Package org.opensaml.xml.security.x509

Examples of org.opensaml.xml.security.x509.CertPathPKIXTrustEvaluator


                throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "noKeyInSAMLToken");
            }

            samlTokenValidator.validate(sigSecurityToken, wssSecurityProperties);

            BasicX509Credential credential = new BasicX509Credential();
            if (sigSecurityToken.getX509Certificates() != null) {
                credential.setEntityCertificate(sigSecurityToken.getX509Certificates()[0]);
            } else if (sigSecurityToken.getPublicKey() != null) {
                credential.setPublicKey(sigSecurityToken.getPublicKey());
            } else {
                throw new WSSecurityException(
                        WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity",
                        "cannot get certificate or key"
                );
View Full Code Here


        throws org.opensaml.xml.security.SecurityException, WSSecurityException {
        if (keyInfo.getElement() != null) {
            return (KeyInfo)OpenSAMLUtil.fromDom(keyInfo.getElement());
        } else {
            // Set the certificate or public key
            BasicX509Credential keyInfoCredential = new BasicX509Credential();
            if (keyInfo.getCertificate() != null) {
                keyInfoCredential.setEntityCertificate(keyInfo.getCertificate());
            } else if (keyInfo.getPublicKey() != null) {
                keyInfoCredential.setPublicKey(keyInfo.getPublicKey());
            }
           
            // Configure how to emit the certificate
            X509KeyInfoGeneratorFactory kiFactory = new X509KeyInfoGeneratorFactory();
            KeyInfoBean.CERT_IDENTIFIER certIdentifier = keyInfo.getCertIdentifer();
View Full Code Here

        throws org.opensaml.xml.security.SecurityException, WSSecurityException {
        if (keyInfo.getElement() != null) {
            return (KeyInfo)OpenSAMLUtil.fromDom(keyInfo.getElement());
        } else {
            // Set the certificate or public key
            BasicX509Credential keyInfoCredential = new BasicX509Credential();
            if (keyInfo.getCertificate() != null) {
                keyInfoCredential.setEntityCertificate(keyInfo.getCertificate());
            } else if (keyInfo.getPublicKey() != null) {
                keyInfoCredential.setPublicKey(keyInfo.getPublicKey());
            }
           
            // Configure how to emit the certificate
            X509KeyInfoGeneratorFactory kiFactory = new X509KeyInfoGeneratorFactory();
            KeyInfoBean.CERT_IDENTIFIER certIdentifier = keyInfo.getCertIdentifer();
View Full Code Here

    protected X509Credential processTrustedCertificateEntry(KeyStore.TrustedCertificateEntry trustedCertEntry,
            String entityID, UsageType usage) {

        log.debug("Processing TrustedCertificateEntry from keystore");

        BasicX509Credential credential = new BasicX509Credential();
        credential.setEntityId(entityID);
        credential.setUsageType(usage);

        X509Certificate cert = (X509Certificate) trustedCertEntry.getTrustedCertificate();

        credential.setEntityCertificate(cert);

        ArrayList<X509Certificate> certChain = new ArrayList<X509Certificate>();
        certChain.add(cert);
        credential.setEntityCertificateChain(certChain);

        return credential;
    }
View Full Code Here

    protected X509Credential processPrivateKeyEntry(KeyStore.PrivateKeyEntry privateKeyEntry, String entityID,
            UsageType usage) {

        log.debug("Processing PrivateKeyEntry from keystore");

        BasicX509Credential credential = new BasicX509Credential();
        credential.setEntityId(entityID);
        credential.setUsageType(usage);

        credential.setPrivateKey(privateKeyEntry.getPrivateKey());

        credential.setEntityCertificate((X509Certificate) privateKeyEntry.getCertificate());
        credential.setEntityCertificateChain(Arrays.asList((X509Certificate[]) privateKeyEntry.getCertificateChain()));

        return credential;
    }
View Full Code Here

        if (entityCert == null) {
            log.warn("The end-entity cert could not be identified, skipping credential extraction");
            return null;
        }
       
        BasicX509Credential cred = new BasicX509Credential();
        cred.setEntityCertificate(entityCert);
        cred.setCRLs(crls);
        cred.setEntityCertificateChain(certs);
       
        if (kiContext != null) {
            cred.getKeyNames().addAll(kiContext.getKeyNames());
        }
       
        CredentialContext credContext = buildCredentialContext(kiContext);
        if (credContext != null) {
            cred.getCredentalContextSet().add(credContext);
        }
       
        LazySet<Credential> credentialSet = new LazySet<Credential>();
        credentialSet.add(cred);
        return credentialSet;
View Full Code Here

     */
    public static BasicX509Credential getSimpleCredential(X509Certificate cert, PrivateKey privateKey) {
        if (cert == null) {
            throw new IllegalArgumentException("A certificate is required");
        }
        BasicX509Credential cred = new BasicX509Credential();
        cred.setEntityCertificate(cert);
        cred.setPrivateKey(privateKey);
        return cred;
    }
View Full Code Here

        throws org.opensaml.xml.security.SecurityException, WSSecurityException {
        if (keyInfo.getElement() != null) {
            return (KeyInfo)OpenSAMLUtil.fromDom(keyInfo.getElement());
        } else {
            // Set the certificate or public key
            BasicX509Credential keyInfoCredential = new BasicX509Credential();
            if (keyInfo.getCertificate() != null) {
                keyInfoCredential.setEntityCertificate(keyInfo.getCertificate());
            } else if (keyInfo.getPublicKey() != null) {
                keyInfoCredential.setPublicKey(keyInfo.getPublicKey());
            }
           
            // Configure how to emit the certificate
            X509KeyInfoGeneratorFactory kiFactory = new X509KeyInfoGeneratorFactory();
            KeyInfoBean.CERT_IDENTIFIER certIdentifier = keyInfo.getCertIdentifer();
View Full Code Here

            throw new WSSecurityException(ex.getMessage(), ex);
        }

        signature.setSignatureAlgorithm(sigAlgo);

        BasicX509Credential signingCredential = new BasicX509Credential();
        signingCredential.setEntityCertificate(issuerCerts[0]);
        signingCredential.setPrivateKey(privateKey);

        signature.setSigningCredential(signingCredential);

        X509KeyInfoGeneratorFactory kiFactory = new X509KeyInfoGeneratorFactory();
        if (sendKeyValue) {
View Full Code Here

                validator.validate(sig);
            } catch (ValidationException ex) {
                throw new WSSecurityException("SAML signature validation failed", ex);
            }
           
            BasicX509Credential credential = new BasicX509Credential();
            if (samlKeyInfo.getCerts() != null) {
                credential.setEntityCertificate(samlKeyInfo.getCerts()[0]);
            } else if (samlKeyInfo.getPublicKey() != null) {
                credential.setPublicKey(samlKeyInfo.getPublicKey());
            } else {
                throw new WSSecurityException(
                    WSSecurityException.FAILURE, "invalidSAMLsecurity",
                    new Object[]{"cannot get certificate or key"}
                );
View Full Code Here

TOP

Related Classes of org.opensaml.xml.security.x509.CertPathPKIXTrustEvaluator

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.