Examples with SignatureRSASHA1 org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1 used on opensource projects

Search in sources :

Example 1 with SignatureRSASHA1

use of org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1 in project verify-hub by alphagov.

the class IdpAuthnResponseTranslatorServiceTest method setup.

@Before
public void setup() {
    IdaSamlBootstrap.bootstrap();
    final String idpEntityId = TestEntityIds.STUB_IDP_ONE;
    final String assertionId1 = randomUUID().toString();
    final String assertionId2 = randomUUID().toString();
    final String requestId = randomUUID().toString();
    final SignatureAlgorithm signatureAlgorithm = new SignatureRSASHA1();
    final DigestAlgorithm digestAlgorithm = new DigestSHA256();
    final Subject mdsAssertionSubject = aSubject().withSubjectConfirmation(aSubjectConfirmation().withSubjectConfirmationData(aSubjectConfirmationData().withInResponseTo(requestId).build()).build()).build();
    final AttributeStatement matchingDatasetAttributeStatement = MatchingDatasetAttributeStatementBuilder_1_1.aMatchingDatasetAttributeStatement_1_1().build();
    final Subject authnAssertionSubject = aSubject().withSubjectConfirmation(aSubjectConfirmation().withSubjectConfirmationData(aSubjectConfirmationData().withInResponseTo(requestId).build()).build()).build();
    final AttributeStatement ipAddress = anAttributeStatement().addAttribute(IPAddressAttributeBuilder.anIPAddress().build()).build();
    final Optional<Signature> signature = of(SignatureBuilder.aSignature().build());
    final SignatureImpl signatureImpl = ((SignatureImpl) signature.get());
    signatureImpl.setXMLSignature(BuilderHelper.createXMLSignature(signatureAlgorithm, digestAlgorithm));
    authnStatementAssertion = AssertionBuilder.anAssertion().withId(assertionId1).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withSubject(authnAssertionSubject).addAttributeStatement(ipAddress).addAuthnStatement(AuthnStatementBuilder.anAuthnStatement().build()).withSignature(SignatureBuilder.aSignature().withSignatureAlgorithm(signatureAlgorithm).withDigestAlgorithm(assertionId1, digestAlgorithm).build()).buildUnencrypted();
    matchingDatasetAssertion = AssertionBuilder.anAssertion().withId(assertionId2).withIssuer(IssuerBuilder.anIssuer().withIssuerId(idpEntityId).build()).withSubject(mdsAssertionSubject).addAttributeStatement(matchingDatasetAttributeStatement).withSignature(SignatureBuilder.aSignature().withSignatureAlgorithm(signatureAlgorithm).withDigestAlgorithm(assertionId2, digestAlgorithm).build()).buildUnencrypted();
    when(responseContainer.getSamlResponse()).thenReturn(saml);
    when(stringToOpenSamlResponseTransformer.apply(saml)).thenReturn(samlResponse);
    when(samlResponseToIdaResponseIssuedByIdpTransformer.apply(samlResponse)).thenReturn(responseFromIdp);
    when(authStatementAssertion.getUnderlyingAssertionBlob()).thenReturn(authStatementUnderlyingAssertionBlob);
    when(authStatementAssertion.getAuthnContext()).thenReturn(Optional.empty());
    when(authStatementAssertion.getFraudDetectedDetails()).thenReturn(Optional.empty());
    when(authStatementAssertion.getPrincipalIpAddressAsSeenByIdp()).thenReturn(Optional.of(principalIpAddressSeenByIdp));
    when(authnStatementPersistentId.getNameId()).thenReturn("a name id");
    when(authnStatementPersistentId.getNameId()).thenReturn(persistentIdName);
    when(authStatementAssertion.getPersistentId()).thenReturn(authnStatementPersistentId);
    when(responseFromIdp.getIssuer()).thenReturn(responseIssuer);
    when(responseFromIdp.getStatus()).thenReturn(status);
    when(responseFromIdp.getMatchingDatasetAssertion()).thenReturn(empty());
    when(responseFromIdp.getAuthnStatementAssertion()).thenReturn(empty());
    when(responseFromIdp.getSignature()).thenReturn(signature);
    ;
    when(samlResponse.getIssuer()).thenReturn(issuer);
    when(stringToAssertionTransformer.apply(authStatementUnderlyingAssertionBlob)).thenReturn(authnStatementAssertion);
    when(stringToAssertionTransformer.apply(matchingDatasetUnderlyingAssertionBlob)).thenReturn(matchingDatasetAssertion);
    InboundResponseFromIdpDataGenerator inboundResponseFromIdpDataGenerator = new InboundResponseFromIdpDataGenerator(assertionBlobEncrypter);
    service = new IdpAuthnResponseTranslatorService(stringToOpenSamlResponseTransformer, stringToAssertionTransformer, samlResponseToIdaResponseIssuedByIdpTransformer, inboundResponseFromIdpDataGenerator, idpAssertionMetricsCollector);
}
Also used : DigestSHA256(org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256) SignatureRSASHA1(org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) AttributeStatementBuilder.anAttributeStatement(uk.gov.ida.saml.idp.test.builders.AttributeStatementBuilder.anAttributeStatement) Signature(org.opensaml.xmlsec.signature.Signature) SignatureAlgorithm(org.opensaml.xmlsec.algorithm.SignatureAlgorithm) SignatureImpl(org.opensaml.xmlsec.signature.impl.SignatureImpl) InboundResponseFromIdpDataGenerator(uk.gov.ida.saml.hub.transformers.inbound.InboundResponseFromIdpDataGenerator) Subject(org.opensaml.saml.saml2.core.Subject) SubjectBuilder.aSubject(uk.gov.ida.saml.idp.test.builders.SubjectBuilder.aSubject) DigestAlgorithm(org.opensaml.xmlsec.algorithm.DigestAlgorithm) Before(org.junit.Before)

