|
XML Security, 1.6 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface EngineFactory
This is a factory interface for pluggable XML-Signature/XML-Encryption algorithms.
SignatureEngine
, MessageDigest
,
EncryptionEngine
, or KeyGenerationEngine
.
You may define their constructors at your discretion.
Each of getURI()
methods of *Engine
interfaces
should return its own identifier URI decidec at the step 1.
EngineFactory
.
It is the master EngineFactory
used in the platform.
public class EngineFactoryImpl implements EngineFactory { public EngineFactoryImpl(EngineFactory master) { ....
SignatureEngine
,
return an instance of your implementation class of SignatureEngine
in the getSignatureEngine()
if the specified URI matches to
your algorithm URI. If the URI does not match, throw NoSuchAlgorithmException
.
getSomeEngine()
methods like the above.
If you have no implementation class for getSomeEngine()
,
the method simply throw NoSuchAlgorithmException
.
public SignatureEngine getSignatureEngine(String uri) throws NoSuchAlgorithmException { if (MY_ALGORITHM_URI.equals(uri)) { SignatureEngine engine = new SignatureEngineImpl(...); return engine; } throw NoSuchAlgorithmException(uri); } public EncryptionEngine getEncryptionEngine(String uri) throws NoSuchAlgorithmException { throw NoSuchAlgorithmException(uri); }
getSomeAlgorithms
methods so that they return
the list of the supported algorithms by your factory.
If they have no algorithms to be supported, these methods simply return null.
public Set getSignatureAlgorithms() { Set supportedSignature = new HashSet(); supportedSignature.add(MY_ALGORITHM_URI); return supportedSignature; } public Set getDataEncryptionAlgorithms() { return null; }
releaseSomeEngine()
methods so that they return
true
if instances generated by your factory are specified.
public boolean releaseSignatureEngine(SignatureEngine eng) { if (MY_ALGORITHM_URI.equals(eng.getURI()) return true; return false; } public boolean releaseEncryptionEngine(EncryptionEngine eng) { return false; }
unmarshalParameter()
method. The method is called to
generate an AlgorithmParameterSpec
from an element in XML-Signature
or XML-Encryption document.
public AlgorithmParameterSpec unmarshalParameter(String uri, Element el) throws ... { if (MY_ALGORITHM_URI.equals(uri)) { // Analyze DOM tree, and create an instance of // subclass of AlgorithmParameterSpec. You have to define the subclass // so that your algorithm implementation can understand it. ... return new MyAlgorithmParameterSpec(...); // if your algorithm need no parameter, return null. // return null; } throw new NoSuchAlgorithmException(uri); }
convertParameter()
method. The method is called
to generate an AlgorithmParameterSpec
from key-value pairs
in a configuration.
public AlgorithmParameterSpec convertParameter(String uri, Map props) throws ... { if (MY_ALGORITHM_URI.equals(uri)) { // Analyze props, and create an instance of // subclass of AlgorithmParameterSpec. You have to define the subclass // so that your algorithm implementation can understand it. ... return new MyAlgorithmParameterSpec(...); // if your algorithm need no parameter, return null. // return null; } throw new NoSuchAlgorithmException(uri); }
marshalPaameter()
method. The method is called
to serialize an AlgorithmParameterSpec
to a DOM tree.
public void marshalParameter(String uri, AlgorithmParameterSpec spec, Element el) throws ... { if (MY_ALGORITHM_URI.equals(uri)) { MyAlgorithmParameterSpec mySpec; mySpec = (MyAlgorithmParameterSpec)spec; // Reverse conversion of unmarshalParameter() // spec may be null. ... return; } throw new NoSuchAlgorithmException(uri); }
EngineFactory
class name in a configuration.
An isntance of EngineFactory
may be accessed by multiple threads.
If your EngineFactory
has some data such as instance pool,
appropriate synchronization is needed to protect the data.
An EngineFactory
may reuse released algorithm instances.
For example, releaseEncryptionEngine()
method puts the
specified instance into a pool, and getEncryptionEngine()
dips
up the instance from the pool and returns the instance.
Method Summary | |
---|---|
java.security.spec.AlgorithmParameterSpec |
convertParameter(java.lang.String uri,
java.util.Map properties)
Convert algorithm parameters from properties form to AlgorithmParameterSpec form. |
java.util.Set |
getDataEncryptionAlgorithms()
Return a set of the supported data encryption algorithms by a factory implementation. |
java.util.Set |
getDigestAlgorithms()
Return a set of the supported digest algorithms by a factory implementation. |
EncryptionEngine |
getEncryptionEngine(java.lang.String uri)
Return an instance of EncryptionEngine implementation which handles
the algorithm specified by uri. |
java.util.Set |
getKeyEncryptionAlgorithms()
Return a set of the supported key encryption algorithms by a factory implementation. |
KeyGenerationEngine |
getKeyGenerationEngine(java.lang.String uri,
java.lang.String type)
Return an instance of KeyGenerationEngine implementation which handles
the algorithm specified by uri. |
java.security.MessageDigest |
getMessageDigest(java.lang.String uri,
java.security.spec.AlgorithmParameterSpec spec)
Return an instance of MessageDigest implementation which handles
the algorithm specified by uri. |
java.util.Set |
getSignatureAlgorithms()
Return a set of the supported signature algorithms by a factory implementation. |
SignatureEngine |
getSignatureEngine(java.lang.String uri)
Return an instance of SignatureEngine implementation which handles
the algorithm specified by uri. |
void |
marshalParameter(java.lang.String uri,
java.security.spec.AlgorithmParameterSpec spec,
org.w3c.dom.Element el)
Marshal the specified spec under the el element. |
boolean |
releaseEncryptionEngine(EncryptionEngine eng)
This method is called when XML-Signature/XML-Encryption processors finish to use the specified engine instance. |
boolean |
releaseKeyGenerationEngine(KeyGenerationEngine eng)
This method is called when XML-Signature/XML-Encryption processors finish to use the specified engine instance. |
boolean |
releaseMessageDigest(java.lang.String uri,
java.security.MessageDigest d)
This method is called when XML-Signature/XML-Encryption processors finish to use the specified engine instance. |
boolean |
releaseSignatureEngine(SignatureEngine eng)
This method is called when XML-Signature/XML-Encryption processors finish to use the specified engine instance. |
java.security.spec.AlgorithmParameterSpec |
unmarshalParameter(java.lang.String uri,
org.w3c.dom.Element el)
Generate AlgorithmParameterSpec for uri from specified DOM element. |
Method Detail |
---|
SignatureEngine getSignatureEngine(java.lang.String uri) throws java.security.NoSuchAlgorithmException
SignatureEngine
implementation which handles
the algorithm specified by uri. A factory implementation
may return a cached SignatureEngine instance, and MUST call
SignatureEngine.setParameter()
.
