Modified: webservices/website/wss4j/xref/org/apache/wss4j/common/ConfigurationConstants.html URL: http://svn.apache.org/viewvc/webservices/website/wss4j/xref/org/apache/wss4j/common/ConfigurationConstants.html?rev=1921891&r1=1921890&r2=1921891&view=diff ============================================================================== --- webservices/website/wss4j/xref/org/apache/wss4j/common/ConfigurationConstants.html (original) +++ webservices/website/wss4j/xref/org/apache/wss4j/common/ConfigurationConstants.html Thu Nov 14 16:06:47 2024 @@ -746,221 +746,274 @@ <a class="jxr_linenumber" name="L738" href="#L738">738</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_KEY_TRANSPORT = <span class="jxr_string">"encryptionKeyTransportAlgorithm"</span>; <a class="jxr_linenumber" name="L739" href="#L739">739</a> <a class="jxr_linenumber" name="L740" href="#L740">740</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L741" href="#L741">741</a> <em class="jxr_javadoccomment"> * Parameter to define which parts of the request shall be encrypted.</em> -<a class="jxr_linenumber" name="L742" href="#L742">742</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L743" href="#L743">743</a> <em class="jxr_javadoccomment"> * The value of this parameter is a list of semi-colon separated</em> -<a class="jxr_linenumber" name="L744" href="#L744">744</a> <em class="jxr_javadoccomment"> * element names that identify the elements to encrypt. An encryption mode</em> -<a class="jxr_linenumber" name="L745" href="#L745">745</a> <em class="jxr_javadoccomment"> * specifier and a namespace identification, each inside a pair of curly</em> -<a class="jxr_linenumber" name="L746" href="#L746">746</a> <em class="jxr_javadoccomment"> * brackets, may preceed each element name.</em> -<a class="jxr_linenumber" name="L747" href="#L747">747</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L748" href="#L748">748</a> <em class="jxr_javadoccomment"> * The encryption mode specifier is either <code>{Content}</code> or</em> -<a class="jxr_linenumber" name="L749" href="#L749">749</a> <em class="jxr_javadoccomment"> * <code>{Element}</code>. Please refer to the W3C XML Encryption</em> -<a class="jxr_linenumber" name="L750" href="#L750">750</a> <em class="jxr_javadoccomment"> * specification about the differences between Element and Content</em> -<a class="jxr_linenumber" name="L751" href="#L751">751</a> <em class="jxr_javadoccomment"> * encryption. The encryption mode defaults to <code>Content</code></em> -<a class="jxr_linenumber" name="L752" href="#L752">752</a> <em class="jxr_javadoccomment"> * if it is omitted. Example of a list:</em> -<a class="jxr_linenumber" name="L753" href="#L753">753</a> <em class="jxr_javadoccomment"> * <pre></em> -<a class="jxr_linenumber" name="L754" href="#L754">754</a> <em class="jxr_javadoccomment"> * &lt;parameter name="encryptionParts"</em> -<a class="jxr_linenumber" name="L755" href="#L755">755</a> <em class="jxr_javadoccomment"> * value="{Content}{<a href="http://example.org/paymentv2"; target="alexandria_uri">http://example.org/paymentv2</a>}CreditCard;</em> -<a class="jxr_linenumber" name="L756" href="#L756">756</a> <em class="jxr_javadoccomment"> * {Element}{}UserName" /></em> -<a class="jxr_linenumber" name="L757" href="#L757">757</a> <em class="jxr_javadoccomment"> * </pre></em> -<a class="jxr_linenumber" name="L758" href="#L758">758</a> <em class="jxr_javadoccomment"> * The the first entry of the list identifies the element</em> -<a class="jxr_linenumber" name="L759" href="#L759">759</a> <em class="jxr_javadoccomment"> * <code>CreditCard</code> in the namespace</em> -<a class="jxr_linenumber" name="L760" href="#L760">760</a> <em class="jxr_javadoccomment"> * <code><a href="http://example.org/paymentv2</code>,"; target="alexandria_uri">http://example.org/paymentv2</code>,</a> and will encrypt its content.</em> -<a class="jxr_linenumber" name="L761" href="#L761">761</a> <em class="jxr_javadoccomment"> * Be aware that the element name, the namespace identifier, and the</em> -<a class="jxr_linenumber" name="L762" href="#L762">762</a> <em class="jxr_javadoccomment"> * encryption modifier are case sensitive.</em> -<a class="jxr_linenumber" name="L763" href="#L763">763</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L764" href="#L764">764</a> <em class="jxr_javadoccomment"> * The encryption modifier and the namespace identifier can be ommited.</em> -<a class="jxr_linenumber" name="L765" href="#L765">765</a> <em class="jxr_javadoccomment"> * In this case the encryption mode defaults to <code>Content</code> and</em> -<a class="jxr_linenumber" name="L766" href="#L766">766</a> <em class="jxr_javadoccomment"> * the namespace is set to the SOAP namespace.</em> -<a class="jxr_linenumber" name="L767" href="#L767">767</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L768" href="#L768">768</a> <em class="jxr_javadoccomment"> * An empty encryption mode defaults to <code>Content</code>, an empty</em> -<a class="jxr_linenumber" name="L769" href="#L769">769</a> <em class="jxr_javadoccomment"> * namespace identifier defaults to the SOAP namespace.</em> -<a class="jxr_linenumber" name="L770" href="#L770">770</a> <em class="jxr_javadoccomment"> * The second line of the example defines <code>Element</code> as</em> -<a class="jxr_linenumber" name="L771" href="#L771">771</a> <em class="jxr_javadoccomment"> * encryption mode for an <code>UserName</code> element in the SOAP</em> -<a class="jxr_linenumber" name="L772" href="#L772">772</a> <em class="jxr_javadoccomment"> * namespace.</em> -<a class="jxr_linenumber" name="L773" href="#L773">773</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L774" href="#L774">774</a> <em class="jxr_javadoccomment"> * Note that the special value "{}cid:Attachments;" means that all of the message</em> -<a class="jxr_linenumber" name="L775" href="#L775">775</a> <em class="jxr_javadoccomment"> * attachments should be encrypted.</em> -<a class="jxr_linenumber" name="L776" href="#L776">776</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L777" href="#L777">777</a> <em class="jxr_javadoccomment"> * To specify an element without a namespace use the string</em> -<a class="jxr_linenumber" name="L778" href="#L778">778</a> <em class="jxr_javadoccomment"> * <code>Null</code> as the namespace name (this is a case sensitive</em> -<a class="jxr_linenumber" name="L779" href="#L779">779</a> <em class="jxr_javadoccomment"> * string)</em> -<a class="jxr_linenumber" name="L780" href="#L780">780</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L781" href="#L781">781</a> <em class="jxr_javadoccomment"> * If no list is specified, the handler encrypts the SOAP Body in</em> -<a class="jxr_linenumber" name="L782" href="#L782">782</a> <em class="jxr_javadoccomment"> * <code>Content</code> mode by default.</em> -<a class="jxr_linenumber" name="L783" href="#L783">783</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L784" href="#L784">784</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENCRYPTION_PARTS = <span class="jxr_string">"encryptionParts"</span>; -<a class="jxr_linenumber" name="L785" href="#L785">785</a> -<a class="jxr_linenumber" name="L786" href="#L786">786</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L787" href="#L787">787</a> <em class="jxr_javadoccomment"> * Parameter to define which parts of the request shall be encrypted, if they</em> -<a class="jxr_linenumber" name="L788" href="#L788">788</a> <em class="jxr_javadoccomment"> * exist in the request. If they do not, then no error is thrown. This contrasts</em> -<a class="jxr_linenumber" name="L789" href="#L789">789</a> <em class="jxr_javadoccomment"> * with the ENCRYPTION_PARTS Identifier, which specifies elements that must be</em> -<a class="jxr_linenumber" name="L790" href="#L790">790</a> <em class="jxr_javadoccomment"> * encrypted in the request.</em> -<a class="jxr_linenumber" name="L791" href="#L791">791</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L792" href="#L792">792</a> <em class="jxr_javadoccomment"> * Refer to {@link #ENCRYPTION_PARTS} for a detailed description of</em> -<a class="jxr_linenumber" name="L793" href="#L793">793</a> <em class="jxr_javadoccomment"> * the format of the value string.</em> -<a class="jxr_linenumber" name="L794" href="#L794">794</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L795" href="#L795">795</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L796" href="#L796">796</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String OPTIONAL_ENCRYPTION_PARTS = <span class="jxr_string">"optionalEncryptionParts"</span>; -<a class="jxr_linenumber" name="L797" href="#L797">797</a> -<a class="jxr_linenumber" name="L798" href="#L798">798</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L799" href="#L799">799</a> <em class="jxr_javadoccomment"> * Defines which encryption digest algorithm to use with the RSA OAEP Key Transport</em> -<a class="jxr_linenumber" name="L800" href="#L800">800</a> <em class="jxr_javadoccomment"> * algorithm for encryption. The default is SHA-1.</em> -<a class="jxr_linenumber" name="L801" href="#L801">801</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L802" href="#L802">802</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em> -<a class="jxr_linenumber" name="L803" href="#L803">803</a> <em class="jxr_javadoccomment"> * <pre></em> -<a class="jxr_linenumber" name="L804" href="#L804">804</a> <em class="jxr_javadoccomment"> * call.setProperty(</em> -<a class="jxr_linenumber" name="L805" href="#L805">805</a> <em class="jxr_javadoccomment"> * ConfigurationConstants.ENC_DIGEST_ALGO, "<a href="http://www.w3.org/2001/04/xmlenc"; target="alexandria_uri">http://www.w3.org/2001/04/xmlenc</a>#sha256"</em> -<a class="jxr_linenumber" name="L806" href="#L806">806</a> <em class="jxr_javadoccomment"> * );</em> -<a class="jxr_linenumber" name="L807" href="#L807">807</a> <em class="jxr_javadoccomment"> * </pre></em> -<a class="jxr_linenumber" name="L808" href="#L808">808</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L809" href="#L809">809</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_DIGEST_ALGO = <span class="jxr_string">"encryptionDigestAlgorithm"</span>; -<a class="jxr_linenumber" name="L810" href="#L810">810</a> -<a class="jxr_linenumber" name="L811" href="#L811">811</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L812" href="#L812">812</a> <em class="jxr_javadoccomment"> * Defines which encryption mgf algorithm to use with the RSA OAEP Key Transport</em> -<a class="jxr_linenumber" name="L813" href="#L813">813</a> <em class="jxr_javadoccomment"> * algorithm for encryption. The default is mgfsha1.