1 /*
2 * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 package org.opensaml.xml.signature;
18
19 import org.opensaml.xml.util.XMLConstants;
20
21
22 /**
23 * Constants defined in or related to the XML Signature specification, version 20020112.
24 */
25 public class SignatureConstants {
26
27 /** Namespace URI defined by RFC 4051. */
28 public static final String MORE_ALGO_NS = "http://www.w3.org/2001/04/xmldsig-more#";
29
30
31 // *********************************************************
32 // Algorithm URI's
33 // *********************************************************
34
35 /** Signature - Required DSAwithSHA1 (DSS). */
36 public static final String ALGO_ID_SIGNATURE_DSA = XMLConstants.XMLSIG_NS + "dsa-sha1";
37
38 /** Signature - Recommended RSAwithSHA1 (PKCS1). */
39 public static final String ALGO_ID_SIGNATURE_RSA = XMLConstants.XMLSIG_NS + "rsa-sha1";
40
41 /** Signature - Recommended RSAwithSHA1 (PKCS1). */
42 public static final String ALGO_ID_SIGNATURE_RSA_SHA1 = ALGO_ID_SIGNATURE_RSA;
43
44 /** MAC - Required HMAC-SHA1. */
45 public static final String ALGO_ID_MAC_HMAC_SHA1 = XMLConstants.XMLSIG_NS + "hmac-sha1";
46
47 /** Digest - Required SHA1. */
48 public static final String ALGO_ID_DIGEST_SHA1 = XMLConstants.XMLSIG_NS + "sha1";
49
50 /** Encoding - Required Base64. */
51 public static final String ALGO_ID_ENCODING_BASE64 = XMLConstants.XMLSIG_NS + "base64";
52
53 // *********************************************************
54 // URI's representing types that may be dereferenced, such
55 // as in RetrievalMethod/@Type
56 // *********************************************************
57
58 /** Type - KeyInfo DSAKeyValue. */
59 public static final String TYPE_KEYINFO_DSA_KEYVALUE = XMLConstants.XMLSIG_NS + "DSAKeyValue";
60
61 /** Type - KeyInfo RSAKeyValue. */
62 public static final String TYPE_KEYINFO_RSA_KEYVALUE = XMLConstants.XMLSIG_NS + "RSAKeyValue";
63
64 /** Type - KeyInfo X509Data. */
65 public static final String TYPE_KEYINFO_X509DATA = XMLConstants.XMLSIG_NS + "X509Data";
66
67 /** Type - KeyInfo PGPData. */
68 public static final String TYPE_KEYINFO_PGPDATA = XMLConstants.XMLSIG_NS + "PGPData";
69
70 /** Type - KeyInfo SPKIData. */
71 public static final String TYPE_KEYINFO_SPKIDATA = XMLConstants.XMLSIG_NS + "SPKIData";
72
73 /** Type - KeyInfo MgmtData. */
74 public static final String TYPE_KEYINFO_MGMTDATA = XMLConstants.XMLSIG_NS + "MgmtData";
75
76 /** Type - A binary (ASN.1 DER) X.509 Certificate. */
77 public static final String TYPE_KEYINFO_RAW_X509CERT = XMLConstants.XMLSIG_NS + "rawX509Certificate";
78
79 /** Type - Signature Object. */
80 //public static final String TYPE_SIGNATURE_OBJECT = XMLConstants.XMLSIG_NS + "Object";
81
82 /** Type - Signature Manifest. */
83 //public static final String TYPE_SIGNATURE_MANIFEST = XMLConstants.XMLSIG_NS + "Manifest";
84
85 /** Type - Signature SignatureProperties. */
86 //public static final String TYPE_SIGNATURE_SIGNATURE_PROPERTIES = XMLConstants.XMLSIG_NS + "SignatureProperties";
87
88 // These are additional type URI's defined by RFC 4051
89
90 /** Type - KeyInfo KeyValue. */
91 public static final String TYPE_KEYINFO_KEYVALUE = MORE_ALGO_NS + "KeyValue";
92
93 /** Type - KeyInfo RetrievalMethod. */
94 public static final String TYPE_KEYINFO_RETRIEVAL_METHOD = MORE_ALGO_NS + "RetrievalMethod";
95
96 /** Type - KeyInfo KeyName. */
97 public static final String TYPE_KEYINFO_KEYNAME = MORE_ALGO_NS + "KeyName";
98
99 /** Type - A binary X.509 CRL. */
100 public static final String TYPE_KEYINFO_RAW_X509CRL = MORE_ALGO_NS + "rawX509CRL";
101
102 /** Type - A binary PGP key packet. */
103 public static final String TYPE_KEYINFO_RAW_PGP_KEYPACKET = MORE_ALGO_NS + "rawPGPKeyPacket";
104
105 /** Type - A raw SPKI S-expression. */
106 public static final String TYPE_KEYINFO_RAW_SPKI_SEXP = MORE_ALGO_NS + "rawSPKISexp";
107
108 /** Type - A PKCS7signedData element. */
109 public static final String TYPE_KEYINFO_PKCS7_SIGNED_DATA = MORE_ALGO_NS + "PKCS7signedData";
110
111 /** Type - Binary PKCS7 signed data. */
112 public static final String TYPE_KEYINFO_RAW_PKCS7_SIGNED_DATA = MORE_ALGO_NS + "rawPKCS7signedData";
113
114
115 // *********************************************************
116 // Canonicalization
117 // *********************************************************
118
119 /** Canonicalization - Inclusive WITHOUT comments. */
120 public static final String ALGO_ID_C14N_OMIT_COMMENTS = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
