8-20 Oracle Fusion Middleware Reference for Oracle Security Developer Tools
decrypt the data PrivateKey keyDecKey = ...
XEEncUtils.decryptElementedElem, keyDecKey;
8.12 Supporting Classes and Interfaces
This section describes additional classes and interfaces in the Oracle XML Security API.
8.12.1 The oracle.security.xmlsec.util.XMLURI Interface
This interface defines URI string constants for algorithms, namespaces, and objects. It uses the following naming convention:
■
Algorithm URIs begin with alg_.
■
Namespace URIs begin with ns_.
■
Object type URIs begin with obj_.
8.12.2 The oracle.security.xmlsec.util.XMLUtils class
This class contains static utility methods for XML and XML-DSIG. Methods frequently used in applications include the createDocBuilder, createDocument,
toBytesXML, and toStringXML methods.
8.13 Common XML Security Questions
This section answers frequently asked questions about XML security and about using Oracle XML Security. It addresses these areas:
What is the DER format? The PEM format? How are these formats used? DER is an abbreviation for ASN.1 Distinguished Encoding Rules. DER is a binary
format that is used to encode certificates and private keys. Oracle XML Security SDK uses DER as its native format, as do most commercial products that use certificates
and private keys.
Many other formats used to encode certificates and private keys, including PEM, PKCS 7, and PKCS 12, are transformations of DER encoding. For example, PEM
Privacy Enhanced Mail is a text format that is the Base 64 encoding of the DER binary format. The PEM format also specifies the use of text BEGIN and END lines that
indicate the type of content that is being encoded.
I received a certificate in my email in a text format. It has several lines of text characters that dont seem to mean anything. How do I convert it into the format
that Oracle XML Security uses? If you received the certificate in your email, it is in PEM format. You need to convert
the certificate from PEM Privacy-Enhanced Mail format to ASN.1 DER Distinguished Encoding Rules format.
How do I use a certificate that is exported from a browser? If you have exported the certificate from a browser, it is most likely in PKCS 12
format .p12 or .pfx. You must parse the PKCS 12 object into its component parts.
Oracle XML Security 8-21
8.14 Best Practices
For a discussion of best practices for implementors and users of the XML Signature specification, see:
http:www.w3.orgTRxmldsig-bestpractices
8.15 The Oracle XML Security Java API Reference
The Oracle XML Security API Javadoc is available at: Oracle Fusion Middleware XML Security Java API Reference for Oracle Security Developer
Tools
8.16 Example Programs
For example programs using the Oracle Security Developer Tools, see the Oracle Technology Network Web Site at
http:www.oracle.comtechnologysample_codeproductsid_ mgmtindex.html
.
8-22 Oracle Fusion Middleware Reference for Oracle Security Developer Tools
9
Oracle SAML 9-1
9
Oracle SAML
This chapter provides information about using the Oracle Security Assertions Markup Language SAML Software Development Kit SDK. Oracle SAML allows Java
developers to develop cross-domain single sign-on and federated access control solutions that conform to the SAML 1.01.1 and SAML 2.0 specifications.
This chapter contains the following topics:
■
Oracle SAML Features and Benefits