</em> -<a class="jxr_linenumber" name="L814" href="#L814">814</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L815" href="#L815">815</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em> -<a class="jxr_linenumber" name="L816" href="#L816">816</a> <em class="jxr_javadoccomment"> * <pre></em> -<a class="jxr_linenumber" name="L817" href="#L817">817</a> <em class="jxr_javadoccomment"> * call.setProperty(</em> -<a class="jxr_linenumber" name="L818" href="#L818">818</a> <em class="jxr_javadoccomment"> * ConfigurationConstants.ENC_MGF_ALGO, "<a href="http://www.w3.org/2009/xmlenc11"; target="alexandria_uri">http://www.w3.org/2009/xmlenc11</a>#mgf1sha256"</em> -<a class="jxr_linenumber" name="L819" href="#L819">819</a> <em class="jxr_javadoccomment"> * );</em> -<a class="jxr_linenumber" name="L820" href="#L820">820</a> <em class="jxr_javadoccomment"> * </pre></em> -<a class="jxr_linenumber" name="L821" href="#L821">821</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L822" href="#L822">822</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_MGF_ALGO = <span class="jxr_string">"encryptionMGFAlgorithm"</span>; -<a class="jxr_linenumber" name="L823" href="#L823">823</a> -<a class="jxr_linenumber" name="L824" href="#L824">824</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L825" href="#L825">825</a> <em class="jxr_javadoccomment"> * Time-To-Live is the time difference between creation and expiry time in</em> -<a class="jxr_linenumber" name="L826" href="#L826">826</a> <em class="jxr_javadoccomment"> * seconds of the UsernameToken Created value. After this time the SOAP request</em> -<a class="jxr_linenumber" name="L827" href="#L827">827</a> <em class="jxr_javadoccomment"> * is invalid (at least the security data shall be treated this way).</em> -<a class="jxr_linenumber" name="L828" href="#L828">828</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L829" href="#L829">829</a> <em class="jxr_javadoccomment"> * If this parameter is not defined, contains a value less or equal</em> -<a class="jxr_linenumber" name="L830" href="#L830">830</a> <em class="jxr_javadoccomment"> * zero, or an illegal format the handlers use a default TTL of</em> -<a class="jxr_linenumber" name="L831" href="#L831">831</a> <em class="jxr_javadoccomment"> * 300 seconds (5 minutes).</em> -<a class="jxr_linenumber" name="L832" href="#L832">832</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L833" href="#L833">833</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TTL_USERNAMETOKEN = <span class="jxr_string">"utTimeToLive"</span>; -<a class="jxr_linenumber" name="L834" href="#L834">834</a> -<a class="jxr_linenumber" name="L835" href="#L835">835</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L836" href="#L836">836</a> <em class="jxr_javadoccomment"> * This configuration tag specifies the time in seconds in the future within which</em> -<a class="jxr_linenumber" name="L837" href="#L837">837</a> <em class="jxr_javadoccomment"> * the Created time of an incoming UsernameToken is valid. The default value is "60",</em> -<a class="jxr_linenumber" name="L838" href="#L838">838</a> <em class="jxr_javadoccomment"> * to avoid problems where clocks are slightly askew. To reject all future-created</em> -<a class="jxr_linenumber" name="L839" href="#L839">839</a> <em class="jxr_javadoccomment"> * UsernameTokens, set this value to "0".</em> -<a class="jxr_linenumber" name="L840" href="#L840">840</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L841" href="#L841">841</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TTL_FUTURE_USERNAMETOKEN = <span class="jxr_string">"utFutureTimeToLive"</span>; -<a class="jxr_linenumber" name="L842" href="#L842">842</a> -<a class="jxr_linenumber" name="L843" href="#L843">843</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L844" href="#L844">844</a> <em class="jxr_javadoccomment"> * This configuration tag is a String (separated by the value specified for SIG_CERT_CONSTRAINTS_SEPARATOR)</em> -<a class="jxr_linenumber" name="L845" href="#L845">845</a> <em class="jxr_javadoccomment"> * of regular expressions which will be applied to the subject DN of the certificate used for signature</em> -<a class="jxr_linenumber" name="L846" href="#L846">846</a> <em class="jxr_javadoccomment"> * validation, after trust verification of the certificate chain associated with the</em> -<a class="jxr_linenumber" name="L847" href="#L847">847</a> <em class="jxr_javadoccomment"> * certificate.</em> +<a class="jxr_linenumber" name="L741" href="#L741">741</a> <em class="jxr_javadoccomment"> * Defines the Agreement method algorithm to derive encryption key.</em> +<a class="jxr_linenumber" name="L742" href="#L742">742</a> <em class="jxr_javadoccomment"> * The default algorithm is:</em> +<a class="jxr_linenumber" name="L743" href="#L743">743</a> <em class="jxr_javadoccomment"> * "<a href="http://www.w3.org/2009/xmlenc11"; target="alexandria_uri">http://www.w3.org/2009/xmlenc11</a>#ECDH-ES"</em> +<a class="jxr_linenumber" name="L744" href="#L744">744</a> <em class="jxr_javadoccomment"> *</em> +<a class="jxr_linenumber" name="L745" href="#L745">745</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L746" href="#L746">746</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em> +<a class="jxr_linenumber" name="L747" href="#L747">747</a> <em class="jxr_javadoccomment"> * <pre></em> +<a class="jxr_linenumber" name="L748" href="#L748">748</a> <em class="jxr_javadoccomment"> * call.setProperty(ConfigurationConstants.ENC_KEY_AGREEMENT_METHOD,</em> +<a class="jxr_linenumber" name="L749" href="#L749">749</a> <em class="jxr_javadoccomment"> * WSConstants.AGREEMENT_METHOD_ECDH_ES);</em> +<a class="jxr_linenumber" name="L750" href="#L750">750</a> <em class="jxr_javadoccomment"> * </pre></em> +<a class="jxr_linenumber" name="L751" href="#L751">751</a> <em class="jxr_javadoccomment"> *</em> +<a class="jxr_linenumber" name="L752" href="#L752">752</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L753" href="#L753">753</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_KEY_AGREEMENT_METHOD = <span class="jxr_string">"encryptionKeyAgreementMethod"</span>; +<a class="jxr_linenumber" name="L754" href="#L754">754</a> +<a class="jxr_linenumber" name="L755" href="#L755">755</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L756" href="#L756">756</a> <em class="jxr_javadoccomment"> * Defines the Key Derivation algorithm to derive encryption key used with the keyAgreement method.</em> +<a class="jxr_linenumber" name="L757" href="#L757">757</a> <em class="jxr_javadoccomment"> * The default algorithm is:</em> +<a class="jxr_linenumber" name="L758" href="#L758">758</a> <em class="jxr_javadoccomment"> * "<a href="http://www.w3.org/2021/04/xmldsig-more"; target="alexandria_uri">http://www.w3.org/2021/04/xmldsig-more</a>#hkdf"</em> +<a class="jxr_linenumber" name="L759" href="#L759">759</a> <em class="jxr_javadoccomment"> *</em> +<a class="jxr_linenumber" name="L760" href="#L760">760</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L761" href="#L761">761</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em> +<a class="jxr_linenumber" name="L762" href="#L762">762</a> <em class="jxr_javadoccomment"> * <pre></em> +<a class="jxr_linenumber" name="L763" href="#L763">763</a> <em class="jxr_javadoccomment"> * call.setProperty(ConfigurationConstants.ENC_KEY_DERIVATION_FUNCTION,</em> +<a class="jxr_linenumber" name="L764" href="#L764">764</a> <em class="jxr_javadoccomment"> * WSConstants.KEYDERIVATION_HKDF);</em> +<a class="jxr_linenumber" name="L765" href="#L765">765</a> <em class="jxr_javadoccomment"> * </pre></em> +<a class="jxr_linenumber" name="L766" href="#L766">766</a> <em class="jxr_javadoccomment"> *</em> +<a class="jxr_linenumber" name="L767" href="#L767">767</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L768" href="#L768">768</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_KEY_DERIVATION_FUNCTION = <span class="jxr_string">"encryptionKeyDerivationFunction"</span>; +<a class="jxr_linenumber" name="L769" href="#L769">769</a> +<a class="jxr_linenumber" name="L770" href="#L770">770</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L771" href="#L771">771</a> <em class="jxr_javadoccomment"> * Defines the Key Derivation parameters to derive encryption key used with the keyAgreement method. In case the</em> +<a class="jxr_linenumber" name="L772" href="#L772">772</a> <em class="jxr_javadoccomment"> * property value is set, it supersedes the ENC_KEY_DERIVATION_FUNCTION value.</em> +<a class="jxr_linenumber" name="L773" href="#L773">773</a> <em class="jxr_javadoccomment"> * The value for the property must implement the <code>org.apache.xml.security.encryption.params.KeyDerivationParameters</code></em> +<a class="jxr_linenumber" name="L774" href="#L774">774</a> <em class="jxr_javadoccomment"> * interface. Currently, only <code>org.apache.xml.security.encryption.params.HKDFParams</code> and</em> +<a class="jxr_linenumber" name="L775" href="#L775">775</a> <em class="jxr_javadoccomment"> * <code>org.apache.xml.security.encryption.params.ConcatKDFParams</code> are available.