Examples of org.apache.xml.security.keys.KeyInfo

• org.apache.xml.security.keys.KeyInfo
  This class stand for KeyInfo Element that may contain keys, names, certificates and other public key management information, such as in-band key distribution or key agreement data.
  KeyInfo Element has two basic functions: One is KeyResolve for getting the public key in signature validation processing. the other one is toElement for getting the element in signature generation processing.
  The lengthXXX() methods provide access to the internal Key objects:

  • If the KeyInfo was constructed from an Element (Signature verification), the lengthXXX() methods searches for child elements of ds:KeyInfo for known types.
  • If the KeyInfo was constructed from scratch (during Signature generation), the lengthXXX() methods return the number of XXX objects already passed to the KeyInfo

  
  The addXXX() methods are used for adding Objects of the appropriate type to the KeyInfo. This is used during signature generation.
  The itemXXX(int i) methods return the i'th object of the corresponding type.
  The containsXXX() methods return whether the KeyInfo contains the corresponding type. @author $Author: vdkoogh $

                    }

                    Element e = samlSubj.getKeyInfo();
                    X509Certificate[] certs = null;
                    try {
                        KeyInfo ki = new KeyInfo(e, null);

                        if (ki.containsX509Data()) {
                            X509Data data = ki.itemX509Data(0);
                            if (data != null && data.containsCertificate()) {
                                XMLX509Certificate certElem = data.itemCertificate(0);
                                if (certElem != null) {
                                    X509Certificate cert = certElem.getX509Certificate();
                                    certs = new X509Certificate[1];
                                    certs[0] = cert;
                                    return new SAMLKeyInfo(assertion, certs);
                                }
                            } else if (data != null && data.containsIssuerSerial()) {
                                XMLX509IssuerSerial issuerSerial = data.itemIssuerSerial(0);
                                String alias =
                                    crypto.getAliasForX509Cert(
                                        issuerSerial.getIssuerName(), issuerSerial.getSerialNumber()
                                    );
                                certs = crypto.getCertificates(alias);
                                return new SAMLKeyInfo(assertion, certs);
                            }
                        } else if (ki.containsKeyValue()) {
                            PublicKey pk = ki.getPublicKey();
                            return new SAMLKeyInfo(assertion, pk);
                        }
                    } catch (XMLSecurityException e3) {
                        throw new WSSecurityException(WSSecurityException.FAILURE,
                                "invalidSAMLsecurity",

        // If it exists use it, but it's not mandatory
        if (keyInfoElem != null
            && Constants.SignatureSpecNS.equals(keyInfoElem.getNamespaceURI())
            && Constants._TAG_KEYINFO.equals(keyInfoElem.getLocalName())) {
            this.keyInfo = new KeyInfo(keyInfoElem, baseURI);
            this.keyInfo.setSecureValidation(secureValidation);
        }

        // <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
        Element objectElem =

    public KeyInfo getKeyInfo() {
        // check to see if we are signing and if we have to create a keyinfo
        if (this.state == MODE_SIGN && this.keyInfo == null) {

            // create the KeyInfo
            this.keyInfo = new KeyInfo(this.doc);

            // get the Element from KeyInfo
            Element keyInfoElement = this.keyInfo.getElement();
            Element firstObject =
                XMLUtils.selectDsNode(

//            senderVouches = true;
//        }
        Element e = samlSubj.getKeyInfo();
        X509Certificate[] certs = null;
        try {
            KeyInfo ki = new KeyInfo(e, null);

            if (ki.containsX509Data()) {
                X509Data data = ki.itemX509Data(0);
                XMLX509Certificate certElem = null;
                if (data != null && data.containsCertificate()) {
                    certElem = data.itemCertificate(0);
                }
                if (certElem != null) {

        NodeList dataToEncrypt = doc.getElementsByTagName("user");

        XMLCipher dataCipher = XMLCipher.getInstance(XMLCipher.TRIPLEDES);
        dataCipher.init(XMLCipher.ENCRYPT_MODE, secretKey);

        KeyInfo keyInfo = new KeyInfo(doc);
        keyInfo.addKeyName("mykey");

        EncryptedData encryptedData = dataCipher.getEncryptedData();
        encryptedData.setKeyInfo(keyInfo);

        for (int i = 0; i < dataToEncrypt.getLength(); i++) {

        XPathFactory xpf = XPathFactory.newInstance();
        XPath xpath = xpf.newXPath();
        xpath.setNamespaceContext(new DSNamespaceContext());

        EncryptedData builder = cipher.getEncryptedData();
        KeyInfo builderKeyInfo = builder.getKeyInfo();
        if (builderKeyInfo == null) {
            builderKeyInfo = new KeyInfo(document);
            builder.setKeyInfo(builderKeyInfo);
        }
        builderKeyInfo.add(encryptedKey);

        for (String localName : localNames) {
            String expression = "//*[local-name()='" + localName + "']";
            Element elementToEncrypt =
                (Element) xpath.evaluate(expression, document, XPathConstants.NODE);

    XMLSignature sig)
      throws XMLSignatureException,
             XMLSecurityException,
             IRISyntaxException {
    boolean answer = false;
    KeyInfo ki = sig.getKeyInfo();
    if (ki != null) {
      X509Certificate cert = ki.getX509Certificate();
      if (cert != null) {
        answer = sig.checkSignatureValue(cert);
      } else {
        PublicKey key = ki.getPublicKey();
        if (key != null) {
          answer = sig.checkSignatureValue(key);
        }
      }
    }

            IRI baseUri = element.getResolvedBaseUri();
            XMLSignature sig =
              new XMLSignature(
                el, (baseUri != null) ? baseUri.toString() : "");
            if (is_valid_signature(sig)) {
              KeyInfo ki = sig.getKeyInfo();
              if (ki != null) {
                X509Certificate cert = ki.getX509Certificate();
                if (cert != null) certs.add(cert);
              }
            }
          }
        }

         signature.addResourceResolver(resolver);
      }
      signature.setFollowNestedManifests(followManifests);


      KeyInfo ki = signature.getKeyInfo();
      boolean result=false;
      if (ki != null) {
         X509Certificate cert = ki.getX509Certificate();

         if (cert != null) {
           result=signature.checkSignatureValue(cert);
         } else {
            PublicKey pk = ki.getPublicKey();

            if (pk != null) {
              result=signature.checkSignatureValue(pk);
            } else {
               throw new RuntimeException(

            signature.addResourceResolver(new OfflineResolver());

            //Get the KeyInfo object, which might contain some clues as to what
            //key was used to create the signature. It might also contain the
            //full cert.
            KeyInfo ki = signature.getKeyInfo();

            ki.addStorageResolver(new StorageResolver(new org.apache.xml
               .security.keys.storage.implementations
               .CertsInFilesystemDirectoryResolver(merlinsDir + "certs")));

            if (ki != null) {