You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@abdera.apache.org by jm...@apache.org on 2006/11/03 23:27:47 UTC
svn commit: r471019 - in /incubator/abdera/java/trunk/security/src:
main/java/org/apache/abdera/security/
main/java/org/apache/abdera/security/xmlsec/
test/java/org/apache/abdera/test/security/
Author: jmsnell
Date: Fri Nov 3 14:27:46 2006
New Revision: 471019
URL: http://svn.apache.org/viewvc?view=rev&rev=471019
Log:
Javadoc improvements
Add the ability to list additional references in the digital signature
Modified:
incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/AbderaSecurity.java
incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/Encryption.java
incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/EncryptionOptions.java
incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/SecurityOptions.java
incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/Signature.java
incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/SignatureOptions.java
incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/xmlsec/XmlSignature.java
incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/xmlsec/XmlSignatureOptions.java
incubator/abdera/java/trunk/security/src/test/java/org/apache/abdera/test/security/DigitalSignatureTest.java
Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/AbderaSecurity.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/AbderaSecurity.java?view=diff&rev=471019&r1=471018&r2=471019
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/AbderaSecurity.java (original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/AbderaSecurity.java Fri Nov 3 14:27:46 2006
@@ -21,6 +21,10 @@
import org.apache.abdera.util.AbderaConfiguration;
import org.apache.abdera.util.ServiceUtil;
+/**
+ * The AbderaSecurity class provides the entry point for using XML Digital
+ * Signatures and XML Encryption with Abdera.
+ */
public class AbderaSecurity {
private final Abdera abdera;
@@ -45,6 +49,9 @@
return abdera;
}
+ /**
+ * Acquire a new XML Encryption provider instance
+ */
public Encryption newEncryption() {
return
(Encryption) ServiceUtil.newInstance(
@@ -53,10 +60,16 @@
getAbdera());
}
+ /**
+ * Acquire a shared XML Encryption provider instance
+ */
public Encryption getEncryption() {
return encryption;
}
+ /**
+ * Acquire a new XML Digital Signature provider instance
+ */
public Signature newSignature() {
return
(Signature) ServiceUtil.newInstance(
@@ -65,6 +78,9 @@
getAbdera());
}
+ /**
+ * Acquire a shared XML Digital Signature provider instance
+ */
public Signature getSignature() {
return signature;
}
Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/Encryption.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/Encryption.java?view=diff&rev=471019&r1=471018&r2=471019
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/Encryption.java (original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/Encryption.java Fri Nov 3 14:27:46 2006
@@ -19,14 +19,44 @@
import org.apache.abdera.model.Document;
+/**
+ * Interface used for encrypting/decrypting Abdera documents.
+ */
public interface Encryption {
- Document encrypt(Document doc, EncryptionOptions options) throws SecurityException;
+ /**
+ * Encrypt the document using the specified options
+ * @param doc The document to encrypt
+ * @param options The encryption options
+ * @returns The encrypted document
+ * @throws org.apache.abdera.security.SecurityException if the encryption failed
+ */
+ Document encrypt(
+ Document doc,
+ EncryptionOptions options)
+ throws SecurityException;
- Document decrypt(Document doc, EncryptionOptions options) throws SecurityException;
+ /**
+ * Decrypt the document using the specified options
+ * @param doc The document to decrypt
+ * @param options The decryption options
+ * @returns The decrypted document
+ * @throws org.apache.abdera.security.SecurityException if the decryption failed
+ */
+ Document decrypt(
+ Document doc,
+ EncryptionOptions options)
+ throws SecurityException;
+ /**
+ * Returns true if this specified document has been encrypted
+ */
boolean isEncrypted(Document doc) throws SecurityException;
+ /**
+ * Returns the default encryption/decryption options
+ * @see org.apache.abdera.security.EncryptionOptions
+ */
EncryptionOptions getDefaultEncryptionOptions();
}
Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/EncryptionOptions.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/EncryptionOptions.java?view=diff&rev=471019&r1=471018&r2=471019
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/EncryptionOptions.java (original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/EncryptionOptions.java Fri Nov 3 14:27:46 2006
@@ -19,27 +19,66 @@
import java.security.Key;
+/**
+ * Provides access to the information necessary to encrypt or decrypt a document
+ */
public interface EncryptionOptions
extends SecurityOptions {
+ /**
+ * Return the secret key used to encrypt/decrypt the document content
+ */
Key getDataEncryptionKey();
+ /**
+ * Set the secret key used to encrypt/decrypt the document content
+ */
void setDataEncryptionKey(Key key);
+ /**
+ * Return the secret key used to encrypt/decrypt the data encryption key
+ */
Key getKeyEncryptionKey();
+ /**
+ * Set the secret key used to encrypt/decrypt the data encryption key
+ */
void setKeyEncryptionKey(Key key);
+ /**
+ * Return the cipher algorithm used to decrypt/encrypt the data encryption key
+ * The default is "http://www.w3.org/2001/04/xmlenc#kw-aes128"
+ */
String getKeyCipherAlgorithm();
+ /**
+ * Set the cipher algorithm used to decrypt/encrypt the data encryption key
+ * The default is "http://www.w3.org/2001/04/xmlenc#kw-aes128"
+ */
void setKeyCipherAlgorithm(String alg);
+ /**
+ * Return the cipher algorithm used to decrypt/encrypt the document content
+ * The default is "http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+ */
String getDataCipherAlgorithm();
+ /**
+ * Set the cipher algorithm used to decyrpt/encrypt the document content
+ * The default is "http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+ */
void setDataCipherAlgorithm(String alg);
+ /**
+ * Return true if the encryption should include information about the key
