public final class CryptoCoverageUtil extends Object
Modifier and Type | Class and Description |
---|---|
static class |
CryptoCoverageUtil.CoverageScope
Differentiates which part of an element to check for cryptographic coverage.
|
static class |
CryptoCoverageUtil.CoverageType
Differentiates which type of cryptographic coverage to check for.
|
Modifier and Type | Method and Description |
---|---|
static void |
checkAttachmentsCoverage(Collection<Attachment> attachments,
Collection<org.apache.wss4j.dom.WSDataRef> refs,
CryptoCoverageUtil.CoverageType type,
CryptoCoverageUtil.CoverageScope scope) |
static void |
checkBodyCoverage(Element soapBody,
Collection<org.apache.wss4j.dom.WSDataRef> refs,
CryptoCoverageUtil.CoverageType type,
CryptoCoverageUtil.CoverageScope scope)
Checks that the references provided refer to the
signed/encrypted SOAP body element.
|
static void |
checkCoverage(Element soapEnvelope,
Collection<org.apache.wss4j.dom.WSDataRef> refs,
Map<String,String> namespaces,
Collection<String> xPaths,
CryptoCoverageUtil.CoverageType type,
CryptoCoverageUtil.CoverageScope scope)
Checks that the references provided refer to the required
signed/encrypted elements as defined by the XPath expressions in
xPaths . |
static void |
checkCoverage(Element soapEnvelope,
Collection<org.apache.wss4j.dom.WSDataRef> refs,
Map<String,String> namespaces,
String xPath,
CryptoCoverageUtil.CoverageType type,
CryptoCoverageUtil.CoverageScope scope)
Checks that the references provided refer to the required
signed/encrypted elements as defined by the XPath expression in
xPath . |
static void |
checkCoverage(Element soapEnvelope,
Collection<org.apache.wss4j.dom.WSDataRef> refs,
XPath xpath,
Collection<String> xPaths,
CryptoCoverageUtil.CoverageType type,
CryptoCoverageUtil.CoverageScope scope)
Checks that the references provided refer to the required
signed/encrypted elements as defined by the XPath expressions in
xPaths . |
static void |
checkHeaderCoverage(Element soapHeader,
Collection<org.apache.wss4j.dom.WSDataRef> refs,
String namespace,
String name,
CryptoCoverageUtil.CoverageType type,
CryptoCoverageUtil.CoverageScope scope)
Checks that the references provided refer to the required
signed/encrypted SOAP header element(s) matching the provided name and
namespace.
|
static void |
reconcileEncryptedSignedRefs(Collection<org.apache.wss4j.dom.WSDataRef> signedRefs,
Collection<org.apache.wss4j.dom.WSDataRef> encryptedRefs)
Inspects the signed and encrypted content in the message and accurately
resolves encrypted and then signed elements in
signedRefs . |
public static void reconcileEncryptedSignedRefs(Collection<org.apache.wss4j.dom.WSDataRef> signedRefs, Collection<org.apache.wss4j.dom.WSDataRef> encryptedRefs)
signedRefs
.
Entries in signedRefs
that correspond to an encrypted element
are resolved to the decrypted element and added to signedRefs
.
The original reference to the encrypted content remains unaltered in the
list to allow for matching against a requirement that xenc:EncryptedData
and xenc:EncryptedKey elements be signed.signedRefs
- references to the signed content in the messageencryptedRefs
- references to the encrypted content in the messagepublic static void checkBodyCoverage(Element soapBody, Collection<org.apache.wss4j.dom.WSDataRef> refs, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) throws org.apache.wss4j.common.ext.WSSecurityException
soapBody
- the SOAP body elementrefs
- the refs to the data extracted from the signature/encryptiontype
- the type of cryptographic coverage to check forscope
- the scope of the cryptographic coverage to check for, defaults
to elementorg.apache.wss4j.common.ext.WSSecurityException
- if there is an error evaluating the coverage or the body is not
covered by the signature/encryption.public static void checkAttachmentsCoverage(Collection<Attachment> attachments, Collection<org.apache.wss4j.dom.WSDataRef> refs, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) throws org.apache.wss4j.common.ext.WSSecurityException
org.apache.wss4j.common.ext.WSSecurityException
public static void checkHeaderCoverage(Element soapHeader, Collection<org.apache.wss4j.dom.WSDataRef> refs, String namespace, String name, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) throws org.apache.wss4j.common.ext.WSSecurityException
name
is null, all headers from namespace
are inspected for coverage.soapHeader
- the SOAP header elementrefs
- the refs to the data extracted from the signature/encryptionnamespaces
- the namespace of the header(s) to check for coveragename
- the local part of the header name to check for coverage, may be nulltype
- the type of cryptographic coverage to check forscope
- the scope of the cryptographic coverage to check for, defaults
to elementorg.apache.wss4j.common.ext.WSSecurityException
- if there is an error evaluating the coverage or a header is not
covered by the signature/encryption.public static void checkCoverage(Element soapEnvelope, Collection<org.apache.wss4j.dom.WSDataRef> refs, Map<String,String> namespaces, String xPath, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) throws org.apache.wss4j.common.ext.WSSecurityException
xPath
.soapEnvelope
- the SOAP Envelope elementrefs
- the refs to the data extracted from the signature/encryptionnamespaces
- the prefix to namespace mapping, may be null
xPath
- the XPath expressiontype
- the type of cryptographic coverage to check forscope
- the scope of the cryptographic coverage to check for, defaults
to elementorg.apache.wss4j.common.ext.WSSecurityException
- if there is an error evaluating an XPath or an element is not
covered by the signature/encryption.public static void checkCoverage(Element soapEnvelope, Collection<org.apache.wss4j.dom.WSDataRef> refs, Map<String,String> namespaces, Collection<String> xPaths, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) throws org.apache.wss4j.common.ext.WSSecurityException
xPaths
.soapEnvelope
- the SOAP Envelope elementrefs
- the refs to the data extracted from the signature/encryptionnamespaces
- the prefix to namespace mapping, may be null
xPaths
- the collection of XPath expressionstype
- the type of cryptographic coverage to check forscope
- the scope of the cryptographic coverage to check for, defaults
to elementorg.apache.wss4j.common.ext.WSSecurityException
- if there is an error evaluating an XPath or an element is not
covered by the signature/encryption.public static void checkCoverage(Element soapEnvelope, Collection<org.apache.wss4j.dom.WSDataRef> refs, XPath xpath, Collection<String> xPaths, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) throws org.apache.wss4j.common.ext.WSSecurityException
xPaths
.org.apache.wss4j.common.ext.WSSecurityException
Apache CXF