Example 2 with SignatureRSASHA1

use of org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1 in project verify-hub by alphagov.

the class CryptoModule method configure.

@Override
protected void configure() {
    bind(EncryptionKeyStore.class).to(HubEncryptionKeyStore.class).asEagerSingleton();
    bind(SigningKeyStore.class).annotatedWith(Names.named("authnRequestKeyStore")).to(AuthnRequestKeyStore.class).asEagerSingleton();
    bind(SigningKeyStore.class).annotatedWith(Names.named("samlResponseFromMatchingServiceKeyStore")).to(SamlResponseFromMatchingServiceKeyStore.class).asEagerSingleton();
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(CertificateChainValidator.class);
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
    bind(CertificatesConfigProxy.class);
    bind(TrustStoreForCertificateProvider.class);
    bind(EncryptionCredentialFactory.class);
    bind(KeyStoreCache.class);
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(SignatureFactory.class);
    bind(IdaKeyStoreCredentialRetriever.class);
    bind(SamlResponseAssertionEncrypter.class);
    bind(AssertionBlobEncrypter.class);
    bind(EncrypterFactory.class).toInstance(new EncrypterFactory());
    bind(SignatureAlgorithm.class).toInstance(new SignatureRSASHA1());
    bind(DigestAlgorithm.class).toInstance(new DigestSHA256());
}
Also used : X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) DigestSHA256(org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256) AuthnRequestKeyStore(uk.gov.ida.hub.samlengine.security.AuthnRequestKeyStore) SignatureRSASHA1(org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) EncrypterFactory(uk.gov.ida.saml.security.EncrypterFactory) SignatureAlgorithm(org.opensaml.xmlsec.algorithm.SignatureAlgorithm) SigningKeyStore(uk.gov.ida.saml.security.SigningKeyStore) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) SamlResponseFromMatchingServiceKeyStore(uk.gov.ida.hub.samlengine.security.SamlResponseFromMatchingServiceKeyStore) HubEncryptionKeyStore(uk.gov.ida.hub.samlengine.security.HubEncryptionKeyStore) DigestAlgorithm(org.opensaml.xmlsec.algorithm.DigestAlgorithm)

Aggregations

DigestAlgorithm (org.opensaml.xmlsec.algorithm.DigestAlgorithm)2 SignatureAlgorithm (org.opensaml.xmlsec.algorithm.SignatureAlgorithm)2 DigestSHA256 (org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256)2 SignatureRSASHA1 (org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1)2 Before (org.junit.Before)1 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)1 Subject (org.opensaml.saml.saml2.core.Subject)1 Signature (org.opensaml.xmlsec.signature.Signature)1 SignatureImpl (org.opensaml.xmlsec.signature.impl.SignatureImpl)1 X509CertificateFactory (uk.gov.ida.common.shared.security.X509CertificateFactory)1 PKIXParametersProvider (uk.gov.ida.common.shared.security.verification.PKIXParametersProvider)1 AuthnRequestKeyStore (uk.gov.ida.hub.samlengine.security.AuthnRequestKeyStore)1 HubEncryptionKeyStore (uk.gov.ida.hub.samlengine.security.HubEncryptionKeyStore)1 SamlResponseFromMatchingServiceKeyStore (uk.gov.ida.hub.samlengine.security.SamlResponseFromMatchingServiceKeyStore)1 InboundResponseFromIdpDataGenerator (uk.gov.ida.saml.hub.transformers.inbound.InboundResponseFromIdpDataGenerator)1 AttributeStatementBuilder.anAttributeStatement (uk.gov.ida.saml.idp.test.builders.AttributeStatementBuilder.anAttributeStatement)1 SubjectBuilder.aSubject (uk.gov.ida.saml.idp.test.builders.SubjectBuilder.aSubject)1 EncrypterFactory (uk.gov.ida.saml.security.EncrypterFactory)1 SigningKeyStore (uk.gov.ida.saml.security.SigningKeyStore)1 KeyStoreLoader (uk.gov.ida.truststore.KeyStoreLoader)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial