public class DOMCryptoContext extends DOMCryptoContext
DOMCryptoContext
.Modifier and Type | Field and Description |
---|---|
static String |
BASE64_LINEBREAK
This property name allows to set a
byte[] as value for
specifying which line break should be used in Base64 encoded values when
marshaling a signature. |
static String |
CACHE_CANON_INPUT_DATA
This property name allows to set a
Set of reference type uris
as value to enable the ReferenceType.getCanonInputData() for matching
references . |
static String |
CACHE_REFERENCE
This property name allows to set a
Boolean.TRUE as value to enable
the Reference.getDereferencedData() and the
Reference.getDigestInputStream() . |
static String |
DEBUG_OS
This property name allows to set an
OutputStream as value
for debug output. |
static String |
EXPAND_ENTITY_REFERENCES
Deprecated.
Experimental, deprecation will be removed in a future version.
|
static String |
FIX_SUBTREE_NODESET |
static String |
HMAC_MINIMUM_HALF_LENGTH
Signatures MUST be deemed invalid if the truncation length is below half
the underlying hash algorithm's output length, or 80 bits, whichever of
these two values is greater.
|
static String |
HMAC_MINIMUM_OUTPUT_LENGTH
Signatures MUST be deemed invalid if the truncation length is below half
the underlying hash algorithm's output length, or 80 bits, whichever of
these two values is greater.
|
static String |
HMAC_MINIMUM_OUTPUT_THROW_EX_ON_VERIFY
This parameter causes an Exception to be thrown if set to
Boolean.TRUE and the the checks for
HMAC_MINIMUM_HALF_LENGTH , HMAC_MINIMUM_OUTPUT_LENGTH or
HMAC_OUTPUT_LENGTH_MOD8 are not satisfied. |
static String |
HMAC_OUTPUT_LENGTH_ALLOW_FLOORED_MOD8
It is possible that the HMACOutputLength is 1 to 7 bits longer than the
value of the signature to be verified due to a bug in legacy applications
where floor(HMACOutputLength/8) had been used.
|
static String |
HMAC_OUTPUT_LENGTH_MOD8
XMLDSIG 1.1
REQUIRES
HMACOutputLength to be divisible by 8. |
static String |
IGNORING_ELEMENT_CONTENT_WHITESPACE
Deprecated.
Experimental, deprecation will be removed in a future version.
|
static String |
KEYINFO_TRIM_NAMES |
static String |
MAX_NUM_OF_TRANSFORMS
Allows to limit the maximum Number of
Transforms allowed as children of
Transforms by setting this property
by an Integer . |
static String |
NODESETDATA_2_OCTETSTREAMDATA |
static String |
SIGN_OVER
Deprecated.
Experimental, deprecation will be removed in a future version.
|
static String |
SYSTEM_PROPERTY_DEBUG_OS
This system property allows to set "System.err" or "System.out" as value
for debug output.
|
static String |
SYSTEM_PROPERTY_FIX_SUBTREE_NODESET |
static String |
XERCES_SECURITY_MANAGER
This property can be used for setting a XERCES security-manager for the parser.
|
static String |
XPATH_EVALUATOR
The Property "iaik.xml.filter.impl.dsig.XPathEvaluator" can be set to
"iaik.xml.filter.impl.dsig.XPathEvaluatorOld" or
"iaik.xml.filter.impl.dsig.XPathApiXPathEvaluator".
|
Modifier | Constructor and Description |
---|---|
|
DOMCryptoContext()
Creates a new instance of this
DOMCryptoContext . |
protected |
DOMCryptoContext(boolean initialize)
Creates a new instance of this
DOMCryptoContext . |
Modifier and Type | Method and Description |
---|---|
Object |
get(Object key)
This implementation uses an internal
HashMap to get the object that
the specified key maps to. |
Element |
getElementById(String idValue)
Returns the
Element with the specified ID attribute value. |
Object |
put(Object key,
Object value)
This implementation uses an internal
HashMap to map the key to the
specified object. |
protected void |
setDefaultProperties()
This allows to set all defaults.
|
static void |
setDefaultsIfNotSet(XMLCryptoContext cryptoContext) |
Object |
setProperty(String name,
Object value)
This implementation uses an internal
HashMap to map the name to the
specified object. |
getBaseURI, getDefaultNamespacePrefix, getKeySelector, getNamespacePrefix, getProperty, getURIDereferencer, iterator, putNamespacePrefix, setBaseURI, setDefaultNamespacePrefix, setIdAttributeNS, setKeySelector, setURIDereferencer
public static final String DEBUG_OS
OutputStream
as value
for debug output.public static final String SYSTEM_PROPERTY_DEBUG_OS
public static final String BASE64_LINEBREAK
byte[]
as value for
specifying which line break should be used in Base64 encoded values when
marshaling a signature.public static final String SIGN_OVER
public static final String CACHE_REFERENCE
Boolean.TRUE
as value to enable
the Reference.getDereferencedData()
and the
Reference.getDigestInputStream()
.public static final String CACHE_CANON_INPUT_DATA
Set
of reference type uris
as value to enable the ReferenceType.getCanonInputData()
for matching
references
. An empty set matches all references
.
references
pointing to a Manifest:
Set cachedReferenceTypeURIs = new HashSet(1); cachedReferenceTypeURIs.add("http://www.w3.org/2000/09/xmldsig#Manifest"); validateContext.setProperty(DOMCryptoContext.CACHE_CANON_INPUT_DATA, cachedReferenceTypeURIs);
references
:
validateContext.setProperty(DOMCryptoContext.CACHE_CANON_INPUT_DATA, Collections.EMPTY_SET);
references
having no
type
uri:
Set cachedReferenceTypeURIs = new HashSet(1); cachedReferenceTypeURIs.add(null); validateContext.setProperty(DOMCryptoContext.CACHE_CANON_INPUT_DATA, cachedReferenceTypeURIs);
public static final String FIX_SUBTREE_NODESET
public static final String SYSTEM_PROPERTY_FIX_SUBTREE_NODESET
public static final String MAX_NUM_OF_TRANSFORMS
Transforms
allowed as children of
Transforms
by setting this property
by an Integer
.public static final String EXPAND_ENTITY_REFERENCES
public static final String XERCES_SECURITY_MANAGER
public static final String IGNORING_ELEMENT_CONTENT_WHITESPACE
public static final String NODESETDATA_2_OCTETSTREAMDATA
NodeSetData2OctetStreamDataExpatiator
public static final String XPATH_EVALUATOR
public static final String HMAC_MINIMUM_OUTPUT_LENGTH
Integer
. SignatureMethod.HMAC_SHA1
,
XmldsigMore.SIGNATURE_HMAC_RIPEMD160
) because
shorter HMACS suffer a lower birthday bound.public static final String HMAC_MINIMUM_HALF_LENGTH
Boolean
. HMAC_MINIMUM_OUTPUT_LENGTH
is checked.public static final String HMAC_OUTPUT_LENGTH_MOD8
HMACOutputLength
to be divisible by 8. For legacy applications this may
have to be set to Boolean.FALSE
. Boolean.TRUE
. public static final String HMAC_OUTPUT_LENGTH_ALLOW_FLOORED_MOD8
Boolean.TRUE
, iff this applies to the Signature to be verified and
HMAC_OUTPUT_LENGTH_MOD8
is set to Boolean.FALSE
.
HMAC_MINIMUM_HALF_LENGTH
and HMAC_MINIMUM_OUTPUT_LENGTH
are still enforced. Boolean.FALSE
. public static final String HMAC_MINIMUM_OUTPUT_THROW_EX_ON_VERIFY
Boolean.TRUE
and the the checks for
HMAC_MINIMUM_HALF_LENGTH
, HMAC_MINIMUM_OUTPUT_LENGTH
or
HMAC_OUTPUT_LENGTH_MOD8
are not satisfied. Otherwise HMAC
signature verification simply returns false.public static final String KEYINFO_TRIM_NAMES
public DOMCryptoContext()
DOMCryptoContext
.protected DOMCryptoContext(boolean initialize)
DOMCryptoContext
.public static void setDefaultsIfNotSet(XMLCryptoContext cryptoContext)
cryptoContext
- protected void setDefaultProperties()
public Object get(Object key)
javax.xml.crypto.dom.DOMCryptoContext
HashMap
to get the object that
the specified key maps to.get
in interface XMLCryptoContext
get
in class DOMCryptoContext
key
- the key whose associated value is to be returnednull
if there is no mapping for the keyDOMCryptoContext.get(java.lang.Object)
public Element getElementById(String idValue)
javax.xml.crypto.dom.DOMCryptoContext
Element
with the specified ID attribute value.
This implementation uses an internal HashMap
to get the element
that the specified attribute value maps to.
getElementById
in class DOMCryptoContext
Element
with the specified ID attribute value, or
null
if none.DOMCryptoContext.getElementById(java.lang.String)
public Object put(Object key, Object value)
javax.xml.crypto.dom.DOMCryptoContext
HashMap
to map the key to the
specified object.put
in interface XMLCryptoContext
put
in class DOMCryptoContext
key
- key with which the specified value is to be associated withvalue
- value to be associated with the specified keynull
if
there was no mapping for the keyDOMCryptoContext.put(java.lang.Object,
java.lang.Object)
public Object setProperty(String name, Object value)
javax.xml.crypto.dom.DOMCryptoContext
HashMap
to map the name to the
specified object.setProperty
in interface XMLCryptoContext
setProperty
in class DOMCryptoContext
name
- the name of the propertyvalue
- the value of the property to be setnull
if it did not have a value© 2002-2005 IAIK, © 2004, 2006 - 2019 Stiftung SIC