001: /*
002: * $Id: MessageConstants.java,v 1.20 2007/09/13 12:42:21 kumarjayanti Exp $
003: */
004:
005: /*
006: * The contents of this file are subject to the terms
007: * of the Common Development and Distribution License
008: * (the License). You may not use this file except in
009: * compliance with the License.
010: *
011: * You can obtain a copy of the license at
012: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
013: * See the License for the specific language governing
014: * permissions and limitations under the License.
015: *
016: * When distributing Covered Code, include this CDDL
017: * Header Notice in each file and include the License file
018: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
019: * If applicable, add the following below the CDDL Header,
020: * with the fields enclosed by brackets [] replaced by
021: * you own identifying information:
022: * "Portions Copyrighted [year] [name of copyright owner]"
023: *
024: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
025: */
026: package com.sun.xml.wss.impl;
027:
028: import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
029: import javax.xml.namespace.QName;
030: import com.sun.xml.wss.*;
031:
032: /**
033: * WSS xmlns and prefix constants used in wss code throughout.
034: *
035: * @author Manveen Kaur
036: */
037: public class MessageConstants {
038:
039: public static final int NOT_OPTIMIZED = 0;
040: public static final int SIGN_BODY = 1;
041: public static final int SIGN_ENCRYPT_BODY = 2;
042: public static final int ENCRYPT_SIGN_BODY = 3;
043: public static final int SECURITY_HEADERS = 4;
044: public static final int ENCRYPT_BODY = 5;
045: public static final int SECURE_ATTACHMENTS = 6;
046: public static final int SECURITY_HEADERS_AND_ATTACHMENTS = 7;
047: public static final boolean debug = false;
048: public static final int OCTECT_STREAM_DATA = 1;
049: public static final int NODE_SET_DATA = 2;
050: public static final int ATTACHMENT_DATA = 3;
051: public static final String EMPTY_STRING = "";
052: public static final String _EMPTY = "".intern();
053: public static final String TIMESTAMP_XPATH = "//wsu:Timestamp";
054: public static final String ATTACHMENT_MIME_HEADERS = "MIME-HEADERS";
055: public static final String WSS_PROCESSING_CONTEXT = "http://wss.sun.com#processingContext";
056: public static final String AUTH_SUBJECT = "javax.security.auth.Subject";
057: public static final String DIRECT_REFERENCE_TYPE = "Direct";
058: public static final String KEY_INDETIFIER_TYPE = "Identifier";
059: public static final String THUMB_PRINT_TYPE = "Thumbprint";
060: public static final String EK_SHA1_TYPE = "EncryptedKeySHA1";
061: public static final String KEY_NAME_TYPE = "KeyName";
062: public static final String X509_ISSUER_TYPE = "IssuerSerialNumber";
063: public static final String BINARY_SECRET = "BinarySecret";
064: public static final String EMBEDDED_REFERENCE_TYPE = "Embedded";
065: public static final String NONCE_CACHE = "NonceCache";
066: public static final String SOAP_1_1_NS = "http://schemas.xmlsoap.org/soap/envelope/";
067: public static final String SOAP_1_2_NS = "http://www.w3.org/2003/05/soap-envelope";
068: public static final String XMLNS_TAG = "xmlns";
069: public final static String XSD_NS = "http://www.w3.org/2001/XMLSchema";
070: public final static String XSI_NS = "http://www.w3.org/2001/XMLSchema-instance";
