public class XSecProvider extends Provider
Modifier and Type | Class and Description |
---|---|
static interface |
XSecProvider.ClassForNameHook
Deprecated.
This is an experimental feature and may be consolidated in a
future Version. It is planned to move this functionality to a
util package.
|
static class |
XSecProvider.Purpose |
static interface |
XSecProvider.SysPropertyHook
Deprecated.
This is an experimental feature and may be consolidated in a
future Version.
|
Provider.Service
Modifier and Type | Field and Description |
---|---|
static String |
DOM
The mechanism type of this provider
|
static String |
FirstProviderFound
If this string is passed to
setDelegationProvider(String, String)
as the second parameter the provider framework is used to find the first
implementation for the given algorithm, otherwise XSECT will preferably use
itself where possible. |
static String |
NAME |
static Provider |
PFirstProviderFound
If this
dummy Provider Object is passed to
setDelegationProvider(String, Provider, Purpose) as the second
parameter the provider framework is used to find the first implementation
for the given algorithm, otherwise XSECT will preferably use itself where
possible. |
static Map |
XERCES_XALAN_JDK_PACKAGE_MAP |
defaults
Constructor and Description |
---|
XSecProvider()
Creates a new instance of this
Provider . |
Modifier and Type | Method and Description |
---|---|
static void |
addAsProvider(boolean printStatusInfo)
Static method which installs the SecurityProviders XSECT and
IAIK and prints some system properties if desired.
|
static void |
addAsProvider(boolean printStatusInfo,
boolean forJDK14)
Static method which installs the SecurityProviders XSECT and
IAIK and prints some system properties if desired.
|
static Class |
classForName(String className)
This method provides a single point through which all the Class loading of
Classes not provided by XSECT and loaded by
Class.forName(java.lang.String) is performed. |
static void |
disableOptionalClassLoading(boolean disable)
Disable tentative class loading of optional classes?
Some features can only be supported if optional classes are available. |
static String |
getDelegationProvider(String algorithm)
Deprecated.
please use
getDelegationProvider(String, Purpose)
instead - especially for java 1.5 or higher. |
static Provider |
getDelegationProvider(String algorithm,
XSecProvider.Purpose purpose) |
static XSecProvider |
getInstance() |
static String |
getPackageName(String pkg)
Allows to retrieve the package name for Xerces/Xalan delivered with the
JDK.
|
String |
getProperty(String key) |
String |
getProperty(String key,
String defaultValue) |
static String |
getSysProperty(String key) |
static String |
getSysProperty(String key,
String def) |
URIDereferencer |
getURIDereferencer()
Returns the default URIDereferencer used by the Provider.
|
protected void |
init() |
static boolean |
lateAlgorithmInstantiation() |
static boolean |
lateAlgorithmProxyInstantiation() |
static boolean |
optionalClassLoading()
Returns
true if tentative class loading is enabled (default). |
static boolean |
preferIAIKoverJCA()
With the system property "iaik.xml.crypto.XSecProvider.preferIAIKoverJCA"
one can control if XSECT uses the IAIK provider before consulting the JCA
provider framework
|
static void |
setClassForNameHook(XSecProvider.ClassForNameHook classForNameHook)
Deprecated.
This is an experimental feature and may be consolidated in a
future Version. It is planned to move this functionality to a
util package.
|
static void |
setDelegationProvider(String algorithm,
Provider provider,
XSecProvider.Purpose purpose)
Deprecated.
Experimental and will only work with
lateAlgorithmInstantiation() ;
lateAlgorithmProxyInstantiation() returning true. |
static void |
setDelegationProvider(String algorithm,
String provider)
Sets the name of a (registered)
Provider that should be used to get
an implementation of the specified algorithm . |
static void |
setJDKsXercesXalan()
This method can be called in a static block of your application, and causes
the JDK's Xerces/Xalan to be used, if available.
|
static void |
setPostSignHook(XMLSignatureProcessingHook hook)
Provides means to enforce constraints or arbitrary processing on the
signature immeadiately after signing.
