Example 1 with KeyValueType
use of org.keycloak.dom.xmlsec.w3.xmldsig.KeyValueType in project keycloak by keycloak.
the class SAML11ParserUtil method parseKeyInfo.
public static KeyInfoType parseKeyInfo(XMLEventReader xmlEventReader) throws ParsingException {
KeyInfoType keyInfo = new KeyInfoType();
StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.KEYINFO);
XMLEvent xmlEvent = null;
String tag = null;
while (xmlEventReader.hasNext()) {
xmlEvent = StaxParserUtil.peek(xmlEventReader);
if (xmlEvent instanceof EndElement) {
tag = StaxParserUtil.getElementName((EndElement) xmlEvent);
if (tag.equals(WSTrustConstants.XMLDSig.KEYINFO)) {
xmlEvent = StaxParserUtil.getNextEndElement(xmlEventReader);
break;
} else
throw logger.parserUnknownEndElement(tag, xmlEvent.getLocation());
}
startElement = (StartElement) xmlEvent;
tag = StaxParserUtil.getElementName(startElement);
if (tag.equals(WSTrustConstants.XMLEnc.ENCRYPTED_KEY)) {
keyInfo.addContent(StaxParserUtil.getDOMElement(xmlEventReader));
} else if (tag.equals(WSTrustConstants.XMLDSig.X509DATA)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
X509DataType x509 = new X509DataType();
// Let us go for the X509 certificate
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
StaxParserUtil.validate(startElement, WSTrustConstants.XMLDSig.X509CERT);
X509CertificateType cert = new X509CertificateType();
String certValue = StaxParserUtil.getElementText(xmlEventReader);
cert.setEncodedCertificate(certValue.getBytes(GeneralConstants.SAML_CHARSET));
x509.add(cert);
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.X509DATA);
keyInfo.addContent(x509);
} else if (tag.equals(WSTrustConstants.XMLDSig.KEYVALUE)) {
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
KeyValueType keyValue = null;
startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
tag = StaxParserUtil.getElementName(startElement);
if (tag.equals(WSTrustConstants.XMLDSig.RSA_KEYVALUE)) {
keyValue = parseRSAKeyValue(xmlEventReader);
} else if (tag.equals(WSTrustConstants.XMLDSig.DSA_KEYVALUE)) {
keyValue = parseDSAKeyValue(xmlEventReader);
} else
throw logger.parserUnknownTag(tag, startElement.getLocation());
EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
StaxParserUtil.validate(endElement, WSTrustConstants.XMLDSig.KEYVALUE);
keyInfo.addContent(keyValue);
}
}
return keyInfo;
}
Also used :
StartElement(javax.xml.stream.events.StartElement)
X509CertificateType(org.keycloak.dom.xmlsec.w3.xmldsig.X509CertificateType)
X509DataType(org.keycloak.dom.xmlsec.w3.xmldsig.X509DataType)
EndElement(javax.xml.stream.events.EndElement)
KeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.KeyValueType)
RSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.RSAKeyValueType)
DSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.DSAKeyValueType)
XMLEvent(javax.xml.stream.events.XMLEvent)
KeyInfoType(org.keycloak.dom.xmlsec.w3.xmldsig.KeyInfoType)
Example 2 with KeyValueType
use of org.keycloak.dom.xmlsec.w3.xmldsig.KeyValueType in project keycloak by keycloak.
the class KeyInfoParser method processSubElement.
@Override
protected void processSubElement(XMLEventReader xmlEventReader, KeyInfoType target, XmlDSigQNames element, StartElement elementDetail) throws ParsingException {
switch(element) {
case X509_DATA:
target.addContent(X509DataParser.getInstance().parse(xmlEventReader));
break;
case KEY_VALUE:
StaxParserUtil.advance(xmlEventReader);
StartElement startElement = StaxParserUtil.peekNextStartElement(xmlEventReader);
KeyValueType keyValue;
switch(LOOKUP.from(startElement.getName())) {
case RSA_KEY_VALUE:
keyValue = RsaKeyValueParser.getInstance().parse(xmlEventReader);
break;
case DSA_KEY_VALUE:
keyValue = DsaKeyValueParser.getInstance().parse(xmlEventReader);
break;
default:
String tag = StaxParserUtil.getElementName(startElement);
throw LOGGER.parserUnknownTag(tag, elementDetail.getLocation());
}
target.addContent(keyValue);
break;
default:
// Ignore unknown tags
StaxParserUtil.bypassElementBlock(xmlEventReader);
}
}
Also used :
StartElement(javax.xml.stream.events.StartElement)
KeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.KeyValueType)
Example 3 with KeyValueType
use of org.keycloak.dom.xmlsec.w3.xmldsig.KeyValueType in project keycloak by keycloak.
the class XMLSignatureUtil method createKeyValue.
