

    • C14N_ALGORITHMS

      @Nonnull @NonnullElements private static final Set<String> C14N_ALGORITHMS
      Set of known canonicalization algorithm URIs.

  • Constructor Details

    • SignatureSupport

      private SignatureSupport()
      Constructor.

  • Method Details

    • prepareSignatureParams

      public static void prepareSignatureParams(@Nonnull Signature signature, @Nonnull SignatureSigningParameters parameters) throws SecurityException
      Prepare a Signature with necessary additional information prior to signing.

      NOTE:Since this operation modifies the specified Signature object, it should be called prior to marshalling the Signature object.

      The following Signature values will be added:

      • signing credential
      • signature algorithm URI
      • canonicalization algorithm URI
      • reference digest method
      • HMAC output length (if applicable and a value is configured)
      • a KeyInfo element representing the signing credential

      Existing (non-null) values of these parameters on the specified signature will NOT be overwritten, however.

      All values are determined by the specified SignatureSigningParameters. If no value for a required parameter is specified or included on the passed signature, a SecurityException will be thrown.

      Parameters:
      signature - the Signature to be updated
      parameters - the signing parameters to use
      Throws:
      SecurityException - thrown if a required parameter is not supplied in the parameters instance or available on the Signature instance

    • processKeyInfo

      private static void processKeyInfo(Signature signature, SignatureSigningParameters parameters) throws SecurityException
      Prepare the content references.
      Parameters:
      signature - the Signature to be updated
      parameters - the signing parameters to use
      Throws:
      SecurityException - thrown if a required parameter is not supplied in the parameters instance or available on the Signature instance

    • processContentReferences

      private static void processContentReferences(@Nonnull Signature signature, @Nonnull SignatureSigningParameters parameters) throws SecurityException
      Prepare the content references.
      Parameters:
      signature - the Signature to be updated
      parameters - the signing parameters to use
      Throws:
      SecurityException - thrown if a required parameter is not supplied in the parameters instance or available on the Signature instance

    • addOrReplaceReferenceCanonicalizationTransform

      private static void addOrReplaceReferenceCanonicalizationTransform(@Nullable ContentReference cr, @Nullable String uri)
      Process the indicated content reference and either add or replace its canonicalization Transform algorithm with the indicated algorithm.
      Parameters:
      cr - the content reference to process
      uri - the canonicalization algorithm to either add or replace

    • isCanonicalizationAlgorithm

      private static boolean isCanonicalizationAlgorithm(@Nullable String uri)
      Evaluate whether the indicated algorithm URI is a canonicalization algorithm URI.
      Parameters:
      uri - the algorithm URI to evaluate
      Returns:
      true if is a canonicalization algorithm, false otherwise

    • signObject

      public static void signObject(@Nonnull SignableXMLObject signable, @Nonnull SignatureSigningParameters parameters) throws SecurityException, MarshallingException, SignatureException
      Signs a SignableXMLObject.
      Parameters:
      signable - the signable XMLObject to sign
      parameters - the signing parameters to use
      Throws:
      SecurityException - if there is a problem preparing the signature
      MarshallingException - if there is a problem marshalling the XMLObject
      SignatureException - if there is a problem with the signature operation