|
static void |
setPostVerifyHook(XMLSignatureProcessingHook hook)
Provides means to enforce constraints or arbitrary processing on the
signature immeadiately after verifying.
|
static void |
setPreSignHook(XMLSignatureProcessingHook hook)
Provides means to enforce constraints or arbitrary processing on the
signature immeadiately before signing.
|
static void |
setPreVerifyHook(XMLSignatureProcessingHook hook)
Provides means to enforce constraints or arbitrary processing on the
signature immeadiately before verifying.
|
static void |
setSysProperty(String key,
String value)
Provides a means to intercept all tries by XSECT to set
system properties by setting a
SYS_PROPERTY_HOOK . |
static void |
setSysPropertyHook(XSecProvider.SysPropertyHook sysPropertyHook)
Deprecated.
This is an experimental feature and may be consolidated in a
future Version.
|
void |
undoARCFourBugFix(boolean undo)
There has been in a bug in the mapping from
XmldsigMore.ENCRYPTION_ARCFOUR to the actual
Cipher . |
static Boolean |
useJDKsXercesXalan()
This method let's you find out if
setJDKsXercesXalan() has been
called. |
clear, compute, computeIfAbsent, computeIfPresent, elements, entrySet, forEach, get, getInfo, getName, getOrDefault, getService, getServices, getVersion, keys, keySet, load, merge, put, putAll, putIfAbsent, putService, remove, remove, removeService, replace, replace, replaceAll, toString, values
list, list, load, loadFromXML, propertyNames, save, setProperty, store, store, storeToXML, storeToXML, stringPropertyNames
clone, contains, containsKey, containsValue, equals, hashCode, isEmpty, rehash, size
public static final String NAME
public static final String DOM
public static final String FirstProviderFound
setDelegationProvider(String, String)
as the second parameter the provider framework is used to find the first
implementation for the given algorithm, otherwise XSECT will preferably use
itself where possible. It has to be this very same object (
FirstProviderFound
) as a "==" comparison is used and it's value
has no significance. Use this with care as the reflexive delegation of
XSECT will be sufficient for most use cases.public static final Provider PFirstProviderFound
dummy Provider Object
is passed to
setDelegationProvider(String, Provider, Purpose)
as the second
parameter the provider framework is used to find the first implementation
for the given algorithm, otherwise XSECT will preferably use itself where
possible. It has to be this very same object (PFirstProviderFound
)
as a "==" comparison is used and it's value has no significance. Use this
with care as the reflexive delegation of XSECT will be sufficient for most
use cases.public static final Map XERCES_XALAN_JDK_PACKAGE_MAP
public static void addAsProvider(boolean printStatusInfo)
printStatusInfo
- prints some status information and system propertiespublic static void addAsProvider(boolean printStatusInfo, boolean forJDK14)
printStatusInfo
- prints some status information and system propertiesforJDK14
- whether to use a workaround allowing to use IAIK as first provider
with JDK1.4public static boolean preferIAIKoverJCA()
public static boolean lateAlgorithmInstantiation()
public static boolean lateAlgorithmProxyInstantiation()
public static Provider getDelegationProvider(String algorithm, XSecProvider.Purpose purpose) throws NoSuchAlgorithmException
NoSuchAlgorithmException
public static String getDelegationProvider(String algorithm) throws NoSuchAlgorithmException
getDelegationProvider(String, Purpose)
instead - especially for java 1.5 or higher.Provider
for the given algorithm
that has been set using the setDelegationProvider(String, String)
method.algorithm
- a string identifying the algorithm (see
setDelegationProvider(String, String)
)null
if no provider has
been set and the standard provider selection mechanism should be
usedNoSuchAlgorithmException
public static void setDelegationProvider(String algorithm, String provider)
Provider
that should be used to get
an implementation of the specified algorithm
. If no provider
has been set for a specific algorithm, the default provider selection
mechanism is used to get an implementation of that algorithm.
algorithm
string is build like follows
algorithmType.algorithmNamewhere
algorithmType
is one of MessageDigest
for
MessageDigest
s, Signature
for
Signature
s, Mac
for
Mac
s, Cipher
for
Cipher
s or KeyFactory
for
KeyFactory
s. and algorithmName
is the
default algorithm name of the corresponding algorithm according to the
JCA/JCE specification.