071: public static final String NAMESPACES_NS = "http://www.w3.org/2000/xmlns/";
072:
073: public static final String DSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
074: public static final String DSIG_PREFIX = "ds";
075:
076: public static final String DS_SIGNATURE_LNAME = "Signature";
077: public static final String DS_SIGNATURE_QNAME = DSIG_PREFIX + ":"
078: + DS_SIGNATURE_LNAME;
079:
080: public static final short SAML_v1_0_NUMBER = 0x000;
081: public static final short SAML_v1_1_NUMBER = 0x001;
082: public static final short SAML_v2_0_NUMBER = 0x002;
083: public static final String SAML_v1_0_STRING = "1.0";
084: public static final String SAML_v1_1_STRING = "1.1";
085: public static final String SAML_v2_0_STRING = "2.0";
086: public static final String SAML_v1_0_NS = "urn:oasis:names:tc:SAML:1.0:assertion";
087: public static final String SAML_v1_1_NS = "urn:oasis:names:tc:SAML:1.0:assertion";
088: public static final String SAML_v2_0_NS = "urn:oasis:names:tc:SAML:2.0:assertion";
089: public static final String SAMLP_NS = "urn:oasis:names:tc:SAML:1.0:protocol";
090: public static final String SAML_PREFIX = "saml";
091: public static final String SAML2_PREFIX = "saml2";
092: public static final String SAMLP_PREFIX = "samlp";
093: public static final String SAML_ASSERTION_LNAME = "Assertion";
094: public static final String SAML_ASSERTIONID_LNAME = "AssertionID";
095: public static final String SAML_ID_LNAME = "ID";
096: public static final String SAML_QNAME = SAML_PREFIX + ":"
097: + SAML_ASSERTION_LNAME;
098: public static final String SAML2_QNAME = SAML2_PREFIX + ":"
099: + SAML_ASSERTION_LNAME;
100: public static final String WSSE_SAML_v1_0_VALUE_TYPE = "http://docs.oasis-open.org/wss/2004/XX/"
101: + "oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertion-1.0";
102: public static final String WSSE_SAML_v1_1_VALUE_TYPE = "http://docs.oasis-open.org/wss/2004/XX/"
103: + "oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertion-1.1";
104: public static final String WSSE_SAML_v2_0_VALUE_TYPE = "http://docs.oasis-open.org/wss/2004/XX/"
105: + "oasis-2004XX-wss-saml-token-profile-1.1#SAMLAssertion-2.0";
106: public static final String WSSE_SAML_KEY_IDENTIFIER_VALUE_TYPE = "http://docs.oasis-open.org/wss/"
107: + "oasis-wss-saml-token-profile-1.0#SAMLAssertionID";
108: public static final String WSSE_SAML_v2_0_KEY_IDENTIFIER_VALUE_TYPE = "http://docs.oasis-open.org/wss/"
109: + "oasis-wss-saml-token-profile-1.1#SAMLID";
110: public static final String WSSE_SAML_v1_1_TOKEN_TYPE = "http://docs.oasis-open.org/wss/"
111: + "oasis-wss-saml-token-profile-1.1#SAMLV1.1";
112: public static final String WSSE_SAML_v2_0_TOKEN_TYPE = "http://docs.oasis-open.org/wss/"
113: + "oasis-wss-saml-token-profile-1.1#SAMLV2.0";
114:
115: public static final String INCOMING_SAML_ASSERTION = "incoming_saml_assertion";
116: public static final String STORED_SAML_KEYS = "stored_saml_keys";
117: public static final String SAML_ASSERTION_CLIENT_CACHE = "Saml_Assertion_Client_Cache";
118: public static final String SAML_SIG_RESOLVED = "Saml_Signature_resolved";
119:
120: public static final String SAML_XMLNS_TAG = XMLNS_TAG + ":"
121: + SAML_PREFIX;
122: public static final String SAML2_XMLNS_TAG = XMLNS_TAG + ":"
123: + SAML2_PREFIX;
124: public static final String SAMLP_XMLNS_TAG = XMLNS_TAG + ":"
125: + SAMLP_PREFIX;
126:
127: public static final String SAML_SENDER_VOUCHES = "urn:oasis:names:tc:SAML:1.0:cm:sender-vouches";
128: public static final String SAML2_SENDER_VOUCHES = "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches";
129:
130: public static final String SAML_HOLDER_OF_KEY = "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key";
131: public static final String SAML2_HOLDER_OF_KEY = "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key";
132:
133: public static final String XENC_NS = "http://www.w3.org/2001/04/xmlenc#";
134: public static final String XENC_PREFIX = "xenc";
135: public static final String WSE_VALUE_TYPE = "ValueType";
136:
137: public static final String XENC_REFERENCE_LIST_LNAME = "ReferenceList";
138: public static final String XENC_REFERENCE_LIST_QNAME = XENC_PREFIX
139: + ":" + XENC_REFERENCE_LIST_LNAME;
140:
141: public static final String XENC_ENCRYPTED_KEY_LNAME = "EncryptedKey";
142: public static final String XENC_ENCRYPTED_KEY_QNAME = XENC_PREFIX
143: + ":" + XENC_ENCRYPTED_KEY_LNAME;
144:
145: public static final String XENC_CIPHER_DATA_LNAME = "CipherData";
146: public static final String XENC_CIPHER_DATA_QNAME = XENC_PREFIX
147: + ":" + XENC_CIPHER_DATA_LNAME;
148:
149: public static final String ENCRYPTED_DATA_LNAME = "EncryptedData";
150: public static final String ENCRYPTED_DATA_QNAME = XENC_PREFIX + ":"
151: + ENCRYPTED_DATA_LNAME;
152:
153: public static final String WSU_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
154: public static final String WSU_PREFIX = "wsu";
155:
156: public static final String SWA_NS = "http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-swa-profile-1.0";
157:
158: public static final String WSU_ID_QNAME = WSU_PREFIX + ":Id";
159:
160: public static final String SOAP_HEADER_LNAME = "Header";
161: public static final String SOAP_BODY_LNAME = "Body";
162:
163: public static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
164: public static final String WSSE_PREFIX = "wsse";
165: public static final String WSSE11_PREFIX = "wsse11";
166:
167: public static final String WSSE11_NS = "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
168:
169: public static final String ENCRYPTED_HEADER_LNAME = "EncryptedHeader";
170: public static final String ENCRYPTED_HEADER_QNAME = WSSE11_PREFIX
171: + ":" + ENCRYPTED_HEADER_LNAME;
172:
173: public static final String WSSE11_TOKEN_TYPE = WSSE11_PREFIX
174: + ":TokenType";
175: public static final String TOKEN_TYPE_LNAME = "TokenType";
176:
177: public static final String WSSE_SECURITY_LNAME = "Security";
178: public static final String WSSE_SECURITY_QNAME = WSSE_PREFIX + ":"
179: + WSSE_SECURITY_LNAME;
180:
181: public static final String WSSE_BINARY_SECURITY_TOKEN_LNAME = "BinarySecurityToken";
182: public static final String WSSE_BINARY_SECURITY_TOKEN_QNAME = WSSE_PREFIX
183: + ":" + WSSE_BINARY_SECURITY_TOKEN_LNAME;
184:
185: public static final String WSSE_SECURITY_TOKEN_REFERENCE_LNAME = "SecurityTokenReference";
186:
187: public static final String WSSE_SECURITY_TOKEN_REFERENCE_QNAME = WSSE_PREFIX
188: + ":" + WSSE_SECURITY_TOKEN_REFERENCE_LNAME;
189:
190: public static final String WSSE_REFERENCE_LNAME = "Reference";
191:
192: public static final String USERNAME_TOKEN_LNAME = "UsernameToken";
193:
194: public static final String TIMESTAMP_LNAME = "Timestamp";
195:
196: public static final String SIGNATURE_CONFIRMATION_LNAME = "SignatureConfirmation";
197:
198: public static final String DERIVEDKEY_TOKEN_LNAME = "DerivedKeyToken";
199:
200: public static final String WSSE_REFERENCE_QNAME = WSSE_PREFIX + ":"
201: + WSSE_REFERENCE_LNAME;
202:
203: public static final String WSSE_REFERENCE_ATTR_URI = "URI";
204:
205: public static final String WSSE_IDENTIFIER_ATTR_VALUETYPE = "ValueType";
206:
207: public static final String USERNAME_TOKEN_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0";
208:
209: public static final String PASSWORD_TEXT_NS = USERNAME_TOKEN_NS
210: + "#PasswordText";
211:
212: public static final String PASSWORD_DIGEST_NS = USERNAME_TOKEN_NS
213: + "#PasswordDigest";
214:
215: public static final String WSS_SPEC_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0";
216:
217: public static final String WSS11_SPEC_NS = "http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1";
218:
219: public static final String BASE64_ENCODING_NS = WSS_SPEC_NS
220: + "#Base64Binary";
221:
222: public static final String X509_TOKEN_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0";
223:
224: public static final String X509_NS = X509_TOKEN_NS + "#X509";
225:
226: public static final String X509v1_NS = X509_TOKEN_NS + "#X509v1";
227:
228: public static final String X509v3_NS = X509_TOKEN_NS + "#X509v3";
229:
230: public static final String X509SubjectKeyIdentifier_NS = X509_TOKEN_NS
231: + "#X509SubjectKeyIdentifier";
232:
233: public static final String ThumbPrintIdentifier_NS = WSS11_SPEC_NS
234: + "#ThumbprintSHA1";
235:
236: public static final String EncryptedKeyIdentifier_NS = WSS11_SPEC_NS
237: + "#EncryptedKeySHA1";
238:
239: public static final String EncryptedKey_NS = WSS11_SPEC_NS
240: + "#EncryptedKey";
241: // added in X509 Token Profile Errata
242: public static final String X509v3SubjectKeyIdentifier_NS = X509_TOKEN_NS
243: + "#X509v3SubjectKeyIdentifier";
244:
245: public static final String STR_TRANSFORM_URI = WSS_SPEC_NS
246: + "#STR-Transform";
247:
248: public static final String ATTACHMENT_CONTENT_ONLY_TRANSFORM_URI = SWA_NS
249: + "#Attachment-Content-Only-Transform";
250:
251: public static final String ATTACHMENT_COMPLETE_TRANSFORM_URI = SWA_NS
252: + "#Attachment-Complete-Transform";
253:
254: public static final String ATTACHMENT_CONTENT_ONLY_URI = SWA_NS
255: + "#Attachment-Content-Only";
256:
257: public static final String ATTACHMENT_COMPLETE_URI = SWA_NS
258: + "#Attachment-Complete";
259:
260: public static final String TRANSFORM_C14N_EXCL_OMIT_COMMENTS = "http://www.w3.org/2001/10/xml-exc-c14n#";
261:
262: public static final String TRANSFORM_FILTER2 = "http://www.w3.org/2002/06/xmldsig-filter2";
263:
264: // Secure Conversation Namespace
265: public static final String WSSC_NS = "http://schemas.xmlsoap.org/ws/2005/02/sc";
266:
267: public static final String WSSC_PREFIX = "wsc";
268:
269: public static final String SCT_VALUETYPE = WSSC_NS + "/sct";
270: public static final String DKT_VALUETYPE = WSSC_NS + "/dk";
271:
272: /** SOAPFault related constants **/
273:
274: //---------- Errors ---------------
275: public static final QName WSSE_UNSUPPORTED_SECURITY_TOKEN = new QName(
276: WSSE_NS, "UnsupportedSecurityToken", WSSE_PREFIX);
277:
278: public static final QName WSSE_UNSUPPORTED_ALGORITHM = new QName(
279: WSSE_NS, "UnsupportedAlgorithm", WSSE_PREFIX);
280:
281: public static final QName WSSE_INTERNAL_SERVER_ERROR = new QName(
282: WSSE_NS, "InternalServerError", WSSE_PREFIX);
283:
284: //--------- Failures --------------
285: public static final QName WSSE_INVALID_SECURITY = new QName(
286: WSSE_NS, "InvalidSecurity", WSSE_PREFIX);
287:
288: public static final QName WSSE_INVALID_SECURITY_TOKEN = new QName(
289: WSSE_NS, "InvalidSecurityToken", WSSE_PREFIX);
290:
291: public static final QName WSSE_FAILED_AUTHENTICATION = new QName(
292: WSSE_NS, "FailedAuthentication", WSSE_PREFIX);
293:
294: public static final QName WSSE_RECEIVER_POLICY_VIOLATION = new QName(
295: WSSE_NS, "PolicyViolation", WSSE_PREFIX);
296:
297: public static final QName WSSE_FAILED_CHECK = new QName(WSSE_NS,
298: "FailedCheck", WSSE_PREFIX);
299:
300: public static final QName WSSE_SECURITY_TOKEN_UNAVAILABLE = new QName(
301: WSSE_NS, "SecurityTokenUnavailable", WSSE_PREFIX);
302:
303: public static final QName WSU_MESSAGE_EXPIRED = new QName(WSU_NS,
304: "MessageExpired", WSU_PREFIX);
305:
306: /** WSS security header QName */
307: private static final QName securityHeaderName = new QName(WSSE_NS,
308: WSSE_SECURITY_LNAME, WSSE_PREFIX);
309:
310: public static final String TRANSFORMATION_PARAMETERS = "TransformationParameters";
311:
312: /**
313: * TODO Decide if there is a better interface for this
314: *
315: * @return QName representing the Security header block from WSS spec
316: */
317: public static QName getSecurityHeaderName() {
318: return securityHeaderName;
319: }
320:
321: public static final String SHA256 = "http://www.w3.org/2001/04/xmlenc#sha256";
322: public static final String SHA512 = "http://www.w3.org/2001/04/xmlenc#sha512";
323: public static final String SHA_1 = "SHA-1";
324: public static final String SHA_256 = "SHA-256";
325: public static final String SHA_512 = "SHA-512";
326: //Algorithm Constants
327: public static final String RSA_OAEP_KEY_TRANSPORT = "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";
328: public static final String RSA_15_KEY_TRANSPORT = "http://www.w3.org/2001/04/xmlenc#rsa-1_5";
329:
330: public static final String TRIPLE_DES_KEY_WRAP = "http://www.w3.org/2001/04/xmlenc#kw-tripledes";
331:
332: public static final String AES_KEY_WRAP_128 = "http://www.w3.org/2001/04/xmlenc#kw-aes128";
333: public static final String AES_KEY_WRAP_192 = "http://www.w3.org/2001/04/xmlenc#kw-aes192";
334: public static final String AES_KEY_WRAP_256 = "http://www.w3.org/2001/04/xmlenc#kw-aes256";
335:
336: public static final String TRIPLE_DES_BLOCK_ENCRYPTION = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
337:
338: public static final String AES_BLOCK_ENCRYPTION_128 = "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
339: public static final String AES_BLOCK_ENCRYPTION_192 = "http://www.w3.org/2001/04/xmlenc#aes192-cbc";
340: public static final String AES_BLOCK_ENCRYPTION_256 = "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
341:
342: public static final String SHA1_DIGEST = "http://www.w3.org/2000/09/xmldsig#sha1";
343: public static final String PSHA1_DIGEST = "http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1";
344: public static final String DSIG_BASE64_ENCODING = "http://www.w3.org/2000/09/xmldsig#base64";
345:
346: public static final String RSA_SHA1_SIGMETHOD = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
347: public static final String DSA_SHA1_SIGMETHOD = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
348: public static final String HMAC_SHA1_SIGMETHOD = "http://www.w3.org/2000/09/xmldsig#hmac-sha1";
349: public static final String DEFAULT_DATA_ENC_ALGO = XMLCipher.TRIPLEDES;
