Examples with KeyInfoCredentialResolver - org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver

Example 1 with KeyInfoCredentialResolver

use of org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver in project product-is by wso2.

the class SAML2SSOTestBase method getDecryptedAssertion.

private Assertion getDecryptedAssertion(EncryptedAssertion encryptedAssertion, X509Credential x509Credential) throws Exception {
    KeyInfoCredentialResolver keyResolver = new StaticKeyInfoCredentialResolver(x509Credential);
    EncryptedKey key = encryptedAssertion.getEncryptedData().getKeyInfo().getEncryptedKeys().get(0);
    Decrypter decrypter = new Decrypter(null, keyResolver, null);
    SecretKey dkey = (SecretKey) decrypter.decryptKey(key, encryptedAssertion.getEncryptedData().getEncryptionMethod().getAlgorithm());
    Credential shared = SecurityHelper.getSimpleCredential(dkey);
    decrypter = new Decrypter(new StaticKeyInfoCredentialResolver(shared), null, null);
    decrypter.setRootInNewDocument(true);
    return decrypter.decrypt(encryptedAssertion);
}

Also used : StaticKeyInfoCredentialResolver(org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver) SecretKey(javax.crypto.SecretKey) Credential(org.opensaml.xml.security.credential.Credential) X509Credential(org.opensaml.xml.security.x509.X509Credential) SSOAgentX509KeyStoreCredential(org.wso2.identity.scenarios.commons.security.SSOAgentX509KeyStoreCredential) EncryptedKey(org.opensaml.xml.encryption.EncryptedKey) Decrypter(org.opensaml.saml2.encryption.Decrypter) KeyInfoCredentialResolver(org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver) StaticKeyInfoCredentialResolver(org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver)

Example 2 with KeyInfoCredentialResolver

use of org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver in project MaxKey by dromara.

the class SignatureSecurityPolicyRule method loadTrustEngine.

public void loadTrustEngine() {
    KeyInfoCredentialResolver keyInfoCredResolver = Configuration.getGlobalSecurityConfiguration().getDefaultKeyInfoCredentialResolver();
    trustEngine = new ExplicitKeySignatureTrustEngine(credentialResolver, keyInfoCredResolver);
}

Also used : ExplicitKeySignatureTrustEngine(org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine) KeyInfoCredentialResolver(org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver)

Example 3 with KeyInfoCredentialResolver

use of org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver in project MaxKey by dromara.

the class SignatureSecurityPolicyRule method afterPropertiesSet.

@Override
public void afterPropertiesSet() throws Exception {
    KeyInfoCredentialResolver keyInfoCredResolver = Configuration.getGlobalSecurityConfiguration().getDefaultKeyInfoCredentialResolver();
    trustEngine = new ExplicitKeySignatureTrustEngine(credentialResolver, keyInfoCredResolver);
}

Also used : ExplicitKeySignatureTrustEngine(org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine) KeyInfoCredentialResolver(org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver)

Example 4 with KeyInfoCredentialResolver

use of org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver in project entcore by opendigitaleducation.

the class SamlValidator method loadSignatureTrustEngine.

private void loadSignatureTrustEngine(String filePath) throws MetadataProviderException {
    logger.info(filePath);
    FilesystemMetadataProvider metadataProvider = new FilesystemMetadataProvider(new File(filePath));
    metadataProvider.setParserPool(new BasicParserPool());
    metadataProvider.initialize();
    MetadataCredentialResolver metadataCredResolver = new MetadataCredentialResolver(metadataProvider);
    KeyInfoCredentialResolver keyInfoCredResolver = Configuration.getGlobalSecurityConfiguration().getDefaultKeyInfoCredentialResolver();
    EntityDescriptor entityDescriptor = (EntityDescriptor) metadataProvider.getMetadata();
    String entityID = entityDescriptor.getEntityID();
    entityDescriptorMap.put(entityID, entityDescriptor);
    signatureTrustEngineMap.put(entityID, new ExplicitKeySignatureTrustEngine(metadataCredResolver, keyInfoCredResolver));
}

Also used : ExplicitKeySignatureTrustEngine(org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine) BasicParserPool(org.opensaml.xml.parse.BasicParserPool) FilesystemMetadataProvider(org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider) MetadataCredentialResolver(org.opensaml.security.MetadataCredentialResolver) KeyInfoCredentialResolver(org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver) StaticKeyInfoCredentialResolver(org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver) XSString(org.opensaml.xml.schema.XSString)

Aggregations

KeyInfoCredentialResolver (org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver)4 ExplicitKeySignatureTrustEngine (org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine)3 StaticKeyInfoCredentialResolver (org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver)2 SecretKey (javax.crypto.SecretKey)1 Decrypter (org.opensaml.saml2.encryption.Decrypter)1 FilesystemMetadataProvider (org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider)1 MetadataCredentialResolver (org.opensaml.security.MetadataCredentialResolver)1 EncryptedKey (org.opensaml.xml.encryption.EncryptedKey)1 BasicParserPool (org.opensaml.xml.parse.BasicParserPool)1 XSString (org.opensaml.xml.schema.XSString)1 Credential (org.opensaml.xml.security.credential.Credential)1 X509Credential (org.opensaml.xml.security.x509.X509Credential)1 SSOAgentX509KeyStoreCredential (org.wso2.identity.scenarios.commons.security.SSOAgentX509KeyStoreCredential)1