Package net.shibboleth.tool.xmlsectool

Class CommandLineArguments

java.lang.Object

net.shibboleth.tool.xmlsectool.CommandLineArguments

public class CommandLineArguments
extends Object

Command line arguments for the XMLSecTool command line tool.

Field Summary

Fields

Modifier and Type	Field	Description
private static String	ALLOW_ALL_DIGESTS_ARG
private static String	ALLOW_DIGEST_ARG
private boolean	allowAllDigests	Option requesting that all digest algorithms should be allowed.
private List<String>	allowDigestNames	Option requesting that algorithms associated with a specific digest be allowed.
private static String	BASE64_IN_ARG
private static String	BASE64_OUT_ARG
private boolean	base64DecodeInput
private boolean	base64EncodeOutput
private static String	BLACKLIST_DIGEST_ARG	Deprecated, for removal: This API element is subject to removal in a future version.
private List<String>	blacklistDigestNames	Deprecated, for removal: This API element is subject to removal in a future version.
private String	cert
private static String	CERT_ARG
private static String	CLEAR_BLACKLIST_ARG	Deprecated, for removal: This API element is subject to removal in a future version.
private boolean	clearBlacklist	Deprecated, for removal: This API element is subject to removal in a future version.
private static String	DEFLATE_OUT_ARG
private boolean	deflateOutput
private DigestChoice	digest	Digest algorithm choice for all algorithms.
private static String	DIGEST_ALGORITHM_ARG
private static String	DIGEST_ARG
private String	digestAlgorithm	Digest algorithm URI directly specified on the command line.
private String	digestName	Selected digest algorithm choice name for all algorithms.
private static String	DISALLOW_DIGEST_ARG
private List<String>	disallowDigestNames	Option requesting that algorithms associated with a specific digest be disallowed.
private DisallowedAlgorithms	disallowedAlgorithms	Local collection of disallowed signature and digest algorithms.
private static String	GUNZIP_IN_ARG
private boolean	gunzipInput
private static String	GZIP_OUT_ARG
private boolean	gzipOutput
private boolean	help
private static String	HELP_ARG
private static String	HTTP_PROXY_ARG
private static String	HTTP_PROXY_PASSWORD_ARG
private static String	HTTP_PROXY_PORT_ARG
private static String	HTTP_PROXY_USERNAME_ARG
private String	httpProxy
private String	httpProxyPassword
private int	httpProxyPort
private String	httpProxyUsername
private static String	IN_FILE_ARG
private static String	IN_URL_ARG
private String	inFile
private static String	INFLATE_IN_ARG
private boolean	inflateInput
private String	inUrl
private String	key	Deprecated, for removal: This API element is subject to removal in a future version.
private static String	KEY_ALIAS_ARG
private static String	KEY_ARG	Deprecated, for removal: This API element is subject to removal in a future version.
private static String	KEY_FILE_ARG
private static String	KEY_PASSWORD_ARG
private String	keyAlias
private String	keyFile
private String	keyPassword
private String	keystore
private static String	KEYSTORE_ARG
private static String	KEYSTORE_PASSWORD_ARG
private static String	KEYSTORE_PROVIDER_ARG
private static String	KEYSTORE_TYPE_ARG
private String	keystorePassword
private String	keystoreProvider
private String	keystoreType
private static String	KI_CRL_ARG
private static String	KI_KEY_NAME_ARG
private List<String>	kiCrls
private List<String>	kiKeyNames
private static String	LIST_ALGORITHMS_ARG
private static String	LIST_BLACKLIST_ARG	Deprecated, for removal: This API element is subject to removal in a future version.
private boolean	listAlgorithms	Option requesting that the signature verification algorithms be listed.
private boolean	listBlacklist	Deprecated, for removal: This API element is subject to removal in a future version.
private static String	LOG_CONFIG_ARG
private String	logConfig
private static String	OPT	Prefix for all command-line option names.
private static String	OUT_FILE_ARG
private String	outFile
private static String	PKCS11_CONFIG_ARG
private String	pkcs11Config
private boolean	quiet
private static String	QUIET_ARG
private String	refIdAttributeName
private boolean	rngSchema
private static String	SCHEMA_DIR_ARG
private static String	SCHEMA_RNG_LANG_ARG
private static String	SCHEMA_XSD_LANG_ARG
private String	schemaDirectory
private boolean	schemaValidate
private static String	SIG_POS_ARG
private static String	SIG_REF_ID_ATT_ARG
private boolean	sign
private static String	SIGN_ARG
private static String	SIGNATURE_ALGORITHM_ARG
private String	signatureAlgorithm	Signature algorithm URI directly specified on the command line.
private String	signaturePosition
private boolean	signatureVerify
private static String	V_SCHEMA_ARG
private static String	V_SIG_ARG
private boolean	verbose
private static String	VERBOSE_ARG
private static String	WHITELIST_DIGEST_ARG	Deprecated, for removal: This API element is subject to removal in a future version.
private List<String>	whitelistDigestNames	Deprecated, for removal: This API element is subject to removal in a future version.
private boolean	xsdSchema