+ * The default is false
+ */
boolean includeKeyInfo();
+ /**
+ * Set whether the encryption should include information about the key
+ * The default is false
+ */
void setIncludeKeyInfo(boolean includeKeyInfo);
}
Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/SecurityOptions.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/SecurityOptions.java?view=diff&rev=471019&r1=471018&r2=471019
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/SecurityOptions.java (original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/SecurityOptions.java Fri Nov 3 14:27:46 2006
@@ -19,6 +19,9 @@
import org.apache.abdera.parser.Parser;
+/**
+ * Base interface for EncryptionOptions and SignatureOptions
+ */
public interface SecurityOptions {
Parser getParser();
Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/Signature.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/Signature.java?view=diff&rev=471019&r1=471018&r2=471019
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/Signature.java (original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/Signature.java Fri Nov 3 14:27:46 2006
@@ -21,16 +21,35 @@
import org.apache.abdera.model.Element;
+/**
+ * Interface used for digitally signing and verifying Abdera elements
+ */
public interface Signature {
+ /**
+ * Return true if the element has been digitally signed
+ */
<T extends Element>boolean isSigned(T element) throws SecurityException;
+ /**
+ * Adds a digital signature to the specified element
+ */
<T extends Element>T sign(T element, SignatureOptions options) throws SecurityException;
+ /**
+ * Verifies that the digitally signed element is valid
+ */
<T extends Element>boolean verify(T element, SignatureOptions options) throws SecurityException;
+ /**
+ * Returns a listing of X.509 certificates of valid digital signatures in the element
+ */
<T extends Element>X509Certificate[] getValidSignatureCertificates(T element, SignatureOptions options) throws SecurityException;
+ /**
+ * Returns the default signing options
+ * @see org.apache.abdera.security.SignatureOptions
+ */
SignatureOptions getDefaultSignatureOptions() throws SecurityException;
}
Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/SignatureOptions.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/SignatureOptions.java?view=diff&rev=471019&r1=471018&r2=471019
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/SignatureOptions.java (original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/SignatureOptions.java Fri Nov 3 14:27:46 2006
@@ -20,16 +20,34 @@
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
+/**
+ * Provides access to the information necessary to signed an Abdera element
+ */
public interface SignatureOptions
extends SecurityOptions {
+ /**
+ * Return the private key with which to sign the element
+ */
PrivateKey getSigningKey();
+ /**
+ * Set the private key with which to sign the element
+ */
void setSigningKey(PrivateKey privateKey);
+ /**
+ * Return the X.509 cert to associated with the signature
+ */
X509Certificate getCertificate();
+ /**
+ * Set the X.509 cert to associate with the signature
+ */
void setCertificate(X509Certificate cert);
+ void addReference(String href);
+
+ String[] getReferences();
}
Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/xmlsec/XmlSignature.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/xmlsec/XmlSignature.java?view=diff&rev=471019&r1=471018&r2=471019
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/xmlsec/XmlSignature.java (original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/xmlsec/XmlSignature.java Fri Nov 3 14:27:46 2006
@@ -77,6 +77,8 @@
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
sig.addDocument("", transforms, org.apache.xml.security.utils.Constants.ALGO_ID_DIGEST_SHA1);
+ String[] refs = options.getReferences();
+ for (String ref : refs) sig.addDocument(ref);
sig.addKeyInfo(cert);
sig.addKeyInfo(cert.getPublicKey());
sig.sign(signingKey);
Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/xmlsec/XmlSignatureOptions.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/xmlsec/XmlSignatureOptions.java?view=diff&rev=471019&r1=471018&r2=471019
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/xmlsec/XmlSignatureOptions.java (original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/xmlsec/XmlSignatureOptions.java Fri Nov 3 14:27:46 2006
@@ -19,6 +19,8 @@
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
import org.apache.abdera.Abdera;
import org.apache.abdera.security.SignatureOptions;
@@ -27,13 +29,15 @@
extends XmlSecurityOptions
implements SignatureOptions {
+ private PrivateKey signingKey = null;
+ private X509Certificate cert = null;
+ private List<String> references = null;
+
protected XmlSignatureOptions(Abdera abdera) {
super(abdera);
+ references = new ArrayList<String>();
}
- private PrivateKey signingKey = null;
- private X509Certificate cert = null;
-
public PrivateKey getSigningKey() {
return signingKey;
}
@@ -48,6 +52,14 @@
public void setCertificate(X509Certificate cert) {
this.cert = cert;
+ }
+
+ public void addReference(String href) {
+ if (!references.contains(href)) references.add(href);
+ }
+
+ public String[] getReferences() {
+ return references.toArray(new String[references.size()]);
}
}
Modified: incubator/abdera/java/trunk/security/src/test/java/org/apache/abdera/test/security/DigitalSignatureTest.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/test/java/org/apache/abdera/test/security/DigitalSignatureTest.java?view=diff&rev=471019&r1=471018&r2=471019
==============================================================================
--- incubator/abdera/java/trunk/security/src/test/java/org/apache/abdera/test/security/DigitalSignatureTest.java (original)
+++ incubator/abdera/java/trunk/security/src/test/java/org/apache/abdera/test/security/DigitalSignatureTest.java Fri Nov 3 14:27:46 2006
@@ -83,6 +83,7 @@
SignatureOptions options = sig.getDefaultSignatureOptions();
options.setCertificate(cert);
options.setSigningKey(signingKey);
+ options.addReference("http://example.org");
// Sign the entry
entry = sig.sign(entry, options);