Examples with SignatureTrustValidator - org.apache.wss4j.dom.validate.SignatureTrustValidator

Example 1 with SignatureTrustValidator

use of org.apache.wss4j.dom.validate.SignatureTrustValidator in project ddf by codice.

the class SimpleSign method validateSignature.

public void validateSignature(Signature signature, Document doc) throws SignatureException {
    RequestData requestData = new RequestData();
    requestData.setSigVerCrypto(crypto.getSignatureCrypto());
    WSSConfig wssConfig = WSSConfig.getNewInstance();
    requestData.setWssConfig(wssConfig);
    SAMLKeyInfo samlKeyInfo = null;
    KeyInfo keyInfo = signature.getKeyInfo();
    if (keyInfo != null) {
        try {
            samlKeyInfo = SAMLUtil.getCredentialFromKeyInfo(keyInfo.getDOM(), new WSSSAMLKeyInfoProcessor(requestData, new WSDocInfo(doc)), crypto.getSignatureCrypto());
        } catch (WSSecurityException e) {
            throw new SignatureException("Unable to get KeyInfo.", e);
        }
    }
    if (samlKeyInfo == null) {
        throw new SignatureException("No KeyInfo supplied in the signature");
    }
    validateSignatureAndSamlKey(signature, samlKeyInfo);
    Credential trustCredential = new Credential();
    trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
    trustCredential.setCertificates(samlKeyInfo.getCerts());
    Validator signatureValidator = new SignatureTrustValidator();
    try {
        signatureValidator.validate(trustCredential, requestData);
    } catch (WSSecurityException e) {
        throw new SignatureException("Error validating signature", e);
    }
}

Also used : WSDocInfo(org.apache.wss4j.dom.WSDocInfo) Credential(org.apache.wss4j.dom.validate.Credential) BasicX509Credential(org.opensaml.security.x509.BasicX509Credential) SAMLKeyInfo(org.apache.wss4j.common.saml.SAMLKeyInfo) WSSConfig(org.apache.wss4j.dom.engine.WSSConfig) KeyInfo(org.opensaml.xmlsec.signature.KeyInfo) SAMLKeyInfo(org.apache.wss4j.common.saml.SAMLKeyInfo) RequestData(org.apache.wss4j.dom.handler.RequestData) SignatureTrustValidator(org.apache.wss4j.dom.validate.SignatureTrustValidator) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WSSSAMLKeyInfoProcessor(org.apache.wss4j.dom.saml.WSSSAMLKeyInfoProcessor) Validator(org.apache.wss4j.dom.validate.Validator) SignatureValidator(org.opensaml.xmlsec.signature.support.SignatureValidator) SAMLSignatureProfileValidator(org.opensaml.saml.security.impl.SAMLSignatureProfileValidator) SignatureTrustValidator(org.apache.wss4j.dom.validate.SignatureTrustValidator)

Aggregations

WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)1 SAMLKeyInfo (org.apache.wss4j.common.saml.SAMLKeyInfo)1 WSDocInfo (org.apache.wss4j.dom.WSDocInfo)1 WSSConfig (org.apache.wss4j.dom.engine.WSSConfig)1 RequestData (org.apache.wss4j.dom.handler.RequestData)1 WSSSAMLKeyInfoProcessor (org.apache.wss4j.dom.saml.WSSSAMLKeyInfoProcessor)1 Credential (org.apache.wss4j.dom.validate.Credential)1 SignatureTrustValidator (org.apache.wss4j.dom.validate.SignatureTrustValidator)1 Validator (org.apache.wss4j.dom.validate.Validator)1 SAMLSignatureProfileValidator (org.opensaml.saml.security.impl.SAMLSignatureProfileValidator)1 BasicX509Credential (org.opensaml.security.x509.BasicX509Credential)1 KeyInfo (org.opensaml.xmlsec.signature.KeyInfo)1 SignatureValidator (org.opensaml.xmlsec.signature.support.SignatureValidator)1