- Parameters:
uri
- Algorithm identifier
- Returns:
- An instance of implementation class of
SignatureEngine
interface.
It supports the algorithm specified by uri
- Throws:
java.security.NoSuchAlgorithmException
- This factory implementation does not support the specified URI.
java.security.InvalidAlgorithmParameterException
- Invalid AlgorithmParameterSpec
is specified.
java.security.MessageDigest getMessageDigest(java.lang.String uri, java.security.spec.AlgorithmParameterSpec spec) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException
MessageDigest
implementation which handles
the algorithm specified by uri. A factory implementation
may return a cached MessageDigest
instance.
uri
- Algorithm identifierspec
- An isntance of algorithm-specific sub-class of
AlgorithmParameterSpec
. It may be null
.
MessageDigest
interface.
It supports the algorithm specified by uri
java.security.NoSuchAlgorithmException
- This factory implementation does not support the specified URI.
java.security.InvalidAlgorithmParameterException
- Invalid AlgorithmParameterSpec
is specified.EncryptionEngine getEncryptionEngine(java.lang.String uri) throws java.security.NoSuchAlgorithmException
EncryptionEngine
implementation which handles
the algorithm specified by uri. A factory implementation
may return a cached EncryptionEngine
instance.
uri
- Algorithm identifier
EncryptionEngine
interface.
It supports the algorithm specified by uri
java.security.NoSuchAlgorithmException
- This factory implementation does not support the specified URI.KeyGenerationEngine getKeyGenerationEngine(java.lang.String uri, java.lang.String type) throws java.security.NoSuchAlgorithmException
KeyGenerationEngine
implementation which handles
the algorithm specified by uri. A factory implementation
may return a cached KeyGenerationEngine
instance.
uri
- Algorithm identifiertype
- Type identifier specified as enc:EncryptedKey/@Type.
This may be null
.
KeyGenerationEngine
interface.
It supports the algorithm specified by uri
java.security.NoSuchAlgorithmException
- This factory implementation does not support the specified URI.java.util.Set getSignatureAlgorithms()
String
s representing the supported
signature algorithms.
If there is no algorithms to be supported, return null.java.util.Set getDigestAlgorithms()
String
s representing the supported
digest algorithms.
If there is no algorithms to be supported, return null.java.util.Set getDataEncryptionAlgorithms()
String
s representing the supported
data encryption algorithms.
If there is no algorithms to be supported, return null.java.util.Set getKeyEncryptionAlgorithms()
String
s representing the supported
key encryption algorithms.
If there is no algorithms to be supported, return null.boolean releaseSignatureEngine(SignatureEngine eng)
eng
- An instance which is not used anymore.
EngineFactory
.boolean releaseMessageDigest(java.lang.String uri, java.security.MessageDigest d)
uri
- Algorithm identifiereng
- An instance which is not used anymore.
EngineFactory
.boolean releaseEncryptionEngine(EncryptionEngine eng)
eng
- An instance which is not used anymore.
EngineFactory
.boolean releaseKeyGenerationEngine(KeyGenerationEngine eng)
eng
- An instance which is not used anymore.
EngineFactory
.java.security.spec.AlgorithmParameterSpec unmarshalParameter(java.lang.String uri, org.w3c.dom.Element el) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException
uri
- Algorithm identifierel
- An element representing <ds:SingatureMethod>,
<ds:DigestMethod>,
or <enc:EncryptionMethod>.
java.security.NoSuchAlgorithmException
- This factory implementation does not support the specified URI.
java.security.InvalidAlgorithmParameterException
- Parameters in el is invalid.java.security.spec.AlgorithmParameterSpec convertParameter(java.lang.String uri, java.util.Map properties) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException
AlgorithmParameterSpec
form.
uri
- Algorithm identifierproperties
- String => String map specified in a configuration.
It may be null
.
AlgorithmParameterSpec
.
It may be null
.
java.security.NoSuchAlgorithmException
- This factory implementation does not support the specified URI.
java.security.InvalidAlgorithmParameterException
- Invalid AlgorithmParameterSpec
is specified.void marshalParameter(java.lang.String uri, java.security.spec.AlgorithmParameterSpec spec, org.w3c.dom.Element el) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException
uri
- Algorithm identifierspec
- Algorithm parameter to be marshalled. It may be null
.el
- An element representing <ds:SingatureMethod>,
<ds:DigestMethod>,
or <enc:EncryptionMethod>.
java.security.NoSuchAlgorithmException
- This factory implementation does not support the specified URI.
java.security.InvalidAlgorithmParameterException
- Invalid AlgorithmParameterSpec
is specified.
|
XML Security, 1.6 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |