--- apiVersion: v1 kind: List items: - apiVersion: v1 kind: ConfigMap metadata: labels: funktion.fabric8.io/kind: Connector provider: fabric8 project: connector-xmlsecurity version: 1.1.20 group: io.fabric8.funktion.connector name: xmlsecurity data: deployment.yml: | --- apiVersion: extensions/v1beta1 kind: Deployment metadata: labels: funktion.fabric8.io/kind: Subscription connector: xmlsecurity spec: replicas: 1 template: metadata: labels: funktion.fabric8.io/kind: Subscription connector: xmlsecurity spec: containers: - image: fabric8/connector-xmlsecurity:1.1.20 name: connector schema.yml: | --- component: kind: component scheme: xmlsecurity syntax: xmlsecurity:command:name title: XML Security description: Used to sign and verify exchanges using the XML signature specification. label: security,transformation deprecated: false async: false producerOnly: true javaType: org.apache.camel.component.xmlsecurity.XmlSignatureComponent groupId: org.apache.camel artifactId: camel-xmlsecurity version: 2.18.1 componentProperties: signerConfiguration: kind: property type: object javaType: org.apache.camel.component.xmlsecurity.processor.XmlSignerConfiguration deprecated: false secret: false description: To use a shared XmlSignerConfiguration configuration to use as base for configuring endpoints. verifierConfiguration: kind: property type: object javaType: org.apache.camel.component.xmlsecurity.processor.XmlVerifierConfiguration deprecated: false secret: false description: To use a shared XmlVerifierConfiguration configuration to use as base for configuring endpoints. properties: command: kind: path group: producer required: true type: string javaType: org.apache.camel.component.xmlsecurity.XmlCommand enum: - sign - verify deprecated: false secret: false description: Whether to sign or verify. name: kind: path group: producer required: true type: string javaType: java.lang.String deprecated: false secret: false description: The name part in the URI can be chosen by the user to distinguish between different signer/verifier endpoints within the camel context. baseUri: kind: parameter group: common label: common type: string javaType: java.lang.String deprecated: false secret: false description: You can set a base URI which is used in the URI dereferencing. Relative URIs are then concatenated with the base URI. clearHeaders: kind: parameter group: common label: common type: boolean javaType: java.lang.Boolean deprecated: false secret: false defaultValue: true description: Determines if the XML signature specific headers be cleared after signing and verification. Defaults to true. cryptoContextProperties: kind: parameter group: common label: common type: object javaType: java.util.Map deprecated: false secret: false description: Sets the crypto context properties. See link XMLCryptoContextsetProperty(String Object). Possible properties are defined in XMLSignContext an XMLValidateContext (see Supported Properties). The following properties are set by default to the value link BooleanTRUE for the XML validation. If you want to switch these features off you must set the property value to link BooleanFALSE. org.jcp.xml.dsig.validateManifests javax.xml.crypto.dsig.cacheReference disallowDoctypeDecl: kind: parameter group: common label: common type: boolean javaType: java.lang.Boolean deprecated: false secret: false defaultValue: true description: Disallows that the incoming XML document contains DTD DOCTYPE declaration. The default value is link BooleanTRUE. omitXmlDeclaration: kind: parameter group: common label: common type: boolean javaType: java.lang.Boolean deprecated: false secret: false defaultValue: false description: Indicator whether the XML declaration in the outgoing message body should be omitted. Default value is false. Can be overwritten by the header link XmlSignatureConstantsHEADER_OMIT_XML_DECLARATION. outputXmlEncoding: kind: parameter group: common label: common type: string javaType: java.lang.String deprecated: false secret: false description: The character encoding of the resulting signed XML document. If null then the encoding of the original XML document is used. schemaResourceUri: kind: parameter group: common label: common type: string javaType: java.lang.String deprecated: false secret: false description: Classpath to the XML Schema. Must be specified in the detached XML Signature case for determining the ID attributes might be set in the enveloped and enveloping case. If set then the XML document is validated with the specified XML schema. The schema resource URI can be overwritten by the header link XmlSignatureConstantsHEADER_SCHEMA_RESOURCE_URI. synchronous: kind: parameter group: advanced label: advanced type: boolean javaType: boolean deprecated: false secret: false defaultValue: false description: Sets whether synchronous processing should be strictly used or Camel is allowed to use asynchronous processing (if supported). uriDereferencer: kind: parameter group: advanced label: advanced type: object javaType: javax.xml.crypto.URIDereferencer deprecated: false secret: false description: 'If you want to restrict the remote access via reference URIs you can set an own dereferencer. Optional parameter. If not set the provider default dereferencer is used which can resolve URI fragments HTTP file and XPpointer URIs. Attention: The implementation is provider dependent!' addKeyInfoReference: kind: parameter group: sign label: sign type: boolean javaType: java.lang.Boolean deprecated: false secret: false defaultValue: true description: In order to protect the KeyInfo element from tampering you can add a reference to the signed info element so that it is protected via the signature value. The default value is true. Only relevant when a KeyInfo is returned by KeyAccessor. and link KeyInfogetId() is not null. canonicalizationMethod: kind: parameter group: sign label: sign type: object javaType: javax.xml.crypto.AlgorithmMethod deprecated: false secret: false defaultValue: http://www.w3.org/TR/2001/REC-xml-c14n-20010315 description: Canonicalization method used to canonicalize the SignedInfo element before the digest is calculated. You can use the helper methods XmlSignatureHelper.getCanonicalizationMethod(String algorithm) or getCanonicalizationMethod(String algorithm List inclusiveNamespacePrefixes) to create a canonicalization method. contentObjectId: kind: parameter group: sign label: sign type: string javaType: java.lang.String deprecated: false secret: false description: Sets the content object Id attribute value. By default a UUID is generated. If you set the null value then a new UUID will be generated. Only used in the enveloping case. contentReferenceType: kind: parameter group: sign label: sign type: string javaType: java.lang.String deprecated: false secret: false description: Type of the content reference. The default value is null. This value can be overwritten by the header link XmlSignatureConstantsHEADER_CONTENT_REFERENCE_TYPE. contentReferenceUri: kind: parameter group: sign label: sign type: string javaType: java.lang.String deprecated: false secret: false description: Reference URI for the content to be signed. Only used in the enveloped case. If the reference URI contains an ID attribute value then the resource schema URI ( link setSchemaResourceUri(String)) must also be set because the schema validator will then find out which attributes are ID attributes. Will be ignored in the enveloping or detached case. digestAlgorithm: kind: parameter group: sign label: sign type: string javaType: java.lang.String deprecated: false secret: false description: 'Digest algorithm URI. Optional parameter. This digest algorithm is used for calculating the digest of the input message. If this digest algorithm is not specified then the digest algorithm is calculated from the signature algorithm. Example: http://www.w3.org/2001/04/xmlencsha256' keyAccessor: kind: parameter group: sign label: sign type: object javaType: org.apache.camel.component.xmlsecurity.api.KeyAccessor deprecated: false secret: false description: For the signing process a private key is necessary. You specify a key accessor bean which provides this private key. The key accessor bean must implement the KeyAccessor interface. The package org.apache.camel.component.xmlsecurity.api contains the default implementation class DefaultKeyAccessor which reads the private key from a Java keystore. parentLocalName: kind: parameter group: sign label: sign type: string javaType: java.lang.String deprecated: false secret: false description: Local name of the parent element to which the XML signature element will be added. Only relevant for enveloped XML signature. Alternatively you can also use link setParentXpath(XPathFilterParameterSpec). Default value is null. The value must be null for enveloping and detached XML signature. This parameter or the parameter link setParentXpath(XPathFilterParameterSpec) for enveloped signature and the parameter link setXpathsToIdAttributes(List) for detached signature must not be set in the same configuration. If the parameters parentXpath and parentLocalName are specified in the same configuration then an exception is thrown. parentNamespace: kind: parameter group: sign label: sign type: string javaType: java.lang.String deprecated: false secret: false description: Namespace of the parent element to which the XML signature element will be added. parentXpath: kind: parameter group: sign label: sign type: object javaType: javax.xml.crypto.dsig.spec.XPathFilterParameterSpec deprecated: false secret: false description: Sets the XPath to find the parent node in the enveloped case. Either you specify the parent node via this method or the local name and namespace of the parent with the methods link setParentLocalName(String) and link setParentNamespace(String). Default value is null. The value must be null for enveloping and detached XML signature. If the parameters parentXpath and parentLocalName are specified in the same configuration then an exception is thrown. plainText: kind: parameter group: sign label: sign type: boolean javaType: java.lang.Boolean deprecated: false secret: false defaultValue: false description: Indicator whether the message body contains plain text. The default value is false indicating that the message body contains XML. The value can be overwritten by the header link XmlSignatureConstantsHEADER_MESSAGE_IS_PLAIN_TEXT. plainTextEncoding: kind: parameter group: sign label: sign type: string javaType: java.lang.String deprecated: false secret: false defaultValue: UTF-8 description: Encoding of the plain text. Only relevant if the message body is plain text (see parameter link plainText. Default value is UTF-8. prefixForXmlSignatureNamespace: kind: parameter group: sign label: sign type: string javaType: java.lang.String deprecated: false secret: false defaultValue: ds description: Namespace prefix for the XML signature namespace http://www.w3.org/2000/09/xmldsig. Default value is ds. If null or an empty value is set then no prefix is used for the XML signature namespace. See best practice http://www.w3.org/TR/xmldsig-bestpractices/signing-xml- without-namespaces properties: kind: parameter group: sign label: sign type: object javaType: org.apache.camel.component.xmlsecurity.api.XmlSignatureProperties deprecated: false secret: false description: For adding additional References and Objects to the XML signature which contain additional properties you can provide a bean which implements the XmlSignatureProperties interface. signatureAlgorithm: kind: parameter group: sign label: sign type: string javaType: java.lang.String deprecated: false secret: false defaultValue: http://www.w3.org/2000/09/xmldsig#rsa-sha1 description: Signature algorithm. Default value is http://www.w3.org/2000/09/xmldsigrsa-sha1. signatureId: kind: parameter group: sign label: sign type: string javaType: java.lang.String deprecated: false secret: false description: Sets the signature Id. If this parameter is not set (null value) then a unique ID is generated for the signature ID (default). If this parameter is set to (empty string) then no Id attribute is created in the signature element. transformMethods: kind: parameter group: sign label: sign type: array javaType: java.util.List deprecated: false secret: false description: Transforms which are executed on the message body before the digest is calculated. By default C14n is added and in the case of enveloped signature (see option parentLocalName) also http://www.w3.org/2000/09/xmldsigenveloped-signature is added at position 0 of the list. Use methods in XmlSignatureHelper to create the transform methods. xpathsToIdAttributes: kind: parameter group: sign label: sign type: array javaType: java.util.List deprecated: false secret: false description: Define the elements which are signed in the detached case via XPATH expressions to ID attributes (attributes of type ID). For each element found via the XPATH expression a detached signature is created whose reference URI contains the corresponding attribute value (preceded by ''). The signature becomes the last sibling of the signed element. Elements with deeper hierarchy level are signed first. You can also set the XPATH list dynamically via the header link XmlSignatureConstantsHEADER_XPATHS_TO_ID_ATTRIBUTES. The parameter link setParentLocalName(String) or link setParentXpath(XPathFilterParameterSpec) for enveloped signature and this parameter for detached signature must not be set in the same configuration. keySelector: kind: parameter group: verify label: verify type: object javaType: javax.xml.crypto.KeySelector deprecated: false secret: false description: Provides the key for validating the XML signature. outputNodeSearch: kind: parameter group: verify label: verify type: string javaType: java.lang.String deprecated: false secret: false description: Sets the output node search value for determining the node from the XML signature document which shall be set to the output message body. The class of the value depends on the type of the output node search. The output node search is forwarded to XmlSignature2Message. outputNodeSearchType: kind: parameter group: verify label: verify type: string javaType: java.lang.String deprecated: false secret: false defaultValue: Default description: Determines the search type for determining the output node which is serialized into the output message bodyF. See link setOutputNodeSearch(Object). The supported default search types you can find in DefaultXmlSignature2Message. removeSignatureElements: kind: parameter group: verify label: verify type: boolean javaType: java.lang.Boolean deprecated: false secret: false defaultValue: false description: Indicator whether the XML signature elements (elements with local name Signature and namesapce http://www.w3.org/2000/09/xmldsig) shall be removed from the document set to the output message. Normally this is only necessary if the XML signature is enveloped. The default value is link BooleanFALSE. This parameter is forwarded to XmlSignature2Message. This indicator has no effect if the output node search is of type link DefaultXmlSignature2MessageOUTPUT_NODE_SEARCH_TYPE_DEFAULT.F secureValidation: kind: parameter group: verify label: verify type: boolean javaType: java.lang.Boolean deprecated: false secret: false defaultValue: true description: Enables secure validation. If true then secure validation is enabled. validationFailedHandler: kind: parameter group: verify label: verify type: object javaType: org.apache.camel.component.xmlsecurity.api.ValidationFailedHandler deprecated: false secret: false description: Handles the different validation failed situations. The default implementation throws specific exceptions for the different situations (All exceptions have the package name org.apache.camel.component.xmlsecurity.api and are a sub-class of XmlSignatureInvalidException. If the signature value validation fails a XmlSignatureInvalidValueException is thrown. If a reference validation fails a XmlSignatureInvalidContentHashException is thrown. For more detailed information see the JavaDoc. xmlSignature2Message: kind: parameter group: verify label: verify type: object javaType: org.apache.camel.component.xmlsecurity.api.XmlSignature2Message deprecated: false secret: false description: 'Bean which maps the XML signature to the output-message after the validation. How this mapping should be done can be configured by the options outputNodeSearchType outputNodeSearch and removeSignatureElements. The default implementation offers three possibilities which are related to the three output node search types Default ElementName and XPath. The default implementation determines a node which is then serialized and set to the body of the output message If the search type is ElementName then the output node (which must be in this case an element) is determined by the local name and namespace defined in the search value (see option outputNodeSearch). If the search type is XPath then the output node is determined by the XPath specified in the search value (in this case the output node can be of type Element TextNode or Document). If the output node search type is Default then the following rules apply: In the enveloped XML signature case (there is a reference with URI= and transform http://www.w3.org/2000/09/xmldsigenveloped-signature) the incoming XML document without the Signature element is set to the output message body. In the non-enveloped XML signature case the message body is determined from a referenced Object; this is explained in more detail in chapter Output Node Determination in Enveloping XML Signature Case.' xmlSignatureChecker: kind: parameter group: verify label: verify type: object javaType: org.apache.camel.component.xmlsecurity.api.XmlSignatureChecker deprecated: false secret: false description: This interface allows the application to check the XML signature before the validation is executed. This step is recommended in http://www.w3.org/TR/xmldsig-bestpractices/check-what-is-signed documentation.adoc: | [[XMLSecuritycomponent-XMLSecuritycomponent]] XML Security component ~~~~~~~~~~~~~~~~~~~~~~ *Available as of Camel 2.12.0* With this Apache Camel component, you can generate and validate XML signatures as described in the W3C standard http://www.w3.org/TR/xmldsig-core/[XML Signature Syntax and Processing] or as described in the successor http://www.w3.org/TR/xmldsig-core1/[version 1.1]. For XML Encryption support, please refer to the XML Security link:data-format.html[Data Format]. You can find an introduction to XML signature http://www.oracle.com/technetwork/articles/javase/dig-signatures-141823.html[here]. The implementation of the component is based on http://docs.oracle.com/javase/6/docs/technotes/guides/security/xmldsig/overview.html[JSR 105], the Java API corresponding to the W3C standard and supports the Apache Santuario and the JDK provider for JSR 105. The implementation will first try to use the Apache Santuario provider; if it does not find the Santuario provider, it will use the JDK provider. Further, the implementation is DOM based. Since Camel 2.15.0 we also provide support for *XAdES-BES/EPES* for the signer endpoint; see subsection "XAdES-BES/EPES for the Signer Endpoint". Maven users will need to add the following dependency to their `pom.xml` for this component: [source,xml] ---- org.apache.camel camel-xmlsecurity x.x.x ---- [[XMLSecuritycomponent-XMLSignatureWrappingModes]] XML Signature Wrapping Modes ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ XML Signature differs between enveloped, enveloping, and detached XML signature. In the http://www.w3.org/TR/xmldsig-core1/#def-SignatureEnveloped[enveloped] XML signature case, the XML Signature is wrapped by the signed XML Document; which means that the XML signature element is a child element of a parent element, which belongs to the signed XML Document. In the http://www.w3.org/TR/xmldsig-core1/#def-SignatureEnveloping[enveloping] XML signature case, the XML Signature contains the signed content. All other cases are called http://www.w3.org/TR/xmldsig-core1/#def-SignatureDetached[detached] XML signatures. A certain form of detached XML signature is supported since **2.14.0**. In the *enveloped XML signature* case, the supported generated XML signature has the following structure (Variables are surrounded by `[]`). [source,xml] ---- <[parent element]> ... ()* ( )? ()? ---- In the *enveloping XML signature* case, the supported generated XML signature has the structure: [source,xml] ---- ()* ( )? ()? ---- As of 2.14.0 *detached XML signatures* with the following structure are supported (see also sub-chapter XML Signatures as Siblings of Signed Elements): [source,xml] ---- (<[signed element] Id="[id_value]"> ... *?? ()* ( )? ()? )+ ---- ?? [[XMLSecuritycomponent-URIFormat]] URI Format ^^^^^^^^^^ The camel component consists of two endpoints which have the following URI format: [source] ---- xmlsecurity:sign:name[?options] xmlsecurity:verify:name[?options] ---- * With the signer endpoint, you can generate a XML signature for the body of the in-message which can be either a XML document or a plain text. The enveloped, enveloping, or detached (as of 12.14) ??XML signature(s) will be set to the body of the out-message. * With the verifier endpoint, you can validate an enveloped or enveloping XML signature or even several detached (as of 2.14.0) XML signatures contained in the body of the in-message; if the validation is successful, then the original content is extracted from the XML signature and set to the body of the out-message. * The `name` part in the URI can be chosen by the user to distinguish between different signer/verifier endpoints within the camel context. [[XMLSecuritycomponent-BasicExample]] Basic Example ^^^^^^^^^^^^^ The following example shows the basic usage of the component. [source,java] ---- from("direct:enveloping").to("xmlsecurity:sign://enveloping?keyAccessor=#accessor", "xmlsecurity:verify://enveloping?keySelector=#selector", "mock:result") ---- In Spring XML: [source,xml] ---- ---- For the signing process, a private key is necessary. You specify a key accessor bean which provides this private key. For the validation, the corresponding public key is necessary; you specify a key selector bean which provides this public key. The key accessor bean must implement the https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/KeyAccessor.java[`KeyAccessor`] interface. The package `org.apache.camel.component.xmlsecurity.api` contains the default implementation class https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/DefaultKeyAccessor.java[`DefaultKeyAccessor`] which reads the private key from a Java keystore. The key selector bean must implement the http://docs.oracle.com/javase/6/docs/api/javax/xml/crypto/KeySelector.html[`javax.xml.crypto.KeySelector`] interface. The package `org.apache.camel.component.xmlsecurity.api` contains the default implementation class https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/DefaultKeySelector.java[`DefaultKeySelector`] which reads the public key from a keystore. In the example, the default signature algorithm `http://www.w3.org/2000/09/xmldsig#rsa-sha1` is used. You can set the signature algorithm of your choice by the option `signatureAlgorithm` (see below). The signer endpoint creates an _enveloping_ XML signature. If you want to create an _enveloped_ XML signature then you must specify the parent element of the Signature element; see option `parentLocalName` for more details. For creating _detached_ XML signatures, see sub-chapter "Detached XML Signatures as Siblings of the Signed Elements". [[XMLSecuritycomponent-ComponentOptions]] Component Options ^^^^^^^^^^^^^^^^ // component options: START The XML Security component supports 2 options which are listed below. {% raw %} [width="100%",cols="2,1m,7",options="header"] |======================================================================= | Name | Java Type | Description | signerConfiguration | XmlSignerConfiguration | To use a shared XmlSignerConfiguration configuration to use as base for configuring endpoints. | verifierConfiguration | XmlVerifierConfiguration | To use a shared XmlVerifierConfiguration configuration to use as base for configuring endpoints. |======================================================================= {% endraw %} // component options: END [[XMLSecuritycomponent-EndpointOptions]] Endpoint Options ^^^^^^^^^^^^^^^^ // endpoint options: START The XML Security component supports 37 endpoint options which are listed below: {% raw %} [width="100%",cols="2,1,1m,1m,5",options="header"] |======================================================================= | Name | Group | Default | Java Type | Description | command | producer | | XmlCommand | *Required* Whether to sign or verify. | name | producer | | String | *Required* The name part in the URI can be chosen by the user to distinguish between different signer/verifier endpoints within the camel context. | baseUri | common | | String | You can set a base URI which is used in the URI dereferencing. Relative URIs are then concatenated with the base URI. | clearHeaders | common | true | Boolean | Determines if the XML signature specific headers be cleared after signing and verification. Defaults to true. | cryptoContextProperties | common | | Map | Sets the crypto context properties. See link XMLCryptoContextsetProperty(String Object). Possible properties are defined in XMLSignContext an XMLValidateContext (see Supported Properties). The following properties are set by default to the value link BooleanTRUE for the XML validation. If you want to switch these features off you must set the property value to link BooleanFALSE. org.jcp.xml.dsig.validateManifests javax.xml.crypto.dsig.cacheReference | disallowDoctypeDecl | common | true | Boolean | Disallows that the incoming XML document contains DTD DOCTYPE declaration. The default value is link BooleanTRUE. | omitXmlDeclaration | common | false | Boolean | Indicator whether the XML declaration in the outgoing message body should be omitted. Default value is false. Can be overwritten by the header link XmlSignatureConstantsHEADER_OMIT_XML_DECLARATION. | outputXmlEncoding | common | | String | The character encoding of the resulting signed XML document. If null then the encoding of the original XML document is used. | schemaResourceUri | common | | String | Classpath to the XML Schema. Must be specified in the detached XML Signature case for determining the ID attributes might be set in the enveloped and enveloping case. If set then the XML document is validated with the specified XML schema. The schema resource URI can be overwritten by the header link XmlSignatureConstantsHEADER_SCHEMA_RESOURCE_URI. | synchronous | advanced | false | boolean | Sets whether synchronous processing should be strictly used or Camel is allowed to use asynchronous processing (if supported). | uriDereferencer | advanced | | URIDereferencer | If you want to restrict the remote access via reference URIs you can set an own dereferencer. Optional parameter. If not set the provider default dereferencer is used which can resolve URI fragments HTTP file and XPpointer URIs. Attention: The implementation is provider dependent! | addKeyInfoReference | sign | true | Boolean | In order to protect the KeyInfo element from tampering you can add a reference to the signed info element so that it is protected via the signature value. The default value is true. Only relevant when a KeyInfo is returned by KeyAccessor. and link KeyInfogetId() is not null. | canonicalizationMethod | sign | http://www.w3.org/TR/2001/REC-xml-c14n-20010315 | AlgorithmMethod | Canonicalization method used to canonicalize the SignedInfo element before the digest is calculated. You can use the helper methods XmlSignatureHelper.getCanonicalizationMethod(String algorithm) or getCanonicalizationMethod(String algorithm List inclusiveNamespacePrefixes) to create a canonicalization method. | contentObjectId | sign | | String | Sets the content object Id attribute value. By default a UUID is generated. If you set the null value then a new UUID will be generated. Only used in the enveloping case. | contentReferenceType | sign | | String | Type of the content reference. The default value is null. This value can be overwritten by the header link XmlSignatureConstantsHEADER_CONTENT_REFERENCE_TYPE. | contentReferenceUri | sign | | String | Reference URI for the content to be signed. Only used in the enveloped case. If the reference URI contains an ID attribute value then the resource schema URI ( link setSchemaResourceUri(String)) must also be set because the schema validator will then find out which attributes are ID attributes. Will be ignored in the enveloping or detached case. | digestAlgorithm | sign | | String | Digest algorithm URI. Optional parameter. This digest algorithm is used for calculating the digest of the input message. If this digest algorithm is not specified then the digest algorithm is calculated from the signature algorithm. Example: http://www.w3.org/2001/04/xmlencsha256 | keyAccessor | sign | | KeyAccessor | For the signing process a private key is necessary. You specify a key accessor bean which provides this private key. The key accessor bean must implement the KeyAccessor interface. The package org.apache.camel.component.xmlsecurity.api contains the default implementation class DefaultKeyAccessor which reads the private key from a Java keystore. | parentLocalName | sign | | String | Local name of the parent element to which the XML signature element will be added. Only relevant for enveloped XML signature. Alternatively you can also use link setParentXpath(XPathFilterParameterSpec). Default value is null. The value must be null for enveloping and detached XML signature. This parameter or the parameter link setParentXpath(XPathFilterParameterSpec) for enveloped signature and the parameter link setXpathsToIdAttributes(List) for detached signature must not be set in the same configuration. If the parameters parentXpath and parentLocalName are specified in the same configuration then an exception is thrown. | parentNamespace | sign | | String | Namespace of the parent element to which the XML signature element will be added. | parentXpath | sign | | XPathFilterParameterSpec | Sets the XPath to find the parent node in the enveloped case. Either you specify the parent node via this method or the local name and namespace of the parent with the methods link setParentLocalName(String) and link setParentNamespace(String). Default value is null. The value must be null for enveloping and detached XML signature. If the parameters parentXpath and parentLocalName are specified in the same configuration then an exception is thrown. | plainText | sign | false | Boolean | Indicator whether the message body contains plain text. The default value is false indicating that the message body contains XML. The value can be overwritten by the header link XmlSignatureConstantsHEADER_MESSAGE_IS_PLAIN_TEXT. | plainTextEncoding | sign | UTF-8 | String | Encoding of the plain text. Only relevant if the message body is plain text (see parameter link plainText. Default value is UTF-8. | prefixForXmlSignatureNamespace | sign | ds | String | Namespace prefix for the XML signature namespace http://www.w3.org/2000/09/xmldsig. Default value is ds. If null or an empty value is set then no prefix is used for the XML signature namespace. See best practice http://www.w3.org/TR/xmldsig-bestpractices/signing-xml- without-namespaces | properties | sign | | XmlSignatureProperties | For adding additional References and Objects to the XML signature which contain additional properties you can provide a bean which implements the XmlSignatureProperties interface. | signatureAlgorithm | sign | http://www.w3.org/2000/09/xmldsig#rsa-sha1 | String | Signature algorithm. Default value is http://www.w3.org/2000/09/xmldsigrsa-sha1. | signatureId | sign | | String | Sets the signature Id. If this parameter is not set (null value) then a unique ID is generated for the signature ID (default). If this parameter is set to (empty string) then no Id attribute is created in the signature element. | transformMethods | sign | | List | Transforms which are executed on the message body before the digest is calculated. By default C14n is added and in the case of enveloped signature (see option parentLocalName) also http://www.w3.org/2000/09/xmldsigenveloped-signature is added at position 0 of the list. Use methods in XmlSignatureHelper to create the transform methods. | xpathsToIdAttributes | sign | | List | Define the elements which are signed in the detached case via XPATH expressions to ID attributes (attributes of type ID). For each element found via the XPATH expression a detached signature is created whose reference URI contains the corresponding attribute value (preceded by ''). The signature becomes the last sibling of the signed element. Elements with deeper hierarchy level are signed first. You can also set the XPATH list dynamically via the header link XmlSignatureConstantsHEADER_XPATHS_TO_ID_ATTRIBUTES. The parameter link setParentLocalName(String) or link setParentXpath(XPathFilterParameterSpec) for enveloped signature and this parameter for detached signature must not be set in the same configuration. | keySelector | verify | | KeySelector | Provides the key for validating the XML signature. | outputNodeSearch | verify | | String | Sets the output node search value for determining the node from the XML signature document which shall be set to the output message body. The class of the value depends on the type of the output node search. The output node search is forwarded to XmlSignature2Message. | outputNodeSearchType | verify | Default | String | Determines the search type for determining the output node which is serialized into the output message bodyF. See link setOutputNodeSearch(Object). The supported default search types you can find in DefaultXmlSignature2Message. | removeSignatureElements | verify | false | Boolean | Indicator whether the XML signature elements (elements with local name Signature and namesapce http://www.w3.org/2000/09/xmldsig) shall be removed from the document set to the output message. Normally this is only necessary if the XML signature is enveloped. The default value is link BooleanFALSE. This parameter is forwarded to XmlSignature2Message. This indicator has no effect if the output node search is of type link DefaultXmlSignature2MessageOUTPUT_NODE_SEARCH_TYPE_DEFAULT.F | secureValidation | verify | true | Boolean | Enables secure validation. If true then secure validation is enabled. | validationFailedHandler | verify | | ValidationFailedHandler | Handles the different validation failed situations. The default implementation throws specific exceptions for the different situations (All exceptions have the package name org.apache.camel.component.xmlsecurity.api and are a sub-class of XmlSignatureInvalidException. If the signature value validation fails a XmlSignatureInvalidValueException is thrown. If a reference validation fails a XmlSignatureInvalidContentHashException is thrown. For more detailed information see the JavaDoc. | xmlSignature2Message | verify | | XmlSignature2Message | Bean which maps the XML signature to the output-message after the validation. How this mapping should be done can be configured by the options outputNodeSearchType outputNodeSearch and removeSignatureElements. The default implementation offers three possibilities which are related to the three output node search types Default ElementName and XPath. The default implementation determines a node which is then serialized and set to the body of the output message If the search type is ElementName then the output node (which must be in this case an element) is determined by the local name and namespace defined in the search value (see option outputNodeSearch). If the search type is XPath then the output node is determined by the XPath specified in the search value (in this case the output node can be of type Element TextNode or Document). If the output node search type is Default then the following rules apply: In the enveloped XML signature case (there is a reference with URI= and transform http://www.w3.org/2000/09/xmldsigenveloped-signature) the incoming XML document without the Signature element is set to the output message body. In the non-enveloped XML signature case the message body is determined from a referenced Object; this is explained in more detail in chapter Output Node Determination in Enveloping XML Signature Case. | xmlSignatureChecker | verify | | XmlSignatureChecker | This interface allows the application to check the XML signature before the validation is executed. This step is recommended in http://www.w3.org/TR/xmldsig-bestpractices/check-what-is-signed |======================================================================= {% endraw %} // endpoint options: END [[XMLSecuritycomponent-OutputNodeDeterminationinEnvelopingXMLSignatureCase]] Output Node Determination in Enveloping XML Signature Case ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ After the validation the node is extracted from the XML signature document which is finally returned to the output-message body. In the enveloping XML signature case, the default implementation https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/DefaultXmlSignature2Message.java[`DefaultXmlSignature2Message`] of https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/XmlSignature2Message.java[`XmlSignature2Message`] does this for the node search type `Default` in the following way (see option `xmlSignature2Message`): * First an object reference is determined: ** Only same document references are taken into account (URI must start with `#`) ** Also indirect same document references to an object via manifest are taken into account. ** The resulting number of object references must be 1. * Then, the object is dereferenced and the object must only contain one XML element. This element is returned as output node. This does mean that the enveloping XML signature must have either the structure: [source,xml] ---- ... ... ()? ---- or the structure: [source,xml] ---- ... ... ()? ---- [[XMLSecuritycomponent-DetachedXMLSignaturesasSiblingsoftheSignedElements]] Detached XML Signatures as Siblings of the Signed Elements ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ **Since 2.14.0** You can create detached signatures where the signature is a sibling of the signed element. The following example contains two detached signatures. The first signature is for the element `C` and the second signature is for element `A`. The signatures are _nested_; the second signature is for the element `A` which also contains the first signature. *Example Detached XML Signatures* [source,xml] ---- dvalue ... aUDFmiG71 ... q3tvRoGgc8cMUqUSzP6C21zb7tt04riPnDuk= ---- The example shows that you can sign several elements and that for each element a signature is created as sibling. The elements to be signed must have an attribute of type ID. The ID type of the attribute must be defined in the XML schema (see option??`schemaResourceUri`).??You specify a list of XPATH expressions pointing to attributes of type ID (see option `xpathsToIdAttributes`). These attributes determine the elements to be signed. The elements are signed by the same key given by the `keyAccessor` bean. Elements with higher (i.e. deeper) hierarchy level are signed first. In the example, the element `C` is signed before the element `A`. *Java DSL Example* [source,java] ---- from("direct:detached") .to("xmlsecurity:sign://detached?keyAccessor=#keyAccessorBeant&xpathsToIdAttributes=#xpathsToIdAttributesBean&schemaResourceUri=Test.xsd") .to("xmlsecurity:verify://detached?keySelector=#keySelectorBean&schemaResourceUri=org/apache/camel/component/xmlsecurity/Test.xsd") .to("mock:result"); ---- *Spring Example* [source,xml] ---- ?? ... ---- [[XMLSecuritycomponent-XAdES-BESEPESfortheSignerEndpoint]] XAdES-BES/EPES for the Signer Endpoint ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ *Available as of Camel 2.15.0*?? http://www.etsi.org/deliver/etsi_ts/101900_101999/101903/01.04.02_60/ts_101903v010402p.pdf[XML Advanced Electronic Signatures (XAdES)] defines extensions to XML Signature. This standard was defined by the http://www.etsi.org/[European Telecommunication Standards Institute] and allows you to create signatures which are compliant to the http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2000:013:0012:0020:EN:PDF[European Union Directive (1999/93/EC) on a Community framework for electronic signatures]. XAdES defines different sets of signature properties which are called signature forms. We support the signature forms *Basic Electronic Signature* (XAdES-BES) and *Explicit Policy Based Electronic Signature* (XAdES-EPES) for the Signer Endpoint. The forms **Electronic??****Signature with Validation Data**??XAdES-T and XAdES-C are not supported. We support the following properties of the XAdES-EPES form ("?" denotes zero or one occurrence): *Supported XAdES-EPES Properties* [source,xml] ---- (SigningTime)? (SigningCertificate)? (SignaturePolicyIdentifier) (SignatureProductionPlace)? (SignerRole)? (DataObjectFormat)? (CommitmentTypeIndication)? ---- The properties of the XAdES-BES form are the same except that the??`SignaturePolicyIdentifier` property is not part of XAdES-BES.?? You can configure the XAdES-BES/EPES properties via the bean??`org.apache.camel.component.xmlsecurity.api.XAdESSignatureProperties` or??`org.apache.camel.component.xmlsecurity.api.DefaultXAdESSignatureProperties. XAdESSignatureProperties`??does support all properties mentioned above except the??`SigningCertificate` property. To get the??`SigningCertificate` property, you must overwrite either the method??`XAdESSignatureProperties.getSigningCertificate()` or `XAdESSignatureProperties.getSigningCertificateChain()`.??The class??`DefaultXAdESSignatureProperties`??overwrites the method??`getSigningCertificate()`??and allows you to specify the signing certificate via a keystore and alias. The following example shows all parameters you can specify. If you do not need certain parameters you can just omit them. *XAdES-BES/EPES Example in Java DSL* [source,java] ---- ??Keystore keystore = ... // load a keystore DefaultKeyAccessor accessor = new DefaultKeyAccessor(); accessor.setKeyStore(keystore); accessor.setPassword("password"); accessor.setAlias("cert_alias"); // signer key alias ?? DefaultXAdESSignatureProperties props = new DefaultXAdESSignatureProperties(); props.setNamespace("http://uri.etsi.org/01903/v1.3.2#"); // sets the namespace for the XAdES elements; the namspace is related to the XAdES version, default value is "http://uri.etsi.org/01903/v1.3.2#", other possible values are "http://uri.etsi.org/01903/v1.1.1#" and "http://uri.etsi.org/01903/v1.2.2#" props.setPrefix("etsi"); // sets the prefix for the XAdES elements, default value is "etsi" ?? // signing certificate props.setKeystore(keystore)); props.setAlias("cert_alias"); // specify the alias of the signing certificate in the keystore = signer key alias props.setDigestAlgorithmForSigningCertificate(DigestMethod.SHA256); // possible values for the algorithm are "http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmldsig-more#sha384", "http://www.w3.org/2001/04/xmlenc#sha512", default value is "http://www.w3.org/2001/04/xmlenc#sha256" props.setSigningCertificateURIs(Collections.singletonList("http://certuri")); ?? // signing time props.setAddSigningTime(true); ?? // policy