For example: MessageDigest.SHA1
All algorithms implemented directly by XSECT are per default reflexively
delegated to XSECT itself. This is necessary as foreign implementations do
not necessarily implement all algorithms or
NodeSetData
is unfortunately not returned in
document order by all other implementations.
algorithm
- a string identifying the algorithm as specified aboveprovider
- the name of a registered Provider
, a value of
null
removes the setting for the given algorithm.
Passing FirstProviderFound
for an algorithm implemented by
XSECT removes the default reflexive delegation.public static void setDelegationProvider(String algorithm, Provider provider, XSecProvider.Purpose purpose)
lateAlgorithmInstantiation()
;
lateAlgorithmProxyInstantiation()
returning true.algorithm
- provider
- either an instance of the Provider
or
the name of the Provider
. (may be null to
delete a delegation)purpose
- if null this will be the default if no purpose matchespublic static void disableOptionalClassLoading(boolean disable)
XSECT tries to load the corresponding classes and enables the corresponding features if avaliable. However, in some environments tentative class loading may be problematic (for example, class loading may be delayed in applets).
This method may be used to disable tentative class loading. PLEASE NOTE: It
must be called before the first instance of the XSecProvider
class
is constructed through XSecProvider()
!
disable
- true
if tentative class loading should be disabled,
false
otherwisepublic static boolean optionalClassLoading()
true
if tentative class loading is enabled (default).true
if tentative class loading is enabled, or
false
otherwisedisableOptionalClassLoading(boolean)
protected void init()
public static XSecProvider getInstance()
public void undoARCFourBugFix(boolean undo)
XmldsigMore.ENCRYPTION_ARCFOUR
to the actual
Cipher
. To decrypt legacy documents that have been
using XmldsigMore.ENCRYPTION_ARCFOUR
with XSECT versions prior to
1.13 call this method before decrypting.public URIDereferencer getURIDereferencer()
URIDereferencer
public String getProperty(String key, String defaultValue)
getProperty
in class Properties
Properties.getProperty(java.lang.String, java.lang.String)
public String getProperty(String key)
getProperty
in class Provider
Properties.getProperty(java.lang.String)
public static void setClassForNameHook(XSecProvider.ClassForNameHook classForNameHook)
classForNameHook
- XSecProvider.ClassForNameHook
public static Class classForName(String className) throws ClassNotFoundException
Class.forName(java.lang.String)
is performed.className
- XSecProvider.ClassForNameHook
if set or else by
Class.forName(java.lang.String)
.ClassNotFoundException
Class.forName(java.lang.String)
,
setClassForNameHook(ClassForNameHook)
,
XSecProvider.ClassForNameHook
public static void setJDKsXercesXalan()
public static Boolean useJDKsXercesXalan()
setJDKsXercesXalan()
has been
called.Boolean.TRUE
iff setJDKsXercesXalan()
has been
called, Boolean.FALSE
otherwise. In the future this may
return null
to indicate an unkown status.public static void setPreSignHook(XMLSignatureProcessingHook hook)
hook
- The implementation.public static void setPostSignHook(XMLSignatureProcessingHook hook)
hook
- The implementation.public static void setPreVerifyHook(XMLSignatureProcessingHook hook)
hook
- The implementation.public static void setPostVerifyHook(XMLSignatureProcessingHook hook)
hook
- The implementation.public static void setSysPropertyHook(XSecProvider.SysPropertyHook sysPropertyHook)
System.setProperty(java.lang.String, java.lang.String)
and
System.getProperty(java.lang.String, java.lang.String)
.sysPropertyHook
- XSecProvider.SysPropertyHook
public static void setSysProperty(String key, String value)
system properties
by setting a
SYS_PROPERTY_HOOK
. It also extends the semantics for clearing a
system property by providing a null value, to clear the property as in jdk
1.5 System.clearProperty.public static String getPackageName(String pkg)
pkg
- the normal package name© 2002-2005 IAIK, © 2004, 2006 - 2019 Stiftung SIC