</em> +<a class="jxr_linenumber" name="L776" href="#L776">776</a> <em class="jxr_javadoccomment"> *</em> +<a class="jxr_linenumber" name="L777" href="#L777">777</a> <em class="jxr_javadoccomment"> *</em> +<a class="jxr_linenumber" name="L778" href="#L778">778</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em> +<a class="jxr_linenumber" name="L779" href="#L779">779</a> <em class="jxr_javadoccomment"> * <pre></em> +<a class="jxr_linenumber" name="L780" href="#L780">780</a> <em class="jxr_javadoccomment"> * KeyDerivationParameters kdfParams = new ConcatKDFParams(keyBitLen, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256);</em> +<a class="jxr_linenumber" name="L781" href="#L781">781</a> <em class="jxr_javadoccomment"> * kdfParams.setAlgorithmId("00363532534541");</em> +<a class="jxr_linenumber" name="L782" href="#L782">782</a> <em class="jxr_javadoccomment"> * kdfParams.setPartyUInfo("00DFC9DB773C588F8F");</em> +<a class="jxr_linenumber" name="L783" href="#L783">783</a> <em class="jxr_javadoccomment"> * kdfParams.setPartyVInfo("00DFDA76F7AB09B7C9");</em> +<a class="jxr_linenumber" name="L784" href="#L784">784</a> <em class="jxr_javadoccomment"> * kdfParams.setSuppPubInfo(null);</em> +<a class="jxr_linenumber" name="L785" href="#L785">785</a> <em class="jxr_javadoccomment"> * kdfParams.setSuppPrivInfo(null);</em> +<a class="jxr_linenumber" name="L786" href="#L786">786</a> <em class="jxr_javadoccomment"> *</em> +<a class="jxr_linenumber" name="L787" href="#L787">787</a> <em class="jxr_javadoccomment"> * call.set(ConfigurationConstants.ENC_KEY_DERIVATION_PARAMS,kdfParams);</em> +<a class="jxr_linenumber" name="L788" href="#L788">788</a> <em class="jxr_javadoccomment"> * </pre></em> +<a class="jxr_linenumber" name="L789" href="#L789">789</a> <em class="jxr_javadoccomment"> *</em> +<a class="jxr_linenumber" name="L790" href="#L790">790</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L791" href="#L791">791</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_KEY_DERIVATION_PARAMS = <span class="jxr_string">"encryptionKeyDerivationParams"</span>; +<a class="jxr_linenumber" name="L792" href="#L792">792</a> +<a class="jxr_linenumber" name="L793" href="#L793">793</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L794" href="#L794">794</a> <em class="jxr_javadoccomment"> * Parameter to define which parts of the request shall be encrypted.</em> +<a class="jxr_linenumber" name="L795" href="#L795">795</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L796" href="#L796">796</a> <em class="jxr_javadoccomment"> * The value of this parameter is a list of semi-colon separated</em> +<a class="jxr_linenumber" name="L797" href="#L797">797</a> <em class="jxr_javadoccomment"> * element names that identify the elements to encrypt. An encryption mode</em> +<a class="jxr_linenumber" name="L798" href="#L798">798</a> <em class="jxr_javadoccomment"> * specifier and a namespace identification, each inside a pair of curly</em> +<a class="jxr_linenumber" name="L799" href="#L799">799</a> <em class="jxr_javadoccomment"> * brackets, may preceed each element name.</em> +<a class="jxr_linenumber" name="L800" href="#L800">800</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L801" href="#L801">801</a> <em class="jxr_javadoccomment"> * The encryption mode specifier is either <code>{Content}</code> or</em> +<a class="jxr_linenumber" name="L802" href="#L802">802</a> <em class="jxr_javadoccomment"> * <code>{Element}</code>. Please refer to the W3C XML Encryption</em> +<a class="jxr_linenumber" name="L803" href="#L803">803</a> <em class="jxr_javadoccomment"> * specification about the differences between Element and Content</em> +<a class="jxr_linenumber" name="L804" href="#L804">804</a> <em class="jxr_javadoccomment"> * encryption. The encryption mode defaults to <code>Content</code></em> +<a class="jxr_linenumber" name="L805" href="#L805">805</a> <em class="jxr_javadoccomment"> * if it is omitted. Example of a list:</em> +<a class="jxr_linenumber" name="L806" href="#L806">806</a> <em class="jxr_javadoccomment"> * <pre></em> +<a class="jxr_linenumber" name="L807" href="#L807">807</a> <em class="jxr_javadoccomment"> * &lt;parameter name="encryptionParts"</em> +<a class="jxr_linenumber" name="L808" href="#L808">808</a> <em class="jxr_javadoccomment"> * value="{Content}{<a href="http://example.org/paymentv2"; target="alexandria_uri">http://example.org/paymentv2</a>}CreditCard;</em> +<a class="jxr_linenumber" name="L809" href="#L809">809</a> <em class="jxr_javadoccomment"> * {Element}{}UserName" /></em> +<a class="jxr_linenumber" name="L810" href="#L810">810</a> <em class="jxr_javadoccomment"> * </pre></em> +<a class="jxr_linenumber" name="L811" href="#L811">811</a> <em class="jxr_javadoccomment"> * The the first entry of the list identifies the element</em> +<a class="jxr_linenumber" name="L812" href="#L812">812</a> <em class="jxr_javadoccomment"> * <code>CreditCard</code> in the namespace</em> +<a class="jxr_linenumber" name="L813" href="#L813">813</a> <em class="jxr_javadoccomment"> * <code><a href="http://example.org/paymentv2</code>,"; target="alexandria_uri">http://example.org/paymentv2</code>,</a> and will encrypt its content.</em> +<a class="jxr_linenumber" name="L814" href="#L814">814</a> <em class="jxr_javadoccomment"> * Be aware that the element name, the namespace identifier, and the</em> +<a class="jxr_linenumber" name="L815" href="#L815">815</a> <em class="jxr_javadoccomment"> * encryption modifier are case sensitive.</em> +<a class="jxr_linenumber" name="L816" href="#L816">816</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L817" href="#L817">817</a> <em class="jxr_javadoccomment"> * The encryption modifier and the namespace identifier can be ommited.</em> +<a class="jxr_linenumber" name="L818" href="#L818">818</a> <em class="jxr_javadoccomment"> * In this case the encryption mode defaults to <code>Content</code> and</em> +<a class="jxr_linenumber" name="L819" href="#L819">819</a> <em class="jxr_javadoccomment"> * the namespace is set to the SOAP namespace.</em> +<a class="jxr_linenumber" name="L820" href="#L820">820</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L821" href="#L821">821</a> <em class="jxr_javadoccomment"> * An empty encryption mode defaults to <code>Content</code>, an empty</em> +<a class="jxr_linenumber" name="L822" href="#L822">822</a> <em class="jxr_javadoccomment"> * namespace identifier defaults to the SOAP namespace.</em> +<a class="jxr_linenumber" name="L823" href="#L823">823</a> <em class="jxr_javadoccomment"> * The second line of the example defines <code>Element</code> as</em> +<a class="jxr_linenumber" name="L824" href="#L824">824</a> <em class="jxr_javadoccomment"> * encryption mode for an <code>UserName</code> element in the SOAP</em> +<a class="jxr_linenumber" name="L825" href="#L825">825</a> <em class="jxr_javadoccomment"> * namespace.</em> +<a class="jxr_linenumber" name="L826" href="#L826">826</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L827" href="#L827">827</a> <em class="jxr_javadoccomment"> * Note that the special value "{}cid:Attachments;" means that all of the message</em> +<a class="jxr_linenumber" name="L828" href="#L828">828</a> <em class="jxr_javadoccomment"> * attachments should be encrypted.</em> +<a class="jxr_linenumber" name="L829" href="#L829">829</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L830" href="#L830">830</a> <em class="jxr_javadoccomment"> * To specify an element without a namespace use the string</em> +<a class="jxr_linenumber" name="L831" href="#L831">831</a> <em class="jxr_javadoccomment"> * <code>Null</code> as the namespace name (this is a case sensitive</em> +<a class="jxr_linenumber" name="L832" href="#L832">832</a> <em class="jxr_javadoccomment"> * string)</em> +<a class="jxr_linenumber" name="L833" href="#L833">833</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L834" href="#L834">834</a> <em class="jxr_javadoccomment"> * If no list is specified, the handler encrypts the SOAP Body in</em> +<a class="jxr_linenumber" name="L835" href="#L835">835</a> <em class="jxr_javadoccomment"> * <code>Content</code> mode by default.</em> +<a class="jxr_linenumber" name="L836" href="#L836">836</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L837" href="#L837">837</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENCRYPTION_PARTS = <span class="jxr_string">"encryptionParts"</span>; +<a class="jxr_linenumber" name="L838" href="#L838">838</a> +<a class="jxr_linenumber" name="L839" href="#L839">839</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L840" href="#L840">840</a> <em class="jxr_javadoccomment"> * Parameter to define which parts of the request shall be encrypted, if they</em> +<a class="jxr_linenumber" name="L841" href="#L841">841</a> <em class="jxr_javadoccomment"> * exist in the request. If they do not, then no error is thrown. This contrasts</em> +<a class="jxr_linenumber" name="L842" href="#L842">842</a> <em class="jxr_javadoccomment"> * with the ENCRYPTION_PARTS Identifier, which specifies elements that must be</em> +<a class="jxr_linenumber" name="L843" href="#L843">843</a> <em class="jxr_javadoccomment"> * encrypted in the request.</em> +<a class="jxr_linenumber" name="L844" href="#L844">844</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L845" href="#L845">845</a> <em class="jxr_javadoccomment"> * Refer to {@link #ENCRYPTION_PARTS} for a detailed description of</em> +<a class="jxr_linenumber" name="L846" href="#L846">846</a> <em class="jxr_javadoccomment"> * the format of the value string.