Constructor Summary

Constructors

Constructor	Description
CommandLineArguments()

Method Summary

Modifier and Type	Method	Description
void	checkForDeprecations()	Checks for any deprecations in the command-line options.
boolean	doHelp()
boolean	doListAlgorithms()	Indicates whether the option to list the disallowed algorithms has been selected.
boolean	doQuietOutput()
boolean	doSchemaValidation()
boolean	doSign()
boolean	doSignatureVerify()
boolean	doVerboseOutput()
private void	errorAndExit(String error)	Prints the error message to STDERR and then exits.
String	getCertificate()
DigestChoice	getDigest()	Returns the choice of digest algorithm.
String	getDigestAlgorithm()	Returns the digest algorithm URI if specified on the command line.
DisallowedAlgorithms	getDisallowedAlgorithms()	Returns the {link @DisallowedAlgorithms}.
String	getHttpProxy()
String	getHttpProxyPassword()
int	getHttpProxyPort()
String	getHttpProxyUsername()
String	getInputFile()
String	getInputUrl()
String	getKeyAlias()
String	getKeyFile()
List<String>	getKeyInfoCrls()
List<String>	getKeyInfoKeyNames()
String	getKeyPassword()
String	getKeystore()
String	getKeystorePassword()
String	getKeystoreProvider()
String	getKeystoreType()
String	getLoggingConfiguration()
String	getOutputFile()
String	getPkcs11Config()
String	getReferenceIdAttributeName()
String	getSchemaDirectory()
String	getSignatureAlgorithm()	Returns the signature algorithm URI if specified on the command line.
String	getSignaturePosition()
boolean	isBase64DecodeInput()
boolean	isBase64EncodedOutput()
boolean	isDeflateOutput()
boolean	isGunzipInput()
boolean	isGzipOutput()
boolean	isInflateInput()
boolean	isRngSchema()
boolean	isXsdSchema()
void	parseCommandLineArguments(String[] args)	Parse the command-line arguments.
void	printHelp(PrintStream out)	Print command line help instructions.
private void	processDisallowedAlgorithmOptions()	Handle options related to setting up the disallowed algorithm collection.
private void	validateCommandLineArguments()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

OPT

private static final String OPT

Prefix for all command-line option names. Separated out to make it easer to replicate the old usage text.

See Also:

Constant Field Values

HELP_ARG

private static final String HELP_ARG

See Also:

Constant Field Values

SIGN_ARG

private static final String SIGN_ARG

See Also:

Constant Field Values

V_SIG_ARG

private static final String V_SIG_ARG

See Also:

Constant Field Values

V_SCHEMA_ARG

private static final String V_SCHEMA_ARG

See Also:

Constant Field Values

IN_FILE_ARG

private static final String IN_FILE_ARG

See Also:

Constant Field Values

IN_URL_ARG

private static final String IN_URL_ARG

See Also:

Constant Field Values

BASE64_IN_ARG

private static final String BASE64_IN_ARG

See Also:

Constant Field Values

BASE64_OUT_ARG

private static final String BASE64_OUT_ARG

See Also:

Constant Field Values

INFLATE_IN_ARG

private static final String INFLATE_IN_ARG

See Also:

