Package org.opensaml.xml.signature

Examples of org.opensaml.xml.signature.KeyInfo


                }
                data.setEnableRevocation(MessageUtils.isTrue(
                    message.getContextualProperty(WSHandlerConstants.ENABLE_REVOCATION)));
               
                Signature sig = assertion.getSignature();
                KeyInfo keyInfo = sig.getKeyInfo();
                SAMLKeyInfo samlKeyInfo =
                    SAMLUtil.getCredentialDirectlyFromKeyInfo(
                        keyInfo.getDOM(), data.getSigVerCrypto()
                    );
                assertion.verifySignature(samlKeyInfo);
               
            } else if (getTLSCertificates(message) == null) {
                throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
View Full Code Here


                }
                data.setEnableRevocation(MessageUtils.isTrue(
                    message.getContextualProperty(WSHandlerConstants.ENABLE_REVOCATION)));
               
                Signature sig = assertion.getSignature();
                KeyInfo keyInfo = sig.getKeyInfo();
                SAMLKeyInfo samlKeyInfo =
                    SAMLUtil.getCredentialDirectlyFromKeyInfo(
                        keyInfo.getDOM(), data.getSigVerCrypto()
                    );
               
                assertion.verifySignature(samlKeyInfo);
                assertion.parseHOKSubject(
                    new WSSSAMLKeyInfoProcessor(data, null), data.getSigVerCrypto(),
View Full Code Here

        requestData.setSigVerCrypto(sigCrypto);
        WSSConfig wssConfig = WSSConfig.getNewInstance();
        requestData.setWssConfig(wssConfig);
        requestData.setCallbackHandler(callbackHandler);
       
        KeyInfo keyInfo = signature.getKeyInfo();
        SAMLKeyInfo samlKeyInfo = null;
        try {
            samlKeyInfo =
                SAMLUtil.getCredentialFromKeyInfo(
                    keyInfo.getDOM(), new WSSSAMLKeyInfoProcessor(requestData, new WSDocInfo(doc)), sigCrypto
                );
        } catch (WSSecurityException ex) {
            LOG.log(Level.FINE, "Error in getting KeyInfo from SAML Response: " + ex.getMessage(), ex);
            throw ex;
        }
View Full Code Here

            }
           
            // Verify the signature
            try {
                Signature sig = assertion.getSignature();
                KeyInfo keyInfo = sig.getKeyInfo();
                SAMLKeyInfo samlKeyInfo =
                    SAMLUtil.getCredentialDirectlyFromKeyInfo(
                        keyInfo.getDOM(), sigCrypto
                    );
                assertion.verifySignature(samlKeyInfo);
               
                assertion.parseHOKSubject(
                    new WSSSAMLKeyInfoProcessor(requestData, new WSDocInfo(doc)),
View Full Code Here

        X509KeyInfoGeneratorFactory kiFactory = new X509KeyInfoGeneratorFactory();
        kiFactory.setEmitEntityCertificate(true);
       
        try {
            KeyInfo keyInfo = kiFactory.newInstance().generate(signingCredential);
            signature.setKeyInfo(keyInfo);
        } catch (org.opensaml.xml.security.SecurityException ex) {
            throw new Exception(
                    "Error generating KeyInfo from signing credential", ex);
        }
View Full Code Here

                // Verify found certificate corresponds to peer certificate from SSL/TLS
                KeyInfoConfirmationDataType keyInfoConfirmation = (KeyInfoConfirmationDataType) data;
                boolean foundUserAgent = false;
                info:
                for (XMLObject xmlInfo : keyInfoConfirmation.getKeyInfos()) {
                    KeyInfo keyInfo = (KeyInfo) xmlInfo;
                    List<String> certificates = SAMLUtil.getBase64EncodeCertificates(keyInfo);
                    for (String confirmationCert : certificates) {
                        log.debug("Comparing user agent certificate {} with certificate in HoK key info {}", userAgentCertificate, confirmationCert);
                        if (userAgentCertificate.equals(confirmationCert)) {
                            log.debug("User agent certificate confirmed");
View Full Code Here

                // set keySize
                int keySize = data.getKeysize();
                keySize = (keySize != -1) ? keySize : config.keySize;

                // Create the encrypted key
                KeyInfo encryptedKeyInfoElement
                        = SAMLUtils.getSymmetricKeyBasedKeyInfo(doc, data, serviceCert, keySize,
                        crypto, config.keyComputation);

                return this.createAttributeAssertion(data, encryptedKeyInfoElement, nameIdentifier, config,
                    crypto, creationTime, expirationTime);


            } catch (WSSecurityException e) {

                if (serviceCert != null) {
                    throw new TrustException(
                            "errorInBuildingTheEncryptedKeyForPrincipal",
                            new String[]{serviceCert.getSubjectDN().getName()},
                            e);
                } else {
                    throw new TrustException(
                            "trustedCertNotFoundForEPR",
                            new String[]{data.getAppliesToAddress()},
                            e);
                }

            }
        } else {
            try {

                /**
                 * In this case we need to create KeyInfo as follows,
                 * <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                 *   <X509Data xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
                 *             xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                 *        <X509Certificate>
                 *              MIICNTCCAZ6gAwIBAgIES343....
                 *           </X509Certificate>
                 *       </X509Data>
                 *   </KeyInfo>
                 */

                String subjectNameId = data.getPrincipal().getName();
               
                NameIdentifier nameId = SAMLUtils.createNamedIdentifier(subjectNameId, NameIdentifier.EMAIL);

                // Create the ds:KeyValue element with the ds:X509Data
                X509Certificate clientCert = data.getClientCert();

                if(clientCert == null) {
                    clientCert = CommonUtil.getCertificateByAlias(crypto,data.getPrincipal().getName());;
                }

                KeyInfo keyInfo = SAMLUtils.getCertificateBasedKeyInfo(clientCert);

                return this.createAuthAssertion(RahasConstants.SAML11_SUBJECT_CONFIRMATION_HOK, nameId, keyInfo,
                        config, crypto, creationTime, expirationTime, data);
            } catch (Exception e) {
                throw new TrustException("samlAssertionCreationError", e);
View Full Code Here

        signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
        signature.setSigningCredential(signingCredential);
        signature.setSignatureAlgorithm(signatureAlgorithm);

        X509Data x509Data = createX509Data(issuerCerts);
        KeyInfo keyInfo = createKeyInfo(x509Data);

        signature.setKeyInfo(keyInfo);
        assertion.setSignature(signature);

        try {
View Full Code Here

     * @return The appropriate opensaml representation of the KeyInfo.
     * @throws org.apache.rahas.TrustException If unable to find the builder.
     */
    public static KeyInfo createKeyInfo(EncryptedKey encryptedKey) throws TrustException {

        KeyInfo keyInfo = createKeyInfo();
        keyInfo.getEncryptedKeys().add(encryptedKey);

        return keyInfo;
    }
View Full Code Here

     * @return The appropriate opensaml representation of the KeyInfo.
     * @throws org.apache.rahas.TrustException If unable to find the builder.
     */
    public static KeyInfo createKeyInfo(X509Data x509Data) throws TrustException {

        KeyInfo keyInfo = createKeyInfo();
        keyInfo.getX509Datas().add(x509Data);

        return keyInfo;
    }
View Full Code Here

TOP

Related Classes of org.opensaml.xml.signature.KeyInfo

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.