</em> +<a class="jxr_linenumber" name="L847" href="#L847">847</a> <em class="jxr_javadoccomment"> * <p/></em> <a class="jxr_linenumber" name="L848" href="#L848">848</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L849" href="#L849">849</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_SUBJECT_CERT_CONSTRAINTS = <span class="jxr_string">"sigSubjectCertConstraints"</span>; +<a class="jxr_linenumber" name="L849" href="#L849">849</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String OPTIONAL_ENCRYPTION_PARTS = <span class="jxr_string">"optionalEncryptionParts"</span>; <a class="jxr_linenumber" name="L850" href="#L850">850</a> <a class="jxr_linenumber" name="L851" href="#L851">851</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L852" href="#L852">852</a> <em class="jxr_javadoccomment"> * This configuration tag is a String (separated by the value specified for SIG_CERT_CONSTRAINTS_SEPARATOR)</em> -<a class="jxr_linenumber" name="L853" href="#L853">853</a> <em class="jxr_javadoccomment"> * of regular expressions which will be applied to the issuer DN of the certificate used for signature</em> -<a class="jxr_linenumber" name="L854" href="#L854">854</a> <em class="jxr_javadoccomment"> * validation, after trust verification of the certificate chain associated with the</em> -<a class="jxr_linenumber" name="L855" href="#L855">855</a> <em class="jxr_javadoccomment"> * certificate.</em> -<a class="jxr_linenumber" name="L856" href="#L856">856</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L857" href="#L857">857</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_ISSUER_CERT_CONSTRAINTS = <span class="jxr_string">"sigIssuerCertConstraints"</span>; -<a class="jxr_linenumber" name="L858" href="#L858">858</a> -<a class="jxr_linenumber" name="L859" href="#L859">859</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L860" href="#L860">860</a> <em class="jxr_javadoccomment"> * This configuration tag refers to the separator that is used to parse certificate constraints</em> -<a class="jxr_linenumber" name="L861" href="#L861">861</a> <em class="jxr_javadoccomment"> * configured in the SIG_SUBJECT_CERT_CONSTRAINTS and SIG_ISSUER_CERT_CONSTRAINTS configuration</em> -<a class="jxr_linenumber" name="L862" href="#L862">862</a> <em class="jxr_javadoccomment"> * tags. By default it is a comma - ",".</em> -<a class="jxr_linenumber" name="L863" href="#L863">863</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L864" href="#L864">864</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_CERT_CONSTRAINTS_SEPARATOR = <span class="jxr_string">"sigCertConstraintsSeparator"</span>; -<a class="jxr_linenumber" name="L865" href="#L865">865</a> -<a class="jxr_linenumber" name="L866" href="#L866">866</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L867" href="#L867">867</a> <em class="jxr_javadoccomment"> * Time-To-Live is the time difference between creation and expiry time in</em> -<a class="jxr_linenumber" name="L868" href="#L868">868</a> <em class="jxr_javadoccomment"> * seconds in the WSS Timestamp. After this time the SOAP request is</em> -<a class="jxr_linenumber" name="L869" href="#L869">869</a> <em class="jxr_javadoccomment"> * invalid (at least the security data shall be treated this way).</em> -<a class="jxr_linenumber" name="L870" href="#L870">870</a> <em class="jxr_javadoccomment"> * <p/></em> -<a class="jxr_linenumber" name="L871" href="#L871">871</a> <em class="jxr_javadoccomment"> * If this parameter is not defined, contains a value less or equal</em> -<a class="jxr_linenumber" name="L872" href="#L872">872</a> <em class="jxr_javadoccomment"> * zero, or an illegal format the handlers use a default TTL of</em> -<a class="jxr_linenumber" name="L873" href="#L873">873</a> <em class="jxr_javadoccomment"> * 300 seconds (5 minutes).</em> +<a class="jxr_linenumber" name="L852" href="#L852">852</a> <em class="jxr_javadoccomment"> * Defines which encryption digest algorithm to use with the RSA OAEP Key Transport</em> +<a class="jxr_linenumber" name="L853" href="#L853">853</a> <em class="jxr_javadoccomment"> * algorithm for encryption. The default is SHA-1.</em> +<a class="jxr_linenumber" name="L854" href="#L854">854</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L855" href="#L855">855</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em> +<a class="jxr_linenumber" name="L856" href="#L856">856</a> <em class="jxr_javadoccomment"> * <pre></em> +<a class="jxr_linenumber" name="L857" href="#L857">857</a> <em class="jxr_javadoccomment"> * call.setProperty(</em> +<a class="jxr_linenumber" name="L858" href="#L858">858</a> <em class="jxr_javadoccomment"> * ConfigurationConstants.ENC_DIGEST_ALGO, "<a href="http://www.w3.org/2001/04/xmlenc"; target="alexandria_uri">http://www.w3.org/2001/04/xmlenc</a>#sha256"</em> +<a class="jxr_linenumber" name="L859" href="#L859">859</a> <em class="jxr_javadoccomment"> * );</em> +<a class="jxr_linenumber" name="L860" href="#L860">860</a> <em class="jxr_javadoccomment"> * </pre></em> +<a class="jxr_linenumber" name="L861" href="#L861">861</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L862" href="#L862">862</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_DIGEST_ALGO = <span class="jxr_string">"encryptionDigestAlgorithm"</span>; +<a class="jxr_linenumber" name="L863" href="#L863">863</a> +<a class="jxr_linenumber" name="L864" href="#L864">864</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L865" href="#L865">865</a> <em class="jxr_javadoccomment"> * Defines which encryption mgf algorithm to use with the RSA OAEP Key Transport</em> +<a class="jxr_linenumber" name="L866" href="#L866">866</a> <em class="jxr_javadoccomment"> * algorithm for encryption. The default is mgfsha1.</em> +<a class="jxr_linenumber" name="L867" href="#L867">867</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L868" href="#L868">868</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em> +<a class="jxr_linenumber" name="L869" href="#L869">869</a> <em class="jxr_javadoccomment"> * <pre></em> +<a class="jxr_linenumber" name="L870" href="#L870">870</a> <em class="jxr_javadoccomment"> * call.setProperty(</em> +<a class="jxr_linenumber" name="L871" href="#L871">871</a> <em class="jxr_javadoccomment"> * ConfigurationConstants.ENC_MGF_ALGO, "<a href="http://www.w3.org/2009/xmlenc11"; target="alexandria_uri">http://www.w3.org/2009/xmlenc11</a>#mgf1sha256"</em> +<a class="jxr_linenumber" name="L872" href="#L872">872</a> <em class="jxr_javadoccomment"> * );</em> +<a class="jxr_linenumber" name="L873" href="#L873">873</a> <em class="jxr_javadoccomment"> * </pre></em> <a class="jxr_linenumber" name="L874" href="#L874">874</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L875" href="#L875">875</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TTL_TIMESTAMP = <span class="jxr_string">"timeToLive"</span>; +<a class="jxr_linenumber" name="L875" href="#L875">875</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_MGF_ALGO = <span class="jxr_string">"encryptionMGFAlgorithm"</span>; <a class="jxr_linenumber" name="L876" href="#L876">876</a> <a class="jxr_linenumber" name="L877" href="#L877">877</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L878" href="#L878">878</a> <em class="jxr_javadoccomment"> * This configuration tag specifies the time in seconds in the future within which</em> -<a class="jxr_linenumber" name="L879" href="#L879">879</a> <em class="jxr_javadoccomment"> * the Created time of an incoming Timestamp is valid. The default value is "60",</em> -<a class="jxr_linenumber" name="L880" href="#L880">880</a> <em class="jxr_javadoccomment"> * to avoid problems where clocks are slightly askew. To reject all future-created</em> -<a class="jxr_linenumber" name="L881" href="#L881">881</a> <em class="jxr_javadoccomment"> * Timestamps, set this value to "0".</em> -<a class="jxr_linenumber" name="L882" href="#L882">882</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L883" href="#L883">883</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TTL_FUTURE_TIMESTAMP = <span class="jxr_string">"futureTimeToLive"</span>; -<a class="jxr_linenumber" name="L884" href="#L884">884</a> -<a class="jxr_linenumber" name="L885" href="#L885">885</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L886" href="#L886">886</a> <em class="jxr_javadoccomment"> * This tag refers to a Map of QName, Object (Validator) instances to be used to</em> -<a class="jxr_linenumber" name="L887" href="#L887">887</a> <em class="jxr_javadoccomment"> * validate tokens identified by their QName. For the DOM layer, the Object should</em> -<a class="jxr_linenumber" name="L888" href="#L888">888</a> <em class="jxr_javadoccomment"> * be a org.apache.wss4j.dom.validate.Validator instance. For the StAX layer, it</em> -<a class="jxr_linenumber" name="L889" href="#L889">889</a> <em class="jxr_javadoccomment"> * should be a org.apache.wss4j.stax.validate.Validator instance.</em> -<a class="jxr_linenumber" name="L890" href="#L890">890</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L891" href="#L891">891</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VALIDATOR_MAP = <span class="jxr_string">"validatorMap"</span>; -<a class="jxr_linenumber" name="L892" href="#L892">892</a> -<a class="jxr_linenumber" name="L893" href="#L893">893</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L894" href="#L894">894</a> <em class="jxr_javadoccomment"> * This holds a reference to a ReplayCache instance used to cache UsernameToken nonces. The</em> -<a class="jxr_linenumber" name="L895" href="#L895">895</a> <em class="jxr_javadoccomment"> * default instance that is used is the EHCacheReplayCache.</em> -<a class="jxr_linenumber" name="L896" href="#L896">896</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L897" href="#L897">897</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String NONCE_CACHE_INSTANCE = <span class="jxr_string">"nonceCacheInstance"</span>; -<a class="jxr_linenumber" name="L898" href="#L898">898</a> -<a class="jxr_linenumber" name="L899" href="#L899">899</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L900" href="#L900">900</a> <em class="jxr_javadoccomment"> * This holds a reference to a ReplayCache instance used to cache Timestamp Created Strings. The</em> -<a class="jxr_linenumber" name="L901" href="#L901">901</a> <em class="jxr_javadoccomment"> * default instance that is used is the EHCacheReplayCache.