Package com.helger.phase4.crypto
Class AS4SigningParams
java.lang.Object
com.helger.phase4.crypto.AS4SigningParams
- All Implemented Interfaces:
com.helger.commons.lang.ICloneable<AS4SigningParams>
@NotThreadSafe
public class AS4SigningParams
extends Object
implements com.helger.commons.lang.ICloneable<AS4SigningParams>
AS4 signing parameters
- Since:
- 0.9.0
- Author:
- Philip Helger
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidcloneTo(AS4SigningParams aTarget) static AS4SigningParamsfinal ECryptoAlgorithmC14Nfinal ECryptoAlgorithmSigngetClone()final ECryptoKeyIdentifierTypefinal Providerfinal Providerfinal booleanbooleanfinal booleanfinal AS4SigningParamssetAlgorithmC14N(ECryptoAlgorithmC14N eAlgorithmC14N) Set the canonicalization algorithm to be used.final AS4SigningParamssetAlgorithmSign(ECryptoAlgorithmSign eAlgorithmSign) A signing algorithm can be set.final AS4SigningParamssetAlgorithmSignDigest(ECryptoAlgorithmSignDigest eAlgorithmSignDigest) A signing digest algorithm can be set.final AS4SigningParamssetFromPMode(PModeLegSecurity aSecurity) This method callssetAlgorithmSign(ECryptoAlgorithmSign)andsetAlgorithmSignDigest(ECryptoAlgorithmSignDigest)based on the PMode parameters.final AS4SigningParamssetKeyIdentifierType(ECryptoKeyIdentifierType eKeyIdentifierType) Set the key identifier type to use.final AS4SigningParamssetSecurityProvider(Provider aSecurityProvider) Set the security provider to be used for signing and verification.final AS4SigningParamssetSecurityProviderSign(Provider aSecurityProviderSign) Set the security provider to be used for signing (not for verification).final AS4SigningParamssetSecurityProviderVerify(Provider aSecurityProviderVerify) Set the security provider to be used for verification (not for signing).final AS4SigningParamssetUseSingleCertificate(boolean bUseSingleCertificate) Set the Binary Security Token value type.final AS4SigningParamstoString()
-
Field Details
-
DEFAULT_KEY_IDENTIFIER_TYPE
-
DEFAULT_USE_SINGLE_CERTIFICATE
public static final boolean DEFAULT_USE_SINGLE_CERTIFICATE- See Also:
-
-
Constructor Details
-
AS4SigningParams
public AS4SigningParams()
-
-
Method Details
-
isSigningEnabled
public boolean isSigningEnabled()- Returns:
trueif signing is enabled,falseif not
-
getKeyIdentifierType
- Returns:
- The key identifier type. May not be
null. - Since:
- 0.11.0
-
setKeyIdentifierType
@Nonnull public final AS4SigningParams setKeyIdentifierType(@Nonnull ECryptoKeyIdentifierType eKeyIdentifierType) Set the key identifier type to use. That defines how the information about the signing certificate is transmitted.- Parameters:
eKeyIdentifierType- The key identifier type to use. May not benull.- Returns:
- this for chaining
- Since:
- 0.11.0
-
getAlgorithmSign
- Returns:
- The signing algorithm to use. May be
null.
-
setAlgorithmSign
@Nonnull public final AS4SigningParams setAlgorithmSign(@Nullable ECryptoAlgorithmSign eAlgorithmSign) A signing algorithm can be set.
MANDATORY if you want to use sign.
Also @seesetAlgorithmSignDigest(ECryptoAlgorithmSignDigest)- Parameters:
eAlgorithmSign- the signing algorithm that should be set- Returns:
- this for chaining
-
getAlgorithmSignDigest
- Returns:
- The signing digest algorithm to use. May be
null.
-
setAlgorithmSignDigest
@Nonnull public final AS4SigningParams setAlgorithmSignDigest(@Nullable ECryptoAlgorithmSignDigest eAlgorithmSignDigest) A signing digest algorithm can be set.
MANDATORY if you want to use sign.
Also @seesetAlgorithmSign(ECryptoAlgorithmSign)- Parameters:
eAlgorithmSignDigest- the signing digest algorithm that should be set- Returns:
- this for chaining
-
getAlgorithmC14N
- Returns:
- The canonicalization algorithm to use. Never
null. - Since:
- 0.10.6
-
setAlgorithmC14N
@Nonnull public final AS4SigningParams setAlgorithmC14N(@Nonnull ECryptoAlgorithmC14N eAlgorithmC14N) Set the canonicalization algorithm to be used. By default "Exclusive without comments" is used as suggested by the WS Security SOAP Message Security Version 1.1.1 spec, chapter 8.1.
Source: http://docs.oasis-open.org/wss-m/wss/v1.1.1/wss-SOAPMessageSecurity-v1.1.1.doc- Parameters:
eAlgorithmC14N- the canonicalization algorithm that should be set. May not benull.- Returns:
- this for chaining
- Since:
- 0.10.6
-
getSecurityProviderSign
- Returns:
- The security provider for signing (not for verification) to be
used. May be
null. - Since:
- 2.4.0
-
setSecurityProviderSign
@Nonnull public final AS4SigningParams setSecurityProviderSign(@Nullable Provider aSecurityProviderSign) Set the security provider to be used for signing (not for verification).- Parameters:
aSecurityProviderSign- The security provider to be used. May benull.- Returns:
- this for chaining
- Since:
- 2.4.0
-
getSecurityProviderVerify
- Returns:
- The security provider for verification (not for signing) to be
used. May be
null. - Since:
- 2.4.0
-
setSecurityProviderVerify
@Nonnull public final AS4SigningParams setSecurityProviderVerify(@Nullable Provider aSecurityProviderVerify) Set the security provider to be used for verification (not for signing).- Parameters:
aSecurityProviderVerify- The security provider to be used. May benull.- Returns:
- this for chaining
- Since:
- 2.4.0
-
setSecurityProvider
Set the security provider to be used for signing and verification.- Parameters:
aSecurityProvider- The security provider to be used. May benull.- Returns:
- this for chaining
- Since:
- 2.1.3
-
isUseSingleCertificate
public final boolean isUseSingleCertificate()- Returns:
trueto use the BST ValueType "#X509v3",falseto use the BST value type "#X509PKIPathv1".- Since:
- 2.1.5
-
setUseSingleCertificate
Set the Binary Security Token value type. The default is true.- Parameters:
bUseSingleCertificate-truemaps to "#X509v3" (e.g. for Peppol) andfalsemaps to "#X509PKIPathv1".- Returns:
- this for chaining
- Since:
- 2.1.5
-
getWSSecSignatureCustomizer
-
hasWSSecSignatureCustomizer
public final boolean hasWSSecSignatureCustomizer() -
setWSSecSignatureCustomizer
@Nonnull public final AS4SigningParams setWSSecSignatureCustomizer(@Nullable IWSSecSignatureCustomizer a) -
setFromPMode
This method callssetAlgorithmSign(ECryptoAlgorithmSign)andsetAlgorithmSignDigest(ECryptoAlgorithmSignDigest)based on the PMode parameters. If the PMode parameter isnullboth values will be set tonull.- Parameters:
aSecurity- The PMode security stuff to use. May benull.- Returns:
- this for chaining
-
cloneTo
-
getClone
- Specified by:
getClonein interfacecom.helger.commons.lang.ICloneable<AS4SigningParams>
-
toString
-
createDefault
- Returns:
- A non-
nullAS4SigningParamsobject with default values assigned. - See Also:
-