Constant Field Values

GUNZIP_IN_ARG

private static final String GUNZIP_IN_ARG

See Also:

Constant Field Values

HTTP_PROXY_ARG

private static final String HTTP_PROXY_ARG

See Also:

Constant Field Values

HTTP_PROXY_PORT_ARG

private static final String HTTP_PROXY_PORT_ARG

See Also:

Constant Field Values

HTTP_PROXY_USERNAME_ARG

private static final String HTTP_PROXY_USERNAME_ARG

See Also:

Constant Field Values

HTTP_PROXY_PASSWORD_ARG

private static final String HTTP_PROXY_PASSWORD_ARG

See Also:

Constant Field Values

SCHEMA_XSD_LANG_ARG

private static final String SCHEMA_XSD_LANG_ARG

See Also:

Constant Field Values

SCHEMA_RNG_LANG_ARG

private static final String SCHEMA_RNG_LANG_ARG

See Also:

Constant Field Values

SCHEMA_DIR_ARG

private static final String SCHEMA_DIR_ARG

See Also:

Constant Field Values

SIG_REF_ID_ATT_ARG

private static final String SIG_REF_ID_ATT_ARG

See Also:

Constant Field Values

SIG_POS_ARG

private static final String SIG_POS_ARG

See Also:

Constant Field Values

DIGEST_ARG

private static final String DIGEST_ARG

See Also:

Constant Field Values

DIGEST_ALGORITHM_ARG

private static final String DIGEST_ALGORITHM_ARG

See Also:

Constant Field Values

SIGNATURE_ALGORITHM_ARG

private static final String SIGNATURE_ALGORITHM_ARG

See Also:

Constant Field Values

KI_KEY_NAME_ARG

private static final String KI_KEY_NAME_ARG

See Also:

Constant Field Values

KI_CRL_ARG

private static final String KI_CRL_ARG

See Also:

Constant Field Values

CERT_ARG

private static final String CERT_ARG

See Also:

Constant Field Values

KEY_ARG

@Deprecated(since="3.0.0",
            forRemoval=true)
private static final String KEY_ARG

Deprecated, for removal: This API element is subject to removal in a future version.

See Also:

Constant Field Values

KEY_FILE_ARG

private static final String KEY_FILE_ARG

See Also:

Constant Field Values

KEY_ALIAS_ARG

private static final String KEY_ALIAS_ARG

See Also:

Constant Field Values

KEY_PASSWORD_ARG

private static final String KEY_PASSWORD_ARG

See Also:

Constant Field Values

KEYSTORE_ARG

private static final String KEYSTORE_ARG

See Also:

Constant Field Values

KEYSTORE_PASSWORD_ARG

private static final String KEYSTORE_PASSWORD_ARG

See Also:

Constant Field Values

KEYSTORE_TYPE_ARG

private static final String KEYSTORE_TYPE_ARG

See Also:

Constant Field Values

KEYSTORE_PROVIDER_ARG

private static final String KEYSTORE_PROVIDER_ARG

See Also:

Constant Field Values

PKCS11_CONFIG_ARG

private static final String PKCS11_CONFIG_ARG

See Also:

Constant Field Values

CLEAR_BLACKLIST_ARG

@Deprecated(since="3.0.0",
            forRemoval=true)
private static final String CLEAR_BLACKLIST_ARG

Deprecated, for removal: This API element is subject to removal in a future version.

See Also:

Constant Field Values

ALLOW_ALL_DIGESTS_ARG

private static final String ALLOW_ALL_DIGESTS_ARG

See Also:

Constant Field Values

BLACKLIST_DIGEST_ARG

@Deprecated(since="3.0.0",
            forRemoval=true)
private static final String BLACKLIST_DIGEST_ARG

Deprecated, for removal: This API element is subject to removal in a future version.

See Also:

Constant Field Values

DISALLOW_DIGEST_ARG

private static final String DISALLOW_DIGEST_ARG

See Also:

Constant Field Values

WHITELIST_DIGEST_ARG

@Deprecated(since="3.0.0",
            forRemoval=true)
private static final String WHITELIST_DIGEST_ARG

Deprecated, for removal: This API element is subject to removal in a future version.