/**
* <p>
* Creates a {@code KeyValueType} that wraps the specified public key. This method supports DSA and RSA keys.
* </p>
*
* @param key the {@code PublicKey} that will be represented as a {@code KeyValueType}.
*
* @return the constructed {@code KeyValueType} or {@code null} if the specified key is neither a DSA nor a RSA
* key.
*/
public static KeyValueType createKeyValue(PublicKey key) {
if (key instanceof RSAPublicKey) {
RSAPublicKey pubKey = (RSAPublicKey) key;
byte[] modulus = pubKey.getModulus().toByteArray();
byte[] exponent = pubKey.getPublicExponent().toByteArray();
RSAKeyValueType rsaKeyValue = new RSAKeyValueType();
rsaKeyValue.setModulus(Base64.encodeBytes(modulus).getBytes(GeneralConstants.SAML_CHARSET));
rsaKeyValue.setExponent(Base64.encodeBytes(exponent).getBytes(GeneralConstants.SAML_CHARSET));
return rsaKeyValue;
} else if (key instanceof DSAPublicKey) {
DSAPublicKey pubKey = (DSAPublicKey) key;
byte[] P = pubKey.getParams().getP().toByteArray();
byte[] Q = pubKey.getParams().getQ().toByteArray();
byte[] G = pubKey.getParams().getG().toByteArray();
byte[] Y = pubKey.getY().toByteArray();
DSAKeyValueType dsaKeyValue = new DSAKeyValueType();
dsaKeyValue.setP(Base64.encodeBytes(P).getBytes(GeneralConstants.SAML_CHARSET));
dsaKeyValue.setQ(Base64.encodeBytes(Q).getBytes(GeneralConstants.SAML_CHARSET));
dsaKeyValue.setG(Base64.encodeBytes(G).getBytes(GeneralConstants.SAML_CHARSET));
dsaKeyValue.setY(Base64.encodeBytes(Y).getBytes(GeneralConstants.SAML_CHARSET));
return dsaKeyValue;
}
throw logger.unsupportedType(key.toString());
}
Also used :
RSAPublicKey(java.security.interfaces.RSAPublicKey)
RSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.RSAKeyValueType)
DSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.DSAKeyValueType)
DSAPublicKey(java.security.interfaces.DSAPublicKey)
Example 4 with KeyValueType
use of org.keycloak.dom.xmlsec.w3.xmldsig.KeyValueType in project keycloak by keycloak.
the class SignatureUtil method createKeyValue.
/**
* <p>
* Creates a {@code KeyValueType} that wraps the specified public key. This method supports DSA and RSA keys.
* </p>
*
* @param key the {@code PublicKey} that will be represented as a {@code KeyValueType}.
*
* @return the constructed {@code KeyValueType} or {@code null} if the specified key is neither a DSA nor a RSA
* key.
*/
public static KeyValueType createKeyValue(PublicKey key) {
if (key instanceof RSAPublicKey) {
RSAPublicKey pubKey = (RSAPublicKey) key;
byte[] modulus = pubKey.getModulus().toByteArray();
byte[] exponent = pubKey.getPublicExponent().toByteArray();
RSAKeyValueType rsaKeyValue = new RSAKeyValueType();
rsaKeyValue.setModulus(Base64.encodeBytes(modulus).getBytes(GeneralConstants.SAML_CHARSET));
rsaKeyValue.setExponent(Base64.encodeBytes(exponent).getBytes(GeneralConstants.SAML_CHARSET));
return rsaKeyValue;
} else if (key instanceof DSAPublicKey) {
DSAPublicKey pubKey = (DSAPublicKey) key;
byte[] P = pubKey.getParams().getP().toByteArray();
byte[] Q = pubKey.getParams().getQ().toByteArray();
byte[] G = pubKey.getParams().getG().toByteArray();
byte[] Y = pubKey.getY().toByteArray();
DSAKeyValueType dsaKeyValue = new DSAKeyValueType();
dsaKeyValue.setP(Base64.encodeBytes(P).getBytes(GeneralConstants.SAML_CHARSET));
dsaKeyValue.setQ(Base64.encodeBytes(Q).getBytes(GeneralConstants.SAML_CHARSET));
dsaKeyValue.setG(Base64.encodeBytes(G).getBytes(GeneralConstants.SAML_CHARSET));
dsaKeyValue.setY(Base64.encodeBytes(Y).getBytes(GeneralConstants.SAML_CHARSET));
return dsaKeyValue;
}
throw logger.unsupportedType(key.toString());
}
Also used :
RSAPublicKey(java.security.interfaces.RSAPublicKey)
RSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.RSAKeyValueType)
DSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.DSAKeyValueType)
DSAPublicKey(java.security.interfaces.DSAPublicKey)
Example 5 with KeyValueType
use of org.keycloak.dom.xmlsec.w3.xmldsig.KeyValueType in project keycloak by keycloak.
the class StaxWriterUtil method writeKeyInfo.