350:
351: public static final String ATTACHMENTREF = "attachmentRef:";
352:
353: public static final String TIMESTAMP_QNAME = "{" + WSU_NS + "}"
354: + TIMESTAMP_LNAME;
355: public static final String PROCESS_ALL_ATTACHMENTS = "cid:*";
356:
357: // added for JSR 196 Provider new Features
358: public static final String SELF_SUBJECT = "javax.security.auth.Subject.self";
359: public static final String REQUESTER_KEYID = "requester.keyid";
360: public static final String REQUESTER_ISSUERNAME = "requester.issuername";
361: public static final String REQUESTER_SERIAL = "requester.serial";
362:
363: // FI + SOAP 1.1
364: public static final String FAST_INFOSET_TYPE_SOAP11 = "application/fastinfoset";
365:
366: // FI + SOAP 1.2
367: public static final String FAST_INFOSET_TYPE_SOAP12 = "application/soap+fastinfoset";
368:
369: // XML + XOP + SOAP 1.1
370: public static final String XOP_SOAP11_XML_TYPE_VALUE = "application/xop+xml;type=\"text/xml\"";
371:
372: // XML + XOP + SOAP 1.2
373: public static final String XOP_SOAP12_XML_TYPE_VALUE = "application/xop+xml;type=\"application/soap+xml\"";
374:
375: public static final String XML_CONTENT_TYPE_VALUE = "text/xml";
376:
377: public static final String ENCRYPTEDKEY_LNAME = "EncryptedKey";
378:
379: public static final String SECURITY_CONTEXT_TOKEN_LNAME = "SecurityContextToken";
380:
381: public static final String SECURITY_CONTEXT_TOKEN_NS = "http://schemas.xmlsoap.org/ws/2005/02/sc/sct";
382:
383: public static final String DERIVEDKEY_TOKEN_NS = "http://schemas.xmlsoap.org/ws/2005/02/sc/dk";
384:
385: public static final String INCOMING_SCT = "Incoming_SCT";
386:
387: public static final String BINARY_SECRET_LNAME = "BinarySecret";
388:
389: public static final String ADDRESSING_MEMBER_SUBMISSION_NAMESPACE = "http://schemas.xmlsoap.org/ws/2004/08/addressing";
390:
391: public static final String ADDRESSING_W3C_NAMESPACE = "http://www.w3.org/2005/08/addressing";
392:
393: public static final String ENCRYPT_ELEMENT_CONTENT = "http://www.w3.org/2001/04/xmlenc#Content";
394:
395: public static final String ENCRYPT_ELEMENT = "http://www.w3.org/2001/04/xmlenc#Element";
396:
397: public static final String MUST_UNDERSTAND = "mustUnderstand";
398:
399: public static final String SIGNATURE_LNAME = "Signature";
400:
401: public static final String EK_SHA1_VALUE = "EKSHA1Value";
402:
403: public static final String SECRET_KEY_VALUE = "SecretKeyValue";
404:
405: public static final String SUBJECT_KEY_IDENTIFIER_OID = "2.5.29.14";
406: public static final String MEX_GET = "http://schemas.xmlsoap.org/ws/2004/09/transfer/Get";
407: public static final String CANONICALIZATION_METHOD = "CanonicalizationMethod";
408: public static final String KEYIDENTIFIER = "KeyIdentifier";
409:
410: public static final String CANCEL_SECURITY_CONTEXT_TOKEN_ACTION = "http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel";
411: public static final String CANCEL_SECURITY_CONTEXT_TOKEN_RESPONSE_ACTION = "http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel";
412: public static final QName SCT_NAME = new QName(
413: SECURITY_CONTEXT_TOKEN_NS, SECURITY_CONTEXT_TOKEN_LNAME);
414: public static final long MAX_CLOCK_SKEW = 300000; // milliseconds
415: public static final long TIMESTAMP_FRESHNESS_LIMIT = 300000; // milliseconds
416:
417: public static final String SCBOOTSTRAP_CRED_IN_SUBJ = "SCBOOTSTRAP_CRED_IN_SUBJ";
418: }
|