See Also:

Constant Field Values

ALLOW_DIGEST_ARG

private static final String ALLOW_DIGEST_ARG

See Also:

Constant Field Values

LIST_BLACKLIST_ARG

@Deprecated(since="3.0.0",
            forRemoval=true)
private static final String LIST_BLACKLIST_ARG

Deprecated, for removal: This API element is subject to removal in a future version.

See Also:

Constant Field Values

LIST_ALGORITHMS_ARG

private static final String LIST_ALGORITHMS_ARG

See Also:

Constant Field Values

OUT_FILE_ARG

private static final String OUT_FILE_ARG

See Also:

Constant Field Values

DEFLATE_OUT_ARG

private static final String DEFLATE_OUT_ARG

See Also:

Constant Field Values

GZIP_OUT_ARG

private static final String GZIP_OUT_ARG

See Also:

Constant Field Values

VERBOSE_ARG

private static final String VERBOSE_ARG

See Also:

Constant Field Values

QUIET_ARG

private static final String QUIET_ARG

See Also:

Constant Field Values

LOG_CONFIG_ARG

private static final String LOG_CONFIG_ARG

See Also:

Constant Field Values

sign

private boolean sign

schemaValidate

private boolean schemaValidate

signatureVerify

private boolean signatureVerify

inFile

private String inFile

inUrl

private String inUrl

base64DecodeInput

private boolean base64DecodeInput

inflateInput

private boolean inflateInput

gunzipInput

private boolean gunzipInput

httpProxy

private String httpProxy

httpProxyPort

private int httpProxyPort

httpProxyUsername

private String httpProxyUsername

httpProxyPassword

private String httpProxyPassword

schemaDirectory

private String schemaDirectory

xsdSchema

private boolean xsdSchema

rngSchema

private boolean rngSchema

refIdAttributeName

private String refIdAttributeName

signaturePosition

private String signaturePosition

digest

private DigestChoice digest

Digest algorithm choice for all algorithms.

digestName

private String digestName

Selected digest algorithm choice name for all algorithms.

digestAlgorithm

private String digestAlgorithm

Digest algorithm URI directly specified on the command line.

signatureAlgorithm

private String signatureAlgorithm

Signature algorithm URI directly specified on the command line.

kiKeyNames

private List<String> kiKeyNames

kiCrls

private List<String> kiCrls

outFile

private String outFile

base64EncodeOutput

private boolean base64EncodeOutput

deflateOutput

private boolean deflateOutput

gzipOutput

private boolean gzipOutput

cert

private String cert

key

@Deprecated(since="3.0.0",
            forRemoval=true)
private String key

Deprecated, for removal: This API element is subject to removal in a future version.

keyFile

private String keyFile

keyAlias

private String keyAlias

keyPassword

private String keyPassword

keystore

private String keystore

keystorePassword

private String keystorePassword

keystoreType

private String keystoreType

keystoreProvider

private String keystoreProvider

pkcs11Config

private String pkcs11Config

disallowedAlgorithms

private final DisallowedAlgorithms disallowedAlgorithms

Local collection of disallowed signature and digest algorithms.

allowAllDigests

private boolean allowAllDigests

Option requesting that all digest algorithms should be allowed.

clearBlacklist

@Deprecated(since="3.0.0",
            forRemoval=true)
private boolean clearBlacklist

Deprecated, for removal: This API element is subject to removal in a future version.

listAlgorithms

private boolean listAlgorithms

Option requesting that the signature verification algorithms be listed.

listBlacklist

@Deprecated(since="3.0.0",
            forRemoval=true)
private boolean listBlacklist

Deprecated, for removal: This API element is subject to removal in a future version.

disallowDigestNames

private List<String> disallowDigestNames

Option requesting that algorithms associated with a specific digest be disallowed.

blacklistDigestNames

@Deprecated(since="3.0.0",
            forRemoval=true)
private List<String> blacklistDigestNames

Deprecated, for removal: This API element is subject to removal in a future version.

allowDigestNames

private List<String> allowDigestNames

Option requesting that algorithms associated with a specific digest be allowed.

whitelistDigestNames

@Deprecated(since="3.0.0",
            forRemoval=true)
private List<String> whitelistDigestNames

Deprecated, for removal: This API element is subject to removal in a future version.

verbose

private boolean verbose

quiet

private boolean quiet

logConfig

private String logConfig

help

private boolean help

Constructor Detail

CommandLineArguments

public CommandLineArguments()

Method Detail

parseCommandLineArguments

public void parseCommandLineArguments(String[] args)

Parse the command-line arguments.