/**
* Write the {@link org.keycloak.dom.xmlsec.w3.xmldsig.KeyInfoType}
*
* @param writer
* @param keyInfo
*
* @throws org.keycloak.saml.common.exceptions.ProcessingException
*/
public static void writeKeyInfo(XMLStreamWriter writer, KeyInfoType keyInfo) throws ProcessingException {
if (keyInfo.getContent() == null || keyInfo.getContent().size() == 0)
throw logger.writerInvalidKeyInfoNullContentError();
StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX, WSTrustConstants.XMLDSig.KEYINFO, WSTrustConstants.XMLDSig.DSIG_NS);
StaxUtil.writeNameSpace(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX, WSTrustConstants.XMLDSig.DSIG_NS);
// write the keyInfo content.
Object content = keyInfo.getContent().get(0);
if (content instanceof Element) {
Element element = (Element) keyInfo.getContent().get(0);
StaxUtil.writeDOMNode(writer, element);
} else if (content instanceof X509DataType) {
X509DataType type = (X509DataType) content;
if (type.getDataObjects().size() == 0)
throw logger.writerNullValueError("X509Data");
StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX, WSTrustConstants.XMLDSig.X509DATA, WSTrustConstants.XMLDSig.DSIG_NS);
Object obj = type.getDataObjects().get(0);
if (obj instanceof Element) {
Element element = (Element) obj;
StaxUtil.writeDOMElement(writer, element);
} else if (obj instanceof X509CertificateType) {
X509CertificateType cert = (X509CertificateType) obj;
StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX, WSTrustConstants.XMLDSig.X509CERT, WSTrustConstants.XMLDSig.DSIG_NS);
StaxUtil.writeCharacters(writer, new String(cert.getEncodedCertificate(), GeneralConstants.SAML_CHARSET));
StaxUtil.writeEndElement(writer);
}
StaxUtil.writeEndElement(writer);
} else if (content instanceof KeyValueType) {
KeyValueType keyvalueType = (KeyValueType) content;
StaxUtil.writeStartElement(writer, WSTrustConstants.XMLDSig.DSIG_PREFIX, WSTrustConstants.XMLDSig.KEYVALUE, WSTrustConstants.XMLDSig.DSIG_NS);
if (keyvalueType instanceof DSAKeyValueType) {
writeDSAKeyValueType(writer, (DSAKeyValueType) keyvalueType);
}
if (keyvalueType instanceof RSAKeyValueType) {
writeRSAKeyValueType(writer, (RSAKeyValueType) keyvalueType);
}
StaxUtil.writeEndElement(writer);
} else
throw new ProcessingException(ErrorCodes.UNSUPPORTED_TYPE + content);
StaxUtil.writeEndElement(writer);
}
Also used :
X509CertificateType(org.keycloak.dom.xmlsec.w3.xmldsig.X509CertificateType)
X509DataType(org.keycloak.dom.xmlsec.w3.xmldsig.X509DataType)
Element(org.w3c.dom.Element)
DSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.DSAKeyValueType)
KeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.KeyValueType)
RSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.RSAKeyValueType)
RSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.RSAKeyValueType)
DSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.DSAKeyValueType)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
Aggregations
DSAKeyValueType (org.keycloak.dom.xmlsec.w3.xmldsig.DSAKeyValueType)4
RSAKeyValueType (org.keycloak.dom.xmlsec.w3.xmldsig.RSAKeyValueType)4
KeyValueType (org.keycloak.dom.xmlsec.w3.xmldsig.KeyValueType)3
DSAPublicKey (java.security.interfaces.DSAPublicKey)2
RSAPublicKey (java.security.interfaces.RSAPublicKey)2
StartElement (javax.xml.stream.events.StartElement)2
X509CertificateType (org.keycloak.dom.xmlsec.w3.xmldsig.X509CertificateType)2
X509DataType (org.keycloak.dom.xmlsec.w3.xmldsig.X509DataType)2
EndElement (javax.xml.stream.events.EndElement)1
XMLEvent (javax.xml.stream.events.XMLEvent)1
KeyInfoType (org.keycloak.dom.xmlsec.w3.xmldsig.KeyInfoType)1
ProcessingException (org.keycloak.saml.common.exceptions.ProcessingException)1
Element (org.w3c.dom.Element)1