</em> -<a class="jxr_linenumber" name="L902" href="#L902">902</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L903" href="#L903">903</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TIMESTAMP_CACHE_INSTANCE = <span class="jxr_string">"timestampCacheInstance"</span>; -<a class="jxr_linenumber" name="L904" href="#L904">904</a> -<a class="jxr_linenumber" name="L905" href="#L905">905</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L906" href="#L906">906</a> <em class="jxr_javadoccomment"> * This holds a reference to a ReplayCache instance used to cache SAML2 Token Identifier</em> -<a class="jxr_linenumber" name="L907" href="#L907">907</a> <em class="jxr_javadoccomment"> * Strings (if the token contains a OneTimeUse Condition). The default instance that is</em> -<a class="jxr_linenumber" name="L908" href="#L908">908</a> <em class="jxr_javadoccomment"> * used is the EHCacheReplayCache.</em> +<a class="jxr_linenumber" name="L878" href="#L878">878</a> <em class="jxr_javadoccomment"> * Time-To-Live is the time difference between creation and expiry time in</em> +<a class="jxr_linenumber" name="L879" href="#L879">879</a> <em class="jxr_javadoccomment"> * seconds of the UsernameToken Created value. After this time the SOAP request</em> +<a class="jxr_linenumber" name="L880" href="#L880">880</a> <em class="jxr_javadoccomment"> * is invalid (at least the security data shall be treated this way).</em> +<a class="jxr_linenumber" name="L881" href="#L881">881</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L882" href="#L882">882</a> <em class="jxr_javadoccomment"> * If this parameter is not defined, contains a value less or equal</em> +<a class="jxr_linenumber" name="L883" href="#L883">883</a> <em class="jxr_javadoccomment"> * zero, or an illegal format the handlers use a default TTL of</em> +<a class="jxr_linenumber" name="L884" href="#L884">884</a> <em class="jxr_javadoccomment"> * 300 seconds (5 minutes).</em> +<a class="jxr_linenumber" name="L885" href="#L885">885</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L886" href="#L886">886</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TTL_USERNAMETOKEN = <span class="jxr_string">"utTimeToLive"</span>; +<a class="jxr_linenumber" name="L887" href="#L887">887</a> +<a class="jxr_linenumber" name="L888" href="#L888">888</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L889" href="#L889">889</a> <em class="jxr_javadoccomment"> * This configuration tag specifies the time in seconds in the future within which</em> +<a class="jxr_linenumber" name="L890" href="#L890">890</a> <em class="jxr_javadoccomment"> * the Created time of an incoming UsernameToken is valid. The default value is "60",</em> +<a class="jxr_linenumber" name="L891" href="#L891">891</a> <em class="jxr_javadoccomment"> * to avoid problems where clocks are slightly askew. To reject all future-created</em> +<a class="jxr_linenumber" name="L892" href="#L892">892</a> <em class="jxr_javadoccomment"> * UsernameTokens, set this value to "0".</em> +<a class="jxr_linenumber" name="L893" href="#L893">893</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L894" href="#L894">894</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TTL_FUTURE_USERNAMETOKEN = <span class="jxr_string">"utFutureTimeToLive"</span>; +<a class="jxr_linenumber" name="L895" href="#L895">895</a> +<a class="jxr_linenumber" name="L896" href="#L896">896</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L897" href="#L897">897</a> <em class="jxr_javadoccomment"> * This configuration tag is a String (separated by the value specified for SIG_CERT_CONSTRAINTS_SEPARATOR)</em> +<a class="jxr_linenumber" name="L898" href="#L898">898</a> <em class="jxr_javadoccomment"> * of regular expressions which will be applied to the subject DN of the certificate used for signature</em> +<a class="jxr_linenumber" name="L899" href="#L899">899</a> <em class="jxr_javadoccomment"> * validation, after trust verification of the certificate chain associated with the</em> +<a class="jxr_linenumber" name="L900" href="#L900">900</a> <em class="jxr_javadoccomment"> * certificate.</em> +<a class="jxr_linenumber" name="L901" href="#L901">901</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L902" href="#L902">902</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_SUBJECT_CERT_CONSTRAINTS = <span class="jxr_string">"sigSubjectCertConstraints"</span>; +<a class="jxr_linenumber" name="L903" href="#L903">903</a> +<a class="jxr_linenumber" name="L904" href="#L904">904</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L905" href="#L905">905</a> <em class="jxr_javadoccomment"> * This configuration tag is a String (separated by the value specified for SIG_CERT_CONSTRAINTS_SEPARATOR)</em> +<a class="jxr_linenumber" name="L906" href="#L906">906</a> <em class="jxr_javadoccomment"> * of regular expressions which will be applied to the issuer DN of the certificate used for signature</em> +<a class="jxr_linenumber" name="L907" href="#L907">907</a> <em class="jxr_javadoccomment"> * validation, after trust verification of the certificate chain associated with the</em> +<a class="jxr_linenumber" name="L908" href="#L908">908</a> <em class="jxr_javadoccomment"> * certificate.</em> <a class="jxr_linenumber" name="L909" href="#L909">909</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L910" href="#L910">910</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SAML_ONE_TIME_USE_CACHE_INSTANCE = <span class="jxr_string">"samlOneTimeUseCacheInstance"</span>; +<a class="jxr_linenumber" name="L910" href="#L910">910</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_ISSUER_CERT_CONSTRAINTS = <span class="jxr_string">"sigIssuerCertConstraints"</span>; <a class="jxr_linenumber" name="L911" href="#L911">911</a> <a class="jxr_linenumber" name="L912" href="#L912">912</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L913" href="#L913">913</a> <em class="jxr_javadoccomment"> * This holds a reference to a PasswordEncryptor instance, which is used to encrypt or</em> -<a class="jxr_linenumber" name="L914" href="#L914">914</a> <em class="jxr_javadoccomment"> * decrypt passwords in the Merlin Crypto implementation (or any custom Crypto implementations).</em> -<a class="jxr_linenumber" name="L915" href="#L915">915</a> <em class="jxr_javadoccomment"> *</em> -<a class="jxr_linenumber" name="L916" href="#L916">916</a> <em class="jxr_javadoccomment"> * By default, WSS4J uses the JasyptPasswordEncryptor, which must be instantiated with a</em> -<a class="jxr_linenumber" name="L917" href="#L917">917</a> <em class="jxr_javadoccomment"> * password to use to decrypt keystore passwords in the Merlin Crypto properties file.</em> -<a class="jxr_linenumber" name="L918" href="#L918">918</a> <em class="jxr_javadoccomment"> * This password is obtained via the CallbackHandler defined via PW_CALLBACK_CLASS</em> -<a class="jxr_linenumber" name="L919" href="#L919">919</a> <em class="jxr_javadoccomment"> * or PW_CALLBACK_REF.</em> -<a class="jxr_linenumber" name="L920" href="#L920">920</a> <em class="jxr_javadoccomment"> *</em> -<a class="jxr_linenumber" name="L921" href="#L921">921</a> <em class="jxr_javadoccomment"> * The encrypted passwords must be stored in the format "ENC(encoded encrypted password)".</em> -<a class="jxr_linenumber" name="L922" href="#L922">922</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L923" href="#L923">923</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String PASSWORD_ENCRYPTOR_INSTANCE = <span class="jxr_string">"passwordEncryptorInstance"</span>; -<a class="jxr_linenumber" name="L924" href="#L924">924</a> -<a class="jxr_linenumber" name="L925" href="#L925">925</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L926" href="#L926">926</a> <em class="jxr_javadoccomment"> * This controls the deriving token from which DerivedKeyTokens derive keys from.</em> -<a class="jxr_linenumber" name="L927" href="#L927">927</a> <em class="jxr_javadoccomment"> * Valid values are:</em> -<a class="jxr_linenumber" name="L928" href="#L928">928</a> <em class="jxr_javadoccomment"> * - DirectReference: A reference to a BinarySecurityToken</em> -<a class="jxr_linenumber" name="L929" href="#L929">929</a> <em class="jxr_javadoccomment"> * - EncryptedKey: A reference to an EncryptedKey</em> -<a class="jxr_linenumber" name="L930" href="#L930">930</a> <em class="jxr_javadoccomment"> * - SecurityContextToken: A reference to a SecurityContextToken</em> -<a class="jxr_linenumber" name="L931" href="#L931">931</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L932" href="#L932">932</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String DERIVED_TOKEN_REFERENCE = <span class="jxr_string">"derivedTokenReference"</span>; -<a class="jxr_linenumber" name="L933" href="#L933">933</a> -<a class="jxr_linenumber" name="L934" href="#L934">934</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L935" href="#L935">935</a> <em class="jxr_javadoccomment"> * This controls the key identifier of Derived Tokens, i.e. how they reference the deriving key.</em> -<a class="jxr_linenumber" name="L936" href="#L936">936</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L937" href="#L937">937</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String DERIVED_TOKEN_KEY_ID = <span class="jxr_string">"derivedTokenKeyIdentifier"</span>; -<a class="jxr_linenumber" name="L938" href="#L938">938</a> -<a class="jxr_linenumber" name="L939" href="#L939">939</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L940" href="#L940">940</a> <em class="jxr_javadoccomment"> * The length to use (in bytes) when deriving a key for Signature. If this is not specified,</em> -<a class="jxr_linenumber" name="L941" href="#L941">941</a> <em class="jxr_javadoccomment"> * it defaults to a value based on the signature algorithm.