As well as basic parsing, this also:

• validates the options used: results in fatal errors if they are invalid
• applies some defaults
• processes the options related to the disallowed algorithm list

Parameters:

args - array of command-line arguments to parse

checkForDeprecations

public void checkForDeprecations()

Checks for any deprecations in the command-line options.

The logging system must have been set up before this is called.

processDisallowedAlgorithmOptions

private void processDisallowedAlgorithmOptions()

Handle options related to setting up the disallowed algorithm collection. These are --allowAllDigests, --disallowDigest and --allowDigest. The legacy forms (--clearBlacklist, --blacklistDigest and --whitelistDigest are also handled here.

getHttpProxy

public String getHttpProxy()

getHttpProxyPort

public int getHttpProxyPort()

getHttpProxyUsername

public String getHttpProxyUsername()

getHttpProxyPassword

public String getHttpProxyPassword()

doSign

public boolean doSign()

doSchemaValidation

public boolean doSchemaValidation()

doSignatureVerify

public boolean doSignatureVerify()

getReferenceIdAttributeName

public String getReferenceIdAttributeName()

getSignaturePosition

public String getSignaturePosition()

getDigest

public DigestChoice getDigest()

Returns the choice of digest algorithm.

Returns:

selected digest algorithm

getDigestAlgorithm

public String getDigestAlgorithm()

Returns the digest algorithm URI if specified on the command line.

Returns:

a digest algorithm identifier, or null.

getSignatureAlgorithm

public String getSignatureAlgorithm()

Returns the signature algorithm URI if specified on the command line.

Returns:

a signature algorithm identifier, or null.

getKeyInfoKeyNames

public List<String> getKeyInfoKeyNames()

getKeyInfoCrls

public List<String> getKeyInfoCrls()

getInputFile

public String getInputFile()

getInputUrl

public String getInputUrl()

isBase64DecodeInput

public boolean isBase64DecodeInput()

isInflateInput

public boolean isInflateInput()

isGunzipInput

public boolean isGunzipInput()

getSchemaDirectory

public String getSchemaDirectory()

isXsdSchema

public boolean isXsdSchema()

isRngSchema

public boolean isRngSchema()

getOutputFile

public String getOutputFile()

isBase64EncodedOutput

public boolean isBase64EncodedOutput()

isDeflateOutput

public boolean isDeflateOutput()

isGzipOutput

public boolean isGzipOutput()

getCertificate

public String getCertificate()

getKeyFile

public String getKeyFile()

getKeyAlias

public String getKeyAlias()

getKeyPassword

public String getKeyPassword()

getKeystore

public String getKeystore()

getKeystorePassword

public String getKeystorePassword()

getKeystoreType

public String getKeystoreType()

getKeystoreProvider

public String getKeystoreProvider()

getPkcs11Config

public String getPkcs11Config()

getDisallowedAlgorithms

public DisallowedAlgorithms getDisallowedAlgorithms()

Returns the {link @DisallowedAlgorithms}.

Returns:

a DisallowedAlgorithms instance

doListAlgorithms

public boolean doListAlgorithms()

Indicates whether the option to list the disallowed algorithms has been selected.

Returns:

true if option selected

doVerboseOutput

public boolean doVerboseOutput()

doQuietOutput

public boolean doQuietOutput()

getLoggingConfiguration

public String getLoggingConfiguration()

doHelp

public boolean doHelp()

validateCommandLineArguments

private void validateCommandLineArguments()

printHelp

public void printHelp(PrintStream out)

Print command line help instructions.

Parameters:

out - location where to print the output

errorAndExit

private void errorAndExit(String error)

Prints the error message to STDERR and then exits.

Parameters:

error - the error message