org.apache.ws.security.message
Class WSSecDerivedKeyBase

java.lang.Object
  extended byorg.apache.ws.security.message.WSSecBase
      extended byorg.apache.ws.security.message.WSSecDerivedKeyBase
Direct Known Subclasses:
WSSecDKEncrypt, WSSecDKSign

public abstract class WSSecDerivedKeyBase
extends WSSecBase

Base class for DerivedKey encryption and signature

Author:
Ruchith Fernando (ruchith.fernando@gmail.com), Davanum Srinivas (dims@yahoo.com), Werner Dittmann (werner@apache.org)

Field Summary
protected  byte[] derivedKeyBytes
          Raw bytes of the derived key
protected  DerivedKeyToken dkt
          DerivedKeyToken of this builder
protected  java.lang.String dktId
          wsu:Id of the wsc:DerivedKeyToken
protected  org.w3c.dom.Document document
           
protected  org.w3c.dom.Element envelope
          soap:Envelope element
protected  byte[] ephemeralKey
          Session key used as the secret in key derivation
protected  org.w3c.dom.Element strElem
          The wsse:SecurityTokenReference element to be used
protected  java.lang.String tokenIdentifier
          The Token identifier of the token that the DerivedKeyToken is (or to be) derived from.
 
Fields inherited from class org.apache.ws.security.message.WSSecBase
doDebug, keyIdentifierType, parts, password, user, wssConfig
 
Constructor Summary
WSSecDerivedKeyBase()
           
 
Method Summary
protected abstract  int getDerivedKeyLength()
          The derived key will change depending on the sig/encr algorithm.
 java.lang.String getId()
          Get the id generated during prepare().
 java.lang.String getTokenIdentifier()
           
 void prepare(org.w3c.dom.Document doc, Crypto crypto)
          Initialize a WSSec Derived key.
 void prependDKElementToHeader(WSSecHeader secHeader)
          Prepend the DerivedKey element to the elements already in the Security header.
 void setExternalKey(byte[] ephemeralKey, org.w3c.dom.Element strElem)
           
 void setExternalKey(byte[] ephemeralKey, java.lang.String tokenIdentifier)
           
 
Methods inherited from class org.apache.ws.security.message.WSSecBase
getKeyIdentifierType, setBodyID, setKeyIdentifierType, setParts, setUserInfo, setWsConfig, setWsuId
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

document

protected org.w3c.dom.Document document

ephemeralKey

protected byte[] ephemeralKey
Session key used as the secret in key derivation


dkt

protected DerivedKeyToken dkt
DerivedKeyToken of this builder


derivedKeyBytes

protected byte[] derivedKeyBytes
Raw bytes of the derived key


dktId

protected java.lang.String dktId
wsu:Id of the wsc:DerivedKeyToken


envelope

protected org.w3c.dom.Element envelope
soap:Envelope element


tokenIdentifier

protected java.lang.String tokenIdentifier
The Token identifier of the token that the DerivedKeyToken is (or to be) derived from.


strElem

protected org.w3c.dom.Element strElem
The wsse:SecurityTokenReference element to be used

Constructor Detail

WSSecDerivedKeyBase

public WSSecDerivedKeyBase()
Method Detail

getDerivedKeyLength

protected abstract int getDerivedKeyLength()
                                    throws WSSecurityException
The derived key will change depending on the sig/encr algorithm. Therefore the child classes are expected to provide this value.

Returns:
Throws:
WSSecurityException

setExternalKey

public void setExternalKey(byte[] ephemeralKey,
                           java.lang.String tokenIdentifier)
Parameters:
ephemeralKey - The ephemeralKey to set.

setExternalKey

public void setExternalKey(byte[] ephemeralKey,
                           org.w3c.dom.Element strElem)
Parameters:
ephemeralKey - The ephemeralKey to set.

getTokenIdentifier

public java.lang.String getTokenIdentifier()
Returns:
Returns the tokenIdentifier.

getId

public java.lang.String getId()
Get the id generated during prepare(). Returns the the value of wsu:Id attribute of the DerivedKeyToken element.

Returns:
Return the wsu:Id of this token or null if prepare() was not called before.

prepare

public void prepare(org.w3c.dom.Document doc,
                    Crypto crypto)
             throws WSSecurityException
Initialize a WSSec Derived key. The method prepares and initializes a WSSec dereived key structure after the relevant information was set. This method also creates and initializes the derived token using the ephemeral key. After preparation references can be added, encrypted and signed as required.

This method does not add any element to the security header. This must be done explicitly.

Parameters:
doc - The unsigned SOAP envelope as Document
crypto - An instance of the Crypto API to handle keystore and certificates
Throws:
WSSecurityException

prependDKElementToHeader

public void prependDKElementToHeader(WSSecHeader secHeader)
Prepend the DerivedKey element to the elements already in the Security header. The method can be called any time after prepare(). This allows to insert the DereivedKey element at any position in the Security header.

Parameters:
secHeader - The security header that holds the Signature element.


Copyright © 2004-2008 Apache Web Services. All Rights Reserved.