121
122 /** Canonicalization - Inclusive WITH comments. */
123 public static final String ALGO_ID_C14N_WITH_COMMENTS = ALGO_ID_C14N_OMIT_COMMENTS + "#WithComments";
124
125 /** Canonicalization - Exclusive WITHOUT comments. */
126 public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS = "http://www.w3.org/2001/10/xml-exc-c14n#";
127
128 /** Canonicalization - Exclusive WITH comments. */
129 public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS = ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments";
130
131
132 // *********************************************************
133 // Transforms
134 // *********************************************************
135
136 /** Transform - Required Enveloped Signature. */
137 public static final String TRANSFORM_ENVELOPED_SIGNATURE = XMLConstants.XMLSIG_NS + "enveloped-signature";
138
139 /** Transform - Required Inclusive c14n WITHOUT comments. */
140 public static final String TRANSFORM_C14N_OMIT_COMMENTS = ALGO_ID_C14N_OMIT_COMMENTS;
141
142 /** Transform - Recommended Inclusive c14n WITH comments. */
143 public static final String TRANSFORM_C14N_WITH_COMMENTS = ALGO_ID_C14N_WITH_COMMENTS;
144
145 /** Transform - Exclusive c14n WITHOUT comments. */
146 public static final String TRANSFORM_C14N_EXCL_OMIT_COMMENTS = ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
147
148 /** Transform - Exclusive c14n WITH comments. */
149 public static final String TRANSFORM_C14N_EXCL_WITH_COMMENTS = ALGO_ID_C14N_EXCL_WITH_COMMENTS;
150
151 /** Transform - Optional XSLT. */
152 public static final String TRANSFORM_XSLT = "http://www.w3.org/TR/1999/REC-xslt-19991116";
153
154 /** Transform - Recommended XPath. */
155 public static final String TRANSFORM_XPATH = "http://www.w3.org/TR/1999/REC-xpath-19991116";
156
157 /** Transform - Base64 Decode. */
158 public static final String TRANSFORM_BASE64_DECODE = XMLConstants.XMLSIG_NS + "base64";
159
160 /*
161 public static final String TRANSFORM_XPOINTER = "http://www.w3.org/TR/2001/WD-xptr-20010108";
162 public static final String TRANSFORM_XPATH2FILTER04 = "http://www.w3.org/2002/04/xmldsig-filter2";
163 public static final String TRANSFORM_XPATH2FILTER = "http://www.w3.org/2002/06/xmldsig-filter2";
164 */
165
166
167 // *********************************************************
168 // Some additional algorithm URI's from RFC 4051
169 // *********************************************************
170 /** Signature - NOT Recommended RSAwithMD5. */
171 public static final String ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5 = MORE_ALGO_NS + "rsa-md5";
172
173 /** Signature - Optional RSAwithRIPEMD160. */
174 public static final String ALGO_ID_SIGNATURE_RSA_RIPEMD160 = MORE_ALGO_NS + "rsa-ripemd160";
175
176 /** Signature - Optional RSAwithSHA256. */
177 public static final String ALGO_ID_SIGNATURE_RSA_SHA256 = MORE_ALGO_NS + "rsa-sha256";
178
179 /** Signature - Optional RSAwithSHA384. */
180 public static final String ALGO_ID_SIGNATURE_RSA_SHA384 = MORE_ALGO_NS + "rsa-sha384";
181
182 /** Signature - Optional RSAwithSHA512. */
183 public static final String ALGO_ID_SIGNATURE_RSA_SHA512 = MORE_ALGO_NS + "rsa-sha512";
184
185 /** HMAC - NOT Recommended HMAC-MD5. */
186 public static final String ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5 = MORE_ALGO_NS + "hmac-md5";
187
188 /** HMAC - Optional HMAC-RIPEMD160. */
189 public static final String ALGO_ID_MAC_HMAC_RIPEMD160 = MORE_ALGO_NS + "hmac-ripemd160";
190
191 /** HMAC - Optional HMAC-SHA256. */
192 public static final String ALGO_ID_MAC_HMAC_SHA256 = MORE_ALGO_NS + "hmac-sha256";
193
194 /** HMAC - Optional HMAC-SHA284. */
195 public static final String ALGO_ID_MAC_HMAC_SHA384 = MORE_ALGO_NS + "hmac-sha384";
196
197 /** HMAC - Optional HMAC-SHA512. */
198 public static final String ALGO_ID_MAC_HMAC_SHA512 = MORE_ALGO_NS + "hmac-sha512";
199
200 /** Signature - Optional ECDSAwithSHA1. */
201 public static final String ALGO_ID_SIGNATURE_ECDSA_SHA1 = MORE_ALGO_NS + "ecdsa-sha1";
202
203 /** Digest - Optional MD5. */
204 public static final String ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5 = MORE_ALGO_NS + "md5";
205
206 /** Digest - Optional SHA224. */
207 // Apache XML-Security doesn't support this
208 //public static final String ALGO_ID_DIGEST_SHA224 = MORE_ALGO_NS + "sha224";
209
210 /** Digest - Optional SHA384. */
211 public static final String ALGO_ID_DIGEST_SHA384 = MORE_ALGO_NS + "sha384";
212
213 }