</em> -<a class="jxr_linenumber" name="L942" href="#L942">942</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L943" href="#L943">943</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String DERIVED_SIGNATURE_KEY_LENGTH = <span class="jxr_string">"derivedSignatureKeyLength"</span>; -<a class="jxr_linenumber" name="L944" href="#L944">944</a> -<a class="jxr_linenumber" name="L945" href="#L945">945</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L946" href="#L946">946</a> <em class="jxr_javadoccomment"> * The length to use (in bytes) when deriving a key for Encryption. If this is not specified,</em> -<a class="jxr_linenumber" name="L947" href="#L947">947</a> <em class="jxr_javadoccomment"> * it defaults to a value based on the encryption algorithm.</em> -<a class="jxr_linenumber" name="L948" href="#L948">948</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L949" href="#L949">949</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String DERIVED_ENCRYPTION_KEY_LENGTH = <span class="jxr_string">"derivedEncryptionKeyLength"</span>; -<a class="jxr_linenumber" name="L950" href="#L950">950</a> +<a class="jxr_linenumber" name="L913" href="#L913">913</a> <em class="jxr_javadoccomment"> * This configuration tag refers to the separator that is used to parse certificate constraints</em> +<a class="jxr_linenumber" name="L914" href="#L914">914</a> <em class="jxr_javadoccomment"> * configured in the SIG_SUBJECT_CERT_CONSTRAINTS and SIG_ISSUER_CERT_CONSTRAINTS configuration</em> +<a class="jxr_linenumber" name="L915" href="#L915">915</a> <em class="jxr_javadoccomment"> * tags. By default it is a comma - ",".</em> +<a class="jxr_linenumber" name="L916" href="#L916">916</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L917" href="#L917">917</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_CERT_CONSTRAINTS_SEPARATOR = <span class="jxr_string">"sigCertConstraintsSeparator"</span>; +<a class="jxr_linenumber" name="L918" href="#L918">918</a> +<a class="jxr_linenumber" name="L919" href="#L919">919</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L920" href="#L920">920</a> <em class="jxr_javadoccomment"> * Time-To-Live is the time difference between creation and expiry time in</em> +<a class="jxr_linenumber" name="L921" href="#L921">921</a> <em class="jxr_javadoccomment"> * seconds in the WSS Timestamp. After this time the SOAP request is</em> +<a class="jxr_linenumber" name="L922" href="#L922">922</a> <em class="jxr_javadoccomment"> * invalid (at least the security data shall be treated this way).</em> +<a class="jxr_linenumber" name="L923" href="#L923">923</a> <em class="jxr_javadoccomment"> * <p/></em> +<a class="jxr_linenumber" name="L924" href="#L924">924</a> <em class="jxr_javadoccomment"> * If this parameter is not defined, contains a value less or equal</em> +<a class="jxr_linenumber" name="L925" href="#L925">925</a> <em class="jxr_javadoccomment"> * zero, or an illegal format the handlers use a default TTL of</em> +<a class="jxr_linenumber" name="L926" href="#L926">926</a> <em class="jxr_javadoccomment"> * 300 seconds (5 minutes).</em> +<a class="jxr_linenumber" name="L927" href="#L927">927</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L928" href="#L928">928</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TTL_TIMESTAMP = <span class="jxr_string">"timeToLive"</span>; +<a class="jxr_linenumber" name="L929" href="#L929">929</a> +<a class="jxr_linenumber" name="L930" href="#L930">930</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L931" href="#L931">931</a> <em class="jxr_javadoccomment"> * This configuration tag specifies the time in seconds in the future within which</em> +<a class="jxr_linenumber" name="L932" href="#L932">932</a> <em class="jxr_javadoccomment"> * the Created time of an incoming Timestamp is valid. The default value is "60",</em> +<a class="jxr_linenumber" name="L933" href="#L933">933</a> <em class="jxr_javadoccomment"> * to avoid problems where clocks are slightly askew. To reject all future-created</em> +<a class="jxr_linenumber" name="L934" href="#L934">934</a> <em class="jxr_javadoccomment"> * Timestamps, set this value to "0".</em> +<a class="jxr_linenumber" name="L935" href="#L935">935</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L936" href="#L936">936</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TTL_FUTURE_TIMESTAMP = <span class="jxr_string">"futureTimeToLive"</span>; +<a class="jxr_linenumber" name="L937" href="#L937">937</a> +<a class="jxr_linenumber" name="L938" href="#L938">938</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L939" href="#L939">939</a> <em class="jxr_javadoccomment"> * This tag refers to a Map of QName, Object (Validator) instances to be used to</em> +<a class="jxr_linenumber" name="L940" href="#L940">940</a> <em class="jxr_javadoccomment"> * validate tokens identified by their QName. For the DOM layer, the Object should</em> +<a class="jxr_linenumber" name="L941" href="#L941">941</a> <em class="jxr_javadoccomment"> * be a org.apache.wss4j.dom.validate.Validator instance. For the StAX layer, it</em> +<a class="jxr_linenumber" name="L942" href="#L942">942</a> <em class="jxr_javadoccomment"> * should be a org.apache.wss4j.stax.validate.Validator instance.</em> +<a class="jxr_linenumber" name="L943" href="#L943">943</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L944" href="#L944">944</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String VALIDATOR_MAP = <span class="jxr_string">"validatorMap"</span>; +<a class="jxr_linenumber" name="L945" href="#L945">945</a> +<a class="jxr_linenumber" name="L946" href="#L946">946</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L947" href="#L947">947</a> <em class="jxr_javadoccomment"> * This holds a reference to a ReplayCache instance used to cache UsernameToken nonces. The</em> +<a class="jxr_linenumber" name="L948" href="#L948">948</a> <em class="jxr_javadoccomment"> * default instance that is used is the EHCacheReplayCache.</em> +<a class="jxr_linenumber" name="L949" href="#L949">949</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L950" href="#L950">950</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String NONCE_CACHE_INSTANCE = <span class="jxr_string">"nonceCacheInstance"</span>; <a class="jxr_linenumber" name="L951" href="#L951">951</a> -<a class="jxr_linenumber" name="L952" href="#L952">952</a> } -<a class="jxr_linenumber" name="L953" href="#L953">953</a> +<a class="jxr_linenumber" name="L952" href="#L952">952</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L953" href="#L953">953</a> <em class="jxr_javadoccomment"> * This holds a reference to a ReplayCache instance used to cache Timestamp Created Strings. The</em> +<a class="jxr_linenumber" name="L954" href="#L954">954</a> <em class="jxr_javadoccomment"> * default instance that is used is the EHCacheReplayCache.</em> +<a class="jxr_linenumber" name="L955" href="#L955">955</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L956" href="#L956">956</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TIMESTAMP_CACHE_INSTANCE = <span class="jxr_string">"timestampCacheInstance"</span>; +<a class="jxr_linenumber" name="L957" href="#L957">957</a> +<a class="jxr_linenumber" name="L958" href="#L958">958</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L959" href="#L959">959</a> <em class="jxr_javadoccomment"> * This holds a reference to a ReplayCache instance used to cache SAML2 Token Identifier</em> +<a class="jxr_linenumber" name="L960" href="#L960">960</a> <em class="jxr_javadoccomment"> * Strings (if the token contains a OneTimeUse Condition). The default instance that is</em> +<a class="jxr_linenumber" name="L961" href="#L961">961</a> <em class="jxr_javadoccomment"> * used is the EHCacheReplayCache.</em> +<a class="jxr_linenumber" name="L962" href="#L962">962</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L963" href="#L963">963</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SAML_ONE_TIME_USE_CACHE_INSTANCE = <span class="jxr_string">"samlOneTimeUseCacheInstance"</span>; +<a class="jxr_linenumber" name="L964" href="#L964">964</a> +<a class="jxr_linenumber" name="L965" href="#L965">965</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L966" href="#L966">966</a> <em class="jxr_javadoccomment"> * This holds a reference to a PasswordEncryptor instance, which is used to encrypt or</em> +<a class="jxr_linenumber" name="L967" href="#L967">967</a> <em class="jxr_javadoccomment"> * decrypt passwords in the Merlin Crypto implementation (or any custom Crypto implementations).</em> +<a class="jxr_linenumber" name="L968" href="#L968">968</a> <em class="jxr_javadoccomment"> *</em> +<a class="jxr_linenumber" name="L969" href="#L969">969</a> <em class="jxr_javadoccomment"> * By default, WSS4J uses the JasyptPasswordEncryptor, which must be instantiated with a</em> +<a class="jxr_linenumber" name="L970" href="#L970">970</a> <em class="jxr_javadoccomment"> * password to use to decrypt keystore passwords in the Merlin Crypto properties file.</em> +<a class="jxr_linenumber" name="L971" href="#L971">971</a> <em class="jxr_javadoccomment"> * This password is obtained via the CallbackHandler defined via PW_CALLBACK_CLASS</em> +<a class="jxr_linenumber" name="L972" href="#L972">972</a> <em class="jxr_javadoccomment"> * or PW_CALLBACK_REF.</em> +<a class="jxr_linenumber" name="L973" href="#L973">973</a> <em class="jxr_javadoccomment"> *</em> +<a class="jxr_linenumber" name="L974" href="#L974">974</a> <em class="jxr_javadoccomment"> * The encrypted passwords must be stored in the format "ENC(encoded encrypted password)".</em> +<a class="jxr_linenumber" name="L975" href="#L975">975</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L976" href="#L976">976</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String PASSWORD_ENCRYPTOR_INSTANCE = <span class="jxr_string">"passwordEncryptorInstance"</span>; +<a class="jxr_linenumber" name="L977" href="#L977">977</a> +<a class="jxr_linenumber" name="L978" href="#L978">978</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L979" href="#L979">979</a> <em class="jxr_javadoccomment"> * This controls the deriving token from which DerivedKeyTokens derive keys from.</em> +<a class="jxr_linenumber" name="L980" href="#L980">980</a> <em class="jxr_javadoccomment"> * Valid values are:</em> +<a class="jxr_linenumber" name="L981" href="#L981">981</a> <em class="jxr_javadoccomment"> * - DirectReference: A reference to a BinarySecurityToken</em> +<a class="jxr_linenumber" name="L982" href="#L982">982</a> <em class="jxr_javadoccomment"> * - EncryptedKey: A reference to an EncryptedKey</em> +<a class="jxr_linenumber" name="L983" href="#L983">983</a> <em class="jxr_javadoccomment"> * - SecurityContextToken: A reference to a SecurityContextToken</em> +<a class="jxr_linenumber" name="L984" href="#L984">984</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L985" href="#L985">985</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String DERIVED_TOKEN_REFERENCE = <span class="jxr_string">"derivedTokenReference"</span>; +<a class="jxr_linenumber" name="L986" href="#L986">986</a> +<a class="jxr_linenumber" name="L987" href="#L987">987</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L988" href="#L988">988</a> <em class="jxr_javadoccomment"> * This controls the key identifier of Derived Tokens, i.e. how they reference the deriving key.</em> +<a class="jxr_linenumber" name="L989" href="#L989">989</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L990" href="#L990">990</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String DERIVED_TOKEN_KEY_ID = <span class="jxr_string">"derivedTokenKeyIdentifier"</span>; +<a class="jxr_linenumber" name="L991" href="#L991">991</a> +<a class="jxr_linenumber" name="L992" href="#L992">992</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L993" href="#L993">993</a> <em class="jxr_javadoccomment"> * The length to use (in bytes) when deriving a key for Signature. If this is not specified,</em> +<a class="jxr_linenumber" name="L994" href="#L994">994</a> <em class="jxr_javadoccomment"> * it defaults to a value based on the signature algorithm.</em> +<a class="jxr_linenumber" name="L995" href="#L995">995</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L996" href="#L996">996</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String DERIVED_SIGNATURE_KEY_LENGTH = <span class="jxr_string">"derivedSignatureKeyLength"</span>; +<a class="jxr_linenumber" name="L997" href="#L997">997</a> +<a class="jxr_linenumber" name="L998" href="#L998">998</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L999" href="#L999">999</a> <em class="jxr_javadoccomment"> * The length to use (in bytes) when deriving a key for Encryption. If this is not specified,</em> +<a class="jxr_linenumber" name="L1000" href="#L1000">1000</a> <em class="jxr_javadoccomment"> * it defaults to a value based on the encryption algorithm.</em> +<a class="jxr_linenumber" name="L1001" href="#L1001">1001</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L1002" href="#L1002">1002</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String DERIVED_ENCRYPTION_KEY_LENGTH = <span class="jxr_string">"derivedEncryptionKeyLength"</span>; +<a class="jxr_linenumber" name="L1003" href="#L1003">1003</a> +<a class="jxr_linenumber" name="L1004" href="#L1004">1004</a> +<a class="jxr_linenumber" name="L1005" href="#L1005">1005</a> } +<a class="jxr_linenumber" name="L1006" href="#L1006">1006</a> </pre> <hr/> -<div id="footer">Copyright © 2004–2023 <a href="https://www.apache.org/";>The Apache Software Foundation</a>. All rights reserved.</div> +<div id="footer">© 2004â2024 <a href="https://www.apache.org/";>The Apache Software Foundation</a></div> </body> </html>
Modified: webservices/website/wss4j/xref/org/apache/wss4j/common/EncryptionActionToken.html URL: http://svn.apache.org/viewvc/webservices/website/wss4j/xref/org/apache/wss4j/common/EncryptionActionToken.html?rev=1921891&r1=1921890&r2=1921891&view=diff ============================================================================== --- webservices/website/wss4j/xref/org/apache/wss4j/common/EncryptionActionToken.html (original) +++ webservices/website/wss4j/xref/org/apache/wss4j/common/EncryptionActionToken.html Thu Nov 14 16:06:47 2024 @@ -27,52 +27,79 @@ <a class="jxr_linenumber" name="L19" href="#L19">19</a> <strong class="jxr_keyword">package</strong> org.apache.wss4j.common; <a class="jxr_linenumber" name="L20" href="#L20">20</a> <a class="jxr_linenumber" name="L21" href="#L21">21</a> -<a class="jxr_linenumber" name="L22" href="#L22">22</a> <em class="jxr_javadoccomment">/**</em> -<a class="jxr_linenumber" name="L23" href="#L23">23</a> <em class="jxr_javadoccomment"> * This class encapsulates configuration for Encryption Actions.</em> -<a class="jxr_linenumber" name="L24" href="#L24">24</a> <em class="jxr_javadoccomment"> */</em> -<a class="jxr_linenumber" name="L25" href="#L25">25</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a name="EncryptionActionToken" href="../../../../org/apache/wss4j/common/EncryptionActionToken.html#EncryptionActionToken">EncryptionActionToken</a> <strong class="jxr_keyword">extends</strong> <a name="SignatureEncryptionActionToken" href="../../../../org/apache/wss4j/common/SignatureEncryptionActionToken.html#SignatureEncryptionActionToken">SignatureEncryptionActionToken</a> { -<a class="jxr_linenumber" name="L26" href="#L26">26</a> -<a class="jxr_linenumber" name="L27" href="#L27">27</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> encSymmetricEncryptionKey = <strong class="jxr_keyword">true</strong>; -<a class="jxr_linenumber" name="L28" href="#L28">28</a> <strong class="jxr_keyword">private</strong> String mgfAlgorithm; -<a class="jxr_linenumber" name="L29" href="#L29">29</a> <strong class="jxr_keyword">private</strong> String symmetricAlgorithm; -<a class="jxr_linenumber" name="L30" href="#L30">30</a> <strong class="jxr_keyword">private</strong> String keyTransportAlgorithm; -<a class="jxr_linenumber" name="L31" href="#L31">31</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> getSymmetricKeyFromCallbackHandler; -<a class="jxr_linenumber" name="L32" href="#L32">32</a> -<a class="jxr_linenumber" name="L33" href="#L33">33</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isEncSymmetricEncryptionKey() { -<a class="jxr_linenumber" name="L34" href="#L34">34</a> <strong class="jxr_keyword">return</strong> encSymmetricEncryptionKey; -<a class="jxr_linenumber" name="L35" href="#L35">35</a> } -<a class="jxr_linenumber" name="L36" href="#L36">36</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setEncSymmetricEncryptionKey(<strong class="jxr_keyword">boolean</strong> encSymmetricEncryptionKey) { -<a class="jxr_linenumber" name="L37" href="#L37">37</a> <strong class="jxr_keyword">this</strong>.encSymmetricEncryptionKey = encSymmetricEncryptionKey; -<a class="jxr_linenumber" name="L38" href="#L38">38</a> } -<a class="jxr_linenumber" name="L39" href="#L39">39</a> <strong class="jxr_keyword">public</strong> String getMgfAlgorithm() { -<a class="jxr_linenumber" name="L40" href="#L40">40</a> <strong class="jxr_keyword">return</strong> mgfAlgorithm; -<a class="jxr_linenumber" name="L41" href="#L41">41</a> } -<a class="jxr_linenumber" name="L42" href="#L42">42</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setMgfAlgorithm(String mgfAlgorithm) { -<a class="jxr_linenumber" name="L43" href="#L43">43</a> <strong class="jxr_keyword">this</strong>.mgfAlgorithm = mgfAlgorithm; -<a class="jxr_linenumber" name="L44" href="#L44">44</a> } -<a class="jxr_linenumber" name="L45" href="#L45">45</a> <strong class="jxr_keyword">public</strong> String getSymmetricAlgorithm() { -<a class="jxr_linenumber" name="L46" href="#L46">46</a> <strong class="jxr_keyword">return</strong> symmetricAlgorithm; -<a class="jxr_linenumber" name="L47" href="#L47">47</a> } -<a class="jxr_linenumber" name="L48" href="#L48">48</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setSymmetricAlgorithm(String symmetricAlgorithm) { -<a class="jxr_linenumber" name="L49" href="#L49">49</a> <strong class="jxr_keyword">this</strong>.symmetricAlgorithm = symmetricAlgorithm; -<a class="jxr_linenumber" name="L50" href="#L50">50</a> } -<a class="jxr_linenumber" name="L51" href="#L51">51</a> <strong class="jxr_keyword">public</strong> String getKeyTransportAlgorithm() { -<a class="jxr_linenumber" name="L52" href="#L52">52</a> <strong class="jxr_keyword">return</strong> keyTransportAlgorithm; -<a class="jxr_linenumber" name="L53" href="#L53">53</a> } -<a class="jxr_linenumber" name="L54" href="#L54">54</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setKeyTransportAlgorithm(String keyTransportAlgorithm) { -<a class="jxr_linenumber" name="L55" href="#L55">55</a> <strong class="jxr_keyword">this</strong>.keyTransportAlgorithm = keyTransportAlgorithm; -<a class="jxr_linenumber" name="L56" href="#L56">56</a> } -<a class="jxr_linenumber" name="L57" href="#L57">57</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isGetSymmetricKeyFromCallbackHandler() { -<a class="jxr_linenumber" name="L58" href="#L58">58</a> <strong class="jxr_keyword">return</strong> getSymmetricKeyFromCallbackHandler; -<a class="jxr_linenumber" name="L59" href="#L59">59</a> } -<a class="jxr_linenumber" name="L60" href="#L60">60</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setGetSymmetricKeyFromCallbackHandler(<strong class="jxr_keyword">boolean</strong> getSymmetricKeyFromCallbackHandler) { -<a class="jxr_linenumber" name="L61" href="#L61">61</a> <strong class="jxr_keyword">this</strong>.getSymmetricKeyFromCallbackHandler = getSymmetricKeyFromCallbackHandler; -<a class="jxr_linenumber" name="L62" href="#L62">62</a> } -<a class="jxr_linenumber" name="L63" href="#L63">63</a> -<a class="jxr_linenumber" name="L64" href="#L64">64</a> } -<a class="jxr_linenumber" name="L65" href="#L65">65</a> +<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> org.apache.xml.security.encryption.params.KeyDerivationParameters; +<a class="jxr_linenumber" name="L23" href="#L23">23</a> +<a class="jxr_linenumber" name="L24" href="#L24">24</a> <em class="jxr_javadoccomment">/**</em> +<a class="jxr_linenumber" name="L25" href="#L25">25</a> <em class="jxr_javadoccomment"> * This class encapsulates configuration for Encryption Actions.</em> +<a class="jxr_linenumber" name="L26" href="#L26">26</a> <em class="jxr_javadoccomment"> */</em> +<a class="jxr_linenumber" name="L27" href="#L27">27</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a name="EncryptionActionToken" href="../../../../org/apache/wss4j/common/EncryptionActionToken.html#EncryptionActionToken">EncryptionActionToken</a> <strong class="jxr_keyword">extends</strong> <a name="SignatureEncryptionActionToken" href="../../../../org/apache/wss4j/common/SignatureEncryptionActionToken.html#SignatureEncryptionActionToken">SignatureEncryptionActionToken</a> { +<a class="jxr_linenumber" name="L28" href="#L28">28</a> +<a class="jxr_linenumber" name="L29" href="#L29">29</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> encSymmetricEncryptionKey = <strong class="jxr_keyword">true</strong>; +<a class="jxr_linenumber" name="L30" href="#L30">30</a> <strong class="jxr_keyword">private</strong> String mgfAlgorithm; +<a class="jxr_linenumber" name="L31" href="#L31">31</a> <strong class="jxr_keyword">private</strong> String symmetricAlgorithm; +<a class="jxr_linenumber" name="L32" href="#L32">32</a> <strong class="jxr_keyword">private</strong> String keyAgreementMethodAlgorithm; +<a class="jxr_linenumber" name="L33" href="#L33">33</a> <strong class="jxr_keyword">private</strong> String keyDerivationFunction; +<a class="jxr_linenumber" name="L34" href="#L34">34</a> <strong class="jxr_keyword">private</strong> KeyDerivationParameters keyDerivationParameters; +<a class="jxr_linenumber" name="L35" href="#L35">35</a> <strong class="jxr_keyword">private</strong> String keyTransportAlgorithm; +<a class="jxr_linenumber" name="L36" href="#L36">36</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> getSymmetricKeyFromCallbackHandler; +<a class="jxr_linenumber" name="L37" href="#L37">37</a> +<a class="jxr_linenumber" name="L38" href="#L38">38</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isEncSymmetricEncryptionKey() { +<a class="jxr_linenumber" name="L39" href="#L39">39</a> <strong class="jxr_keyword">return</strong> encSymmetricEncryptionKey; +<a class="jxr_linenumber" name="L40" href="#L40">40</a> } +<a class="jxr_linenumber" name="L41" href="#L41">41</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setEncSymmetricEncryptionKey(<strong class="jxr_keyword">boolean</strong> encSymmetricEncryptionKey) { +<a class="jxr_linenumber" name="L42" href="#L42">42</a> <strong class="jxr_keyword">this</strong>.encSymmetricEncryptionKey = encSymmetricEncryptionKey; +<a class="jxr_linenumber" name="L43" href="#L43">43</a> } +<a class="jxr_linenumber" name="L44" href="#L44">44</a> <strong class="jxr_keyword">public</strong> String getMgfAlgorithm() { +<a class="jxr_linenumber" name="L45" href="#L45">45</a> <strong class="jxr_keyword">return</strong> mgfAlgorithm; +<a class="jxr_linenumber" name="L46" href="#L46">46</a> } +<a class="jxr_linenumber" name="L47" href="#L47">47</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setMgfAlgorithm(String mgfAlgorithm) { +<a class="jxr_linenumber" name="L48" href="#L48">48</a> <strong class="jxr_keyword">this</strong>.mgfAlgorithm = mgfAlgorithm; +<a class="jxr_linenumber" name="L49" href="#L49">49</a> } +<a class="jxr_linenumber" name="L50" href="#L50">50</a> <strong class="jxr_keyword">public</strong> String getSymmetricAlgorithm() { +<a class="jxr_linenumber" name="L51" href="#L51">51</a> <strong class="jxr_keyword">return</strong> symmetricAlgorithm; +<a class="jxr_linenumber" name="L52" href="#L52">52</a> } +<a class="jxr_linenumber" name="L53" href="#L53">53</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setSymmetricAlgorithm(String symmetricAlgorithm) { +<a class="jxr_linenumber" name="L54" href="#L54">54</a> <strong class="jxr_keyword">this</strong>.symmetricAlgorithm = symmetricAlgorithm; +<a class="jxr_linenumber" name="L55" href="#L55">55</a> } +<a class="jxr_linenumber" name="L56" href="#L56">56</a> <strong class="jxr_keyword">public</strong> String getKeyTransportAlgorithm() { +<a class="jxr_linenumber" name="L57" href="#L57">57</a> <strong class="jxr_keyword">return</strong> keyTransportAlgorithm; +<a class="jxr_linenumber" name="L58" href="#L58">58</a> } +<a class="jxr_linenumber" name="L59" href="#L59">59</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setKeyTransportAlgorithm(String keyTransportAlgorithm) { +<a class="jxr_linenumber" name="L60" href="#L60">60</a> <strong class="jxr_keyword">this</strong>.keyTransportAlgorithm = keyTransportAlgorithm; +<a class="jxr_linenumber" name="L61" href="#L61">61</a> } +<a class="jxr_linenumber" name="L62" href="#L62">62</a> +<a class="jxr_linenumber" name="L63" href="#L63">63</a> <strong class="jxr_keyword">public</strong> String getKeyAgreementMethodAlgorithm() { +<a class="jxr_linenumber" name="L64" href="#L64">64</a> <strong class="jxr_keyword">return</strong> keyAgreementMethodAlgorithm; +<a class="jxr_linenumber" name="L65" href="#L65">65</a> } +<a class="jxr_linenumber" name="L66" href="#L66">66</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setKeyAgreementMethodAlgorithm(String keyAgreementMethodAlgorithm) { +<a class="jxr_linenumber" name="L67" href="#L67">67</a> <strong class="jxr_keyword">this</strong>.keyAgreementMethodAlgorithm = keyAgreementMethodAlgorithm; +<a class="jxr_linenumber" name="L68" href="#L68">68</a> } +<a class="jxr_linenumber" name="L69" href="#L69">69</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isGetSymmetricKeyFromCallbackHandler() { +<a class="jxr_linenumber" name="L70" href="#L70">70</a> <strong class="jxr_keyword">return</strong> getSymmetricKeyFromCallbackHandler; +<a class="jxr_linenumber" name="L71" href="#L71">71</a> } +<a class="jxr_linenumber" name="L72" href="#L72">72</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setGetSymmetricKeyFromCallbackHandler(<strong class="jxr_keyword">boolean</strong> getSymmetricKeyFromCallbackHandler) { +<a class="jxr_linenumber" name="L73" href="#L73">73</a> <strong class="jxr_keyword">this</strong>.getSymmetricKeyFromCallbackHandler = getSymmetricKeyFromCallbackHandler; +<a class="jxr_linenumber" name="L74" href="#L74">74</a> } +<a class="jxr_linenumber" name="L75" href="#L75">75</a> +<a class="jxr_linenumber" name="L76" href="#L76">76</a> <strong class="jxr_keyword">public</strong> String getKeyDerivationFunction() { +<a class="jxr_linenumber" name="L77" href="#L77">77</a> <strong class="jxr_keyword">return</strong> keyDerivationFunction; +<a class="jxr_linenumber" name="L78" href="#L78">78</a> } +<a class="jxr_linenumber" name="L79" href="#L79">79</a> +<a class="jxr_linenumber" name="L80" href="#L80">80</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setKeyDerivationFunction(String keyDerivationFunction) { +<a class="jxr_linenumber" name="L81" href="#L81">81</a> <strong class="jxr_keyword">this</strong>.keyDerivationFunction = keyDerivationFunction; +<a class="jxr_linenumber" name="L82" href="#L82">82</a> } +<a class="jxr_linenumber" name="L83" href="#L83">83</a> +<a class="jxr_linenumber" name="L84" href="#L84">84</a> <strong class="jxr_keyword">public</strong> KeyDerivationParameters getKeyDerivationParameters() { +<a class="jxr_linenumber" name="L85" href="#L85">85</a> <strong class="jxr_keyword">return</strong> keyDerivationParameters; +<a class="jxr_linenumber" name="L86" href="#L86">86</a> } +<a class="jxr_linenumber" name="L87" href="#L87">87</a> +<a class="jxr_linenumber" name="L88" href="#L88">88</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setKeyDerivationParameters(KeyDerivationParameters keyDerivationParameters) { +<a class="jxr_linenumber" name="L89" href="#L89">89</a> <strong class="jxr_keyword">this</strong>.keyDerivationParameters = keyDerivationParameters; +<a class="jxr_linenumber" name="L90" href="#L90">90</a> } +<a class="jxr_linenumber" name="L91" href="#L91">91</a> } +<a class="jxr_linenumber" name="L92" href="#L92">92</a> </pre> <hr/> -<div id="footer">Copyright © 2004–2023 <a href="https://www.apache.org/";>The Apache Software Foundation</a>. All rights reserved.</div> +<div id="footer">© 2004â2024 <a href="https://www.apache.org/";>The Apache Software Foundation</a></div> </body> </html> Modified: webservices/website/wss4j/xref/org/apache/wss4j/common/NamePasswordCallbackHandler.html URL: http://svn.apache.org/viewvc/webservices/website/wss4j/xref/org/apache/wss4j/common/NamePasswordCallbackHandler.html?rev=1921891&r1=1921890&r2=1921891&view=diff ============================================================================== --- webservices/website/wss4j/xref/org/apache/wss4j/common/NamePasswordCallbackHandler.html (original) +++ webservices/website/wss4j/xref/org/apache/wss4j/common/NamePasswordCallbackHandler.html Thu Nov 14 16:06:47 2024 @@ -108,6 +108,6 @@ <a class="jxr_linenumber" name="L100" href="#L100">100</a> </pre> <hr/> -<div id="footer">Copyright © 2004–2023 <a href="https://www.apache.org/";>The Apache Software Foundation</a>. All rights reserved.</div> +<div id="footer">© 2004â2024 <a href="https://www.apache.org/";>The Apache Software Foundation</a></div> </body> </html>