props.setSignaturePolicy(XAdESSignatureProperties.SIG_POLICY_EXPLICIT_ID); // also the values XAdESSignatureProperties.SIG_POLICY_NONE ("None"), and XAdESSignatureProperties.SIG_POLICY_IMPLIED ("Implied")are possible, default value is XAdESSignatureProperties.SIG_POLICY_EXPLICIT_ID ("ExplicitId") // For "None" and "Implied" you must not specify any further policy parameters props.setSigPolicyId("urn:oid:1.2.840.113549.1.9.16.6.1"); props.setSigPolicyIdQualifier("OIDAsURN"); //allowed values are empty string, "OIDAsURI", "OIDAsURN"; default value is empty string props.setSigPolicyIdDescription("invoice version 3.1"); props.setSignaturePolicyDigestAlgorithm(DigestMethod.SHA256);// possible values for the algorithm are "http://www.w3.org/2000/09/xmldsig#sha1", http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmldsig-more#sha384", "http://www.w3.org/2001/04/xmlenc#sha512", default value is http://www.w3.org/2001/04/xmlenc#sha256" props.setSignaturePolicyDigestValue("Ohixl6upD6av8N7pEvDABhEL6hM="); // you can add qualifiers for the signature policy either by specifying text or an XML fragment with the root element "SigPolicyQualifier" props.setSigPolicyQualifiers(Arrays .asList(new String[] { "http://test.com/sig.policy.pdfdisplay text" + "", "category B" })); props.setSigPolicyIdDocumentationReferences(Arrays.asList(new String[] {"http://test.com/policy.doc.ref1.txt", "http://test.com/policy.doc.ref2.txt" })); ?? // production place props.setSignatureProductionPlaceCity("Munich"); props.setSignatureProductionPlaceCountryName("Germany"); props.setSignatureProductionPlacePostalCode("80331"); props.setSignatureProductionPlaceStateOrProvince("Bavaria"); ?? //role // you can add claimed roles either by specifying text or an XML fragment with the root element "ClaimedRole" props.setSignerClaimedRoles(Arrays.asList(new String[] {"test", "TestRole" })); props.setSignerCertifiedRoles(Collections.singletonList(new XAdESEncapsulatedPKIData("Ahixl6upD6av8N7pEvDABhEL6hM=", "http://uri.etsi.org/01903/v1.2.2#DER", "IdCertifiedRole"))); ?? // data object format props.setDataObjectFormatDescription("invoice"); props.setDataObjectFormatMimeType("text/xml"); props.setDataObjectFormatIdentifier("urn:oid:1.2.840.113549.1.9.16.6.2"); props.setDataObjectFormatIdentifierQualifier("OIDAsURN"); //allowed values are empty string, "OIDAsURI", "OIDAsURN"; default value is empty string props.setDataObjectFormatIdentifierDescription("identifier desc"); props.setDataObjectFormatIdentifierDocumentationReferences(Arrays.asList(new String[] { "http://test.com/dataobject.format.doc.ref1.txt", "http://test.com/dataobject.format.doc.ref2.txt" })); ?? //commitment props.setCommitmentTypeId("urn:oid:1.2.840.113549.1.9.16.6.4"); props.setCommitmentTypeIdQualifier("OIDAsURN"); //allowed values are empty string, "OIDAsURI", "OIDAsURN"; default value is empty string props.setCommitmentTypeIdDescription("description for commitment type ID"); props.setCommitmentTypeIdDocumentationReferences(Arrays.asList(new String[] {"http://test.com/commitment.ref1.txt", "http://test.com/commitment.ref2.txt" })); // you can specify a commitment type qualifier either by simple text or an XML fragment with root element "CommitmentTypeQualifier" props.setCommitmentTypeQualifiers(Arrays.asList(new String[] {"commitment qualifier", "c" })); ?? beanRegistry.bind("xmlSignatureProperties",props); beanRegistry.bind("keyAccessorDefault",keyAccessor); ?? // you must reference the properties bean in the "xmlsecurity" URI from("direct:xades").to("xmlsecurity:sign://xades?keyAccessor=#keyAccessorDefault&properties=#xmlSignatureProperties") .to("mock:result"); ---- *XAdES-BES/EPES Example in Spring XML* [source,xml] ---- ... ... Emisor <ClaimedRole xmlns="http://uri.etsi.org/01903/v1.3.2#"><test xmlns="http://test.com/">test</test></ClaimedRole> ---- [[XMLSecuritycomponent-Headers]] Headers +++++++ [width="100%",cols="1m,1m,4",options="header",] |======================================================================= |Header |Type |Description |CamelXmlSignatureXAdESQualifyingPropertiesId |String |for the 'Id' attribute value of `QualifyingProperties` element |CamelXmlSignatureXAdESSignedDataObjectPropertiesId |String |for the 'Id' attribute value of `SignedDataObjectProperties` element |CamelXmlSignatureXAdESSignedSignaturePropertiesId |String |for the 'Id' attribute value of??`SignedSignatureProperties` element |CamelXmlSignatureXAdESDataObjectFormatEncoding |String |for the value of the Encoding element of the `DataObjectFormat` element |CamelXmlSignatureXAdESNamespace |String |??overwrites the XAdES namespace parameter value |CamelXmlSignatureXAdESPrefix |String |overwrites the XAdES prefix parameter value |======================================================================= [[XMLSecuritycomponent-LimitationswithregardtoXAdESversion1.4.2]] Limitations with regard to XAdES version 1.4.2 ++++++++++++++++++++++++++++++++++++++++++++++ * No support for signature form XAdES-T and XAdES-C * Only signer part implemented. Verifier part currently not available. * No support??for the `QualifyingPropertiesReference` element (see section 6.3.2 of spec). * No support for the `Transforms` element contained in the??`SignaturePolicyId` element contained in the??`SignaturePolicyIdentifier element` * No support of the `CounterSignature` element -> no support for the??`UnsignedProperties` element * At most one `DataObjectFormat` element. More than one `DataObjectFormat` element makes no sense because we have only one data object which is signed (this is the incoming message body to the XML signer endpoint). * At most one `CommitmentTypeIndication` element. More than one `CommitmentTypeIndication` element makes no sense ??because we have only one data object which is signed (this is the incoming message body to the XML signer endpoint). * A `CommitmentTypeIndication` element contains always the `AllSignedDataObjects` element. The `ObjectReference` element within `CommitmentTypeIndication` element is not supported. * The `AllDataObjectsTimeStamp` element is not supported * The `IndividualDataObjectsTimeStamp` element is not supported [[XMLSecuritycomponent-SeeAlso]] See Also ^^^^^^^^ * http://www.w3.org/TR/xmldsig-bestpractices/[Best Practices]