8-20 Oracle Fusion Middleware Reference for Oracle Security Developer Tools decrypt the data PrivateKey keyDecKey = ... XEEncUtils.decryptElementedElem, keyDecKey;

8.12 Supporting Classes and Interfaces

This section describes additional classes and interfaces in the Oracle XML Security API.

8.12.1 The oracle.security.xmlsec.util.XMLURI Interface

This interface defines URI string constants for algorithms, namespaces, and objects. It uses the following naming convention: ■ Algorithm URIs begin with alg_. ■ Namespace URIs begin with ns_. ■ Object type URIs begin with obj_.

8.12.2 The oracle.security.xmlsec.util.XMLUtils class

This class contains static utility methods for XML and XML-DSIG. Methods frequently used in applications include the createDocBuilder, createDocument, toBytesXML, and toStringXML methods.

8.13 Common XML Security Questions

This section answers frequently asked questions about XML security and about using Oracle XML Security. It addresses these areas: What is the DER format? The PEM format? How are these formats used? DER is an abbreviation for ASN.1 Distinguished Encoding Rules. DER is a binary format that is used to encode certificates and private keys. Oracle XML Security SDK uses DER as its native format, as do most commercial products that use certificates and private keys. Many other formats used to encode certificates and private keys, including PEM, PKCS 7, and PKCS 12, are transformations of DER encoding. For example, PEM Privacy Enhanced Mail is a text format that is the Base 64 encoding of the DER binary format. The PEM format also specifies the use of text BEGIN and END lines that indicate the type of content that is being encoded. I received a certificate in my email in a text format. It has several lines of text characters that dont seem to mean anything. How do I convert it into the format that Oracle XML Security uses? If you received the certificate in your email, it is in PEM format. You need to convert the certificate from PEM Privacy-Enhanced Mail format to ASN.1 DER Distinguished Encoding Rules format. How do I use a certificate that is exported from a browser? If you have exported the certificate from a browser, it is most likely in PKCS 12 format .p12 or .pfx. You must parse the PKCS 12 object into its component parts. Oracle XML Security 8-21

8.14 Best Practices

For a discussion of best practices for implementors and users of the XML Signature specification, see: http:www.w3.orgTRxmldsig-bestpractices

8.15 The Oracle XML Security Java API Reference

The Oracle XML Security API Javadoc is available at: Oracle Fusion Middleware XML Security Java API Reference for Oracle Security Developer Tools

8.16 Example Programs

For example programs using the Oracle Security Developer Tools, see the Oracle Technology Network Web Site at http:www.oracle.comtechnologysample_codeproductsid_ mgmtindex.html . 8-22 Oracle Fusion Middleware Reference for Oracle Security Developer Tools 9 Oracle SAML 9-1 9 Oracle SAML This chapter provides information about using the Oracle Security Assertions Markup Language SAML Software Development Kit SDK. Oracle SAML allows Java developers to develop cross-domain single sign-on and federated access control solutions that conform to the SAML 1.01.1 and SAML 2.0 specifications. This chapter contains the following topics: ■ Oracle SAML Features and Benefits