Examples of org.apache.wss4j.common.crypto.CryptoType

org.apache.wss4j.common.crypto.CryptoType
This class represents a way of passing information to the Crypto.getX509Certificates() method. The TYPE enum describes which method to use to retrieve the Certificate(s). The corresponding get accessor must be set accordingly.

        throws Exception {
        Node issuerNameNode = 
            certNode.getElementsByTagNameNS(Constants.SignatureSpecNS, "X509IssuerName").item(0);
        Node serialNumberNode = 
            certNode.getElementsByTagNameNS(Constants.SignatureSpecNS, "X509SerialNumber").item(0);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ISSUER_SERIAL);
        cryptoType.setIssuerSerial(issuerNameNode.getTextContent(), 
                                   new BigInteger(serialNumberNode.getTextContent()));
        return crypto.getX509Certificates(cryptoType)[0];
    }

View Full Code Here

    public static X509Certificate[] getCertificates(Crypto crypto, String user)
        throws Exception {
        if (crypto == null) {
            throw new Exception("Crypto instance is null");
        }
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias(user);
        X509Certificate[] issuerCerts = crypto.getX509Certificates(cryptoType);
        if (issuerCerts == null || issuerCerts.length == 0) {
            throw new Exception(
                "No issuer certs were found using issuer name: " + user);
        }

View Full Code Here

        encrKey.setKeyEncAlgo(algType.getAsymmetricKeyWrap());
        
        encrKey.prepare(saaj.getSOAPPart(), crypto);
        
        if (alsoIncludeToken) {
            CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
            cryptoType.setAlias(encrUser);
            X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
            BinarySecurity bstToken = new X509Security(saaj.getSOAPPart());
            ((X509Security) bstToken).setX509Certificate(certs[0]);
            bstToken.addWSUNamespace();
            bstToken.setID(wssConfig.getIdAllocator().createSecureId("X509-", certs[0]));

View Full Code Here

        Crypto crypto = getCrypto(wrapper, SecurityConstants.ENCRYPT_CRYPTO,
                                  SecurityConstants.ENCRYPT_PROPERTIES);
        boolean enableRevocation = MessageUtils.isTrue(
                                       message.getContextualProperty(SecurityConstants.ENABLE_REVOCATION));
        if (enableRevocation && crypto != null) {
            CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
            String encrUser = (String)message.getContextualProperty(SecurityConstants.ENCRYPT_USERNAME);
            if (encrUser == null) {
                try {
                    encrUser = crypto.getDefaultX509Identifier();
                } catch (WSSecurityException e1) {
                    throw new Fault(e1);
                }
            }
            cryptoType.setAlias(encrUser);
            X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
            if (certs != null && certs.length > 0) {
                crypto.verifyTrust(certs, enableRevocation, null);
            }
        }

View Full Code Here

        Crypto sigCrypto, Message message, XMLSecurityProperties properties
    ) throws IOException, 
        UnsupportedCallbackException, WSSecurityException {
        
        if (sigCrypto != null && signatureVerificationAlias != null) {
            CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
            cryptoType.setAlias(signatureVerificationAlias);
            X509Certificate[] certs = sigCrypto.getX509Certificates(cryptoType);
            if (certs != null && certs.length > 0) {
                properties.setSignatureVerificationKey(certs[0].getPublicKey());
            }
        }

View Full Code Here

        //
        Signature signature = OpenSAMLUtil.buildSignature();
        signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
        
        // prepare to sign the SAML token
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias(issuerKeyName);
        X509Certificate[] issuerCerts = issuerCrypto.getX509Certificates(cryptoType);
        if (issuerCerts == null) {
            throw new Exception(
                    "No issuer certs were found to sign the SAML Assertion using issuer name: "
                            + issuerKeyName);

View Full Code Here

        
        if (localCerts == null && cryptoType.getType() == CryptoType.TYPE.ALIAS) {
            // If none found then try using either the Subject DN. This is because an 
            // Encryption username in CXF is configured as an Alias in WSS4J, but may in fact 
            // be a Subject DN
            CryptoType newCryptoType = new CryptoType(CryptoType.TYPE.SUBJECT_DN);
            newCryptoType.setSubjectDN(cryptoType.getAlias());
            
            try {
                localCerts = fallbackCrypto.getX509Certificates(newCryptoType);
            } catch (Exception e) {
                LOG.info("Certificate is not found in local keystore and will be requested from "

View Full Code Here

        Assert.assertEquals(defaultCanonicalizationAlgorithm,
                signature.getCanonicalizationAlgorithm());
        
        // Verify Signature
        SAMLKeyInfo keyInfo = new SAMLKeyInfo();
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("client_certchain");
        keyInfo.setCerts(issuerCrypto.getX509Certificates(cryptoType));
        
        Document doc = dbf.newDocumentBuilder().newDocument();
        
        Element assertionElement = samlAssertion.toDOM(doc);

View Full Code Here

        String assertionString = DOM2Writer.nodeToString(assertionElement);
        Assert.assertTrue(assertionString.contains(customSignatureDigestAlgorithm));


        // Verify Signature
        SAMLKeyInfo keyInfo = new SAMLKeyInfo();
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("client_certchain");
        keyInfo.setCerts(issuerCrypto.getX509Certificates(cryptoType));
        
        samlAssertion = new SamlAssertionWrapper(assertionElement);
        samlAssertion.verifySignature(keyInfo);
    }

View Full Code Here

        if (!(keyIdentifierType == WSConstants.CUSTOM_SYMM_SIGNING
            || keyIdentifierType == WSConstants.CUSTOM_SYMM_SIGNING_DIRECT
            || keyIdentifierType == WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER
            || keyIdentifierType == WSConstants.CUSTOM_KEY_IDENTIFIER)) {
            if (useThisCert == null) {
                CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
                cryptoType.setAlias(user);
                if (crypto == null) {
                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSigCryptoFile");
                }
                certs = crypto.getX509Certificates(cryptoType);
            } else {

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.wss4j.common.crypto.CryptoType

org.apache.cxf.rs.security.common.SecurityUtils

org.apache.cxf.rs.security.saml.sso.SAML2CallbackHandler

org.apache.cxf.rs.security.saml.sso.SamlPostBindingFilter

org.apache.cxf.rs.security.saml.sso.SamlRedirectBindingFilter

org.apache.cxf.rs.security.saml.sso.SAMLResponseValidatorTest

org.apache.cxf.rs.security.xml.XmlSecInInterceptor

org.apache.cxf.sts.operation.IssueOnbehalfofUnitTest

org.apache.cxf.sts.operation.IssueSamlUnitTest

org.apache.cxf.sts.operation.ValidateX509TokenUnitTest

org.apache.cxf.sts.token.provider.DefaultSubjectProvider

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.