Package org.jboss.identity.federation.api.saml.v2.sig

Examples of org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature


        KeyPair kp = kpg.genKeyPair();

        id = IDGenerator.create("ID_"); // regenerate
        ResponseType responseType = response.createResponseType(id, issuerInfo, assertion);

        SAML2Signature ss = new SAML2Signature();
        ss.setSignatureMethod(SignatureMethod.DSA_SHA1);
        Document signedDoc = ss.sign(responseType, kp);

        Logger.getLogger(SignatureValidationUnitTestCase.class).debug(DocumentUtil.asString(signedDoc));
        JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(signedDoc));

        // Validate the signature
View Full Code Here


        Node assert2 = DocumentUtil.getNodeWithAttribute(doc, "urn:oasis:names:tc:SAML:2.0:assertion", "Assertion", "ID", id);

        String referenceURI = "#" + id;

        assertNotNull("Found assertion?", assert2);
        SAML2Signature ss = new SAML2Signature();
        Document signedDoc = ss.sign(responseType, id, kp, referenceURI);

        JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(signedDoc));

        Node signedNode = DocumentUtil.getNodeWithAttribute(signedDoc, "urn:oasis:names:tc:SAML:2.0:assertion", "Assertion",
                "ID", id);
View Full Code Here

        KeyPair kp = kpg.genKeyPair();
        PublicKey publicKey = kp.getPublic();

        X509Certificate x509 = getCertificate();

        SAML2Signature ss = new SAML2Signature();
        ss.setSignatureMethod(SignatureMethod.DSA_SHA1);
        ss.setX509Certificate(x509);
        Document signedDoc = ss.sign(authnRequest, kp);

        //Ensure that we have the certificate in key info
        NodeList x509DataList = signedDoc.getElementsByTagName("dsig:X509Data");
        assertEquals(1, x509DataList.getLength());
View Full Code Here

       // sign Assertion element only
       signAssertionElement(samlResponseDoc, idpAuthenticator.getKeyManager());

       // verify successful validation of signature on Assertion element
       Assert.assertTrue(new SAML2Signature().validate(samlResponseDoc, idpAuthenticator.getKeyManager().getSigningKeyPair().getPublic()));

       // wrap evil assertion
       wrapBadAssertionBeforeOriginal(samlResponseDoc);

       // let's now send the bad SAML response and the assertion back to the SP.
View Full Code Here

        InputStream configStream = tcl.getResourceAsStream("saml/v2/response/saml2-response-adfs-claims.xml");
        SAML2Response samlResponse = new SAML2Response();
        SAML2Object samlObject = samlResponse.getSAML2ObjectFromStream(configStream);
        assertNotNull(samlObject);

        SAML2Signature sig = new SAML2Signature();
        Document signedDoc = sig.sign((ResponseType) samlObject, getKeyPair());
        assertNotNull(signedDoc);

        Logger.getLogger(SAML2ResponseUnitTestCase.class).debug("Signed Response=" + DocumentUtil.asString(signedDoc));
    }
View Full Code Here

        AssertionType assertion = AssertionUtil.createAssertion(assertionId, issuerInfo.getIssuer());
        assertion.addStatement(attributeStatement);

        ResponseType responseType = samlResponse.createResponseType(ID, sp, idp, issuerInfo, assertion);
        SAML2Signature sig = new SAML2Signature();
        Document signedDoc = sig.sign(responseType, getKeyPair());
        assertNotNull(signedDoc);

        Logger.getLogger(SAML2ResponseUnitTestCase.class).debug("Signed Response=" + DocumentUtil.asString(signedDoc));

        Document convertedDoc = samlResponse.convert(responseType);
View Full Code Here

     */
    @Test(expected = XMLSignatureException.class)
    public void testWrappingAttack() throws Exception {
        ResponseType responseType = createSignedResponse();

        SAML2Signature ss = new SAML2Signature();
        ss.setSignatureMethod(SignatureMethod.RSA_SHA1);
        Document signedDoc = ss.sign(responseType, new KeyPair(publicKey, privateKey));

        Logger.getLogger(SignatureValidationUnitTestCase.class).debug(DocumentUtil.asString(signedDoc));
        JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(signedDoc));

        // Validate the signature
View Full Code Here

     */
    @Test
    public void testForceWrappingAttack() throws Exception {
        ResponseType responseType = createSignedResponse();

        SAML2Signature ss = new SAML2Signature();
        ss.setSignatureMethod(SignatureMethod.RSA_SHA1);
        Document signedDoc = ss.sign(responseType, new KeyPair(publicKey, privateKey));

        Logger.getLogger(SignatureValidationUnitTestCase.class).debug(DocumentUtil.asString(signedDoc));
        JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(signedDoc));

        // Validate the signature
View Full Code Here

    private boolean isSignResponseAndAssertion() {
        return this.handlerConfig.getParameter(SIGN_RESPONSE_AND_ASSERTION) != null ? Boolean.valueOf(this.handlerConfig.getParameter(SIGN_RESPONSE_AND_ASSERTION).toString()) : false;
    }

    private void signDocument(Document samlDocument, KeyPair keypair, X509Certificate x509Certificate) throws ProcessingException {
        SAML2Signature samlSignature = new SAML2Signature();
        Node nextSibling = samlSignature.getNextSiblingOfIssuer(samlDocument);
        samlSignature.setNextSibling(nextSibling);
        if(x509Certificate != null){
            samlSignature.setX509Certificate(x509Certificate);
        }
        samlSignature.signSAMLDocument(samlDocument, keypair);
    }
View Full Code Here

    }

    protected void sendToDestination(Document samlDocument, String relayState, String destination,
            HttpServletResponse response, boolean request) throws IOException, SAXException, GeneralSecurityException {
        if (!ignoreSignatures) {
            SAML2Signature samlSignature = new SAML2Signature();

            Node nextSibling = samlSignature.getNextSiblingOfIssuer(samlDocument);
            if (nextSibling != null) {
                samlSignature.setNextSibling(nextSibling);
            }
            KeyPair keypair = keyManager.getSigningKeyPair();
            samlSignature.signSAMLDocument(samlDocument, keypair);
        }
        String samlMessage = PostBindingUtil.base64Encode(DocumentUtil.getDocumentAsString(samlDocument));
        PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, request);
    }
View Full Code Here

TOP

Related Classes of org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.